Find an online store you trust, pick an item with reliable reviews, enter your payment details and/or sign-in to the websites account, and finally, click ‘Purchase’. This process is all it takes to purchase gifts this holiday season. There is one final step: Receive the package. Though this may not feel like a step, the seemingly simple process of tracking and receiving your … [Read more...]
Recent Phishing Research Leads Us To Access Scammers Logs
Over the first week of November, we saw an increase in the malware family Phishing.ADA reporting into the Firebox Feed, our threat intelligence feed fueled by opt-in reports from Firebox security appliances deployed around the world. We found this phishing email primarily targeted users in Southeast Asia to steal email credentials. We retrieved a sample of this malware and the … [Read more...]
Catching a Rookie Mistake in a Facebook Phish
WatchGuard’s DNS-level protection and filtering service, DNSWatch, receives and processes numerous phishes every day. Many of these phishing attempts are monotonous and lack any unique qualities. However, periodically, the DNSWatch Tailored Analysis team triages a phishing attempt that stands out more than others. This short post will show a real-world phish that DNSWatch … [Read more...]
Chase Bank Scams Target Our Own
The other day, a WatchGuard employee received a text alert stating that Chase bank had limited access to their account. They right away knew the message was bogus and offered it to us to investigate. We found the link within the message sends the user to a fake Chase login. Fortunately, the employee knew better and didn't follow the link in the text message, but others might … [Read more...]
PayPal Phishing
The other day, a PayPal phish made it into the inbox of my personal email. It is not normal for phishing emails to make their way past my cloud email provider’s spam filter, so I decided to spin up a sandbox just in case any malware was involved and dive in. The phishing hook in the message body wasn’t anything special. The phish masqueraded as an email from PayPal notifying … [Read more...]