• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar
  • Skip to footer

Sucuri Blog

Website Security News

  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Enterprise Website Security
    • Multisite Solutions
  • Features
    • Detection
    • Protection
    • Performance
    • Response
    • Backups
  • Partners
    • Agency Solutions
    • Partners
    • Referral Program
    • Ecommerce
  • Resources
    • Guides
    • Webinars
    • Infographics
    • SiteCheck
    • Reports
    • Email Courses
  • Immediate Help
  • Login

Phishing

Trojan Spyware and BEC Attacks

March 3, 2021Luke Leal

Trojan Spyware and BEC Attacks

When it comes to an organization’s security, business email compromise (BEC) attacks are a big problem. One primary reason impacts are so significant is that attacks often use a human victim to authorize a fraudulent transaction to bypass existing security controls that would normally be…

Read More about Trojan Spyware and BEC Attacks

Phishing Campaign

January 26, 2021Luke Leal

Phishing & Malspam with Leaf PHPMailer

It’s common knowledge that attackers often use email as a delivery mechanism for their malicious activity — which can range from enticing victims to click a phishing URL or download…

Read More about Phishing & Malspam with Leaf PHPMailer

Phishing Campaign

January 14, 2021Luke Leal

Real-Time Phishing Kit Targets Brazilian Central Bank

We recently found an interesting phishing kit on a compromised website that has QR code capabilities, along with the ability to control the phishing page in real time. What our…

Read More about Real-Time Phishing Kit Targets Brazilian Central Bank

Return to the City of Cron - Malware Infections on Joomla and WordPress

November 5, 2020Luke Leal

ALFA TEaM Shell ~ v4.1-Tesla: A Feature Update Analysis

We’ve seen a wider variety of PHP web shells being used by attackers this year —  including a number of shells that have been significantly updated in an attempt to…

Read More about ALFA TEaM Shell ~ v4.1-Tesla: A Feature Update Analysis

Stylish Magento Card Stealer loads Without Script Tags

November 2, 2020Denis Sinegubko

CSS-JS Steganography in Fake Flash Player Update Malware

This summer, MalwareBytes researcher Jérôme Segura wrote an article about how criminals use image files (.ico) to hide JavaScript credit card stealers on compromised e-commerce sites. In a tweet, Affable…

Read More about CSS-JS Steganography in Fake Flash Player Update Malware

Labs Note

October 14, 2020Luke Leal

Magento Phishing Leverages JavaScript For Exfiltration

During a recent investigation, a Magento admin login phishing page was found on a compromised website using the file name wp-order.php. This is an odd file name choice for a…

Read More about Magento Phishing Leverages JavaScript For Exfiltration

Labs Note

October 1, 2020Luke Leal

GFX Xsender Hack Tool: A Spam Mailer

PHP hack tools are created and used by attackers to help automate frequent or tedious tasks. During a recent investigation, we came across a hack tool used to simplify the…

Read More about GFX Xsender Hack Tool: A Spam Mailer

Why Hackers Create Phishing Campaigns

September 22, 2020Luke Leal

Phishing Page Targets AT&T’s Employee Multi-Factor Authentication

Employees at companies of all sizes can be targets of phishing attacks, but certain corporations or industries can be more valuable to an attacker than others. For instance, employees at…

Read More about Phishing Page Targets AT&T’s Employee Multi-Factor Authentication

DMARC security

September 15, 2020Kaushal Bhavsar

Missing DMARC Records Lead to Phishing

Email will continue to be the dominant mode of digital communication for the foreseeable future. However, the email framework was not designed with security in mind. There still are security…

Read More about Missing DMARC Records Lead to Phishing

Person in sweatshirt with hood

July 13, 2020Luke Leal

Spox Phishing Kit Harvests Chase Bank Credentials

Phishing kits are the back end components to a phishing attack and are often designed to make it easier to deploy a phishing page. These kits are typically bundled in…

Read More about Spox Phishing Kit Harvests Chase Bank Credentials

Meet the Victims of Online Scams

May 28, 2020Art Martori

Meet the Victims of Online Scams

Imagine a lonely person who’s looking for romantic companionship, so they turn to the internet. Picture someone who’s terribly anxious for news about an online payment that will ease their…

Read More about Meet the Victims of Online Scams

Primary Sidebar

Socialize With Sucuri

We're actively engaged across multiple platforms. Follow us and let's connect!

  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
  • RSS Feed

Join Over 20,000 Subscribers!

Footer

Products

  • Website Firewall
  • Website AntiVirus
  • Website Backups
  • WordPress Security
  • Enterprise Services

Solutions

  • DDos Protection
  • Malware Detection
  • Malware Removal
  • Malware Prevention
  • Blacklist Removal

Support

  • Blog
  • Knowledge Base
  • SiteCheck
  • Research Labs
  • FAQ

Company

  • About
  • Media
  • Events
  • Employment
  • Contact
  • Testimonials
  • Facebook
  • Twitter
  • LinkedIn
  • Instagram

Customer Login

Sucuri Home

  • Terms of Use
  • Privacy Policy
  • Frequently Asked Questions

© 2022 Sucuri Inc. All rights reserved

Sucuri Cookie Policy
See our policy>>

Our website uses cookies, which help us to improve our site and enables us to deliver the best possible service and customer experience.