tldrdailynews.com logo
Tag

Bec

All articles tagged with #bec

Mass phishing campaign exploits enterprise lures to steal credentials from 35k users across 26 countries
technology22 days ago

Mass phishing campaign exploits enterprise lures to steal credentials from 35k users across 26 countries

Microsoft disclosed a large-scale credential-stealing phishing campaign that targeted more than 35,000 users across 26 countries (92% in the U.S.), with victims in healthcare, financial services, and other sectors. Attackers used polished, enterprise-style emails about code-of-conduct reviews, sent via legitimate email services, and embedded PDFs that led to an AiTM (adversary-in-the-middle) phishing flow to harvest Microsoft credentials and tokens and bypass MFA. Victims encounter CAPTCHA checks and multiple intermediate pages before a final sign-in page, with the destination differing by device. The report also highlights rising QR-code phishing, ongoing BEC activity, and Tycoon 2FA PhaaS infrastructure shifting hosting to evade defenses, alongside two notable Q1 campaigns and a broader surge in phishing threats (about 8.3 billion from Jan–Mar 2026).

via The Hacker News|
#adversary-in-the-middle#bec#phishing
US Government Issues Warning to Gmail, Outlook, iPhone, and Android Users Over Cyber Attacks.
cybersecurity3 years ago

US Government Issues Warning to Gmail, Outlook, iPhone, and Android Users Over Cyber Attacks.

The FBI has issued a warning to email users about Business Email Compromise (BEC) and spearphishing scams, which can lead to financial damage and the loss of confidential information. Spearphishing attacks are particularly dangerous as they target specific victims and include information that the victim will be interested in. The FBI advises caution with business emails and double-checking the sender's email address. If you fall victim to a BEC scam, contact your financial institution immediately and report the crime to the FBI.

via The US Sun|
#bec#cybercrime#cybersecurity