Contact Us
Aug 1

August PhishQueue Phishing News

“Impersonation is the new infiltration — stay alert with Phishqueue.”

Fake Microsoft Apps Used to Steal Login Codes

The Growing Threat

What’s Going On?

Bad guys are sending fake emails that pretend to come from Microsoft or commonly used applications like SharePoint, DocuSign, or Adobe. These emails prompt recipients to click and “approve” something that looks harmless. In reality, the attackers are trying to trick you into giving access to your account — including your multi-factor authentication (MFA) code (the one-time code you receive when logging in).

Once they obtain that code, they may be able to access your Microsoft account — and in some cases, even retain access after you change your password.

Sources: CSO Online – Cybercrooks Faked Microsoft Authentification Apps

🛡️ Your Best Defense: Do Not Guess. Submit It.

If something feels even a little weird — do not click.

Instead, click the PhishQueue button in your email toolbar.

 

📌 Remember: Our team will examine the email for you and let you know whether it is safe.

Do not try to figure it out on your own — that is what we are here for

_____________________________________

🤖Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts

🔍 Example: What actually happened: Scammers created over 50 fake Microsoft applications. The apps looked real and had names like “DocuSign Secure” or “RingCentral Meeting.” People clicked, approved the apps, and unknowingly granting access to their accounts.

The result: It worked — almost 3,000 users in 900 companies were successfully compromised.

🚨 The Bottom Line

Even if an app or email looks real, that doesn’t mean it is.

👉 When in doubt — PhishQueue it.

______________________________________________________

Quick Tips to Stay Safe:

  • Always use the PhishQueue button if you are unsure.
  • Never trust links just because they look like Microsoft or Google.
  • Do not approve app requests unless you are expecting them.
  • If something is urgent and surprising — that is a red flag.

______________________________________________________

🎭 Phishing Joke of the Month

💡Why don’t phishers throw parties?

👉Because no one wants to RSVP – they just click PhishQueue instead.😆

Cybersecurity is serious, but staying informed does not have to be dull!

Stay vigilant,

The PhishQueue Team

Paul Henry's 14 Absolute Truths In Network Security

We must recognize the 14 Absolute Truths In Network Security.

Reality check time – It is not too late.

Here are fourteen things you need to know:

  1. There is no such thing as security, only varying degrees of insecurity…
  2. The network does not exist to be secured…
14 Absolute Truths In Network Security

Download Full Document in PDF Form:

BlogMore from BSI

100% Privacy Guaranteed
Sep 1

September PhishQueue Phishing News

“Cracking the CAPTCHA Con: How Attackers Use AI Against You — Work Smarter, Stay Safer with PhishQueue.” Attackers Abuse AI Tools to Generate Fake CAPTCHAs in Phishing Attacks The Growing Threat What’s Going On? Cybercriminals are using AI tools to create fake CAPTCHA pages. Those “I’m not a robot” checkboxes or picture-matching challenges are being […]

chasitynoel Sep 26 2025
Oct 23

Scream-A-Geddon Zombie Paintball Assault

This is a business social event that will be fun and entertaining. Event Sponsors: Event: Scream-A-Geddon Special Event Event Summary: Join us at Scream-A-Geddon for some good ol’ zombie slayin’.  We will first have dinner at Hungry Harry’s delicious BBQ, buffet style. Then following dinner meet outside the park entrance, then board the Zombie Assault Vehicles […]

chasitynoel Sep 24 2025
Oct 1

BSI’s October 2025 Get Lit and Learn Networking Event – Corona Cigar Company

This event will be educational and informative. We offer ISC2 and ISACA CPE credits, if you provide us with your membership number, you are eligible to earn credits. We will provide ISC2 and ISACA certificates following the event. Event Sponsor:    Title of Event: BSI Cyber Smoke Event Summary: Join us at Corona Cigar Company […]

chasitynoel Sep 17 2025
Sep 18

September 2025 Lunch N Learn

This event will be both educational and informative. Attendees are eligible to earn ISC2 and ISACA CPE credits by providing their membership numbers. Certificates for ISC2 and ISACA CPEs will be issued following the event. Speaker: Ben Rollin is the owner and lead operator of Vilkas Cybersecurity and currently leads the penetration testing and red […]

chasitynoel Sep 8 2025
Sep 10

BSI’s September 2025 Get Lit and Learn Networking Event – Corona Cigar Company

This event will be educational and informative. We offer ISC2 and ISACA CPE credits, if you provide us with your membership number, you are eligible to earn credits. We will provide ISC2 and ISACA certificates following the event. Event Sponsor:   & Title of Event: BSI Cyber Smoke Event Summary: Join us at Corona Cigar […]

chasitynoel Aug 28 2025
Aug 1

August PhishQueue Phishing News

“Impersonation is the new infiltration — stay alert with Phishqueue.” Fake Microsoft Apps Used to Steal Login Codes The Growing Threat What’s Going On? Bad guys are sending fake emails that pretend to come from Microsoft or commonly used applications like SharePoint, DocuSign, or Adobe. These emails prompt recipients to click and “approve” something that […]

chasitynoel Aug 27 2025
×

BSI Partners

Airwatch
Algosec
Aruba
Armis
Avertium
Barracuda
BeyondTrust
Bitsight
Blancco
Checkmarx
Check Point
Cisco
CyberArk
Cylance
Digital Guardian
Druva
Duo
Exabeam
F5
Flashpoint
ForcePoint
Forescout
Fortinet
Gigamon
Horizon3
Juniper Networks
Keysight
KnowBe4
LogRhythm
Malwarebytes
Mimecast
NetBrain
Netwrix
Nexthink
Okta
Palo Alto Networks
Proofpoint
Pulsedive
PulseSecure
Qualys
Rapid7
RestorePoint
Riverbed
Salt
SecurityScorecard
SentinelOne
Siemplify
Solarwinds
Sophos
Splunk
Swimlane
Tenable
Teramind
Thales
ThreatStop
Thycotic
Trellix
Trend Micro
Trustwave
Tufin
Varonis
Vectra
VMware