Authentication, Data breaches and Web Fraud

A Day in the Life of a Prolific Voice Phishing Crew

Krebs on Security

JANUARY 7, 2025

Lookout researchers discovered multiple voice phishing groups were using a new phishing kit that closely mimicked the single sign-on pages for Okta and other authentication providers. Perm’s group and other crypto phishing gangs rely on a mix of homemade code and third-party data broker services to refine their target lists.

Phishing

Phishing Cryptocurrency Accountability Social Engineering

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Krebs on Security

JUNE 15, 2024

.” In a SIM-swapping attack, crooks transfer the target’s phone number to a device they control and intercept any text messages or phone calls sent to the victim — including one-time passcodes for authentication, or password reset links sent via SMS.

Hacking

Hacking Cybercrime Phishing Passwords

The Life Cycle of a Breached Database

Krebs on Security

JULY 29, 2021

Every time there is another data breach, we are asked to change our password at the breached entity. Here’s a closer look at what typically transpires in the weeks or months before an organization notifies its users about a breached database.

Passwords

Passwords Password Management Phishing Scams

How 1-Time Passcodes Became a Corporate Liability

Krebs on Security

AUGUST 30, 2022

The missives asked users to click a link and log in at a phishing page that mimicked their employer’s Okta authentication page. Those who submitted credentials were then prompted to provide the one-time password needed for multi-factor authentication. That’s down from 53 percent that did so in 2018, Okta found.

Mobile

Mobile Phishing Authentication Accountability

Experian, You Have Some Explaining to Do

Krebs on Security

JULY 10, 2022

“I was able to answer the credit report questions successfully, which authenticated me to their system,” Turner said. That’s because Experian does not offer any type of multi-factor authentication options on consumer accounts. But now he’s wondering what else he could do to prevent another account compromise.

Accountability

Accountability Passwords Authentication Password Management

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Krebs on Security

DECEMBER 13, 2022

While the FBI’s InfraGard system requires multi-factor authentication by default, users can choose between receiving a one-time code via SMS or email. Prior to its infiltration by the FBI, RaidForums sold access to more than 10 billion consumer records stolen in some of the world’s largest data breaches.

Hacking

Hacking Energy and Utilities Cybercrime Accountability

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Krebs on Security

FEBRUARY 28, 2023

Countless websites and online services use SMS text messages for both password resets and multi-factor authentication. We are also focused on gathering threat intelligence data, like what you have shared, to help further strengthen these ongoing efforts.” ” TMO UP! .”

Mobile

Mobile Phishing Authentication Advertising

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

Krebs on Security

SEPTEMBER 5, 2023

.” LastPass declined to answer questions about the research highlighted in this story, citing an ongoing law enforcement investigation and pending litigation against the company in response to its 2022 data breach. As it happens, Plex announced its own data breach one day before LastPass disclosed its initial August intrusion.

Cryptocurrency

Cryptocurrency Passwords Encryption Accountability

Identity Thieves Bypassed Experian Security to View Credit Reports

Krebs on Security

JANUARY 9, 2023

Clearly, Experian found it simpler to respond this way, rather than acknowledging the problem and addressing the root causes (lazy authentication and abhorrent account recovery practices). It’s also worth mentioning that reports of hijacked Experian.com accounts persisted into late 2022.

Identity Theft

Identity Theft Accountability Authentication Web Fraud

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

The missives asked users to click a link and log in at a phishing page that mimicked their employer’s Okta authentication page. Those who submitted credentials were then prompted to provide the one-time password needed for multi-factor authentication. A booking photo of Noah Michael Urban released by the Volusia County Sheriff.

Social Engineering

Social Engineering Mobile Passwords Cybercrime

Researchers: Weak Security Defaults Enabled Squarespace Domains Hijacks

Krebs on Security

JULY 15, 2024

” The researchers have published a comprehensive guide for locking down Squarespace user accounts, which urges Squarespace users to enable multi-factor authentication (disabled during the migration). .’ This is absolutely insane if you’re used to and expecting the controls Google provides.”

Accountability

Accountability Cryptocurrency Passwords DNS

Karma Catches Up to Global Phishing Service 16Shop

Krebs on Security

AUGUST 17, 2023

Constella Intelligence , a data breach and threat actor research platform, now allows users to cross-reference popular cybercrime websites and denizens of these forums with inadvertent malware infections by information-stealing trojans.

Phishing

Phishing Passwords Internet Internet

LastPass: ‘Horse Gone Barn Bolted’ is Strong Password

Krebs on Security

SEPTEMBER 22, 2023

To automatically populate the appropriate credentials at any website going forward, you simply authenticate to LastPass using your master password. .” A basic functionality of LastPass is that it will pick and remember lengthy, complex passwords for each of your websites or online services.

Passwords

Passwords Encryption Password Management Cryptocurrency

The Dark Nexus Between Harm Groups and ‘The Com’

Krebs on Security

SEPTEMBER 13, 2024

At the end of 2023, malicious hackers figured out that many major companies have uploaded massive amounts of valuable and sensitive customer data to Snowflake servers, all the while protecting those Snowflake accounts with little more than a username and password (no multi-factor authentication required).

Cybercrime

Cybercrime Accountability Mobile Hacking

Scary Fraud Ensues When ID Theft & Usury Collide

Krebs on Security

JANUARY 25, 2022

Although he didn’t technically have an account with MSF, their authentication system is based on email addresses, so Jim requested that a password reset link be sent to his email address. Then in mid-January, Jim heard from MSF via snail mail that they’d discovered a data breach.

Financial Services

Financial Services Banking Accountability Identity Theft

The Life Cycle of a Breached Database

Security Boulevard

JULY 29, 2021

Every time there is another data breach, we are asked to change our password at the breached entity. Here's a closer look at what typically transpires in the weeks or months before an organization notifies its users about a breached database.

Passwords

Passwords Data breaches Authentication Internet

How $100M in Jobless Claims Went to Inmates

Krebs on Security

FEBRUARY 25, 2021

Much of this fraud exploits weak authentication methods used by states that have long sought to verify applicants using static, widely available information such as Social Security numbers and birthdays. to shore up their authentication efforts, with six more states under contract to use the service in the coming months.

Scams

Scams Insurance DDOS Authentication

Cyber Security Informer

A Day in the Life of a Prolific Voice Phishing Crew

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Trending Sources

The Life Cycle of a Breached Database

How 1-Time Passcodes Became a Corporate Liability

Experian, You Have Some Explaining to Do

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

Identity Thieves Bypassed Experian Security to View Credit Reports

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Researchers: Weak Security Defaults Enabled Squarespace Domains Hijacks

Karma Catches Up to Global Phishing Service 16Shop

LastPass: ‘Horse Gone Barn Bolted’ is Strong Password

The Dark Nexus Between Harm Groups and ‘The Com’

Scary Fraud Ensues When ID Theft & Usury Collide

The Life Cycle of a Breached Database

How $100M in Jobless Claims Went to Inmates

Stay Connected