2018, Internet and Web Fraud - Cyber Security Informer

Bomb Threat, Sextortion Spammers Abused Weakness at GoDaddy.com

Krebs on Security

JANUARY 22, 2019

In July 2018, email users around the world began complaining of receiving spam which began with a password the recipient used at some point in the past and threatened to release embarrassing videos of the recipient unless a bitcoin ransom was paid. 13, 2018 bomb threat hoax.

DNS

DNS Internet Internet Computers and Electronics

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

Krebs on Security

FEBRUARY 8, 2021

Brad Marden , superintendent of cybercrime operations for the Australian Federal Police (AFP), said their investigation into who was behind U-Admin began in late 2018, after Australian citizens began getting deluged with phishing attacks via mobile text messages that leveraged the software.

Phishing

Phishing Scams Banking Mobile

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

Krebs on Security

SEPTEMBER 30, 2024

In December 2018, a then 21-year-0ld Troy Woody Jr. In June 2016, Islam was sentenced to a year in prison for an impressive array of crimes, including stalking people online and posting their personal data on the Internet. Iza’s complaint says he also harassed a man identified only as T.W., and refers to T.W.

Cryptocurrency

Cryptocurrency Government Internet Internet

Hoax Email Blast Abused Poor Coding in FBI Website

Krebs on Security

NOVEMBER 13, 2021

The Federal Bureau of Investigation (FBI) confirmed today that its fbi.gov domain name and Internet address were used to blast out thousands of fake emails about a cybercrime investigation. ” A review of the email’s message headers indicated it had indeed been sent by the FBI, and from the agency’s own Internet address.

Internet

Internet Internet Hacking Accountability

Local Networks Go Global When Domain Names Collide

Krebs on Security

AUGUST 23, 2024

At issue is a well-known security and privacy threat called “ namespace collision ,” a situation where domain names intended to be used exclusively on an internal company network end up overlapping with domains that can resolve normally on the open Internet. Alas, in 2018, the.llc TLD was born and began selling domains. SSL/TLS certs).

DNS

DNS Internet Internet Authentication

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Chaput said the spammers used more than 1,500 Internet addresses across 400 providers to register new accounts, which then followed popular accounts on Mastodon and sent private mentions to the followers of those accounts. that were created from different Internet addresses in Vienna, Austria.

Scams

Scams DDOS Cryptocurrency Accountability

That Domain You Forgot to Renew? Yeah, it’s Now Stealing Credit Cards

Krebs on Security

NOVEMBER 13, 2018

A review of the neighboring domains that reside at Internet addresses adjacent to julierandallphoto-dot-com ( 196.196.152/153.x Likewise, kavanaghsirishpub-dot-com corresponded to a pub and restaurant in Tennessee until mid-2018; now it’s pretending to sell cheap Nike shoes. It’s now advertising running shoes.

Accountability

Accountability eCommerce Cybercrime Advertising

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

Krebs on Security

SEPTEMBER 5, 2023

LastPass says that since 2018 it has required a twelve-character minimum for master passwords, which the company said “greatly minimizes the ability for successful brute force password guessing.” In February 2018, LastPass changed the default to 100,100 iterations. And very recently, it upped that again to 600,000.

Cryptocurrency

Cryptocurrency Passwords Encryption Accountability

Busting SIM Swappers and SIM Swap Myths

Krebs on Security

NOVEMBER 6, 2018

In late September 2018, the REACT Task Force spearheaded an investigation that led to the arrest of two Missouri men — both in their early 20s — who are accused of conducting SIM swaps to steal $14 million from a cryptocurrency company based in San Jose, Calif. . million customers.

Mobile

Mobile Cryptocurrency Accountability Passwords

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

Thus, the second factor cannot be phished, either over the phone or Internet. In July 2018, Google disclosed that it had not had any of its 85,000+ employees successfully phished on their work-related accounts since early 2017, when it began requiring all employees to use physical security keys in place of one-time codes.

Hacking

Hacking Social Engineering Phishing Scams

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Krebs on Security

MARCH 14, 2023

That story showed that the previous owner of the Doxbin also was part of a teenage hacking group that specialized in offering fake EDRs as a service on the dark web. When they raided Singh’s residence on Sept.

Hacking

Hacking Government Media Accountability

Who’s In Your Online Shopping Cart?

Krebs on Security

NOVEMBER 4, 2018

Crooks who hack online merchants to steal payment card data are constantly coming up with crafty ways to hide their malicious code on Web sites. In Internet ages past, this often meant obfuscating it as giant blobs of gibberish text that was obvious even to the untrained eye.

Antivirus

Antivirus Hacking Internet Internet

How Do You Fight a $12B Fraud Problem? One Scammer at a Time

Krebs on Security

OCTOBER 25, 2018

According to the most recent statistics from the FBI ‘s Internet Crime Complaint Center , the most costly form of cybercrime stems from a complex type of fraud known as the “ B usiness E mail C ompromise” or BEC scam. The FBI says BEC scams netted thieves more than $12 billion between 2013 and 2018.

Scams

Scams Accountability Media Banking

How 1-Time Passcodes Became a Corporate Liability

Krebs on Security

AUGUST 30, 2022

On July 20, the attackers turned their sights on internet infrastructure giant Cloudflare.com , and the intercepted credentials show at least five employees fell for the scam (although only two employees also provided the crucial one-time MFA code). That’s down from 53 percent that did so in 2018, Okta found.

Mobile

Mobile Phishing Authentication Accountability

Why Malware Crypting Services Deserve More Scrutiny

Krebs on Security

JUNE 21, 2023

guru show that in 2018 the domains were forwarding incoming email to the address obelisk57@gmail.com. Those records indicate the user Kerens registered on Verified in March 2009 from an Internet address in Novosibirsk, a city in the southern Siberian region of Russia. The registration records for the website Cryptor[.]biz

Malware

Malware Antivirus Cybercrime Hacking

Tech CEO Sentenced to 5 Years in IP Address Scheme

Krebs on Security

OCTOBER 17, 2023

Golestan’s sentencing comes nearly two years after he pleaded guilty to using an elaborate network of phony companies to secure more than 735,000 Internet Protocol (IP) addresses from the American Registry for Internet Numbers (ARIN), the nonprofit which oversees IP addresses assigned to entities in the U.S.,

Internet

Internet Internet VPN Marketing

A Deep Dive Into the Residential Proxy Service ‘911’

Krebs on Security

JULY 18, 2022

For the past seven years, an online service known as 911 has sold access to hundreds of thousands of Microsoft Windows computers daily, allowing customers to route their Internet traffic through PCs in virtually any country or city around the globe — but predominantly in the United States. THE INTERNET NEVER FORGETS.

VPN

VPN Computers and Electronics Antivirus Software

Who’s Behind the ‘Web Listings’ Mail Scam?

Krebs on Security

MARCH 23, 2020

In December 2018, KrebsOnSecurity looked at how dozens of U.S. political campaigns, cities and towns had paid a shady company called Web Listings Inc. The story concluded that this dubious service had been scamming people and companies for more than a decade, and promised a Part II to explore who was behind Web Listings.

Scams

Scams Marketing Internet Internet

Cyber Security Informer

Bomb Threat, Sextortion Spammers Abused Weakness at GoDaddy.com

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

Trending Sources

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

Hoax Email Blast Abused Poor Coding in FBI Website

Local Networks Go Global When Domain Names Collide

Interview With a Crypto Scam Investment Spammer

That Domain You Forgot to Renew? Yeah, it’s Now Stealing Credit Cards

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

Busting SIM Swappers and SIM Swap Myths

When Low-Tech Hacks Cause High-Impact Breaches

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Who’s In Your Online Shopping Cart?

How Do You Fight a $12B Fraud Problem? One Scammer at a Time

How 1-Time Passcodes Became a Corporate Liability

Why Malware Crypting Services Deserve More Scrutiny

Tech CEO Sentenced to 5 Years in IP Address Scheme

A Deep Dive Into the Residential Proxy Service ‘911’

Who’s Behind the ‘Web Listings’ Mail Scam?

Stay Connected