Phishing - it-daily.net - Daily relevant IT news for decision-makers

Spying campaign

German federal government suspects Russia behind Signal attack

27. April, 2026 - 17:19

Phishing attack on Signal: Who is behind the attacks on politicians and journalists? The trail leads to Russia, but officially the German federal government remains reserved.

A growing trend?

Multi-Actor Intrusion: When Not One but Two Attackers Operate in the Network

26. April, 2026 - 15:15

A phishing incident, a compromised mailbox, and suddenly two completely independent attackers with different objectives. What sounds like an exceptional case could be a growing trend: multi-actor intrusion attacks.

Misuse of legitimate Apple notifications

New phishing wave exploits Apples own servers

20. April, 2026 - 14:45

Cybercriminals are exploiting Apple’s automated security notification system to send fraudulent purchase alerts that bypass virtually every spam filter in existence.

115,000 e-mails

Google Classroom: Phishing campaign reaches 13,500 organizations

26. August, 2025 - 07:19

Security researchers from Check Point have discovered an active phishing campaign that uses Google Classroom as a gateway. Within a week, the attackers sent over 115,000 fraudulent emails.

Study

Current phishing training courses have little effect

19. August, 2025 - 08:03

Researchers have tested the effectiveness of various phishing training courses in a study involving 19,000 test subjects. The result: training courses help less than expected.

New attack technique discovered

FIDO authentication vulnerability: New downgrade attack bypasses passkey security

13. August, 2025 - 10:37

Passkeys and FIDO authentication are designed to provide robust protection against phishing attacks. However, researchers have now discovered a critical loophole that can undermine even strong passkey authentication. Attackers can exploit a targeted downgrade technique to force users into using insecure login methods. This risk grows as FIDO adoption

Misuse of the link wrapping function

Phishing with Proofpoint: Cyber attack disguises itself as a security link

31. July, 2025 - 13:06

Cyber criminals are currently using a sophisticated trick to carry out targeted phishing attacks. The method abuses Proofpoint’s link wrapping system and leads unsuspecting users to manipulated Microsoft 365 pages.

Incident response plan necessary

Warning about ClickFix social engineering campaign

07. April, 2025 - 09:30

ClickFix is already being used by a number of nation-state actors such as APT 28 and Kimsuky. The distribution of stealer malware such as Lumma Stealer via the social engineering campaign is particularly popular.

Cybersecurity Alert

What is Spear Phishing and why are Businesses Prime Targets?

06. March, 2025 - 07:00

Cybercriminals are becoming more sophisticated, and one of the most dangerous tactics they use against businesses is spear phishing. Unlike traditional phishing, which involves sending mass emails to random recipients, spear phishing is highly targeted.

Employee accounts hijacked

Phishing incident at defense contractor General Dynamics

27. December, 2024 - 11:03

General Dynamics, one of the largest defense and aerospace companies in the USA, has fallen victim to a targeted phishing campaign. Attackers managed to gain access to the social security accounts of several dozen employees.