A sophisticated phishing campaign impersonating the United States Postal Service (USPS) is targeting residents with fraudulent SMS and emails claiming an “incomplete address” for package delivery. Victims are directed to a cloned website that steals personal information and credit card details, including CVV and 3D-Secure codes, by prompting for a small re-delivery fee. This phishing …
Continue reading “Fake USPS tracking page has been detected”
A Turkish-language phishing campaign targeting Instagram creators uses fake “Copyright Infringement” notifications to steal account credentials and bypass two-factor authentication. Victims are coerced through “legal scaring” tactics to enter credentials on a fake site that immediately harvests usernames, passwords, and 2FA codes. This Turkish-language Instagram phishing attack uses a “Copyright Infringement” threat via DMs to …
An Instagram phishing campaign uses “Photo of the Day” contests as a social engineering lure to steal user credentials and bypass two-factor authentication (2FA). Attackers use deceptive URLs to direct victims to fake login pages designed to harvest usernames, passwords, and 2FA codes, often capitalizing on the victim’s desire for social validation. Instagram users are …
Continue reading “Instagram phishing page revealed: photooftheday.click”
