#Phishing: Angeblich verdächtige Anmeldung beim Konto Ihrer #ADAC-Kreditkarte: https://www.verbraucherzentrale.nrw/phishing
Recent searches
Search options
#phishing
16 posts15 participants1 post today
This makes for good education for clients!
QR codes sent in attachments are the new favorite for phishers https://www.malwarebytes.com/blog/news/2025/04/qr-codes-sent-in-attachments-are-the-new-favorite-for-phishers
Malwarebytes · QR codes sent in attachments are the new favorite for phishersPhishers are putting QR codes as images in attachments because it helps them bypass email filters.
Cybersicherheitsvorfall bei #Samsung Deutschland – akute Gefahr von #Phishing und #Identitätsdiebstahl: #Cyberkriminelle haben sich wohl den Zugriff auf 270.000 Support Datensätze aus dem Jahr 2025 verschafft, darunter Namen, Anschrift und Mailadressen. Ursächlich dafür ist ein seit vier Jahren nicht geändertes Admin-Zugangspasswort eines Samsung Support-Dienstleisters in der Lieferkette:
https://www.heise.de/news/Datenleck-270-000-Kundentickets-von-Samsung-im-Darknet-10335172.html #cybersecurity
heise online · Datenklau: 270.000 Datensätze von Samsung Deutschland im Darknet
#Phishing heute: #Sparkassen-Kundschaft zu Aktualisierung der pushTAN-App aufgefordert als vermeintliche Anti-Phishing-Maßnahme: https://www.verbraucherzentrale.nrw/phishing
Vom Nutzen des Passwort-Managers
Inzwischen sehe ich einen Passwort-Manager (PWM) als das wichtigste Werkzeug für die Sicherung von Online-Zugängen. Passwörter (PW), und mit ihnen PWM, werden noch auf lange Zeit die Nummer eins bleiben, auch wenn Passkeys langsam langsam aufholen
https://www.pc-fluesterer.info/wordpress/2025/04/02/vom-nutzen-des-passwort-managers/
www.pc-fluesterer.infoVom Nutzen des Passwort-Managers | pc-flüsterer bremen
Heutiges #Phishing: Forderung nach Aktualisierung der hinterlegten Unternehmensdaten im Namen der #IHK: https://www.verbraucherzentrale.nrw/phishing
#Phishing aktuell: Zustimmung zu vertraglichen Anpassungen von #Comdirect-Kundschaft gefordert: https://www.verbraucherzentrale.nrw/phishing
@keno3003 ad "Das Problem mit Passkeys" https://www.youtube.com/watch?v=u7Ti-Jc-b3A&pp=ygUYZGFzIHByb2JsZW0gYmVpIHBhc3NrZXlz
Sorry, dass #Passkeys immer absolut resistent gegen #Phishing sind, stimmt leider nicht.
https://arxiv.org/abs/2501.07380
"Another concern could be social engineering, where a user is tricked into sharing a passkey with an account controlled by an attacker."
Meiner Interpretation nach ermöglicht also das Transferieren von Passkeys zu anderen Personen eindeutig Phishing-Methoden. Die sind vielleicht noch nicht in der Praxis aufgetaucht aber ausschließen kann man es keinesfalls.
(1/2)
Possible Phishing 
on: 
hxxps[:]//meatmakloginssx[.]webflow[.]io/
Analysis at: https://urldna.io/scan/67e97a6c3b7750000f06ff15
#cybersecurity #phishing #infosec #urldna #scam #infosec
Replied in thread
@odr_k4tana wrote:
"A website that does not pretend to be a website the user has an account in by definition cannot be a phishing website."
contradicts your next sentence:
"Phishing mimics electronic communication to trick people to divulge sensitive information."
Ignoring whatever definition of phishing, the problem is that, GIVEN A DOMAIN NAME, people have no reliable way to find out whether a website is reliable.
That includes fake postal websites, faje webshops, fake donation websites, fake signup websites, fake "you have to re-video-ident for org. X, we take care of that", fake Avast websites (the downladed executable typically is Teamviewer or Anydesk, including their mobile versions) and fake usher sites (Gerichtsvollzieher - there are a lot of fake webites stating that Dutch people have to pay money to GGN, see https://www.ggn.nl/contact/phishing/).
You are 100% right if you state that some "document", signed by a TTP (Trusted Third Party) and proof of possession of a private key by a website, DOES NOT guarantee reliability of the website.
However, you are 100% wrong about AUTHENTICITY: an amount of reliability of which entity (identified in such a way that you know whether you can sue them, and what your chances will be - if the entity is not in Russia) is RESPONSIBLE for the reliability of information, such as a website.
#Phishing: Vermeintlicher Richtlinienverstoß bei der #ING: https://www.verbraucherzentrale.nrw/phishing
Replied in thread
@emu : given a domain name (*) for a website with an APPARENT owner, DV certs do not provide ANY security because users have no reasonable way to determine whether said domain name DOES NOT belong to the apparent owner.
Phishing is wreaking havoc on the internet. There are lots of people like you who DO NOT provide ANY solutions.
(*) In some message (email, SMS, chatapp, DM, ...), found by Googling, out of a QR-code, in a paper letter or on social media.
A DV cert may be fine for your home NAS, but not for your bank. Unfortunately big tech does not want users to see the difference between a fake and a real bank (or any other critical website) in their browsers.
Intelligente Cyberabwehr fängt bei den Mitarbeitern an
Schutz vor Cyberbedrohungen: Best Practices und Lösungen | heise https://business-services.heise.de/security/bedrohungen-schwachstellen/beitrag/intelligente-cyberabwehr-faengt-bei-den-mitarbeitern-an-4873 #CredentialStuffing #Phishing #Deepfake #ArtifificialIntelligence #SocialEngineering #CyberSecurity #HumanFactor #SecurityAwareness #HumanRiskManagement
business-services.heise.deIntelligente Cyberabwehr fängt bei den Mitarbeitern anMitarbeiter sind nicht das Problem, sie sind Teil der Lösung: Wie Sie Ihre Mitarbeiter zu einer starken Verteidigungslinie gegen Cyberangriffe machen und…
#Phishing-as-a-service operation uses DNS-over-HTTPS for evasion
#Phishing heute: Kundschaft der #Targobank zu Bestätigung von Kontaktdaten angehalten: https://www.verbraucherzentrale.nrw/phishing
Alright folks, just a quick heads-up from your friendly neighborhood pentester: Office docs? Yeah, they're *still* a massive playground for attackers. 
Sure, keeping things updated is vital, *but* let's be real: social engineering still wears the crown. Honestly, the least suspecting user often ends up being the biggest security gap in the network.
Just saw this play out at a client's site recently. An employee clicked open a seemingly innocent Word doc... hiding a nasty phishing link. And *poof*, their credentials were gone. 
Can happen just like that.
Now, AI *can* lend a hand here, but tread carefully. The tech's evolving way faster than most people can adapt. That makes disinformation and manipulation seriously huge threats we need to watch out for.
So, what's the game plan? Awareness training – it's absolutely worth its weight in gold! Plus, fostering a healthy dose of skepticism is key, even when it feels like a drag sometimes. You gotta stay sharp.
How are *you* shielding your users from these kinds of attacks? Let me know! 
(sophos.com) Evilginx: How Attackers Bypass MFA Through Adversary-in-the-Middle Attacks https://news.sophos.com/en-us/2025/03/28/stealing-user-credentials-with-evilginx/
A short descriptive article about Evilginx and how stealing credentials work, a few suggested ways of detecting etc.
Summary:
This article examines Evilginx, a tool that leverages the legitimate nginx web server to conduct Adversary-in-the-Middle (AitM) attacks that can bypass multifactor authentication (MFA). The tool works by proxying web traffic through malicious sites that mimic legitimate services like Microsoft 365, capturing not only usernames and passwords but also session tokens. The article demonstrates how Evilginx operates, showing how attackers can gain full access to a user's account even when protected by MFA. It provides detection methods through Azure/Microsoft 365 logs and suggests both preemptive and reactive mitigations, emphasizing the need to move toward phishing-resistant FIDO2-based authentication methods.
Sophos News · Stealing user credentials with evilginxA malevolent mutation of the widely used nginx web server facilitates Adversary-in-the-Middle action, but there’s hope