A phishing campaign impersonating Google Maps tricks users into entering credentials on fake pages to steal full Google Account access. These attacks leverage fraudulent “Location Update” alerts, often capturing 2FA codes in real-time to bypass security measures. Target: Global Google Account UsersThreat Level: Critical (Full Google Account & Gmail Hijacking)Phishing Method DescriptionThis attack uses a …
Monthly Archives: May 2025
Google Meet phishing page detected
This phishing campaign abuses legitimate Windows device management (MDM) features, masquerading as a fake Google Meet update to gain full, remote control over a victim’s computer. Instead of stealing credentials, the attack tricks users into enrolling their devices into an attacker-controlled system, allowing for malicious software installation and remote file access. Target: Corporate Employees, Job …
Portuguese government phishing page discovered
A May 2025 phishing campaign targeting Portuguese government and financial sectors uses the “ClickFix” method to trick users into executing malicious PowerShell commands. Posing as official tax authority (AT) alerts via WeTransfer, this attack distributes Lampion malware designed to steal data. To avoid this scam, verify that official communications use the gov.pt domain and manually …
Continue reading “Portuguese government phishing page discovered”
Argenta Bank phishing page detected
A sophisticated phishing campaign targeting Argenta Bank customers in Belgium and the Netherlands utilizes fraudulent “Digipass synchronization” to perform real-time session hijacking and fund theft. Attackers use phishing sites to harvest login credentials and security codes, prompting users with fake urgent security alerts to bypass two-factor authentication. Argenta Bank “New Debit Card” PhishingTarget: Customers of …