--- title: "Blue-Tick Phishing Exploits, LockBit Targets Architecture, Russian Zulip Phishing – Cybersecurity News [August 28, 2023] | Phish Protection" description: "Blue-Tick Phishing Exploits, LockBit Targets Architecture, Russian Zulip Phishing – Cybersecurity News [August 28, 2023]: Here" image: "https://phishprotection.com/og/blog/cybersecurity-updates-for-the-week-35-of-2023.png" canonical: "https://phishprotection.com/blog/cybersecurity-updates-for-the-week-35-of-2023/" --- Quick Answer Here’s this week’s phishing newsletter, bringing you the latest updates on . You will find details of cyber threats involving phishing campaigns across diverse fronts in this update, from new targeting X users to Russian threat actors using the Zulip Chat App to carry out diplomatic phishing. Share [ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-35-of-2023%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Blue-Tick%20Phishing%20Exploits%2C%20LockBit%20Targets%20Architecture%2C%20Russian%20Zulip%20Phishing%20%26%238211%3B%20Cybersecurity%20News%20%5BAugust%2028%2C%202023%5D&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-35-of-2023%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-35-of-2023%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-35-of-2023%2F&title=Blue-Tick%20Phishing%20Exploits%2C%20LockBit%20Targets%20Architecture%2C%20Russian%20Zulip%20Phishing%20%26%238211%3B%20Cybersecurity%20News%20%5BAugust%2028%2C%202023%5D "Share on Reddit") [ ](mailto:?subject=Blue-Tick%20Phishing%20Exploits%2C%20LockBit%20Targets%20Architecture%2C%20Russian%20Zulip%20Phishing%20%26%238211%3B%20Cybersecurity%20News%20%5BAugust%2028%2C%202023%5D&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-35-of-2023%2F "Share via Email") ![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2023/09/prevent-spear-phishing.jpg) Here’s this week’s phishing newsletter, bringing you the latest updates on phishing attacks . You will find details of cyber threats involving phishing campaigns across diverse fronts in this update, from new phishing scams \*\* targeting X users\*\* to Russian [threat actors](/phishing/threat-actors-target-western-digital-cripple-its-my-cloud-service) using the Zulip Chat App to carry out diplomatic phishing. ### \*\*\*\*Blue-Tick Phishing Scams Exploit X Customer Complaints Malicious players online are leveraging the frustration of consumers who seek customer support from various organizations by posting complaints on X (formerly Twitter). Scammers are[impersonating](https://www.straitstimes.com/world/europe/complaining-customers-on-x-are-latest-targets-of-blue-tick-phishing-scams#:~:text=Disgruntled%20consumers%20who%20take%20to,changed%20its%20account%20verification%20process)different customer support agents, acting through **fake X handles** to entice unsuspecting victims with refunds. The new X Premium subscription service now allows anyone to purchase a [blue-tick verification badge](https://telanganatoday.com/cyber-talk-all-about-paid-blue-ticks-verification-badges) for a small fee. This rule has substantially led to a compromise in the **credibility of these badges**. _As the number of malicious actors using the blue tick rises, users must exercise extra caution with new scams._ Scammers can **manipulate the trust** associated with verified accounts and deceive individuals into disclosing [sensitive information](https://www.business-standard.com/technology/tech-news/hackers-release-sensitive-information-after-ransomware-attack-on-commscope-123042000677%5F1.html). Instances of this scam include **fake airline and bank agents** targeting people posting complaints. Such incidents highlight the need for extra vigilance to address this emerging threat. ### \*\*\*\*LockBit Locker Ransomware Targets Spanish Architecture Organizations Spain’s National Police have warned about an ongoing LockBit Locker ransomware campaign. Instances of ransomware phishing are on the rise, and in a new scam, [malicious players](/cybersecurity/malicious-actors-embrace-ai-chatbots-for-advanced-cyber-attacks) target architecture organizations with well-crafted **phishing emails**. ![Prevent spear phishing](https://media.mailhop.org/phishprotection/images/2023/09/prevent-spear-phishing.jpg) The threat actors operate under the guise of a **photography store**. After establishing trust with victims by asking for plan drawings and cost estimates for renovating their store, they launch a multi-stage attack . After exchanging a few messages, adversaries eventually send an email with a [malicious Python script](https://thehackernews.com/2023/06/malicious-pypi-packages-using-compiled.html). Therefore, organizations in the **architecture sector** are advised to bolster their vigilance and draw their line of defense against phishing scams . To remain secure, experts recommend refraining from opening unexpected email attachments and adopting robust [cybersecurity](/content/cybersecurity-in-a-nutshell) safeguards. Such measures go a long way in reducing the risk of falling victim to such campaigns. Russian Threat Actors Use Zulip Chat App in Diplomatic Phishing Attacks A campaign targeting NATO-aligned foreign affairs ministries has revealed the involvement of [Russian threat actors](https://cybernews.com/news/russian-threat-actor-solarwinds-targets-eu/). The campaign uses **PDF documents** diplomatically integrated with Zulip, an open-source chat application. It is capable of exploiting command-and-control operations to deliver [malware](/content/protection-against-malware/types-of-malware) using legitimate traffic. _Since the attackers use legitimate services to hide their malicious activities, it is **highly challenging** to detect the threats._ The campaign involves the malware APT29 , known for its sophisticated tactics and ability to use legitimate internet services for communication. Political organizations and governments remain the primary targets of these attackers. The incident underscores the evolving tactics of malicious actors and highlights the pressing **need for robust defense** mechanisms, including [phishing protection](/), to counter these attacks effectively. ### \*\*\*\*Google Crypto Ad Scam: Victim Loses $900,000 A victim fell prey to a [Google ad scam](https://cointelegraph.com/news/google-ads-data-4m-stolen-through-crypto-phishing-urls), which inflicted a staggering loss of $900,000 . As per reports, the victim clicked on a Google ad named “**CELER**.” It redirected the person to a **phishing website** that impersonated an authentic cryptocurrency network. ![What is phishing](https://media.mailhop.org/phishprotection/images/2023/09/what-is-phishing-0374.jpg) The phishing scam _drained the victim’s wallet within minutes after a transaction permit was unknowingly signed._ The online attackers quickly [transferred the stolen funds](https://www.cryptopolitan.com/hacker-funnel-stolen-bitbrowser-fund-to-exch/) to **different addresses**. The incident highlights the importance of scrutinizing ad links and **verifying the authenticity** of websites before disclosing sensitive information. This news about phishing should serve as a **wake-up call** for industry players, including exchanges. It emphasizes the importance of implementing robust security measures , including [phishing awareness training](/products/phishing-awareness-training), to effectively combat these scams. ### Protect Your Organization - [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/) - [See how Phish Protection blocks threats in real time](/anti-phishing-tools/) ## Topics [ Announcements ](/tags/announcements/) ![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) [ Brad Slavin ](/authors/brad-slavin/) General Manager Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base. [LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) ## Protect your inbox from phishing attacks Real-time email security with 60-day free trial. No credit card required. [Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) ## Related Articles [ Intermediate 5m Cybersecurity Updates For The Week 33 of 2022 Aug 22, 2022 ](/blog/cyber-security-news-update-week-33-2022/)[ Intermediate 6m Cybersecurity Updates For The Week 41 of 2022 Oct 21, 2022 ](/blog/cybersecurity-news-21-oct-2022/)[ Intermediate 5m Cybersecurity Updates For The Week 1 of 2021 Jan 1, 2021 ](/blog/cybersecurity-updates-for-the-week-1-of-2021/)[ Intermediate 6m Cybersecurity Updates For The Week 1 of 2022 Jan 7, 2022 ](/blog/cybersecurity-updates-for-the-week-1-of-2022/) ```json {"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]} ``` ```json {"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}} ``` ```json {"@context":"https://schema.org","@type":"BlogPosting","headline":"Blue-Tick Phishing Exploits, LockBit Targets Architecture, Russian Zulip Phishing – Cybersecurity News [August 28, 2023]","description":"Blue-Tick Phishing Exploits, LockBit Targets Architecture, Russian Zulip Phishing – Cybersecurity News [August 28, 2023]: Here's this week's phishing.","url":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-35-of-2023/","datePublished":"2023-09-04T11:10:38.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2023-09-04T11:10:38.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-35-of-2023/"},"articleSection":"intermediate","keywords":"Announcements","wordCount":618,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2023/09/prevent-spear-phishing.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}} ``` ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Blue-Tick Phishing Exploits, LockBit Targets Architecture, Russian Zulip Phishing – Cybersecurity News [August 28, 2023]","item":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-35-of-2023/"}]} ```