Inside a USPS Smishing Campaign: How a Phishing Kit Uses Real USPS Assets and WebSocket Data Theft
Executive Summary It Starts With a Text Message You know the message. Everyone has gotten one. A package could not be delivered, there is an unpaid customs fee or a bad address, and here is a helpful…
Read the full articleYou might also wanna read
What is Smishing?
In this blog, we explain what smishing is and what measures you can put in place to avoid these kinds of phishing attacks.
What Is Smishing and How Can You Protect Yourself Against It?
Even if you’ve never heard of “smishing” you have almost certainly been the target of this type of cyber fraud. Smishing weaponizes SMS mess

Phishing Campaign Leveraging the NPM Ecosystem
A new phishing campaign weaponizes NPM and the unpkg CDN. Over 175 throwaway packages are used to host scripts that redirect users to creden

Google Spoofed Via DKIM Replay Attack: Unveiling a Real-World Phishing Case
Learn how a Google spoof used a DKIM replay attack to bypass email security and trick users with a fake subpoena in this real-world phishing
easydmarc.com·11mo ago
Devious phishing campaign hijacks a genuine Meta business feature to send scam emails — as they really do come from Meta's own address
Meta has put a stop to this attack, after adding additional safeguards.
Hook, line, and vault: A technical deep dive into the 1Phish kit
We analyze the evolution of the 1Phish phishing kit from a basic credential harvester into an MFA-aware, multi-stage phishing kit targeting

Comments
Sign in to join the conversation.
No comments yet. Be the first.