One Article Review
| Source |  knowbe4 |
|---|---|
| Identifiant | 8352450 |
| Date de publication | 2023-07-05 13:00:00 (vue: 2023-07-05 13:06:44) |
| Titre | Cyberheistnews Vol 13 # 27 [tête haute] La campagne de phishing d'identité massive imite plus de 100 marques et des milliers de domaines CyberheistNews Vol 13 #27 [Heads Up] Massive Impersonation Phishing Campaign Imitates Over 100 Brands and Thousands of Domains |
| Texte |
CyberheistNews Vol 13 #27 | July 5th, 2023
[Heads Up] Massive Impersonation Phishing Campaign Imitates Over 100 Brands and Thousands of Domains
A year-long phishing campaign has been uncovered that impersonates 100+ popular clothing, footwear, and apparel brands using at least 10 fake domains impersonating each brand.
We\'ve seen plenty of attacks that impersonated a single brand along with a few domains used to ensure victims can be taken to a website that seeks to harvest credentials or steal personal information. But I don\'t think an attack of such magnitude as the one identified by security researchers at Internet security monitoring vendor Bolster.
According to Bolster, the 13-month long campaign used over 3000 live domains (and another 3000+ domains that are no longer in use) to impersonate over 100 well-known brands. We\'re talking about brands like Nike, Guess, Fossil, Tommy Hilfiger, Skechers, and many more. Some of the domains have even existed long enough to be displayed at the top of natural search results.
And these sites are very well made; so much so that they mimic their legitimate counterparts enough that visitors are completing online shopping visits, providing credit card and other payment details.
The impersonation seen in this widespread attack can just as easily be used to target corporate users with brands utilized by employees; all that\'s needed is to put the time and effort into building out a legitimate enough looking impersonated website and create a means to get the right users to visit said site (something most often accomplished through phishing attacks).
This latest impersonation campaign makes the case for ensuring users are vigilant when interacting with the web – something accomplished through continual Security Awareness Training.
Blog post with links:https://blog.knowbe4.com/massive-impersonation-phishing-campaign
[Live Demo] Ridiculously Easy Security Awareness Training and Phishing
Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense.
Join us Wednesday, July 12, @ 2:00 PM (ET), for a live demonstra |
| Envoyé | Oui |
| Condensat | #27 #27 #coinbase $979 000 000+ 100 100+ 10th 16th 1875 192 1924 1967 1994 2001 2020 2022 2023 2023:https://blog 22386 2:00 2fa 3000 3000+ 443 500 5th 681 979 :https://www @coinbase about about: above accessed accidentally accomplished according account accounts across acting action actionable activities actor actors additionally adds advanced advisement affect after afterwards against agt ahead aim all almost along already also always amazing american amid ammo among angry animals another anti antivirus any anymore anytime anywhere app apparel appear appeared approach apps are aren arrests article asking assistance assisting associated assumption attachments attack attackers attacks attacks:https://www attempting attend attending attention attentiveness audit authentication authenticator author automated automatic average avoid avoided awareness away awesome:https://www babson back bananas bank bankinfosecurity base based basis be/akgkbdilcju be/da1e3v5kcoq be/dmpugzrxuek be/umhrvfi0dvy beautiful because been before behaviors behind being believe benchmark benchmarking benchmarks best beyond bicycle bleepingcomputer blocked blog bloghttps://blog blown bluetooth bob bolster both boys brand brands breaches break breaking bring browsers budget building but cables calculate call called calls campaign campaigns can canary cancelled canfield cannot card career carpenter case cases category caught caution center centers centers:https://www century ceo ceoknowbe4 ceos cerf cfos change changed changing character chief children china chinese chn christina ciso cisos cissp civil claim claiming class clavell click clicked clicking closed clothing coal code codes coinbase collaboration com com/2023/06/23/camaro com/2023/06/27/meet com/2023/06/how com/90915812/people com/animals com/archive/2023/06/16/bob com/articles/99554 com/blog/key com/coinbase com/cyberheistnews com/escalating com/g2 com/knowbe4 com/massive com/mesmerizing com/news/security/encrochat com/news/us com/p/the com/phishing com/pib com/sites/forbestechcouncil/2023/06/30/seven com/solarwinds com/ukraine com/watch com/wcc/r/4260900/2d5b5766c2eb5e51b2c0280bbce3c996 com/why command common communication communications companies company companywide compare compares compatible compel compilation complete completing compliance complimentary comprehensive compromised computer concerned conditions conducted consecutive construction consumers contact content continual continue controls convenience copy corporate could couldn counterparts covered cpe cracks crazy create created credentials credit critical crypto cryptocurrency cuba cuban currently curve customer customers cyber cyberattacks cybercriminals cyberheist cyberheistnews cybersecurity cyberthreat dad dangerous dangers data date/time: date: day days decisions defend defense deliver demand demo demonstration described deserve destroyed detailed details detected detecting detection developing device devices devised didn difficult digital diplomats director discovered discuss disinformation disinformation:https://www displayed divulge does dog doing doj domains don doubt down download downloading dragon dramatically drata drivers drives due dunes:https://youtu dupe during each early earn ease easily easy educator effective effort eighty electronic email emails embassy employees employees; enable enables encrochat end endpoints enforcement engineering enough ensure ensuring entice environment environments era essential evangelist even ever every evidence evolving exact example examples executive exercise existed expand expect exploit expressly extra eye face factor factors failure fake fall fallen falling family:https://www famous fantastic fastcompany fathers fave features federal fica fiction/ fiction:https://www fields filters financial find findings fine firewall first fixes flies flixxy fnb focus focusing follow following footwear forbes form former fortunately fossil found four france francisco fraud fraudster fraudsters frequency fresh friendship from fully fun function functionality further future generated ge |
| Tags | Malware Hack Threat Cloud |
| Stories | |
| Notes | ★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.