Users of fake DeepSeek sites
February 6, 2025
•[ phishing, data leak ]
Phishing campaign using dozens of fake DeepSeek-branded websites to steal user credentials and cryptocurrency through fraudulent login and wallet interfaces.
PrivatBank
February 6, 2025
•[ phishing, malware, data leak ]
A criminal group identified as UAC-0006 used phishing emails with password-protected attachments to deliver SmokeLoader malware targeting PrivatBank customers. The campaign aimed to steal credentials and financial data, active since November 2024.
University end-users via cloned site
February 5, 2025
•[ malvertising, phishing, malware ]
Malvertising campaign cloning a German university website to distribute a fake Cisco AnyConnect installer which installed NetSupport RAT on victim machines.
Chemical, Food, and Pharmaceutical Enterprises in Russia
February 5, 2025
•[ infostealer, phishing, data leak ]
Nova Infostealer campaign led by Rezet, also known as Rare Wolf, targeted Russian chemical, food, and pharmaceutical firms, harvesting credentials and internal documents through phishing and malicious installers.
Russian Organizations Across Various Industries
February 5, 2025
•[ malware, phishing, data leak ]
Nova Infostealer malware campaign targeting Russian organizations across multiple industries collected credentials and files via phishing and malicious installers.
Russian Industrial Facilities
February 5, 2025
•[ infostealer, phishing, malware ]
Nova Infostealer was deployed by the threat group NGC4020 in Russian industrial facilities, stealing host credentials and files from infected endpoints through phishing and malicious installer packages.
Gregory & Appel Insurance
February 5, 2025
•[ phishing ]
Insurance firm reported unauthorized access linked to suspicious email purporting to be the Cfo.
163.com Users
February 4, 2025
•[ phishing, espionage ]
The Taiwanese-linked espionage group GreenSpot APT (aka PoisonVine / APT-Q-20) created spoofed 163.com domains and fake download pages to harvest email credentials from users in mainland China, Hong Kong, and Taiwan. Hunt.io attributed the campaigns infrastructure to Taiwan but no government department link has been identified.
Individual
January 27, 2025
•[ social, phishing, finance ]
Police began investigating when a 90-year-old man told authorities he gave $49,900 to a courier purportedly acting on behalf of PayPal. Victim was deceived via fake PayPal email & link leading to remote access of computer/password theft
Individual in Austria
January 26, 2025
•[ financial, phishing, finance ]
Eine Sdoststeirerin hat sich im Jnner an die Polizei gewandt, nachdem sie vermutet hatte, Opfer eines Phishing-Betrugs geworden zu sein. Sie fiel einem Link in einer SMS zum Opfer, eine Betrgerbande behob daraufhin Geld von ihrem Konto. Die Polizei verffentlichte nun Fotos der mutmalichen Betrger aus Wien.
~100 UTEP Students
January 22, 2025
•[ social, phishing, education ]
The University of Texas at El Paso (UTEP) is urging students to remain vigilant following a phishing attack that compromised several accounts.
Individual in Buchloe, Germany
January 13, 2025
•[ phishing ]
Im Bereich der Polizeiinspektion Buchloe kam es am vergangenen Montag zu zwei Fllen von sogenanntem Phishing, einer Betrugsmasche im Internet.
Ungava Tulattavik Health Centre (UTHC)
January 11, 2025
•[ data leak, phishing ]
Ungava Tulattavik Health Center in Kuujjuaq (Nunavik, Quebec) disclosed it was the victim of a cyberattack in November 2025. The centre said the attack was blocked upon detection, but warned that files containing clinical and administrative information related to some people who use the health centre and some employees may have been stolen. The centre established a crisis unit, deployed enhanced surveillance/security tools, and worked with the Sret du Qubec, the Nunavik Regional Board of Health and Social Services, and Sant Qubecs Cyber Defence Operational Centre during the investigation. Officials advised users and employees to monitor bank accounts and watch for suspicious emails or calls while the incident response and review continued.
Lifebridge Health
January 10, 2025
•[ hack, phishing, healthcare ]
LifeBridge Health sent letters to patients and families about an email phishing incident that was discovered on Nov. 12.
Bangladesh e-Apostille service (MyGov) - impersonated portal
January 10, 2025
•[ phishing, data leak, identity theft ]
A fraudulent website mimicking Bangladeshs official e-apostille platform exposed sensitive personal documents belonging to more than 1,100 citizens. The fake portal generated fabricated apostille certificates with QR codes that redirected users to a sequentially ordered database where changing digits in the URL revealed other applicants scanned records, a weakness consistent with insecure direct object reference (IDOR). Leaked materials reportedly included national ID cards, passports, academic and marriage certificates, trade licences, business agreements, and other private records that could enable identity theft and targeted fraud. Officials indicated the fraud operation appeared to have been active since October 2025.
Individual in Linz, Austria
January 9, 2025
•[ financial, phishing ]
Vor neuerlichen Phishing-Attacken ber sogenannte Wiederverkaufsplattformen im Internet warnt die Arbeiterkammer Obersterreich (AK O). Einer Linzerin waren ber einen Trick ihre Kontodaten herausgelockt und rund 8.000 Euro abgebucht worden, ehe sie den Betrug bemerkte.
City of Corvallis (Councilor Paul Schaffer)
January 8, 2025
•[ hack, phishing, government ]
A Corvallis city councilor's email is hacked by a scammer and used to reach nearly 3,500 email addresses in an attempt to steal the recipients' personal information.
Stroboertje Food Bank
January 4, 2025
•[ financial, phishing, healthcare ]
Voedselbank Stroboertje in Merksem, een van de grootste voedselbanken van Antwerpen, is slachtoffer geworden van phishing. De organisatie zag inmiddels al meer dan 20.000 euro van hun rekening verdwijnen en zit met de handen in het haar. Ik denk zelfs dat we ons personeel niet gaan kunnen betalen, we gaan mensen moeten ontslaan deze maand.
Private individuals (elderly victims in Encino, California)
January 1, 2025
•[ malware, phishing, ransomware ]
Malware infection launched by phishing email locked elderly victims computer, prompting payment of 25,000 USD to scammers; suspect Tai Su was arrested when he arrived to collect another 35,000 USD and later sentenced to 10 months in federal prison.
At least one individual tricked by scam network impersonating CNN, BBC, CNBC
January 1, 2025
•[ phishing, scam, impersonation ]
Global phishing and investment scam campaign impersonating CNN, BBC, and CNBC; CTM360 identified over 17,000 fake sites used to steal identity and financial data through bogus crypto platforms like Eclipse Earn, Solara, and Vynex
