Phishing & social engineering evolution: quishing, ClickFix, Graph API abuse & MFA bypass
Key Questions
What is Meta Business Manager phishing?
Attackers hijack genuine Meta infrastructure to send scam emails that steal Facebook credentials from business accounts.
How does M365 passkey vishing work?
Attackers use live operators in vishing calls to trick users into enrolling attacker-controlled Entra passkeys for Microsoft 365 accounts.
What is the Odyssey Stealer campaign targeting?
Odyssey Stealer targets macOS users across 100+ countries using ClickFix lures and trojanized crypto wallet apps to steal credentials and extensions.
What is Ghost phishing and how does it evade detection?
Ghost phishing uses AES-GCM encrypted pages and steganography in the EvilTokens kit to deliver Remcos while exploiting browser blind spots.
How are AI phishing kits affecting organizations?
Commoditized AI phishing kits have driven a 58% increase in breaches according to Dutch data protection authorities.
What is the AnyDesk phishing campaign targeting?
The campaign targets Russian aerospace organizations using fake invoices to trick victims into installing AnyDesk for remote access.
What is Kali365 PhaaS?
Kali365 is a phishing-as-a-service platform that enables device code phishing and other advanced social engineering attacks.
How do Meta Verified scams operate?
Scammers impersonate Meta to threaten Facebook account deletion unless users pay for verified status or provide credentials.
Evolving phishing tactics. New: Meta Business Manager phishing hijacking genuine Meta infrastructure; M365 passkey vishing with live operator; AnyDesk phishing targeting aerospace; Odyssey Stealer macOS campaign using ClickFix lures and trojanized wallet apps; AI Phishing kits commoditized driving 58% breach surge. Ongoing: Ghost phishing with AES-GCM encrypted pages, steganography delivering Remcos, Meta Verified scam, Kali365 PhaaS, device code phishing.