Adidas Data Breach, Whatsapp Image Threat, Silent Ransom Vishing

From a product strategy perspective, DMARC reporting is evolving from a security tool to a business intelligence platform, says Brad Slavin, General Manager of DuoCircle. The data in aggregate reports tells you not just who’s spoofing you, but who’s sending legitimate email on your behalf - and whether they’re doing it correctly.

_According to the FBI’s 2022 Internet Crime Report (IC3), 300,497 US-based victims reported phishing incidents in a single year, and Business Email Compromise (BEC) caused more than $2.7 billion in direct losses. DMARC Report

Adidas Data Breach, Whatsapp Image Threat, Silent Ransom Vishing

					<button title="Play" aria-label="Play Episode" aria-pressed="false" class="play-btn">
						

Play Episode

					</button>
					<button title="Pause" aria-label="Pause Episode" aria-pressed="false" class="pause-btn hide">
						

Pause Episode

					</button>
					


				

				

					<audio preload="none" class="clip clip-25521">
						<source src="https://media.mailhop.org/dmarcreport/images/2025/05/Adidas-Data-Breach-Whatsapp-Image-Threat-Silent-Ransom-Vishing.mp3">
					</audio>
					

						

					

					

						

							<button class="player-btn player-btn__volume" title="Mute/Unmute">
								

Mute/Unmute Episode

							</button>
							<button data-skip="-10" class="player-btn player-btn__rwd" title="Rewind 10 seconds">
								

Rewind 10 Seconds

							</button>
							<button data-speed="1" class="player-btn player-btn__speed" title="Playback Speed" aria-label="Playback Speed">1x</button>
							<button data-skip="30" class="player-btn player-btn__fwd" title="Fast Forward 30 seconds">
								

Fast Forward 30 seconds

							</button>
						

						

							<time class="ssp-timer">00:00</time>
							

/

							<!-- We need actual duration here from the server -->
							<time class="ssp-duration" datetime="PT0H2M17S">2:17</time>
						

					

				

			

								<nav class="player-panels-nav">
												<button class="subscribe-btn" id="subscribe-btn-25521" title="Subscribe">Subscribe</button>
																		<button class="share-btn" id="share-btn-25521" title="Share">Share</button>
										</nav>
						

	



		

						

				

					

					

				

				

					

																																																																								

					

						

RSS Feed

							<input value="https://dmarcreport.com/feed/podcast/dmarc-report" class="input-rss input-rss-25521" title="RSS Feed URL" readonly />
						

						<button class="copy-rss copy-rss-25521" title="Copy RSS Feed URL" aria-label="Copy RSS Feed URL"></button>
					

				

			

									

				

					

					

				

				

					

						Share						

					

						<a href="https://www.facebook.com/sharer/sharer.php?u=https://dmarcreport.com/blog/podcast/adidas-data-breach-whatsapp-image-threat-silent-ransom-vishing/&t=Adidas Data Breach, Whatsapp Image Threat, Silent Ransom Vishing" target="blank" rel="noopener noreferrer" class="share-icon facebook" title="Share on Facebook">
							

						</a>
						<a href="https://twitter.com/intent/tweet?text=https://dmarcreport.com/blog/podcast/adidas-data-breach-whatsapp-image-threat-silent-ransom-vishing/&url=Adidas Data Breach, Whatsapp Image Threat, Silent Ransom Vishing" target="blank" rel="noopener noreferrer" class="share-icon twitter" title="Share on Twitter">
							

						</a>
						<a href="https://media.mailhop.org/dmarcreport/images/2025/05/Adidas-Data-Breach-Whatsapp-Image-Threat-Silent-Ransom-Vishing.mp3" target="blank" rel="noopener noreferrer" class="share-icon download" title="Download" download>
							

						</a>
					

				

				

					

						Link						

					

						<input value="https://dmarcreport.com/blog/podcast/adidas-data-breach-whatsapp-image-threat-silent-ransom-vishing/" class="input-link input-link-25521" title="Episode URL" readonly />
					

					<button class="copy-link copy-link-25521" title="Copy Episode URL" aria-label="Copy Episode URL" readonly=""></button>
				

				

					

						Embed						

					

						<input type="text" value='<blockquote class="wp-embedded-content" data-secret="SgywPo6TRk"><a href="https://dmarcreport.com/blog/podcast/adidas-data-breach-whatsapp-image-threat-silent-ransom-vishing/">Adidas Data Breach, Whatsapp Image Threat, Silent Ransom Vishing</a></blockquote><iframe sandbox="allow-scripts" security="restricted" src="https://dmarcreport.com/blog/podcast/adidas-data-breach-whatsapp-image-threat-silent-ransom-vishing/embed/#?secret=SgywPo6TRk" width="500" height="350" title=""Adidas Data Breach, Whatsapp Image Threat, Silent Ransom Vishing" - DMARC Report" data-secret="SgywPo6TRk" frameborder="0" marginwidth="0" marginheight="0" scrolling="no" class="wp-embedded-content"></iframe><script>

/*! This file is auto-generated / !function(d,l){“use strict”;l.querySelector&&d.addEventListener&&“undefined”!=typeof URL&&(d.wp=d.wp||{},d.wp.receiveEmbedMessage||(d.wp.receiveEmbedMessage=function(e){var t=e.data;if((t||t.secret||t.message||t.value)&&!/[^a-zA-Z0-9]/.test(t.secret)){for(var s,r,n,a=l.querySelectorAll(‘iframe[data-secret=”‘+t.secret+’”]’),o=l.querySelectorAll(‘blockquote[data-secret=”‘+t.secret+’”]’),c=new RegExp(“^https?:$”,“i”),i=0;i<o.length;i++)o[i].style.display=“none”;for(i=0;i<a.length;i++)s=a[i],e.source===s.contentWindow&&(s.removeAttribute(“style”),“height”===t.message?(1e3<(r=parseInt(t.value,10))?r=1e3:~~r<200&&(r=200),s.height=r):“link”===t.message&&(r=new URL(s.getAttribute(“src”)),n=new URL(t.value),c.test(n.protocol))&&n.host===r.host&&l.activeElement===s&&(d.top.location.href=t.value))}},d.addEventListener(“message”,d.wp.receiveEmbedMessage,!1),l.addEventListener(“DOMContentLoaded”,function(){for(var e,t,s=l.querySelectorAll(“iframe.wp-embedded-content”),r=0;r<s.length;r++)(t=(e=s[r]).getAttribute(“data-secret”))||(t=Math.random().toString(36).substring(2,12),e.src+=”#?secret=“+t,e.setAttribute(“data-secret”,t)),e.contentWindow.postMessage({message:“ready”,secret:t},"")},!1)))}(window,document); //# sourceURL=https://dmarcreport.com/wp-includes/js/wp-embed.min.js ’ title=“Embed Code” class=“input-embed input-embed-25521” readonly/>

					<button class="copy-embed copy-embed-25521" title="Copy Embed Code" aria-label="Copy Embed Code"></button>
				

			

				

It’s the 4th week of May, and we are once again back with the latest cyber news. Our only goal is to **safeguard your data and peace of mind by educating you about the current cybersecurity trends and latest cyber incidents. So stay with us and secure your data from cybercriminals.

This week, we will talk about one of the most shocking cyberattack incidents- the Adidas data breach. Next, we will throw light on how cybercrooks are misusing WhatsApp images to break into your device. Lastly, we will discuss vishing campaigns designed to target the USA-based legal firms .

Let’s not waste any more **time and get straight into the details!

Adidas’ company data breached by a threat actor!

Recently, Adidas has been targeted by a cybercrook through a third-party service provider. The threat actor has managed to gain access to the contact information of customers who have recently connected with the customer service help desk. The lifestyle brand has assured that sensitive customer data, like passwords, financial details, and credit card information, has not been compromised.

Adidas is informing all its customers about the cyberattack. Additionally, it’s working closely with law enforcement authorities and data protection agencies. Adidas is also running a full-fledged investigation alongside information security experts. As of now, the attackers have not yet been identified. Also, Adidas has not revealed the name of the third-party customer service app.

Cybersecurity experts believe that third-party breaches can easily turn into organizational breaches. It is therefore important that organizations start taking security assessments seriously. Multifactor authentication, zero-trust architecture for all the vendors, as well as real-time identity infrastructure monitoring, can easily prevent such third-party breaches.

What happened to Adidas is not a **one-of-a-kind cyber incident. Similar threat attacks have affected other popular brands such as Marks & Spencer, Co-op Group, and Harrods lately.

Still have the WhatsApp auto-download image feature on? You might be the next target of threat actors!

We all know how harmful it can be if you click on malicious links or share an OTP with a stranger. But do you know that even downloading WhatsApp images is no longer safe? WhatsApp is one of the most widely used apps across the world for communication with others. But over time, it has become a favorite among threat actors. From sending malicious links to OTPs and now this WhatsApp image scam– WhatsApp is no longer as safe as it used to be a few years back!

Threat actors embed malicious software within so-called harmless images. This technique is also known as steganography. The malware stays hidden without raising any suspicion. Also, the **standard security systems in your smartphone fail to detect such image files.

The moment a user downloads and opens the image, the malware is silently installed, accessing user data, passwords, OTPs, financial details , and so on without their knowledge.

Cybersecurity experts recommend deploying two-factor authentication, updating your device regularly, and using credible antivirus software. Also, they urge users to avoid downloading images from unknown WhatsApp chats. Turning off the auto download feature can be a smart move in such a situation.

Implementing DMARC, DKIM, and SPF helps strengthen cybersecurity by authenticating email sources, while **regularly updating your device ensures protection against the latest security threats.

Silent Ransom Group using vishing campaign to target law firms!

The Silent Ransom Group has been targeting USA-based law firms with a specially designed vishing campaign. Their ultimate goal is to leverage social engineering tactics and gain access to the sensitive data of the victims and then extort money for the same. The group has other names as well- Chatty Spider, Luna Moth, and UNC3753. They have been active since 2022**. Their specialty lies in seeking ransom for the stolen data without using any kind of ransomware.

Their latest stunt involves **setting up IT-themed calls with victims backed by callback phishing emails. This keeps the victims engaged while the group gains remote access to the victim’s device. The style in which they carry out this campaign appears quite similar to the activities of ransomware groups Black Basta and 3 AM.

A member from the Silent Ransom Group calls an employee of the target company and poses as an employee from the IT department of the same company. _They then direct the victim to a remote access session backed by Zoho Assist, AnyDesk, Syncro, etc. _They try to create a sense of urgency and insist on the device’s remote access.

The FBI has issued a warning against similar attacks and is trying to understand the evolution of cybercrime techniques. Voice-based social engineering tactics, or vishing, being used by this threat group is a staggering reminder that cybercrooks are already moving one step ahead and that they work persistently to stay ahead of the game.

The FBI highly recommends that organizations, especially law firms , maintain basic cyber hygiene, such as using strong passwords, enabling multifactor authentication, and avoiding unsolicited emails or calls to prevent such cyber mishaps.