9 posts tagged with "blocking"

Introduction​

The rise of phishing activities has taken the top spot in attacks targeting end-users and organizations. Among the various forms of phishing attacks, there's one known as "SMiShing" attacks, which target users through SMS messages.

SMiShing Attacks​

Today, we've noticed a SMiShing campaign in Kazakhstan, where a seemingly innocent link leads to a fake website that mimics the KazPost website, the official postal service of Kazakhstan. Several indicators set this apart:

• The sender's country code
• The target website
• The fact that the package was never ordered

The provided link directs users to a phishing page designed to imitate post.kz, the official website of the postal service in Kazakhstan.

Recommendation​

We strongly advise against responding to such SMS messages. If you have any doubts or concerns, it's best to contact your nearest post office to clarify the details, especially if you did not order a package that coincides with the SMS.

Taking Action​

Rest assured that we've promptly added this resource to our shared blocklists and locked it within the OpenBLD DNS system. Your online safety is our top priority.

Conclusion: In these times of increasing digital threats, let's remain vigilant and protect ourselves and our online experiences. Together with OpenBLD.net DNS, we can strive for a safer online environment. Peace ✌️

Today I discovered a new malicious company that spreads through of Google Ads side...

In short - "Sponsored" link redirects to malicious site, and boom 💥 I felt "OpenBLD" effect!

OpenBLD.net DNS blocked for me browser-hijacking app which was distributed with Google Ads which named asxg4ken... Wow 💣, very unexpected and nice as I usually try to be more careful when surfing the internet.

What is xg4ken and how to removal

Be safe with free and OpenBLD.net DNS 🤜🤛️️️️️️

Malvertising seems to be enjoying a renaissance as of late, whether it is from ads on search engine results pages or via popular websites. Because browsers are more secure today than they were 5 or 10 years ago, the attacks that we are seeing all involve some form of social engineering.

A threat actor is using malicious ads to redirect users to what looks like a Windows security update. The scheme is very well designed as it relies on the web browser to display a full screen animation that very much resembles what you'd expect from Microsoft...

A Few days ago, Malwarebytes tread intelligence team discovered a new campaign that uses a fake Windows update to drop the Aurora stealer. The attack starts with a malvertising chain that redirects users to a website displaying a fake Windows update page. The page is designed to look like the real thing, with a full screen animation that very much resembles what you'd expect from Microsoft.

Part of lists you can download from Cactusd 🌵 repository.