The relentless battle against online fraud is a constant evolution, a digital chase where security teams and malicious actors continually adapt.
The increasing sophistication of attacks is blurring the lines between legitimate user behavior and impersonation attempts. The campaign we are exposing today is a reminder that even the most advanced security technologies do not dissuade threat actors. malwarebytes Labs researchers discovered a new phishing kit targeting payroll and payment platforms that aims to not only steal victims’ credentials but also to commit wire fraud. The investigation began with a fraudulent search ad for Deel, a payroll and human resources company. Clicking on the ad sent employees and employers to a phishing website impersonating Deel.
Read more…
Source: Malwarebytes Labs
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- MyCert: Malaysia data breaches up 29% in Q1 2025
June 11, 2025
The Malaysia Computer Emergency Response Team (MyCert) reported an increase in data breach incidents in Malaysia in the first quarter of the year. “Data breach incidents are growing in Malaysia with a nearly 29% increase this quarter, underscoring the need for better security measures to ensure national security and public trust,” said MyCert. According to its ...
- US government’s vaccine website defaced with AI-generated content
June 11, 2025
A U.S. government website designed to inform the public about vaccines has been defaced and now hosts apparently AI-generated spam. The domain, which belongs to the U.S. Department of Health and Human Services (HHS), appears to have been hosting the same kind of content — mostly gay-themed and LGBTQ+ posts — since at least May 12, ...
- Toxic trend: Another malware threat targets DeepSeek
June 11, 2025
DeepSeek-R1 is one of the most popular LLMs right now. Users of all experience levels look for chatbot websites on search engines, and threat actors have started abusing the popularity of LLMs. kaspersky previously reported attacks with malware being spread under the guise of DeepSeek to attract victims. The malicious domains spread through X posts and ...
- BlackSuit Continues Social Engineering Attacks in Wake of Black Basta’s Internal Conflict
June 10, 2025
There has been a significant decrease in social engineering attacks linked to the Black Basta ransomware group since late December 2024. This lapse also included the leaked Black Basta chat logs in February 2025, indicating internal conflict within the group. Despite this, Rapid7 has observed sustained social engineering attacks. Evidence now suggests that BlackSuit affiliates have ...
- UK: Police Federation pays £15m to officers hit by cyber attack
June 10, 2025
The Police Federation has paid out £15 million to 19,000 current and former officers who had their personal details compromised and stolen by cyber criminals. Two huge attacks exposed the home addresses of some officers to hackers six years ago, and in March 2022 the federation admitted liability for unlawfully processing officers’ personal details by not ...
- Major US grocery distributor warns of disruption after cyberattack
June 9, 2025
United Natural Foods (UNFI), a major distributor of groceries to Whole Foods and other retailers, said on Monday that it was hit by a cyberattack, warning of disruptions to its ability to fulfill and distribute customer orders. UNFI said in a Monday filing with the U.S. Securities and Exchange Commission that it became aware of unauthorized ...