The relentless battle against online fraud is a constant evolution, a digital chase where security teams and malicious actors continually adapt.
The increasing sophistication of attacks is blurring the lines between legitimate user behavior and impersonation attempts. The campaign we are exposing today is a reminder that even the most advanced security technologies do not dissuade threat actors. malwarebytes Labs researchers discovered a new phishing kit targeting payroll and payment platforms that aims to not only steal victims’ credentials but also to commit wire fraud. The investigation began with a fraudulent search ad for Deel, a payroll and human resources company. Clicking on the ad sent employees and employers to a phishing website impersonating Deel.
Read more…
Source: Malwarebytes Labs
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Europol Warns WannaCry Spread to Go Up on Monday
May 14, 2017
Europol is spreading bad news today as it announced that a new wave of WannaCry ransomware infections, even worse than the first, is coming on Monday. The European law enforcement agency estimates that so far there are some 200,000 victims of WannaCry and the number keeps growing. Furthermore, the number of affected countries has grown from ...
- Europol News Article on Wannacry Ransomware: recent cyber-attack
May 13, 2017
The European Cybercrime Centre, EC3, at Europol is working closely with affected countries cybercrime units and key industry partners to mitigate the threat and assist victims. The recent attack is at an unprecedented level and will require a complex international investigation to identify the culprits. The Joint Cybercrime Action Taskforce (JCAT), at EC3 is a ...
- UK hospital meltdown after ransomware worm uses NSA vulnerability to raid IT
May 12, 2017
UK hospitals have effectively shut down and are turning away non-emergency patients after ransomware ransacked its networks. Some 16 NHS organizations across Blighty – including several hospital trusts such as NHS Mid-Essex CCG and East and North Hertfordshire – have had their files scrambled by a variant of the WannaCrypt, aka WanaCrypt aka Wcry, nasty. Users ...
- FBI: Whaling now a US$ 5 billion business as execs targeted
May 9, 2017
The US Federal Bureau of Investigation (FBI) has reported the continuing explosion of Business Email Compromise (BEC) attacks as the practice becomes a US$ 5 billion (£3.86 billion) business. Between October 2013 and 2016 the total international reported loss from such scams is US$ 5,302,890,449 (£4,100 million), with US bodies taking up nearly US$ 1.6 billion ...
- Snake and Proton Malware Found Targeting Mac Users
May 8, 2017
Two malware targeting Mac-run machines recently surfaced in the wild: Snake (a.k.a. Turla, Uroburos, and Agent.BTZ, and detected by Trend Micro as OSX_TURLA.A) and Proton (OSX_PROTON.A). Both are remote access Trojans that can grant attackers unauthorized remote access to the system, consequently enabling them to steal files, data, and credentials stored in the affected system, ...
- Hackers emit 9GB of stolen Macron ’emails’ two days before French presidential election
May 6, 2017
Emmanuel Macron, the front-runner in France’s presidential election, has condemned the online leakage of what’s alleged to be his campaign staff’s emails. A 9GB cache of internal documents was dumped onto the Magnet file-sharing network on Friday night, less than two days before the French people go to the polls on Sunday. These archives landed just before ...

