Find notable cyber news and cases, enriched with sources, timelines, and signals.

Fraudulent Google and Bing banking-phishing campaign targeting American citizens

Campaign
First reported
Last updated
Happening score
H score 30
1 unique sources, 1 articles

Summary

Hide ▲

A phishing campaign using fraudulent Google and Bing ads targeted American citizens and harvested bank credentials for account takeover, causing direct financial harm. The operation mattered because stolen login details were stored on backend infrastructure and reused to compromise bank accounts.

Related Happenings

DraftKings hit by account takeover attack

Incident
H score34 First: 25.06.2026 00:55 Last: 25.06.2026 00:55 Sources 1

About this happening: The **DraftKings** customer-account compromise exposed **60,000 accounts** through **credential stuffing** and enabled theft from affected users. Attackers added payment methods u...

Kali365 Microsoft 365 device-code phishing campaign

Campaign
H score46 First: 25.05.2026 15:45 Last: 25.05.2026 15:45 Sources 1

About this happening: A **Kali365** phishing campaign is targeting **Microsoft 365** environments worldwide with **device-code login lures**, putting accounts at risk of **token theft** and **MFA bypas...

AccountDumpling Google AppSheet Facebook phishing campaign

Campaign
H score31 First: 01.05.2026 21:09 Last: 01.05.2026 21:09 Sources 1

About this happening: A **Vietnamese-linked** operation dubbed **AccountDumpling** is using **Google AppSheet** as a phishing relay to steal **Facebook** credentials, enabling account takeover at scale...

Scattered Spider 2022 SMS phishing campaign targeting technology companies

Campaign
H score29 First: 21.04.2026 17:53 Last: 21.04.2026 17:53 Sources 1

About this happening: Tyler Robert Buchanan’s guilty plea newly confirms **Scattered Spider**’s **2022 SMS phishing campaign**, showing it reached **at least a dozen major technology companies** and en...

Approval phishing crypto wallet fraud campaign

Campaign
H score41 First: 13.04.2026 11:00 Last: 13.04.2026 11:00 Sources 1

About this happening: **Approval phishing** fraud networks were identified at scale, with **more than 20,000 victims** and at least **$33m** in additional stolen crypto tied to the operation. The fraud...

Timeline

  1. 24.12.2025 15:17 2 articles · 6mo ago

    U.S. government seizes web3adspanels.org and exposes stolen bank-credential infrastructure

    Initial Disclosure

    The U.S. government seized web3adspanels.org and the associated database used by cybercriminals to store stolen bank login credentials from phishing campaigns that reached American citizens through fraudulent ads on Google and Bing and redirected them to fake banking portals. The FBI said the scheme involved at least 19 victims in the United States, including two companies in the Northern District of Georgia, with attempted losses of about $28 million and actual losses of about $14.6 million; the seizure was carried out with assistance from Estonian law enforcement and other international partners.

    Show sources