by Chris Cleveland | Sep 30, 2025 | blog, phish
Phishing campaigns hosted on Backblaze infrastructure seen earlier in the September substantially ratchetted up in the second half, complete with credential exfiltration through Telegram and lures referencing purchase orders. Other widespread phishing campaigns...
by Chris Cleveland | Sep 15, 2025 | blog, phish
The first half of September witnessed yet new records of Microsoft spearphish volume, with threat actors employing advanced evasion techniques, including payload encryption, device fingerprinting, and infrastructure abuse of reputable hosts like Backblaze,...
by Chris Cleveland | Aug 30, 2025 | blog, phish
Later August saw records of phishing activity spanning Microsoft support scams, Adobe file shares and Paperless Post deliveries. Tactics involved MFA relay kits and usage of CloudFlare infrastructure to evade detection. The same period saw continued targeting of...
by Chris Cleveland | Aug 16, 2025 | blog, phish
The first half of August has seen a major surge in Microsoft support scams using keyboard locks and other tactics to prod users to calling targeted call centers. Other Microsoft phishing attacks during this period made use of aggressive device fingerprinting, MFA...
by Chris Cleveland | Aug 1, 2025 | blog, phish
Phishing targeting users on work devices is not slowing down over the summer, with many employees taking their laptops home for the summer vacation months. The second half of July saw a pronounced surge in Microsoft and Outlook spearphish that demonstrated a...
by Chris Cleveland | Jul 4, 2025 | blog, phish
The last week of June and early July saw a surge in zero-day phishing attacks targeting both corporate Microsoft/Outlook logins and personal web services (e-commerce, streaming, and email) on work devices. Threat actors employed sophisticated tactics – from...
Recent Comments