![Kb4Threatlabs's tweet photo. PHISHING ALERT: Attackers Exploiting Your Security Consciousness Against You
KnowBe4 ThreatLabs has identified an active phishing campaign exploiting account security fears to harvest credentials from multiple platforms (Microsoft 365, Gmail, Adobe, and various other services). Analysis reveals stolen data is transmitted directly to Telegram bots, with infrastructure suggesting a Phishing-as-a-Service operation allowing Threat actors to configure their own Telegram bot tokens and chat IDs for credential collection.
This platform-agnostic approach maximizes credential harvesting regardless of service type, prioritizing volume and versatility over targeted collection.
IOC's
Email Subjects:
Email Suspension Notice
Account Suspension Notice
Email account deletion and suspension notice
URL's:
hXXps://cooperative-dog-answer.glitch[.]me/?email=
hXXps://graceful-lace-scene.glitch[.]me/?email=
hXXps://balanced-spotty-bulb.glitch[.]me/?email=
hXXps://obtainable-lacy-concrete.glitch[.]me/?email=
hXXps://gleaming-prickle-editor.glitch[.]me/#
hXXps://bafkreigf4lbjar6kblfuw5vtxosdaa2cg5ntv7sl2a3fhl47xangdqmiba.ipfs.dweb[.]link/#
hXXps://bloomdesign[.]biz/apps/thumbnail_tempiattee.php
hXXps://local-rhinestone-burglar.glitch[.]me/# (Adobe creds harvesting)
hXXps://saber-grove-agustinia.glitch[.]me/?email=
hXXps://telling-winter-banjo.glitch[.]me/?email=
hXXps://uttermost-protective-frame.glitch[.]me/?email=
hXXps://victorious-capable-math.glitch[.]me/#
hXXps://vine-lean-bathtub.glitch[.]me/?email=
#PhishingAlert #TelegramExfiltration #PhaaS #CredentialTheft #ThreatIntel #PhishingKits](https://pbs.twimg.com/media/GpOPGEpbYAAs3Mj.jpg)
![Kb4Threatlabs's tweet photo. PHISHING ALERT: Attackers Exploiting Your Security Consciousness Against You
KnowBe4 ThreatLabs has identified an active phishing campaign exploiting account security fears to harvest credentials from multiple platforms (Microsoft 365, Gmail, Adobe, and various other services). Analysis reveals stolen data is transmitted directly to Telegram bots, with infrastructure suggesting a Phishing-as-a-Service operation allowing Threat actors to configure their own Telegram bot tokens and chat IDs for credential collection.
This platform-agnostic approach maximizes credential harvesting regardless of service type, prioritizing volume and versatility over targeted collection.
IOC's
Email Subjects:
Email Suspension Notice
Account Suspension Notice
Email account deletion and suspension notice
URL's:
hXXps://cooperative-dog-answer.glitch[.]me/?email=
hXXps://graceful-lace-scene.glitch[.]me/?email=
hXXps://balanced-spotty-bulb.glitch[.]me/?email=
hXXps://obtainable-lacy-concrete.glitch[.]me/?email=
hXXps://gleaming-prickle-editor.glitch[.]me/#
hXXps://bafkreigf4lbjar6kblfuw5vtxosdaa2cg5ntv7sl2a3fhl47xangdqmiba.ipfs.dweb[.]link/#
hXXps://bloomdesign[.]biz/apps/thumbnail_tempiattee.php
hXXps://local-rhinestone-burglar.glitch[.]me/# (Adobe creds harvesting)
hXXps://saber-grove-agustinia.glitch[.]me/?email=
hXXps://telling-winter-banjo.glitch[.]me/?email=
hXXps://uttermost-protective-frame.glitch[.]me/?email=
hXXps://victorious-capable-math.glitch[.]me/#
hXXps://vine-lean-bathtub.glitch[.]me/?email=
#PhishingAlert #TelegramExfiltration #PhaaS #CredentialTheft #ThreatIntel #PhishingKits](https://pbs.twimg.com/media/GpOO96xaYAAu7g_.jpg)
![Kb4Threatlabs's tweet photo. PHISHING ALERT: Attackers Exploiting Your Security Consciousness Against You
KnowBe4 ThreatLabs has identified an active phishing campaign exploiting account security fears to harvest credentials from multiple platforms (Microsoft 365, Gmail, Adobe, and various other services). Analysis reveals stolen data is transmitted directly to Telegram bots, with infrastructure suggesting a Phishing-as-a-Service operation allowing Threat actors to configure their own Telegram bot tokens and chat IDs for credential collection.
This platform-agnostic approach maximizes credential harvesting regardless of service type, prioritizing volume and versatility over targeted collection.
IOC's
Email Subjects:
Email Suspension Notice
Account Suspension Notice
Email account deletion and suspension notice
URL's:
hXXps://cooperative-dog-answer.glitch[.]me/?email=
hXXps://graceful-lace-scene.glitch[.]me/?email=
hXXps://balanced-spotty-bulb.glitch[.]me/?email=
hXXps://obtainable-lacy-concrete.glitch[.]me/?email=
hXXps://gleaming-prickle-editor.glitch[.]me/#
hXXps://bafkreigf4lbjar6kblfuw5vtxosdaa2cg5ntv7sl2a3fhl47xangdqmiba.ipfs.dweb[.]link/#
hXXps://bloomdesign[.]biz/apps/thumbnail_tempiattee.php
hXXps://local-rhinestone-burglar.glitch[.]me/# (Adobe creds harvesting)
hXXps://saber-grove-agustinia.glitch[.]me/?email=
hXXps://telling-winter-banjo.glitch[.]me/?email=
hXXps://uttermost-protective-frame.glitch[.]me/?email=
hXXps://victorious-capable-math.glitch[.]me/#
hXXps://vine-lean-bathtub.glitch[.]me/?email=
#PhishingAlert #TelegramExfiltration #PhaaS #CredentialTheft #ThreatIntel #PhishingKits](https://pbs.twimg.com/media/GpOO0PgX0AASakx.jpg)
Olivia
Online
Martin J. Kraemer
@markraemer
CISO Advisor, Europe & Middle East @KnowBe4 and Usable Privacy Researcher | DPhil in Cyber Security @UniofOxford | views are my own
Dubai, United Arab Emirates
Joined July 2011
275 Following
268 Followers
318 Posts
https://t.co/7qNYIZkMLK
PHISHING ALERT: Attackers Exploiting Your Security Consciousness Against You
KnowBe4 ThreatLabs has identified an active phishing campaign exploiting account security fears to harvest credentials from multiple platforms (Microsoft 365, Gmail, Adobe, and various other services). Analysis reveals stolen data is transmitted directly to Telegram bots, with infrastructure suggesting a Phishing-as-a-Service operation allowing Threat actors to configure their own Telegram bot tokens and chat IDs for credential collection.
This platform-agnostic approach maximizes credential harvesting regardless of service type, prioritizing volume and versatility over targeted collection.
IOC's
Email Subjects:
Email Suspension Notice
Account Suspension Notice
Email account deletion and suspension notice
URL's:
hXXps://cooperative-dog-answer.glitch[.]me/?email=
hXXps://graceful-lace-scene.glitch[.]me/?email=
hXXps://balanced-spotty-bulb.glitch[.]me/?email=
hXXps://obtainable-lacy-concrete.glitch[.]me/?email=
hXXps://gleaming-prickle-editor.glitch[.]me/#
hXXps://bafkreigf4lbjar6kblfuw5vtxosdaa2cg5ntv7sl2a3fhl47xangdqmiba.ipfs.dweb[.]link/#
hXXps://bloomdesign[.]biz/apps/thumbnail_tempiattee.php
hXXps://local-rhinestone-burglar.glitch[.]me/# (Adobe creds harvesting)
hXXps://saber-grove-agustinia.glitch[.]me/?email=
hXXps://telling-winter-banjo.glitch[.]me/?email=
hXXps://uttermost-protective-frame.glitch[.]me/?email=
hXXps://victorious-capable-math.glitch[.]me/#
hXXps://vine-lean-bathtub.glitch[.]me/?email=
#PhishingAlert #TelegramExfiltration #PhaaS #CredentialTheft #ThreatIntel #PhishingKits
![Kb4Threatlabs's tweet photo. PHISHING ALERT: Attackers Exploiting Your Security Consciousness Against You
KnowBe4 ThreatLabs has identified an active phishing campaign exploiting account security fears to harvest credentials from multiple platforms (Microsoft 365, Gmail, Adobe, and various other services). Analysis reveals stolen data is transmitted directly to Telegram bots, with infrastructure suggesting a Phishing-as-a-Service operation allowing Threat actors to configure their own Telegram bot tokens and chat IDs for credential collection.
This platform-agnostic approach maximizes credential harvesting regardless of service type, prioritizing volume and versatility over targeted collection.
IOC's
Email Subjects:
Email Suspension Notice
Account Suspension Notice
Email account deletion and suspension notice
URL's:
hXXps://cooperative-dog-answer.glitch[.]me/?email=
hXXps://graceful-lace-scene.glitch[.]me/?email=
hXXps://balanced-spotty-bulb.glitch[.]me/?email=
hXXps://obtainable-lacy-concrete.glitch[.]me/?email=
hXXps://gleaming-prickle-editor.glitch[.]me/#
hXXps://bafkreigf4lbjar6kblfuw5vtxosdaa2cg5ntv7sl2a3fhl47xangdqmiba.ipfs.dweb[.]link/#
hXXps://bloomdesign[.]biz/apps/thumbnail_tempiattee.php
hXXps://local-rhinestone-burglar.glitch[.]me/# (Adobe creds harvesting)
hXXps://saber-grove-agustinia.glitch[.]me/?email=
hXXps://telling-winter-banjo.glitch[.]me/?email=
hXXps://uttermost-protective-frame.glitch[.]me/?email=
hXXps://victorious-capable-math.glitch[.]me/#
hXXps://vine-lean-bathtub.glitch[.]me/?email=
#PhishingAlert #TelegramExfiltration #PhaaS #CredentialTheft #ThreatIntel #PhishingKits](https://pbs.twimg.com/media/GpOPMwSbYAAtzKE.jpg)
Worth my first post in a long time. We now have a dedicated account to publish threat intel. Check out @Kb4Threatlabs
@KnowBe4 #humanriskmanagement #cybersecurity
Security advocate Martin Kraemer supports Australia's proposed social media age bans for teens, emphasising the need for strong enforcement and better education for parents and schools. #SocialMedia #Australia #TeensOnlineSafety https://t.co/cST1E5yJcJ
Who to follow
Mariam Nouh | مـريـم نـوح 
@MA_Nouh
VP Economies of the Future sector @KACST | Alumni @UniofOxford | DPhil Cyber Security | Photography @NYIP | Personal Account
electronic Max
@emax
Max Van Kleek–Assoc Prof @CompSciOxford, a16z speedrun sr006,
Scientist/Builder/Founder, Human-AI Interaction, Future of Work. 🇺🇸/🇬🇧 🌈
NeMe
@NeMeOrg
#nonprofit, #Cyprus #cultural #NGO founded in 2004. Works with #theories & their intersection with the #arts. https://t.co/KG1QX0dlRh
📢‼️ Weltweit kommt es derzeit zu IT-Ausfällen in zahlreichen Branchen. Auch in 🇩🇪 gibt es betroffene Unternehmen, darunter Betreiber Kritischer Infrastrukturen.
Nach aktuellem Erkenntnisstand gibt es keine Hinweise auf einen Cyberangriff.
👉 https://t.co/PWhT6frkuZ
Check out my latest article: Why people cannot be the 'weakest' link in cybersecurity https://t.co/72chlq4bv3 via @LinkedIn
https://t.co/jhUnSOxEFj
A simple question for all of you working in #securityawareness and #humanrisk.
𝗧𝗵𝗲 𝘀𝗸𝗶𝗹𝗹𝘀 𝗻𝗲𝗲𝗱𝗲𝗱 𝗮𝘀 𝗮 𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗮𝘄𝗮𝗿𝗲𝗻𝗲𝘀𝘀 / 𝗵𝘂𝗺𝗮𝗻 𝗿𝗶𝘀𝗸 𝗽𝗿𝗼𝗳𝗲𝘀𝘀𝗶𝗼𝗻𝗮𝗹 𝗶𝗻 𝟮𝟬𝟯𝟬 𝗮𝗿𝗲 𝘁𝗵𝗲 𝘀𝗮𝗺𝗲 𝘀𝗸𝗶𝗹𝗹𝘀 𝗻𝗲𝗲𝗱𝗲𝗱 𝘁𝗼𝗱𝗮𝘆.
Check out the latest article in my newsletter: Real or Not, Here I Come, You Can't Hide https://t.co/t9IpdLBPuT via @LinkedIn
@roepkix @EuroUsec @IngolfBecker @RWTH @gameandlearning That all sounds really interesting. Thanks for sharing! Looking forward to reading both papers
Loving the focus of these positions as they promise much needed research insights.
How AI mediates social dynamics matters in everyday life as much as at work and in any other place.
Would love to see a lot more focus on these topics.
The Stanford Social Media Lab @StanfordSML is hiring *3* postdocs next year, one focusing on misinformation, one on AI, and the third on social media and mental health. Check out the postings here: https://t.co/1YO2V9pmwG. Please share with anyone who might be interested!!
it-sa 2023 - Besuchen Sie den Vortrag von Martin Kraemer, Security Awareness Advocate bei KnowBe4. Martin wird zeigen, wie Sie Daten zum Return-on-Security-Investment nutzen können, um den Aufbau Ihres Security-Awareness-Programms zu rechtfertigen. https://t.co/8cJdyzLogI #itsa
Desinformation, die wahre Gefahr generativer KI für die IT-Sicherheit in Unternehmen?
Jetzt gleich im Thought Leadership Beitrag bei IT-Daily um 14:30 Uhr (GMT+2).
https://t.co/1FuhhlIPly
A trust crisis is amplified by the emergence of generative AI. It must concern organizations and society alike.
https://t.co/CF8pMjrc0r
Join us at the forefront of scam prevention at the 4th Global Anti-Scam Summit 18 October in Lisbon.@markraemer will join industry leaders as they navigate the intricacies of the digital age. We hope to see you there! #GASS2023 https://t.co/qKodKr9ShE
A trust crisis is amplified by the emergence of generative AI. It must concern organizations and society alike.
https://t.co/CF8pMjrc0r
Im Webinar der KnowBe4 GmbH vermittelt @markraemer Know-how „von der Sensibilisierungskampagne zu sicheren Verhaltensweisen". Interessierte Teilnehmende der ACS dürfen exklusiv kostenfrei teilnehmen: https://t.co/hbwbXGXHjK #digitalundsicher #DeutschlandDigitalSicherBSI
Besuchen Sie den Vortrag von Dr. Martin Kraemer, Security Awareness Advocate bei KnowBe4, auf der it-sa. Martin wird erörtern, wie Sie Security Awareness nutzen, um Ihre Sicherheitskultur nachhaltig zu fördern. https://t.co/g5I1c5QGSY #itsa
🤖📊Excited to announce our new paper “Artificially Intelligent Opinion Polling” -https://t.co/kKgenVsFOG.
Powered by social-media and LLMs, AI Polling drastically reduces costs and increases availability of precise, high-frequency, sub-national estimates of preferences...
Some bits for researchers and professionals alike.
Why does the sound of voices matter for #cybersecurity?
I did some digging. Read how we perceive voices, accents, and language.
https://t.co/9UlRHZeVzg
#hci #ai @KnowBe4 @knowbe4germany
https://t.co/FVzmN7Rd9w
New paper: “It becomes more of an abstract idea, this privacy”
We explore familial use of smarthome technologies to inform the design for communal privacy experiences.
With @georgechalhoub, Helena Webb, and Ivan Flechais.
@Ox_CyberSec @CompSciOxford
https://t.co/FVzmN7Rd9w
Last Seen Users on Sotwe
Mz.mkz
Seen from Thailand
Kuda Muscle
Esma
Seen from Turkey
stella andrews (LA NOV 22nd - 25th)
Seen from Algeria
kimo
Seen from Turkey
Mira nouri
Seen from Algeria
คนเหงา คนเดิม ทวิตใหม่ตัวเดิมเข้าไม่ได้
Seen from Thailand
Noor Shah
Seen from Indonesia
Ass and mature lover
Seen from France
tapu
Seen from France
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.9M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.5M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.1M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
59.9M followers