In April 2024, the FBI warned about a new type of smishing scam. Smishing is the term we use for phishing attacks sent via text message.
This particular smishing scam tries to trick users into clicking a link by telling them they owe a “small amount” in toll fees. The scammers send a text claiming that the recipient owes money for unpaid tolls. It looks as if the targets are chosen randomly, but if you’ve been on a recent summer trip or will be visiting your relatives during the holiday season the chances are higher that you will believe this type of text.
Read more…
Source: Malwarebytes Labs
Related:
- Major supermarket distributor to Tesco and Sainsbury’s ‘held to ransom’
May 20, 2025
A major distributor to Britain’s biggest supermarkets, including Tesco, Sainsbury’s and Aldi, is being held to ransom by cyber hackers following a string of assaults on UK retail in the last month. Peter Green Chilled said clients were “receiving regular updates” including “workarounds” on how to continue deliveries. No orders would be processed on Thursday, although any ...
- Broadcom hit by employee data theft after breach in supply chain
May 19, 2025
Customers of the global semiconductor giant Broadcom have had their sensitive data leaked on the dark web after a two-step supply chain attack. Apparently, a company called Business Systems House (BSH), a human capital management (HCM) services provider from the Middle East, suffered a ransomware attack in September 2024, in which a group known as El ...
- UK: Legal Aid database hacked, ‘significant amount’ of data and criminal records stolen
May 19, 2025
The UK’s Ministry of Justice (MoJ) has revealed that a cyberattack on the Legal Aid system has led to the theft of a “significant amount” of data, including criminal records. The MoJ was alerted to the attack on April 23 when data dating back as far as 2010 was accessed by the attackers. Earlier this month, ...
- Threat Group Assessment: Muddled Libra
May 16, 2025
Palo Alto researchers have added an additional section to this article that describes the evolution of Muddled Libra activity since the beginning for 2024. This group is a dynamic one, and as members cycle in and out of the group, its knowledgebase and skill set naturally shift. Its toolbox has now expanded to include: Social engineering of ...
- Ransomware Is Changing Financial Services – Are You Ready?
May 16, 2025
Whenever cybercriminals successfully target financial services (FinServ), we’re reminded all too well that money makes the world go round. A fruitful attack can lock customers out of their bank accounts, expose sensitive data and fuel theft, fraud and a worrying distrust in financial institutions. The stakes are clearly high, and unfortunately attacks are still soaring. Between ...
- Ivanti Endpoint Manager Mobile exploit chain exploited in the wild
May 16, 2025
On May 13, 2025, Ivanti disclosed an exploited in the wild exploit chain, comprising of two new vulnerabilities affecting Ivanti Endpoint Manager Mobile (EPMM): CVE-2025-4427 and CVE-2025-4428. Ivanti EPMM is an enterprise-focused software suite for IT teams to manage mobile devices, applications, and content. CVE-2025-4427 is an authentication bypass vulnerability with a CVSS rating of 5.3 ...