Welcome to our blog, where we share the latest phishing and scam news that caught our attention. From new threats to evolving tactics, we highlight the most relevant stories and insights to help you stay informed and protect yourself online.
Don’t Click That Link: These 10 Brands Are Being Spoofed the Most
Scammers are getting bolder and more convincing, with cyber experts at Guardio revealing the top 10 most impersonated brands in phishing schemes—names like Microsoft, Facebook, Netflix, Coinbase, and even the Australian government. These phishing emails often mimic urgent alerts, prompting users to click bogus links and unknowingly hand over login credentials. With AI making fake websites look more realistic than ever, it’s getting harder to spot the fakes. At emailSONAR, we help you fight back—just forward any suspicious email, and we’ll analyze it for phishing risks so you don’t have to guess. Stay alert, and never trust links in unsolicited messages—especially if it “feels” urgent.
Phishing Gone Too Far: The $27K Scam That Started with an Email
A recent Apple ID phishing scam cost an Ohio man $27,000 after cybercriminals tricked him into believing his account was compromised. The scammers showed up to his place of residence and convinced him to hand over the amount in cash. This elaborate attack highlights how phishing can escalate beyond emails and texts into real-world danger. At emailSONAR, we’re here to help you detect threats before they escalate. Protect yourself—forward suspicious emails to us and stay safe.
emailSONAR: The 7th Layer of Security You Didn’t Know You Needed
CyberGuy.com recently exposed a sneaky bank phishing scam that looks frighteningly official—complete with real logos, urgent security warnings, and even polished formatting—but actually installs malware or steals credentials through fake links or spoofed sender addresses. These attackers often use fear and urgency to trick victims into clicking, exposing them to serious risk .
You can significantly bolster your security with six standard defenses like antivirus tools, strong passwords, multi-factor authentication, and software updates. But here’s where emailSONAR shines as your 7th layer of protection: no technical know-how, no downloads, no apps—just forward the suspicious email to emailSONAR and instantly receive a clear, plain-English analysis. Fast. Simple. Effective. Sign up today and give phishing a fail-safe obstacle.
Why emailSONAR Should Be Your First Move Against Suspicious Emails
The IRS and its Security Summit have issued a warning to tax professionals about a surge in increasingly sophisticated phishing attacks—including spear phishing, clone phishing, whaling, and fake “new client” schemes—that can spread malware or steal sensitive financial data . To protect against these threats, they recommend a “Security Six” approach: updated antivirus, firewalls, multi‑factor authentication, routine backups, drive encryption, and VPNs .
emailSONAR counts as the 7th measure—and it’s by far the easiest. You don’t need any technical skills or new software: simply forward suspect emails to emailSONAR and receive a plain-English security report. It’s instant, effortless, and a simple but powerful addition to your cybersecurity toolkit.
HR-Themed Phishing Emails Among Most-Clicked in Q2 — What That Means for Your Business
Employees last quarter were most likely to click on phishing emails masquerading as internal HR or IT communications—accounting for 42.5% and 21.5% of failures in KnowBe4 simulations, respectively—and nearly all of the top 10 most-clicked phishing templates had internal themes, often using familiar subject lines like “Time Off Request” or “Performance Review” . That makes polymorphic, HR-themed phishing especially dangerous, as it exploits employee trust and internal urgency.
emailSONAR isn’t just for individuals—it’s perfect for small businesses, too. Whether you’re a solopreneur or a tight-knit team, emailSONAR arms you with plain‑English risk reports and automated protection to stop internal‑looking scam emails in their tracks—no fancy setup needed.
What Is Polymorphic Phishing?
Polymorphic phishing is a sneaky type of scam where each email is slightly altered—changing subject lines, sender names, links, and design—to avoid detection by spam filters. These constant changes make it hard for traditional systems to recognize the threat. That’s where emailSONAR helps: by analyzing hidden patterns, technical metadata, and suspicious behaviors across emails, it spots the red flags no matter how the message is disguised—giving you a clear, plain-English risk report to stay safe.
AI-Driven Phishing Attacks Are Outsmarting Employees
A recent study of 2,000 UK employees by Dojo reveals a growing cybersecurity threat: AI-generated phishing emails are increasingly fooling staff—56% failed to distinguish them from legitimate messages, despite being confident in their judgment. Even higher-level employees fared poorly: 66% of executives and 73% of founders fell for convincing scam emails mimicking services like Google, Dropbox, or Slack, complete with polished grammar and familiar formatting. One tactic involved spoofing a CEO’s urgent request, tricking 68% of entry‑level workers. The study highlights how generative AI is elevating phishing threats beyond traditional indicators, underscoring the need for stronger domain authentication, regular simulated attacks, and focused training—especially for roles in finance and administration—to address the human vulnerability that remains the biggest risk.
Delete Any Texts On Your Phone That Include These 3 Letters
In his Forbes article, Zak Doffman warns smartphone users about a surge in “smishing” attacks—SMS phishing scams—linked to organized cybercriminal groups, notably the Smishing Triad. These scams often involve text messages impersonating toll services or delivery companies, urging recipients to settle fake unpaid fees via links containing deceptive terms. Such links frequently use obscure top-level domains like “.TOP” or “.XIN,” associated with malicious Chinese domains. Alarmingly, these fraudulent domains are short-lived, often active for just 24 hours, complicating efforts to block them effectively. The FBI advises users to delete any unsolicited texts containing suspicious links immediately and to avoid clicking on links or opening attachments from unknown sources to protect against these sophisticated scams.
‘Venom Spider’ Targets Hiring Managers in Phishing Scheme
A recent spear-phishing campaign orchestrated by the cybercriminal group “Venom Spider” has been targeting hiring managers and recruiters by masquerading as job applicants. These deceptive emails contain malicious attachments, such as fake résumés, which, when opened, deploy a backdoor malware known as “More_eggs.” This malware grants attackers remote access to the victim’s system, enabling data theft and further infiltration. The campaign exploits the routine responsibilities of HR professionals, who frequently open attachments from unknown sources, making them particularly vulnerable. This incident underscores the critical need for organizations to implement robust cybersecurity training and protocols, especially for departments like HR that are susceptible to such targeted attacks.
E-ZPass toll payment texts return in massive phishing wave
A recent phishing campaign has resurfaced, targeting individuals with fraudulent text messages that impersonate E-ZPass and other toll agencies. These messages claim recipients have unpaid tolls and direct them to malicious websites designed to steal personal and financial information. The FBI has reported over 2,000 complaints related to such scams since March 2024, indicating a widespread issue affecting multiple states. Authorities advise the public to avoid clicking on links in unsolicited texts, verify any outstanding tolls through official channels, and report suspicious messages to the Internet Crime Complaint Center (IC3).
Users Face New Phishing Threats From Sophisticated Scam Kit
In a recent Forbes article, cybersecurity expert Alex Vakulov highlights the emergence of a sophisticated phishing scam kit that poses significant threats to users. This kit enables cybercriminals to create nearly identical replicas of legitimate single sign-on (SSO) pages, facilitating the theft of sensitive information such as usernames, passwords, and even photo IDs. The attackers employ a combination of email, SMS, and voice phishing techniques, often impersonating customer support representatives to deceive victims into divulging their credentials. Notably, the phishing pages incorporate CAPTCHA tests to evade automated detection tools, enhancing their deceptive effectiveness. Vakulov emphasizes the importance of heightened vigilance and the adoption of robust security measures to combat these evolving phishing tactics.
How to spot this new PayPal email scam
A recent phishing scam involves emails appearing to come from service@paypal.com, falsely notifying recipients of a new mailing address added to their account and unauthorized purchases, such as expensive items like MacBooks. The email urges recipients to call a provided toll-free number, where scammers instruct them to download software that installs malware, compromising personal and financial information. Notably, scammers exploit PayPal’s feature allowing multiple addresses by inserting fraudulent messages in the “Address 2” field, making the emails seem legitimate. Users are advised to avoid calling unsolicited numbers or downloading unknown software, and to verify account changes directly through PayPal’s official website.
Why you should never, ever delete spam email
According to a recent PCWorld article, instead of simply deleting spam emails, it’s more effective to mark them as spam or junk. This action helps train your email client’s spam filter to better recognize and filter out unwanted messages in the future. By doing so, you contribute to the improvement of spam detection systems, reducing the likelihood of similar emails reaching your inbox.
Urgent warning issued to all Netflix users over new email scam which allows hackers to steal your money
Netflix users are being alerted to a sophisticated phishing scam where AI-generated emails, mimicking official Netflix communications, falsely claim issues with billing information and prompt users to update their payment details. These emails, with subjects like “let’s tackle your payment details,” direct recipients to fake websites designed to steal personal and financial information. Users are advised to verify such requests by logging into their official Netflix account directly and to avoid clicking on unsolicited links or providing sensitive information through email.
How Phished Data Turns into Apple & Google Wallets
A recent investigation by KrebsOnSecurity reveals that cybercriminals, particularly from China, are revitalizing the carding industry by converting phished payment card data into mobile wallets compatible with Apple Pay and Google Pay. These criminals deploy sophisticated phishing kits that send deceptive messages via Apple iMessage and RCS, impersonating entities like the U.S. Postal Service or toll road operators. Victims who enter their card details on these fraudulent sites inadvertently provide one-time passcodes, allowing attackers to link the stolen card information to mobile wallets on devices they control. These compromised devices, each loaded with multiple digital wallets, are then sold in bulk or used for fraudulent transactions through fake e-commerce setups. Additionally, some groups offer advanced tools, such as the “ZNFC” Android app, enabling the relay of NFC transactions globally, further facilitating unauthorized tap-to-pay purchases.
