PIXM Blog

A record spearphish surge continued into the second half of March, particularly via Microsoft and Outlook credentials targeted via fileshare platforms like SharePoint, OneDrive and Green Envelope. Additionally, phishing campaigns targeting users of financial services like Paypal, American Express, Chase Bank and Capital One also continued their trend. We saw a number of additional brands […]

Discover Pixm’s Latest Zero-Day Threat Intelligence Report Wondering how we gather this critical information? Take a look at this video we’ve prepared to give you an inside view of how Pixm catches zero-day threats that evade traditional security measures. The past two weeks saw a record surge in zero-day spearphish targeting credentials from Microsoft and Outlook, […]

Overview Over the past two weeks, we observed a rise in phishing activity targeting Microsoft, Google, and Yahoo accounts. Attackers leveraged techniques to flank corporate email protection, like using non-email messenger apps and filesharing tools. They also put geographically targeted content into the URLs to increase their credibility to their target organizations. Below are key […]

Overview The past two weeks saw a spike in phishing activity targeting platforms like Instagram, Microsoft and Chase Bank. Attackers leveraged sophisticated tactics, including hosting phishing pages on legitimate cloud platforms, enabling them to bypass traditional detection mechanisms. We also saw a massive surge in malware hosted on Azure infrastructure. Below are key highlights and […]

Overview PIXM recorded a massive uptick in spearphishing activity as employees returned to work following the holidays and January snow storms. These included sophisticated business email compromises, password protected Google Docs shares and targeting corporate credentials on personal email accounts. We also saw an uptick in Amazon attacks in particular. Here are some examples and […]

Overview December has continued to see targeted spearphish involving compromised mailboxes across Texas and Kentucky, as well as a massive surge in USPS phishing around the holidays. Below are some examples and highlights. Phishing URLs Here is a list of examples of phishing websites that we discovered that we recommend you update your threat intelligence […]

Overview The last two weeks have seen an uptick in spearphish targeting corporate users on their personal accounts as well as a burst of Netflix phishing activity. Here are some examples and highlights. Before we dive in, here is a list of examples of phishing websites that we discovered and we recommend you update your […]

Overview Pixm Security is excited to share our latest threat intelligence from our 500,000+ user base. This blog post covers zero-day phishing attempts we’ve blocked, key threat insights and tactics to help protect your clients. In this post, we focus on the rise of social media phishing targeting Instagram which is a blind-spot for most […]

Overview Multi-Factor Authentication (MFA) phishing campaigns targeting teachers, staff, and executive administrators in large school districts throughout the United States have continued to be on the rise since December 2023. The attacks use dadsec and phishingkit Phishing-as-a-Service (PhaaS) platforms, which include a number of stealthy features, with the purpose of compromising key administrator email accounts […]

Introduction   For many years, Customer Relationship Management (CRM) software has allowed businesses to automate sales outreach and prospecting data collection at scale. A core feature of CRM suites is the ability to automate customer interactions. This is done through the creation of campaigns with custom landing pages or emails that the platform will distribute […]