Financial Spear Phishing Digest

6h ago

W3LL AiTM Kit Takedown: Technicals of M365 BEC Phishing Disrupted

W3LL phishing-as-a-service enabled AiTM attacks on Microsoft 365 for BEC/wire fraud:

Fake portals captured credentials + session data to bypass MFA,...

Global phishing ring taken down in joint FBI Atlanta, Indonesia investigation

cbsnews.com

Global phishing ring taken down in joint FBI Atlanta, Indonesia investigation

6h ago

14h ago

Storm-2755's 7 Tactics in Spear-Phishing Payroll Fraud

Storm-2755 executes payroll pirate attacks via these 7 spear-phishing tactics targeting Canadian financial ops:

Recon: Gather employee data from...

Payroll Pirate Attacks: 7 Storm-2755 Tactics | SpoofGuard

14h ago·

spoofguard.io

14h ago

W3LL Kit Takedown Exposes AitM-Driven BEC Spear-Phishing Arsenal

Key technical insights from the W3LL phishing-as-a-service dismantlement:

End-to-end toolkit for corporate takeovers: Replicates login pages, sends...

Authorities Dismantle ‘W3LL’ Phishing Empire Powering Global Business Email Attacks

thecyberexpress.com

Authorities Dismantle ‘W3LL’ Phishing Empire Powering Global Business Email Attacks

14h ago

Layering AI-Driven Defenses on SEG: Rationale for Financial Spear-Phishing Protection

Security leaders layer adaptive AI atop secure email gateways (SEG) like Microsoft Defender to combat evolving BEC and spear-phishing in financial...

Why Security Leaders Are Layering Email Defense on Top of Secure Email Gateways

thehackernews.com

Why Security Leaders Are Layering Email Defense on Top of Secure Email Gateways

14h ago

18h ago

Financial Spear Phishing Digest · Apr 13, 2026 Daily Digest

AI-Driven Impersonation Tactics

🔥 Claude Mythos Pause: Anthropic paused Claude Mythos amid risks of supplier impersonation at scale using...

Why Anthropic paused Claude Mythos and what it means for payment security

eftsure.com

23h ago

IOC Alert: quiksmardex.pages.dev Fake DEX Phishing

Key indicators for crypto-targeted phishing via hosting abuse:

Domain IOC: quiksmardex.pages.dev impersonates a decentralized exchange
Threat: High-risk phishing luring wallet credentials or asset transfers under false promises

Urgent threat notice: quiksmardex.pages.dev – Fake Decentralized

23h ago·

phishdestroy.io

23h ago

Phishing-RAT Chain to WhatsApp Exec Impersonation for Urgent Fraud

Key TTPs in this BEC-style attack:

Phishing entry: Emails hack corporate systems
Remote access: Gain control for persistence
Impersonation:...

Cyber Security Incidents and Alerts A Snapshot of Fraud Scams and Data ...

23h ago·

kcnet.in

23h ago

Public Conference Audio Fuels CEO Voice Cloning in Enterprise Vishing

Technical sourcing in deepfake vishing: Attackers grab public audio from conferences to impersonate execs.

Wiz CEO Assaf Rappaport's conference...

Deepfake Fraud in Enterprises:Detection and ...

23h ago·

databusinesscentral.com

23h ago

Anthropic Pauses Claude Mythos: AI Scales Supplier Impersonation in BEC

Key implications for payment security:

Supplier impersonation at scale: AI generates realistic emails, invoices, and docs for BEC campaigns.
-...

Why Anthropic paused Claude Mythos and what it means for payment security

23h ago·

eftsure.com

1d ago

Financial Spear Phishing Digest · Apr 12, 2026 Daily Digest

Venom SharePoint Attacks on C-Suite

🔥 Microsoft SharePoint Venom Attack Targets C-Suite Executives By Name: Threat actors have targeted C-Suite...

Us Cybercrime Losses Pass $20b For First Time As Ai Boosts Online Fraud

redpacketsecurity.com

Us Cybercrime Losses Pass $20b For First Time As Ai Boosts Online Fraud

2d ago

AI Boosts BEC Losses in Record $20B+ US Cybercrime Surge

2025 cybercrime losses reached $20.87B, with BEC ranking #2 after investment scams in high-value financial hits.

AI complaints: 22,364 reports,...

redpacketsecurity.com

Us Cybercrime Losses Pass $20b For First Time As Ai Boosts Online Fraud

2d ago

AI Vishing Tactics and Red Flags in IRS Impersonation Scams

Key evasion tactics in AI-powered tax vishing:

Voice-cloning + spoofing: Generates natural speech in any accent/tone, paired with fake D.C. caller...

AI-powered tax scams surge ahead of April 15, IRS warns on red flags

morningoverview.com

AI-powered tax scams surge ahead of April 15, IRS warns on red flags

2d ago

VENOM PhaaS: SharePoint QR Lures Target C-Suite with Evasion Mastery

VENOM spear-phishing hits C-suite execs (CEOs, CFOs) by name across 20 sectors since Nov 2025, via compromised biz emails impersonating SharePoint...

Microsoft SharePoint Venom Attack Targets C-Suite Executives By Name

2d ago·

forbes.com

4d ago

FBI 2025 Report: $21B Cyber Losses Led by Crypto Scams, AI Fraud, and BEC

Total losses: Nearly $21B from 1M complaints, 85% from cyber fraud
Crypto scams: $11B total, $8.6B from investment fraud (75% via crypto)
-...

FBI: Crypto, AI Scams Drove Billions in Losses in 2025

govtech.com

FBI: Crypto, AI Scams Drove Billions in Losses in 2025

4d ago

Hive0117's Spear-Phishing: DarkWatchman Infects Accountants for Fake Salary Fraud

Key tactics in Hive0117's Feb-Mar 2026 campaign targeting Russian finance depts:

Tailored emails from compromised legit accounts, pw-protected...

Cybercriminals target accountants to drain Russian firms’ bank accounts

therecord.media

Cybercriminals target accountants to drain Russian firms’ bank accounts

4d ago

Financial Spear Phishing Digest · Apr 9 Daily Digest

Layered Defenses for Google Workspace

🔥 Native Protections Inadequate: Native email security in Google Workspace cannot keep up with modern...

Why layered protection matters for Google Workspace

blog.barracuda.com

Why layered protection matters for Google Workspace

4d ago

Post-Delivery Defenses Vital Against Spear-Phishing in Google Workspace Financial Gateways

Key insights on layered security for spear-phishing targeting financial workflows:

Native limits exposed: Google protections miss context in BEC...

blog.barracuda.com

Why layered protection matters for Google Workspace

4d ago

JINKUSU CAM: Real-Time Deepfake Bypassing Financial KYC Liveness Checks

JINKUSU CAM live deepfakes target financial/crypto KYC with real-time video injection.

Technique: InsightFace GPU face swapping enables fluid...

New deepfake tool shows why face alone is no longer proof of identity

biometricupdate.com

New deepfake tool shows why face alone is no longer proof of identity

4d ago

5d ago

FBI: Government Imposter Scams Explode to $800M Losses, Spear-Phishing Parallels for Finance

Rapid surge in prevalence: 32,400 complaints in 2025 vs. 17,400 in 2024 and 14,200 in 2023, ranking top five cybercrimes.

Massive financial impact:...

Government Impersonation Scams Growing Rapidly, FBI Says

fedweek.com

Government Impersonation Scams Growing Rapidly, FBI Says

5d ago

FBI 2025: $20.9B Scam Losses with BEC at $3B, AI-Aided Spear Phishing Surge

Record $20.9B total losses from internet crime, up 26% YoY – BEC ranks second at $3B across 25k complaints, targeting high-value org transactions.
-...

FBI Report: Online Scams Stole $20.9 Billion from Americans in 2025

techlicious.com

FBI Report: Online Scams Stole $20.9 Billion from Americans in 2025

5d ago

High-value BEC persistence and approval-phishing (Atlantic + Valencia + Hive0117 + Tycoon2FA + FBI stats)

Digest Calendar

Recent Posts

W3LL AiTM Kit Takedown: Technicals of M365 BEC Phishing Disrupted

Global phishing ring taken down in joint FBI Atlanta, Indonesia investigation

Storm-2755's 7 Tactics in Spear-Phishing Payroll Fraud

Payroll Pirate Attacks: 7 Storm-2755 Tactics | SpoofGuard

W3LL Kit Takedown Exposes AitM-Driven BEC Spear-Phishing Arsenal

Authorities Dismantle ‘W3LL’ Phishing Empire Powering Global Business Email Attacks

Layering AI-Driven Defenses on SEG: Rationale for Financial Spear-Phishing Protection

Why Security Leaders Are Layering Email Defense on Top of Secure Email Gateways

Financial Spear Phishing Digest · Apr 13, 2026 Daily Digest

AI-Driven Impersonation Tactics

Why Anthropic paused Claude Mythos and what it means for payment security

IOC Alert: quiksmardex.pages.dev Fake DEX Phishing

Urgent threat notice: quiksmardex.pages.dev – Fake Decentralized

Phishing-RAT Chain to WhatsApp Exec Impersonation for Urgent Fraud

Cyber Security Incidents and Alerts A Snapshot of Fraud Scams and Data ...

Public Conference Audio Fuels CEO Voice Cloning in Enterprise Vishing

Deepfake Fraud in Enterprises:Detection and ...

Anthropic Pauses Claude Mythos: AI Scales Supplier Impersonation in BEC

Why Anthropic paused Claude Mythos and what it means for payment security

Financial Spear Phishing Digest · Apr 12, 2026 Daily Digest

Venom SharePoint Attacks on C-Suite

Us Cybercrime Losses Pass $20b For First Time As Ai Boosts Online Fraud

AI Boosts BEC Losses in Record $20B+ US Cybercrime Surge

Us Cybercrime Losses Pass $20b For First Time As Ai Boosts Online Fraud

AI Vishing Tactics and Red Flags in IRS Impersonation Scams

AI-powered tax scams surge ahead of April 15, IRS warns on red flags

VENOM PhaaS: SharePoint QR Lures Target C-Suite with Evasion Mastery

Microsoft SharePoint Venom Attack Targets C-Suite Executives By Name

FBI 2025 Report: $21B Cyber Losses Led by Crypto Scams, AI Fraud, and BEC

FBI: Crypto, AI Scams Drove Billions in Losses in 2025

Hive0117's Spear-Phishing: DarkWatchman Infects Accountants for Fake Salary Fraud

Cybercriminals target accountants to drain Russian firms’ bank accounts

Financial Spear Phishing Digest · Apr 9 Daily Digest

Layered Defenses for Google Workspace

Why layered protection matters for Google Workspace

Post-Delivery Defenses Vital Against Spear-Phishing in Google Workspace Financial Gateways

Why layered protection matters for Google Workspace

JINKUSU CAM: Real-Time Deepfake Bypassing Financial KYC Liveness Checks

New deepfake tool shows why face alone is no longer proof of identity

FBI: Government Imposter Scams Explode to $800M Losses, Spear-Phishing Parallels for Finance

Government Impersonation Scams Growing Rapidly, FBI Says

FBI 2025: $20.9B Scam Losses with BEC at $3B, AI-Aided Spear Phishing Surge

FBI Report: Online Scams Stole $20.9 Billion from Americans in 2025