<![CDATA[ Latest from ITPro in Phishing ]]>

<![CDATA[ Latest from ITPro in Phishing ]]> https://www.itpro.com/security/phishing Fri, 17 Apr 2026 11:05:53 +0000 en <![CDATA[ Tycoon 2FA is down, but not out – researchers warn the phishing as a service operation is still a huge threat to businesses ]]> https://www.itpro.com/security/cyber-crime/tycoon-2fa-phishing-risk-takedown-barracuda vXDsxDKKWbMUkuvkVXXwHC Fri, 17 Apr 2026 11:05:53 +0000 <![CDATA[ Zephyr Energy hackers swiped £700,000 after redirecting a contractor payment ]]> https://www.itpro.com/security/cyber-attacks/zephyr-energy-hackers-swiped-gbp700-000-after-redirecting-a-contractor-payment m6aEtDpzcUUX6suSr8UbWg Fri, 10 Apr 2026 10:17:04 +0000 Fri, 10 Apr 2026 10:45:34 +0000 <![CDATA[ 'AI-generated phishing became the baseline' for hackers last year – Kaseya warns it's going to get worse in 2026 ]]> https://www.itpro.com/security/phishing/ai-generated-phishing-became-the-baseline-for-hackers-last-year-kaseya-warns-its-going-to-get-worse-in-2026 bMNzEiSHCoLywhdK6jLQfa Thu, 19 Mar 2026 11:36:23 +0000 Thu, 19 Mar 2026 11:55:32 +0000 <![CDATA[ Interpol teams up with tech firms to seize 45,000 malicious IPs, servers in global cyber crime crackdown ]]> https://www.itpro.com/security/cyber-crime/interpol-teams-up-with-tech-firms-to-seize-45-000-malicious-ips-servers-in-global-cyber-crime-crackdown XFNDAXHXAFtquRa5PNdCj4 Fri, 13 Mar 2026 11:48:22 +0000 <![CDATA[ Is your new hire an AI clone? Microsoft says North Korean hackers are using AI to impersonate job seekers and steal company secrets ]]> https://www.itpro.com/security/is-your-new-hire-an-ai-clone-microsoft-says-north-korean-hackers-are-using-ai-to-impersonate-job-seekers-and-steal-company-secrets 9jyHo9d4gA83CkaZBtmvcQ Mon, 09 Mar 2026 12:23:15 +0000 Tue, 10 Mar 2026 12:00:49 +0000 <![CDATA[ LastPass issues alert as customers face second major phishing campaign of 2026 ]]> https://www.itpro.com/security/phishing/lastpass-issues-alert-as-customers-face-second-major-phishing-campaign-of-2026 MoCaRUcUDxBBuWzHCWEBw8 Wed, 04 Mar 2026 11:42:09 +0000 <![CDATA[ A single compromised account gave hackers access to 1.2 million French banking records ]]> https://www.itpro.com/security/data-breaches/a-single-compromised-account-gave-hackers-access-to-1-2-million-french-banking-records MctzL27C9DgHoFVWrZYiq4 Fri, 20 Feb 2026 10:55:22 +0000 Fri, 20 Feb 2026 13:17:05 +0000 <![CDATA[ Starkiller: Cyber experts issue warning over new phishing kit that proxies real login pages ]]> https://www.itpro.com/security/phishing/starkiller-cyber-experts-issue-warning-over-new-phishing-kit-that-proxies-real-login-pages mHwEJejwdhDhzJt7KvMCBA Thu, 19 Feb 2026 12:06:46 +0000 Thu, 19 Feb 2026 12:22:07 +0000 <![CDATA[ Google says hacker groups are using Gemini to augment attacks – and companies are even ‘stealing’ its models ]]> https://www.itpro.com/technology/artificial-intelligence/google-says-hacker-groups-are-using-gemini-to-augment-attacks-and-companies-are-even-stealing-its-models qzWopoZe4zTA5NEjJaY4zK Thu, 12 Feb 2026 11:40:16 +0000 <![CDATA[ Security experts warn Substack users to brace for phishing attacks after breach ]]> https://www.itpro.com/security/data-breaches/security-experts-warn-substack-users-to-brace-for-phishing-attacks-after-breach o7MCXZ7M3JJJe6sM7bNT9B Fri, 06 Feb 2026 09:38:32 +0000 <![CDATA[ Google issues warning over ShinyHunters-branded vishing campaigns ]]> https://www.itpro.com/security/google-issues-warning-over-shinyhunters-branded-vishing-campaigns zHr8MESTqLrM7FdPM6unGB Wed, 04 Feb 2026 08:30:00 +0000 <![CDATA[ Hackers are using LLMs to generate malicious JavaScript in real time – and they’re going after web browsers ]]> https://www.itpro.com/security/hackers-are-using-llms-to-generate-malicious-javascript-in-real-time-and-theyre-going-after-web-browsers jCEPJqp6YG8HwK82cTm96g Wed, 28 Jan 2026 12:57:52 +0000 Wed, 28 Jan 2026 13:11:31 +0000 <![CDATA[ Thousands of Microsoft Teams users are being targeted in a new phishing campaign ]]> https://www.itpro.com/security/microsoft-teams-phishing-scam-fake-billing-check-point xYBLYYi6CQjeTaVUDQ9sSk Mon, 26 Jan 2026 10:45:59 +0000 <![CDATA[ Microsoft warns of rising AitM phishing attacks on energy sector ]]> https://www.itpro.com/security/cyber-attacks/microsoft-warns-of-rising-aitm-phishing-attacks-on-energy-sector Bt6xNvsN2W3SWsSesfhL95 Fri, 23 Jan 2026 11:10:09 +0000 <![CDATA[ LastPass issues alert as customers targeted in new phishing campaign ]]> https://www.itpro.com/security/phishing/lastpass-issues-alert-as-customers-targeted-in-new-phishing-campaign ijqU7Q6m8qg9BLHKYP63hX Wed, 21 Jan 2026 10:43:16 +0000 <![CDATA[ Hacked London council warns 100,000 households at risk of follow-up scams ]]> https://www.itpro.com/security/cyber-attacks/kensington-and-chelsea-council-cyber-attack-data-breach wZ7G9ZrPZjmFuj5WHFTupd Thu, 08 Jan 2026 12:04:34 +0000 Thu, 08 Jan 2026 13:55:21 +0000 <![CDATA[ Phishing kits soared in popularity last year as rookie hackers ramped up DIY cyber attacks ]]> https://www.itpro.com/security/phishing/phishing-as-a-service-kits-growth-2025-barracuda TxzYZV9miajXYFXsXXBgFZ Thu, 08 Jan 2026 11:03:07 +0000 Thu, 08 Jan 2026 11:03:59 +0000 <![CDATA[ Warning issued as surge in OAuth device code phishing leads to M365 account takeovers ]]> https://www.itpro.com/security/phishing/warning-issued-as-surge-in-oauth-device-code-phishing-leads-to-m365-account-takeovers KvYoW3sdJ4wDkctJHg82bk Mon, 22 Dec 2025 10:30:00 +0000 <![CDATA[ Complacent Gen Z and Millennial workers are more likely to be duped by social engineering attacks ]]> https://www.itpro.com/security/complacent-gen-z-and-millennial-workers-are-more-likely-to-be-duped-by-social-engineering-attacks 487j6euuWzVzHbTfjp59jF Tue, 16 Dec 2025 11:00:35 +0000 Tue, 16 Dec 2025 11:01:19 +0000 <![CDATA[ The Scattered Lapsus$ Hunters group is targeting Zendesk customers – here’s what you need to know ]]> https://www.itpro.com/security/cyber-attacks/the-scattered-lapsus-usd-hunters-group-is-targeting-zendesk-customers-heres-what-you-need-to-know yA82eDy5m43beT5ptyrzhG Thu, 27 Nov 2025 11:45:15 +0000 Thu, 27 Nov 2025 11:46:02 +0000 <![CDATA[ Google wants to take hackers to court ]]> https://www.itpro.com/security/phishing/google-wants-to-take-hackers-to-court DDsJH49C7fhTRu7oseXiE6 Thu, 13 Nov 2025 11:58:15 +0000 Thu, 13 Nov 2025 11:58:58 +0000 <![CDATA[ 77% of security leaders say they'd fire staff who fall for phishing scams, even though they've done the same thing ]]> https://www.itpro.com/security/77-percent-of-security-leaders-say-theyd-fire-staff-who-fall-for-phishing-scams-even-though-theyve-done-the-same-thing se8utRnanCv3BCSK2H2n5N Thu, 16 Oct 2025 13:04:07 +0000 Thu, 16 Oct 2025 13:04:45 +0000 <![CDATA[ Been offered a job at Google? Think again. This new phishing scam is duping tech workers looking for a career change ]]> https://www.itpro.com/security/phishing/been-offered-a-job-at-google-think-again-this-new-phishing-scam-is-duping-tech-workers-looking-for-a-career-change SVYarkCEJVnpoCzah5NkFc Thu, 16 Oct 2025 07:50:00 +0000 <![CDATA[ Hackers are using a new phishing kit to steal Microsoft 365 credentials and MFA tokens – Whisper 2FA is evolving rapidly and has been used in nearly one million attacks since July ]]> https://www.itpro.com/security/phishing/whisper2fa-phishing-attacks-microsoft-365-barracuda o2296ByLgWyubbBQFtiSkh Wed, 15 Oct 2025 09:55:00 +0000 Wed, 15 Oct 2025 12:57:42 +0000 <![CDATA[ Microsoft and Cloudflare just took down a major phishing operation ]]> https://www.itpro.com/security/phishing/microsoft-and-cloudflare-just-took-down-a-major-phishing-operation 9mAaawBnYk74K7Jxi4d7dG Thu, 18 Sep 2025 11:40:27 +0000 Thu, 18 Sep 2025 11:40:56 +0000 <![CDATA[ Varonis snaps up AI email security specialist SlashNext ]]> https://www.itpro.com/business/acquisition/varonis-snaps-up-ai-email-security-specialist-slashnext NTm3yWUndWneEkdgKF5KAT Thu, 04 Sep 2025 11:30:12 +0000 Thu, 04 Sep 2025 11:30:44 +0000 <![CDATA[ Hackers are abusing ConnectWise ScreenConnect, again ]]> https://www.itpro.com/security/cyber-attacks/watch-out-for-fake-zoom-invites-hackers-are-abusing-connectwise-screenconnect-to-take-over-devices aufhxNMDzjp8GwNMjv2ojN Thu, 28 Aug 2025 10:10:00 +0000 Thu, 28 Aug 2025 11:34:51 +0000 <![CDATA[ Malicious URLs overtake email attachments as the biggest malware threat ]]> https://www.itpro.com/security/cyber-attacks/malicious-urls-overtake-email-attachments-as-the-biggest-malware-threat MnqNyLFMRRCSCpH4xotVDV Mon, 18 Aug 2025 10:11:40 +0000 Mon, 18 Aug 2025 10:12:06 +0000 <![CDATA[ New hires are your weakest link when it comes to phishing attacks – here's how you can build a strong security culture that doesn't judge victims ]]> https://www.itpro.com/security/cyber-attacks/new-hires-are-your-weakest-link-when-it-comes-to-phishing-attacks-heres-how-you-can-build-a-strong-security-culture-that-doesnt-judge-victims cJBoQGagYkR3DvwwpoYpB8 Tue, 22 Jul 2025 10:00:00 +0000 <![CDATA[ Hackers are using Microsoft 365 features to bombard enterprises with phishing emails – and they’ve already hit more than 70 organizations ]]> https://www.itpro.com/security/hackers-are-using-microsoft-365-features-to-bombard-enterprises-with-phishing-emails-and-theyve-already-hit-more-than-70-organizations GkZeWAQdAPYkDzGXhHvzZL Fri, 27 Jun 2025 09:47:23 +0000 Fri, 27 Jun 2025 09:47:40 +0000 <![CDATA[ FIN6 attackers target recruiters with fraudulent resumes ]]> https://www.itpro.com/security/fin6-attackers-target-recruiters-with-fraudulent-resumes SaTwmxFXECL6xpADrrDaNb Wed, 11 Jun 2025 09:53:24 +0000 <![CDATA[ 100,000 accounts have been hit in a HMRC scam campaign, but the tax office says it wasn't hacked – here's why ]]> https://www.itpro.com/security/hmrc-scam-account-campaign 8jdVp5LJwTZZ84xo9Vo3xT Thu, 05 Jun 2025 11:26:03 +0000 Thu, 05 Jun 2025 11:26:13 +0000 <![CDATA[ Employee phishing training is working – but don’t get complacent ]]> https://www.itpro.com/security/phishing/employee-phishing-training-is-working-but-dont-get-complacent 37z7vZ2GgU3rttv3wGMRRe Thu, 15 May 2025 11:22:11 +0000 Thu, 15 May 2025 11:22:17 +0000 <![CDATA[ Russian hackers tried to lure diplomats with wine tasting – sound familiar? It’s an update to a previous campaign by the notorious Midnight Blizzard group ]]> https://www.itpro.com/security/midnight-blizzard-grapeloader-campaign gfj5NaQ622X4dJM3a496XK Tue, 06 May 2025 23:05:00 +0000 <![CDATA[ This hacker group is posing as IT helpdesk workers to target enterprises – and researchers warn its social engineering techniques are exceptionally hard to spot ]]> https://www.itpro.com/security/this-hacker-group-is-posing-as-it-helpdesk-workers-to-target-enterprises-and-researchers-warn-its-social-engineering-techniques-are-exceptionally-hard-to-spot askdj8bRPN3gJq5xf8wMCL Tue, 06 May 2025 11:29:54 +0000 Tue, 06 May 2025 11:29:59 +0000 <![CDATA[ Healthcare organizations are turning a blind eye to phishing attacks ]]> https://www.itpro.com/security/healthcare-organizations-are-turning-a-blind-eye-to-phishing-attacks zCKUnaWuQZ4KtMKbaUX7jY Fri, 25 Apr 2025 08:25:33 +0000 <![CDATA[ ‘Phishing kits are a force multiplier': Cheap cyber crime kits can be bought on the dark web for less than $25 – and experts warn it’s lowering the barrier of entry for amateur hackers ]]> https://www.itpro.com/security/cyber-attacks/phishing-kits-cyber-crime-dark-web qsveyM9EvfU5jiXfZRPQk8 Fri, 11 Apr 2025 11:58:06 +0000 Fri, 11 Apr 2025 12:03:14 +0000 <![CDATA[ Have I Been Pwned owner Troy Hunt’s mailing list compromised in phishing attack ]]> https://www.itpro.com/security/phishing/have-i-been-pwned-owner-troy-hunts-mailing-list-compromised-in-phishing-attack DeZk4b24SkqhNduybCNMUS Wed, 26 Mar 2025 08:30:00 +0000 Wed, 26 Mar 2025 11:20:43 +0000 <![CDATA[ Security experts warn of ‘contradictory confidence’ over critical infrastructure threats ]]> https://www.itpro.com/security/critical-infrastructure-cyber-threats heNCYhzyqu24MbBtP54Xgb Mon, 24 Mar 2025 10:44:54 +0000 Mon, 24 Mar 2025 14:30:09 +0000 <![CDATA[ Healthcare organizations need to shake up email security practices ]]> https://www.itpro.com/security/healthcare-organizations-need-to-shake-up-email-security-practices 93TwYBNZR67ud924vKQoj8 Tue, 18 Mar 2025 10:28:18 +0000 Tue, 18 Mar 2025 16:50:07 +0000 <![CDATA[ Google is dropping SMS authentication for QR codes ]]> https://www.itpro.com/security/google-is-dropping-sms-authentication-for-qr-codes UCEDXHknwhEr83pN7eWGzb Tue, 25 Feb 2025 16:30:00 +0000 Wed, 26 Feb 2025 15:23:01 +0000 <![CDATA[ Why ‘malware as a service’ is becoming a serious problem ]]> https://www.itpro.com/security/malware/why-malware-as-a-service-is-becoming-a-serious-problem 88BZdeNJiYUjw3wdr39wYe Thu, 20 Feb 2025 13:00:13 +0000 Fri, 21 Feb 2025 12:52:13 +0000 <![CDATA[ Hackers are using this new phishing technique to bypass MFA ]]> https://www.itpro.com/security/phishing/device-code-phishing-storm-2372-microsoft EajvbWkdC23JH36pTDndFF Mon, 17 Feb 2025 16:33:39 +0000 Fri, 28 Feb 2025 14:13:26 +0000 <![CDATA[ Threat actors are leaning on trusted services more than ever ]]> https://www.itpro.com/security/cyber-crime/threat-actors-are-leaning-on-trusted-services-more-than-ever LaSEnKpAcP9vRL88AgHzxX Thu, 13 Feb 2025 13:17:04 +0000 Thu, 13 Feb 2025 15:24:53 +0000 <![CDATA[ A new phishing campaign is exploiting Microsoft’s legacy ADFS identity solution to steal credentials and bypass MFA ]]> https://www.itpro.com/security/cyber-crime/afds-phishing-campaign-microsoft jWz79Zqfqo8QtneD9UTang Tue, 04 Feb 2025 11:00:20 +0000 Tue, 04 Feb 2025 14:50:43 +0000 <![CDATA[ Phishing campaign targets developers with fake CrowdStrike job offers ]]> https://www.itpro.com/security/phishing-campaign-targets-developers-with-fake-crowdstrike-job-offers 8KsJD5vq3ieSnxtDxoyEVP Mon, 13 Jan 2025 12:51:17 +0000 Tue, 14 Jan 2025 16:40:07 +0000 <![CDATA[ Hackers are stepping up ‘qishing’ attacks by hiding malicious QR codes in PDF email attachments ]]> https://www.itpro.com/security/hackers-are-stepping-up-qishing-attacks-by-hiding-malicious-qr-codes-in-pdf-email-attachments Py9zQTLHsCnbmaaYGQsucc Wed, 23 Oct 2024 04:00:00 +0000 Wed, 23 Oct 2024 14:10:44 +0000 <![CDATA[ How hackers are using legitimate tools to distribute phishing links ]]> https://www.itpro.com/security/phishing/how-hackers-are-using-legitimate-tools-to-distribute-phishing-links XJ2DnK6PhKf5f66vjjwyTA Thu, 19 Sep 2024 11:08:15 +0000 <![CDATA[ Why social engineering is such a problem and how your business can protect itself ]]> https://www.itpro.com/security/phishing/why-social-engineering-is-such-a-problem-and-how-your-business-can-protect-itself 98L7Hd6asxLUn95enTmMb9 Thu, 29 Feb 2024 14:35:00 +0000 Fri, 01 Mar 2024 11:18:01 +0000 <![CDATA[ Salesforce-based phishing attacks surge 109% since the start of 2024 ]]> https://www.itpro.com/security/phishing/salesforce-based-phishing-attacks-surge-109-since-the-start-of-2024 JSjjBpLzJekqHoY6s4JkKZ Tue, 30 Jan 2024 13:26:32 +0000 Thu, 08 Feb 2024 18:17:55 +0000