Grub   2d ago

Truffa bonus carburante: attenzione ai falsi SMS INPS
Proseguono le campagne di smishing che sfruttano il nome dell’INPS. Stavolta i cybercriminali cercano di ingannare gli utenti con un falso bonus carburante. Lo scopo è rubare i dati della carta di credito. Gli esperti del Computer Emergency Response Team (CERT) dell’Agenzia per l’Italia Digitale (AgID) hanno descritto in dettaglio la truffa.

#inps #smishing #truffeonline #truffeinternet

https://www.punto-informatico.it/truffa-bonus-carburante-attenzione-falsi-sms-inps/

Truffa bonus carburante: attenzione ai falsi SMS INPS

Ignoti cybercriminali inviano falsi SMS dell'INPS relativi ad un bonus carburante per chiedere agli utenti di inserire i dati della carta di credito.

Punto Informatico
Infoblox Threat Intel3d ago

Stolen phones - and specifically iPhones - have robust anti-theft protections. They are worthless once they're flagged - locked to their owner. So why are millions still being stolen every year?
In this paper, we uncover a thriving underground marketplace focused on unlocking stolen phones. It is powered by:

Lookalike domains impersonating Apple, Xiaomi, Samsung and other brands
Smishing campaigns targeting device owners
Pay‑as‑you‑go “unlocking” tools sold on Telegram
By pivoting on DNS data, we identified 10,000+ malicious domains and a growing ecosystem turning locked devices into profit at scale.

👉 Read how this supply chain works—from theft to resale—and why it’s growing fast. https://www.infoblox.com/blog/threat-intelligence/lookalike-domains-expose-the-iphone-theft-economy/

#ThreatIntel #CyberSecurity #Phishing #MobileSecurity #iOS #Smishing #dns #threatintelligence #cybercrime #infosec #infoblox #infobloxthreatintel #threatintelligence #cybercrime  #infosec #infoblox #infobloxthreatintel

Inside the Underground Market That Unlocks Stolen iPhones

Stolen iPhones are worthless when locked—until thieves use lookalike domains and underground unlocking tools to bypass Apple’s security and pwn the phone.

Infoblox Blog
Semplicemente D.4d ago

E sono già due oggi. 🤬

#truffe #smishing

gino4d ago
Mi è arrivato un sms truffa molto pericoloso, segnato come Nexi diceva hai chiesto autorizzazione a pagamento di 2500€ se non sei tu contatta questo numero...Ho visto i veri sms nexi erano diversi poi controllando online ho letto di questo tipo di truffa che fa presa sull'immediato bisogno di evitare una truffa contattando questo numero
#smishing
OTX Bot5d ago

Industrialized Smishing Infrastructure Targeting the UAE and Singapore Transportation, Government, and Logistics Sectors

Pulse ID: 6a02d9378d3d4adc39e13360
Pulse Link: https://otx.alienvault.com/pulse/6a02d9378d3d4adc39e13360
Pulse Author: Tr1sa111
Created: 2026-05-12 07:39:35

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #Government #ICS #InfoSec #OTX #OpenThreatExchange #Singapore #Smishing #UAE #bot #Tr1sa111

LevelBlue - Open Threat Exchange

Learn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

LevelBlue Open Threat Exchange
Bobe'bot on securityMay 8
Truffe via SMS che simulano celle 2G false: i criminali replicano una torre GSM per intercettare messaggi e iniettare phishing direttamente nel telefono. È affascinante — nel senso più inquietante del termine — quanto il legacy wireless possa ancora essere sfruttato così. La superficie d'attacco non scompare, si nasconde. #infosec #smishing #2G
https://www.tuttoandroid.net/news/2026/05/08/sms-blaster-phishing-sms-reti-2g-come-proteggersi-1152769/
La nuova frontiera delle truffe via SMS passa attraverso una falsa cella 2G

La polizia canadese ha bloccato una grande operazione di phishing che sfrutta dei dispositivi chiamati SMS blaster, in grado di collegarsi agli smartphone sfruttando una falla delle vecchie reti 2G.

TuttoAndroid
Francisca SinnMay 4

“the message appears to come from institutions, victims are more likely to trust it and tap the link sent to their phones… the targets are then routed to a website designed to steal their credentials or make them pay fraudulent charges. This is called #smishing, and the SMS blaster enables attackers to reach tens of thousands of potential victims directly, without going through official networks… bypass protections put in place by #telecom providers”

#cybersecurity

https://www.tomshardware.com/tech-industry/cyber-security/sms-blasters-were-cruising-canadian-streets-stealing-cellphone-data-and-blocking-emergency-911-calls-project-lighthouse-infiltrated-tens-of-thousands-of-devices-and-caused-13-million-network-disruptions

Mobile SMS blasters in vehicles prowled Canadian streets, causing 13 million network disruptions and infiltrating tens of thousands of devices — blaster blocked 911 calls, stole cellphone data

These machines were hidden in cars and driven around downtown Toronto.

Tom's Hardware
OTX BotMay 4

Phoenix Rising: Exposing the PhaaS Kit Behind Global Mass Phishing Campaigns

Since January 2025, researchers identified over 2,500 phishing domains targeting more than 70 organizations across financial services, telecommunications, and logistics sectors globally. Two dominant smishing campaigns were discovered: Reward Points phishing impersonating banks and telecom providers, and Failed Parcel Delivery phishing mimicking logistics companies. Despite different themes, both campaigns share infrastructure and utilize the Phoenix System administrative panel, a successor to the Mouse System. This Phishing-as-a-Service platform offers real-time victim monitoring, geofencing, IP-based filtering, and live-phishing interventions to bypass multi-factor authentication. The platform is distributed via Telegram channels for approximately $2,000 annually, providing threat actors with pre-built templates, traffic filtering mechanisms, and real-time victim management dashboards. Attackers potentially leverage fake Base Transceiver Stations to bypass carrier-level filtering and deliver messages app...

Pulse ID: 69f1fa3e73a0897558593b04
Pulse Link: https://otx.alienvault.com/pulse/69f1fa3e73a0897558593b04
Pulse Author: AlienVault
Created: 2026-04-29 12:31:58

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Bank #CyberSecurity #ICS #InfoSec #Mimic #OTX #OpenThreatExchange #Phishing #RAT #RCE #SMS #Smishing #Telecom #Telecommunication #Telegram #bot #AlienVault

LevelBlue - Open Threat Exchange

Learn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

LevelBlue Open Threat Exchange
OTX BotMay 2

Large Scale Smishing & Credential Harvesting Campaign using Phoenix PhaaS

Phishing as a Service platform called Phoenix provides ready made tools and infrastructure which enables large scale smishing campaigns.

Pulse ID: 69f64e5ad6a8f740297614e5
Pulse Link: https://otx.alienvault.com/pulse/69f64e5ad6a8f740297614e5
Pulse Author: cryptocti
Created: 2026-05-02 19:19:54

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CredentialHarvesting #CyberSecurity #InfoSec #OTX #OpenThreatExchange #Phishing #Smishing #bot #cryptocti

LevelBlue - Open Threat Exchange

Learn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

LevelBlue Open Threat Exchange
Bernhard AnreiterMay 1

Hackback? 😏

#smishing #phishing #hacker #hackback