by Chris Cleveland | Aug 30, 2025 | blog, phish
Later August saw records of phishing activity spanning Microsoft support scams, Adobe file shares and Paperless Post deliveries. Tactics involved MFA relay kits and usage of CloudFlare infrastructure to evade detection. The same period saw continued targeting of...
by Chris Cleveland | Aug 16, 2025 | blog, phish
The first half of August has seen a major surge in Microsoft support scams using keyboard locks and other tactics to prod users to calling targeted call centers. Other Microsoft phishing attacks during this period made use of aggressive device fingerprinting, MFA...
by Chris Cleveland | Aug 1, 2025 | blog, phish
Phishing targeting users on work devices is not slowing down over the summer, with many employees taking their laptops home for the summer vacation months. The second half of July saw a pronounced surge in Microsoft and Outlook spearphish that demonstrated a...
by Chris Cleveland | Jul 4, 2025 | blog, phish
The last week of June and early July saw a surge in zero-day phishing attacks targeting both corporate Microsoft/Outlook logins and personal web services (e-commerce, streaming, and email) on work devices. Threat actors employed sophisticated tactics – from...
by Chris Cleveland | Jun 19, 2025 | blog, phish
Early-mid June saw a surge of phishing campaigns targeting Amazon, Microsoft and Netflix accounts, including phishing kits capable of harvesting extensive personal data, like social security numbers and bank access numbers. Many Microsoft-themed attacks...
by Chris Cleveland | Jun 8, 2025 | blog, phish
The end of May and first week of June 2025 saw a sharp uptick in zero-day phishing campaigns targeting corporate login credentials, with additional campaigns impersonating Amazon and even U.S. government login services (ID.me for IRS). Threat actors employed...
Recent Comments