Friday, June 16, 2023

Over 100 Brands Were Impersonated in This Massive Phishing Campaign

Phishing can be dangerous because of the fact that this is the sort of thing that could potentially end up making you lose access to your online accounts. It was recently discovered that a widespread phishing campaign has been running since June of 2022 which has impersonated over a hundred brands with all things having been considered and taken into account.

These brands are some of the most popular in the world, and they include the likes of Casio, Adidas, Nike, Columbia and Guess. As can clearly be seen, these brands are almost entirely apparel and clothing brands along with footwear brands, and phishing campaigns like this can really make it harder for these companies to maintain their reputation than might have been the case otherwise.

With all of that having been said and now out of the way, it is important to note that this campaign ended up utilizing upwards of 6,000 sites across 3,000 domains, as per Bolster study. While this also includes inactive sites and domains, the phishing campaign still has the potential to cause enormous harm if swift action is not taken to mitigate this as soon as possible.

Most sites that are involved in this phishing campaign include the name of the brand along with a location specific keyword. Many of them are using .com domains which can make them seem more trustworthy to the uninitiated or unwary user, and that just goes to show that one must put more effort into ascertaining the legitimacy of a website before inputting any information into it whatsoever.

This information is coming out of an analysis done by Booster’s threat research team, and it reveals a lot about the state of phishing today. The phishing campaign first began in June of 2022, but in spite of the fact that this is the case, it ramped up significantly in the first two months of 2023. This is when over 300 new sites with fake names were added to the campaign on a monthly basis. Domain aging has also been used by the malicious actors behind these campaigns for the purposes of covering up their tracks.


Read next: New Study Reveals Cybercriminals' Growing Use of Generative AI to Amplify and Enhance Email Attacks
by Zia Muhammad via Digital Information World

WhatsApp Beta for Windows Introduces Call-Back Feature for Missed Calls While WhatsApp Business Prepares for Multi-Account Functionality

WhatsApp Beta for Windows, is working on an exciting feature that will be greatly appreciated by its users. The upcoming update brings a call-back feature specifically designed to handle missed calls efficiently. The main goal is to enhance overall user experience and ensure that no important calls are overlooked.

Previously, people had to manually call back the person who tried to reach them. However, with the latest change, this process becomes much simpler and more convenient. When a call is missed, a small “Call Back” button will be displayed right next to the contact’s name in the chat window. Directly tapping on the button will initiate a call back to the person who tried to contact them.


This time-saving feature removes the need for users to search through their call logs or contacts list to find the person who called them. It smoothens the call-back process and allows users to quickly respond to unpicked calls. Whether it’s reconnecting with friends or catching up with colleagues, WhatsApp Beta for Windows ensures that no calls go unattended. The pilot version has already been rolled out to a number of testing clients, and it will be accessible for general users as well, globally.

In another exciting development, as spotted by WBI, WhatsApp Business is currently working on a multi-account feature that will enable the audience to manage multiple business accounts within a single app. This highly anticipated feature aims to simplify the process for businesses that operate multiple accounts, saving them time and effort.


With the multi-account feature, business owners and managers can link and switch between different WhatsApp Business accounts seamlessly. This means that if a business operates several ventures or branches, they can now handle all their accounts conveniently in one app. No longer will users need to log in and out repeatedly or rely on multiple devices to manage different business profiles.

This upcoming update will bring ease and efficiency to businesses, allowing them to provide a seamless experience for their customers across multiple accounts. Whether it’s responding to inquiries, managing orders, or maintaining consistent communication, the multi-account feature will simplify these tasks and help businesses streamline their operations.

The feature is still in its early development stage, and hence the pilot version has yet to be released to the testing audience.

Read next: WhatsApp Introduces Video Messages Feature on iOS and Android Beta: Making Communication More Personal


by Arooj Ahmed via Digital Information World

Skin Health at Your Fingertips: Google Lens Introduces Skin Diagnosis Search Feature

Google is turbocharging the prowess of its cutting-edge gem, Google Lens! The ingenious application, a true wizard of PC image, is now flaunting an array of mind-blowing enhancements. Brace yourself for an immersive venture as it seamlessly unveils captivating information about the objects it adroitly recognizes, leaving you spellbound!

Prepare to be astounded as Google Lens revolutionizes the way we understand our bodies! In an unprecedented leap forward, Lens now possesses the remarkable ability to detect and identify various skin illnesses, such as moles and inflammations, with unparalleled precision. Simply upload a photograph via it, and witness the magic unfold as it embarks on a visual search, not only helping you describe the indescribable but also unlocking insights into perplexing bodily ailments like lip bumps, nail stripes, and even hair fall.

While the tech titan ventured into the realm of analyzing skin, hair, and nail illnesses in 2021 with a remarkable artificial intelligence application, the path to widespread adoption faced a hurdle. The need for approval from the FDA presented a formidable challenge for the application's entrance into the United States market, and Google, regrettably, chose not to pursue it. Nevertheless, their latest strides in enhancing Google Lens bring us one step closer to unlocking the prospect of refined visual diagnostics.

Empowering individuals with informed decisions emerges as a valuable feature for those at the crossroads of medical care. With its newfound capability, it equips consumers with the capability to evaluate their requirements, aiding them in specifying whether professional medical attention or off-the-shelf remedies are warranted.

Prepare to witness the extraordinary fusion of two remarkable technologies! Google Lens and Bard, the artificial intelligence talkbot, are joining forces to revolutionize the way we communicate. Consumers can now enrich their Bard prompts with pictures, while Lens works its magic in the background, unraveling the visual puzzle. From identifying the name of a pair of shoes in a photo to delivering an awe-inspiring response, Bard, armed with Lens' insightful analysis, emerges as the ultimate oracle of knowledge, bridging the gap between photographs and words with unprecedented finesse.

Google's unyielding dedication to artificial intelligence takes center stage once again with the tardily upgrade to Bard, its formidable rival to ChatGPT. This time, Bard emerges with the astonishing capability to autonomously report, run, and trial code, honing its programming prowess and unlocking the power to conquer intricate mathematical conundrums. Moreover, a groundbreaking collaboration with Adobe has infused Bard with the captivating ability to create art, igniting a new era where innovation meets boundless creativity.


Read next: Google Rolls Out Innovative Perspective Filters Feature For Its Mobile Searchers
by Arooj Ahmed via Digital Information World

Adobe Illustrator Gets Exciting New Generative Recolor Feature For Its Firefly AI

Adobe is doing whatever it takes to make its Firefly AI endeavor stand out against all others.

The latest launch of its Generative Recolor feature for the Firefly AI would give people the chance to experiment with all kinds of hues through text prompts.

For now, the offer is still in its beta stage but we don’t see why it won’t be loved by the masses, very soon. Moreover, the firm announced how this new venture is designed to add simplicity while taking creative boundaries to new limits.

As far as how this works, users would be given the chance to add a hue and even recolor various forms of their art through prompts. In the same way, it would give users the chance to edit and make the most of hues that fulfill all of their requirements.

In the past, all that the user needed to do was add color through manual means. In the same way, it would be required to make edits in a very painstaking manner as it took up a lot of effort as well as time.

Now, this new feature allows users to type prompts and switch hues in a second. And that is what is needed to alter the entire project’s feelings by giving rise to various trends and moods.

In this particular blog, we’re hearing more about how Adobe would be giving so many artists the chance to take old work and replace it in a manner that makes it appear brand new. It would entail all kinds of styles and some major changes through a simple click of a button.

Some examples worth a mention entail packaging for products and even marketing supplies that needed to be revamped with unique color profiles. We think this is a great addition to the platform and one that could be of great benefit for personal and even commercial behavior.

Getting such features is very thrilling as you’re dealing with the world of AI. The firm added some major improvements in several other places on the platform and this new feature is given the name Retype.

This would give users the chance to identify a font through a picture and choose something similar from their Fonts library. Moreover, this platform is going to make it so much simpler to transform such images into a type of vector art that entails adjustments for the Image Trace offering.

Overall, you’re saying hello to a new and revamped panel with so many options to even ignore a particular hue. Similarly, you’re going to be given the chance to see color modes and even make use of auto-detection for beginning the best job out there.

And just in case you thought that was amazing, there’s a new layer panel being incorporated where users can look for text, effects, and some more exciting additions. Hence, you can find edits and other changes inside a project.


Read next: Financial Literacy through Credit Cards, Survey Reveals Parents’ Thoughts
by Dr. Hura Anwar via Digital Information World

Thursday, June 15, 2023

New Study Reveals Cybercriminals' Growing Use of Generative AI to Amplify and Enhance Email Attacks

A recent study by Abnormal Security, an email security platform, has revealed a concerning trend in cybercrime. Cybercriminals are now exploiting generative artificial intelligence (AI), including popular tools like ChatGPT, to develop highly convincing email attacks. These AI-generated attacks pose significant challenges in detection and have raised concerns among security leaders.

Abnormal Security undertook a comprehensive examination to evaluate the frequency of AI-generated email attacks intercepted on their platform. The results unveiled a concerning rise in the adoption of generative AI tools by threat actors to produce email attacks that closely imitate genuine communication, rendering them more challenging to recognize.

The increasing use of generative AI tools, such as ChatGPT, has sparked concerns regarding the repercussions of AI-generated email attacks. The research has verified that cybercriminals are employing AI to create more sophisticated methods of attack, encompassing activities like vendor fraud, enhanced variations of traditional business email compromise (BEC) strategies, and credential phishing.

In the past, people used to rely on finding mistakes in spelling and grammar to recognize phishing attempts. But now, with the advancement of generative AI, the landscape has shifted. This technology allows cybercriminals to create emails that are impeccably written and closely resemble legitimate messages, making it much more difficult for employees to distinguish between what is real and what is fraudulent.

Dan Shiebler, who leads the Machine Learning team at Abnormal Security, drew attention to the change in strategies employed by cybercriminals. Previously, conventional BEC attacks commonly contained familiar content, which facilitated their detection. Nevertheless, the introduction of generative AI tools has empowered cybercriminals to produce distinctive content, rendering it challenging to identify these attacks based on established patterns. Moreover, this capability enables them to increase the magnitude of their attacks.

The research conducted by Abnormal Security uncovered a concerning revelation that threat actors are expanding their focus beyond traditional BEC attacks. They are now utilizing AI tools to carry out vendor impersonation attacks. These attacks, known as vendor email compromise (VEC) attacks, take advantage of the trust established between customers and vendors and employ highly effective social engineering methods. Detecting these attacks, especially when they involve discussions about payments and invoices, becomes increasingly challenging as they lack obvious indicators like typographical errors.

Shiebler expressed serious concerns about a notable surge in attacks showing AI indicators. The incorporation of generative AI in email attacks presents a significant danger, as it allows cybercriminals to develop extremely sophisticated content that tricks recipients into performing malicious actions. The utilization of AI in composing email attacks enables cybercriminals to remove the usual grammatical and typographical errors associated with conventional BEC attacks, thereby increasing the difficulty in detecting them.

AI can also enhance the personalization of email attacks. Malicious actors have the ability to incorporate fragments of their targets' email history or LinkedIn profile information into their AI queries, generating emails that closely align with the context, language, and tone familiar to the victim. This heightened level of customization amplifies the deception of business email compromise (BEC) attacks.

Cybercriminals have previously used new domains and free webmail accounts to evade detection, but security measures quickly caught up with these tactics. The rise of generative AI follows a similar trajectory, making it impractical to block all AI-generated emails indiscriminately as employees rely more on AI platforms for business communications.

Abnormal Security shared an example of an intercepted attack falsely attributed to "Meta for Business" to illustrate the impact of AI-generated attacks. The email claimed the recipient's Facebook Page had violated community standards and provided a link to file an appeal. Unbeknownst to them, the link was directed to a phishing page designed to steal their Facebook credentials. The flawless grammar and language associated with Meta for Business made the attack more convincing.


Detecting AI-generated text presents a significant challenge, but Shiebler suggests employing AI as the most effective method. Abnormal Security's platform uses open-source large language models (LLMs) to evaluate word probability based on context, enabling the classification of emails consistent with AI-generated language. External AI detection tools, like OpenAI Detector and GPTZero, validate these findings.

However, Shiebler acknowledges that this approach is not foolproof. Non-AI-generated emails may contain word sequences similar to AI-generated ones, leading to false AI classifications. Organizations are advised to adopt modern solutions capable of detecting highly sophisticated AI-generated attacks that closely resemble legitimate emails and differentiate them from those with malicious intent.

Moreover, Shiebler emphasizes the importance of maintaining good cybersecurity practices within organizations. Ongoing security awareness training, password management, and multi-factor authentication (MFA) can help mitigate potential damage in the event of a successful attack.

Read next: ChatGPT vs. Google Translate Comparison: Which AI Chatbot is The Best Language Translator
by Ayesha Hasnain via Digital Information World

WhatsApp Introduces Video Messages Feature on iOS and Android Beta: Making Communication More Personal

The renowned messaging platform, WhatsApp, is rolling out a new feature called “video messages” on both iOS and Android OS. This new addition aims to enhance communication by allowing users to send and receive video messages within the app, it means that users can now record and send videos directly through the platform, just like they would do with the audio messages or text messages.

Instead of typing out a long message or relying solely on pictures, users can now capture and share their experiences with friends and family in a more dynamic and personal way. However, what needs to understand is that video message will have a duration of 1 minute only, as compared to pre recorded media content.

The video messages feature is incredibly easy to use. All that needs to be done is to simply open the chat, tap on the camera icon present at the bottom of the screen, and switch to video mode. From there, people can start recording their video message, whether it’s a quick update or a funny moment. Once it has been recorded, just tap on the send button, and the video message will be on its way to the recipient.

Instead of relying solely on words, users can now express themselves more fully through video messages. Whether it’s sharing a memorable vacation clip, demonstrating a new recipe, or celebrating a milestone, video messages will allow them to truly bring moments to life.

WhatsApp’s introduction of video messages on the iOS and Android beta versions is a testament to their commitment to improving the user experience. By adding this feature, WhatsApp aims to make conversations more engaging and personal, bridging the gap between text and face-to-face communication.

While the feature is currently available only on for the pilot testing, it won’t be long before it becomes widely accessible to all WhatsApp users. Up till now, no official date has been given by the officials, however, according to Wabetainfo, the new element will make its global debut anytime in upcoming weeks.


Read next: WhatsApp Updates: Screen-Sharing, Message Editing, and Channel Notifications Coming to the Users
by Arooj Ahmed via Digital Information World

Keeping Transparency in Focus TikTok Launches 'TikTokTruths' Collection to Ease User Apprehensions

TikTok's latest endeavor, 'TikTok Truths', aims to tackle user matters by shedding light on its information patterns, an effort that may sway general opinion and potentially influence the app's future in the United States. With a focus on transparency and engagement, TikTok hopes to alleviate worries and gain increased support from users and officials.

This initiative aims to clarify misconceptions surrounding data collection. In their first post, they dive into details about location and Global Positioning System data, keystroke hunt, and family tree details, providing transparent descriptions of how and why TikTok utilizes each type of data. By addressing these crises head-on, TikTok strives to foster trust and translucency among consumers.

Further, it addresses concerns about info collection by clarifying that it is not exceptional in terms of data collected, setting the stage for transparency. They also explain that in specific areas like the United States, Austria, and SK, recent variants of the application do not gather specific or inaccurate Global Positioning System data from consumers. This disclosure aims to alleviate worries and highlight TikTok's commitment to privacy measures in certain jurisdictions.

TikTok's exposition states that in areas where consumers willingly give consent for geolocation, it gathers place data from the device's GPS receiver. However, it remains to be seen if this clarification will be sufficient to alleviate concerns and instill confidence among users. The effectiveness of their reassurance relies on individual perceptions and the ongoing dialogue surrounding data privacy.

Addressing long-standing buzzes, TikTok confirms that it collects certain keystroke practices or algorithms within specific parameters. This info collection serves safety and Results-oriented objectives, such as verifying account genuineness, threat managing, debugging, error resolving, and performance monitoring. When users scan external sites through TikTok'sapplication, the platform chases the occurrence of key presses and clicks without capturing specific button details. However, it is worth noting that TikTok ceased hunting key or click key when using the application browser to view external sites in Sep 2022. While this information may not fully alleviate concerns, it showcases TikTok's efforts to refine its data practices and prioritize user privacy.

TikTok clarifies that it does not employ look or spokesperson info for identification purposes but rather utilizes them for filters, results, and narrow security elements. The platform explains that certain filters require facial analysis to precisely locate facial traits, while voice results utilize voice data to alter it as requested. By emphasizing the specific applications of face and voice data, TikTok aims to provide reassurance regarding their usage and dispel concerns about identity-related tracking.

Despite its description of using a person's information for analyzing videotapes, photographs, and streams to ensure age suitability, concerns persist regarding the logging and potential access of this info by external sites, including the Chinese administration. The reassurance measures put forth by TikTokhave yet to address these specific anxieties, leaving users skeptical about the long-term privacy implications of their biometric details being stored and potentially accessible.

TikTok reaffirms that it does not gather info from users' gadget cameras or microphones when the application is closed, emphasizing that access to these attributes is granted by consumers themselves for videotape and picture creation. The misconception of applications continuously chasing us daily has been exaggerated, as other social applications can already imagine interests through consumer action and associations. While TikTok's initial 'TikTok Truths' post may not fully address crises, the promise of communicating more insights in coming posts indicates a continued effort to provide clarity and transparency.


Read next: Influencers Are Far Less Effective Than User Generated Content, New Report Reveals
by Arooj Ahmed via Digital Information World