Jul 14 2023
Welcome to Gone Phishing, your daily cybersecurity newsletter that doesn’t strike like Hollywood overpaid actors, we do this for free…. 😂😂😂
It’s Friday, folks, which can only mean one thing… It’s time for our weekly segment!!!
It goes by many names. Patch of the Week, Tweak of the week. Okay, that’s it.
Congrats, the cybercriminals are no match… for your patch! Check out these just hatched patches!! 🎉🎉🎉
Apple earlier today released new Rapid Security Response updates for iOS 16.5.1, iPadOS 16.5.1, and macOS Ventura 13.4.1 users, but Apple has pulled the software, likely due to an issue that caused certain websites not to work after the RSRs were installed.
Microsoft on Tuesday released updates to address a total of 132 new security flaws spanning its software, including six zero-day flaws that it said have been actively exploited in the wild. Of the 132 vulnerabilities, nine are rated Critical, 122 are rated Important in severity, and one has been assigned a severity rating of “None.”
Keep up the good work, guys!
Now on to today’s hottest cyber security stories:
Digital Risk Trends 2023: scam page volumes witness a 304% annual surge
Tampa Bay zoo targeted in cyberattack
Criminals target businesses with malicious extension for Meta’s Ads Manager
2022 Phishing and Scam Report Highlights
🔒 Phishing websites grew by 62% year-on-year, while scam pages saw a staggering surge of 304%.
🎯 Financial institutions were the prime targets, accounting for 74% of fraud incidents and 24% of phishing attempts.
🌍 Scammers showed keen interest in APAC and MEA brands, with a significant increase of 211% and 135% in fraudulent resources, respectively.
🌐 In MEA (92%) and APAC (76%), social media platforms were the primary means of spreading scams, while Europe saw 48% of scams being disseminated through messaging apps.
Why It Matters
⚠️ Scam campaigns are expanding their reach each year, and the negative impact on individual brands is growing more severe.
📊 Automation and social media are driving the rise in phishing and scam activities, with AI text generators now used to create persuasive scam content.
⏩ Scammers are deploying multiple domains and social media accounts to reach more victims and evade countermeasures.
The trend of utilising automation, social media, and AI-powered tactics is expected to continue, posing a persistent challenge in combating these fraudulent activities.
Stay vigilant and protect yourself against phishing and scams as its only picking up in 2023!
I came across ZZZ money club during the crypto market bull run when everyone’s a winner, even during the bear market this discord group has been amazing at giving information on projects and ways to make passive income in various ways.
The group is very active and everyone in this private discord group is very chatty and helpful.
If you are interested in joining the group you can through the link below.
📰 ZooTampa cyberattack update 🐯🔒
One of America’s beloved zoos, ZooTampa, recently fell victim to a cyberattack resulting in the theft of employee and vendor data. The incident is believed to be the work of the Royal ransomware gang.
ZooTampa confirmed the breach, stating that upon discovering the incident, immediate action was taken. Third-party forensic specialists were engaged to secure the network and assess the extent of the unauthorised activity. The zoo has also involved federal law enforcement in the investigation.
Affected employees and vendors were promptly notified by ZooTampa, which continues to delve deeper into the incident.
Fortunately, personal and financial information of daily visitors or members remains uncompromised, as ZooTampa does not store such data.
Cyberattacks on high-profile institutions like zoos serve as a reminder of the persistent threat faced by organisations. Security measures and cooperation with law enforcement play vital roles in mitigating such risks. Stay tuned for further updates on this developing situation.
🗞️ Extra, Extra! Read all about it 🗞️
Each week, we carefully select three hot newsletters to show you. Reputation is everything, so any links we share come from personal recommendation or carefully researched businesses at the time of posting. Enjoy!
💸 Millionaire Habits: Learn how to steal the simple habits of millionaire in 3 minutes or less straight from your inbox
🤯 Bot Eat Brain: Teaches how to harness the awesome power of AI whilst avoiding common pitfalls.
💅 Stand the f*ck out: Anxious about AI, wary customers, and rising competition? This on-trend newsletter could be just the ticket.
Let us know what you think!
📰Facebook’s Ongoing Battle Against Scams and Malware 🛡️💻
Facebook, like other social media platforms, continuously faces the challenge of dealing with fake accounts, scams, and malware.
While we’ve previously covered scams targeting consumers with fake Microsoft alert pages, there’s a new wave of threats directed at businesses leveraging Facebook for promotion.
In recent weeks, sponsored posts and impersonation of Meta/Facebook’s Ads Manager have seen a resurgence. Scammers lure unsuspecting businesses with promises of superior advertising through optimization and enhanced performance, all facilitated by their malware-infested software.
Meta, the parent company of Facebook, has been actively tracking and analysing threat actors like DuckTail, who have shown a long-standing interest in compromising Facebook advertising accounts.
Now, MalwarebytesLAB has uncovered a fresh attack vector that involves malicious Chrome extensions designed to steal Facebook account credentials. Interestingly, this campaign is distinct from the DuckTail malware.
During the tracking of this nefarious activity, we noticed a blunder made by the threat actors— they inadvertently bundled one of their malware files with their own stolen data.
MalwarebytesLAB promptly shared details about this campaign and the threat actors with Meta, and we commend them for their swift response following our report.
Protecting user accounts and maintaining a secure environment remains an ongoing priority for Facebook.
Vigilance against such threats and the collaborative efforts between platform providers and security experts are crucial in safeguarding users and businesses alike.
Stay informed as we bring you more updates on the evolving landscape of social media security.
Thanks, folks! Enjoy your weekend! Catch up on Monday!
So long and thanks for reading all the phish!
MONDAY: Have you heard of vishing scams?
WEDNESDAY: Revolut Bank loses 20 million