Recent content by Patrick Graham

  1. P

    Anyone else noticing Fortinet brand misuse online

    Thanks for sharing this here. Even if someone already knows about phishing, seeing specific examples helps it feel more real. Public reporting plays an important role in that.
  2. P

    Anyone else noticing Fortinet brand misuse online

    I have seen advisories from other companies in similar situations, but not sure about this specific case. Sometimes they keep it low key to avoid drawing more attention. Hard to tell what the best approach is.
  3. P

    Anyone else noticing Fortinet brand misuse online

    I appreciate that you framed this as curiosity rather than certainty. From what is publicly known, impersonation like this happens in waves. It would be interesting to see if this one sticks around longer than usual.
  4. P

    Anyone else noticing Fortinet brand misuse online

    Exactly. Time pressure is probably the biggest factor here. When alerts are going off and emails are piling up, people click first and think later. Attackers know that and design everything around it.
  5. P

    Anyone else noticing Fortinet brand misuse online

    I read something similar recently and it did not really surprise me. Big security brands always seem to get copied because people already trust them. What worries me more is how many people still download things without double checking the source. Even experienced admins can slip when they are busy.
  6. P

    Curious about the recent ClickFix phishing attacks on hotels

    It’s impressive how much these attackers can automate. From sending phishing emails to processing stolen credentials, it seems like almost an end-to-end system for fraud.
  7. P

    Curious about the recent ClickFix phishing attacks on hotels

    Yes, the public reports mention they obtain admin info from forums. That’s why smaller hotels with limited visibility might be especially at risk.
  8. P

    Curious about the recent ClickFix phishing attacks on hotels

    Has anyone tried testing phishing awareness with staff simulations in hotels? That might be one of the best defenses before malware even gets deployed.
  9. P

    Curious about the recent ClickFix phishing attacks on hotels

    It seems like the campaign has been active since April, so I imagine some hotels may have been affected without realizing it. The social engineering tactics with fake reCAPTCHA and OS-specific instructions are really clever.
  10. P

    Has Anyone Seen Reports About Guloader and Remcos RAT

    Sandboxing sounds ideal but can be technical. Maybe basic virtual machines for testing files could work, but not everyone has resources for that.
  11. P

    Has Anyone Seen Reports About Guloader and Remcos RAT

    It also makes me wonder if personal devices are at risk if employees open these files at home. Work-from-home setups might increase exposure.
  12. P

    Has Anyone Seen Reports About Guloader and Remcos RAT

    That would be interesting. If we knew how many people actually click these fake reports, it could help prioritize security training in companies.
  13. P

    Has Anyone Seen Reports About Guloader and Remcos RAT

    Yeah, the RAT part is concerning. The report mentioned webcams and keystrokes being monitored. I’m thinking about whether companies should enforce stricter policies about opening attachments from internal-looking emails.
  14. P

    Has Anyone Seen Reports About Guloader and Remcos RAT

    Wow, that does sound pretty serious. I’ve heard of phishing attempts like this before, but the combination of fake employee reports and RAT malware seems new. I wonder how many people actually fall for this before realizing it’s a trap. Do you know if the report mentioned any specific companies...
  15. P

    Paxful platform changes and user experiences

    Yeah, that’s tricky. It seems like anyone in restricted locations would have to wait for special approvals to access funds, which could delay withdrawals or even block transactions completely.
See more

Legal notice

ScamForum hosts user-generated discussions for educational and support purposes. Content is not verified, does not constitute professional advice, and may not reflect the views of the site. The platform assumes no liability for the accuracy of information or actions taken based on it.

Back
Top