EPISODE · Jun 20, 2025 · 5 MIN
SANS Stormcast Friday, June 20th, 2025: New Employee Phishing; Malicious Tech Support Links; Social Engineering App Sepecific Passwords
from SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) · host Johannes Ullrich
How Long Until the Phishing Starts? About Two Weeks After setting up a Google Workspace and adding a new user, it took only two weeks for the new employee to receive somewhat targeted phishing emails.https://isc.sans.edu/diary/How%20Long%20Until%20the%20Phishing%20Starts%3F%20About%20Two%20Weeks/32052 Scammers hijack websites of Bank of America, Netflix, Microsoft, and more to insert fake phone numbers Scammers are placing Google ads that point to legitimate companies sites, but are injecting malicious text into the page advertising fake tech support numbershttps://www.malwarebytes.com/blog/news/2025/06/scammers-hijack-websites-of-bank-of-america-netflix-microsoft-and-more-to-insert-fake-phone-number What s in an ASP? Creative Phishing Attack on Prominent Academics and Critics of Russia Targeted attacks are tricking victims into creating app-specific passwords to Google resources.https://cloud.google.com/blog/topics/threat-intelligence/creative-phishing-academics-critics-of-russia
What this episode covers
How Long Until the Phishing Starts? About Two Weeks After setting up a Google Workspace and adding a new user, it took only two weeks for the new employee to receive somewhat targeted phishing emails.https://isc.sans.edu/diary/How%20Long%20Until%20the%20Phishing%20Starts%3F%20About%20Two%20Weeks/32052 Scammers hijack websites of Bank of America, Netflix, Microsoft, and more to insert fake phone numbers Scammers are placing Google ads that point to legitimate companies sites, but are injecting malicious text into the page advertising fake tech support numbershttps://www.malwarebytes.com/blog/news/2025/06/scammers-hijack-websites-of-bank-of-america-netflix-microsoft-and-more-to-insert-fake-phone-number What s in an ASP? Creative Phishing Attack on Prominent Academics and Critics of Russia Targeted attacks are tricking victims into creating app-specific passwords to Google resources.https://cloud.google.com/blog/topics/threat-intelligence/creative-phishing-academics-critics-of-russia
NOW PLAYING
SANS Stormcast Friday, June 20th, 2025: New Employee Phishing; Malicious Tech Support Links; Social Engineering App Sepecific Passwords
No transcript for this episode yet
Similar Episodes
Mar 26, 2026 ·1m
Jan 2, 2026 ·47m
Dec 21, 2025 ·46m