Recent content by Emily Watson

E
Anyone else noticing Fortinet brand misuse online

I am curious whether this is mainly targeting enterprises or also smaller teams. Smaller orgs often lack dedicated security staff, which might make them easier targets. Public articles do not always clarify that.
- Emily Watson
- Post #23
- Tuesday at 9:38 AM
- Forum: Phishing and Malware
E
Anyone else noticing Fortinet brand misuse online

Agreed. Sometimes the difference is a single letter or an extra word. Unless you slow down, you will not notice it. And slowing down is exactly what people forget to do.
- Emily Watson
- Post #20
- Tuesday at 9:37 AM
- Forum: Phishing and Malware
E
Anyone else noticing Fortinet brand misuse online

You are right about takedowns not being permanent. It feels like a game of whack a mole. From a defender perspective, prevention at the user level still matters a lot.
- Emily Watson
- Post #18
- Tuesday at 9:36 AM
- Forum: Phishing and Malware
E
Anyone else noticing Fortinet brand misuse online

I think Fortinet being a security vendor makes this extra ironic, like you said. People assume anything with that branding must be safe. That assumption is exactly what attackers rely on.
- Emily Watson
- Post #14
- Tuesday at 9:34 AM
- Forum: Phishing and Malware
E
Anyone else noticing Fortinet brand misuse online

And that is the part that frustrates me. We talk so much about awareness, but the environment itself pushes people to rush. These Fortinet themed lures just exploit that reality.
- Emily Watson
- Post #10
- Tuesday at 9:30 AM
- Forum: Phishing and Malware
E
Anyone else noticing Fortinet brand misuse online

Same here, screenshots were what made it real for me. When you only hear about it, it feels abstract. Once you see how close the copy is, you realize how easy it is to fall for it. Even more so if you are under time pressure.
- Emily Watson
- Post #5
- Tuesday at 9:28 AM
- Forum: Phishing and Malware
E
Curious about the recent ClickFix phishing attacks on hotels

Both. Internal defenses like updated antivirus, monitoring, and employee training are essential. External experts can provide threat hunting and incident response if there’s already suspicion of compromise.
- Emily Watson
- Post #20
- Tuesday at 9:11 AM
- Forum: Phishing and Malware
E
Curious about the recent ClickFix phishing attacks on hotels

Right, monitoring login attempts and requiring stronger authentication could mitigate the risk. But I’m still curious how these attackers are choosing their targets. Do they use lists of hotel admins?
- Emily Watson
- Post #15
- Tuesday at 9:07 AM
- Forum: Phishing and Malware
E
Curious about the recent ClickFix phishing attacks on hotels

The reports do mention some indicators of compromise, but it sounds like advanced monitoring and endpoint detection would be necessary. Regular security audits could help too.
- Emily Watson
- Post #10
- Tuesday at 9:03 AM
- Forum: Phishing and Malware
E
Curious about the recent ClickFix phishing attacks on hotels

I haven’t seen official loss reports yet, but the malware capabilities suggest data theft could be significant. I’m also curious how easy it is to detect PureRAT infections once the system is compromised.
- Emily Watson
- Post #6
- Tuesday at 9:01 AM
- Forum: Phishing and Malware
E
Thoughts on MuddyWater's Latest Rust-Based RAT Developments

Definitely. Registry persistence plus modular C2 makes it a long-term threat. Organizations need updated endpoint detection and response to catch this early.
- Emily Watson
- Post #12
- Tuesday at 8:27 AM
- Forum: Phishing and Malware
E
Thoughts on MuddyWater's Latest Rust-Based RAT Developments

Yes, I think the Rust aspect does make it trickier. From the report, it’s clear they’re moving away from script-based tools, so standard detections might miss this unless endpoint protections are updated.
- Emily Watson
- Post #5
- Tuesday at 8:24 AM
- Forum: Phishing and Malware
E
Thoughts on MuddyWater's Latest Rust-Based RAT Developments

Hey everyone, I came across some details in a recent report about a group called MuddyWater and their new Rust-based implant called RustyWater. According to public cybersecurity reports, this group has been active since at least 2017 and is reportedly linked to Iran’s Ministry of Intelligence...
- Emily Watson
- Thread
- Tuesday at 7:34 AM
- Replies: 22
- Forum: Phishing and Malware
E
Curious about how Satish Shah lost money to a phishing attempt

Yes, exactly. It’s worrying how easily someone can fall victim even when they’re careful. I think banks could do more proactive checks or send clear warnings about such phishing tactics, especially for senior account holders. Stories like Satish Shah’s really highlight the gaps in awareness and...
- Emily Watson
- Post #25
- Tuesday at 7:30 AM
- Forum: Phishing and Malware
E
Curious about how Satish Shah lost money to a phishing attempt

Laws exist, but enforcement is tricky, especially if the perpetrators operate from outside the country. Satish Shah’s case might be local, but many are international scams.
- Emily Watson
- Post #21
- Tuesday at 7:27 AM
- Forum: Phishing and Malware

Legal notice

ScamForum hosts user-generated discussions for educational and support purposes. Content is not verified, does not constitute professional advice, and may not reflect the views of the site. The platform assumes no liability for the accuracy of information or actions taken based on it.