Krebs on Security

AUGUST 30, 2022

A recent spate of SMS phishing attacks from one cybercriminal group has spawned a flurry of breach disclosures from affected companies, which are all struggling to combat the same lingering security threat: The ability of scammers to interact directly with employees through their mobile devices.

Mobile 316

Mobile Phishing Authentication Accountability 316

Krebs on Security

OCTOBER 13, 2021

A recent phishing campaign targeting Coinbase users shows thieves are getting cleverer about phishing one-time passwords (OTPs) needed to complete the login process. A Google-translated version of the now-defunct Coinbase phishing site, coinbase.com.password-reset[.]com. The Coinbase phishing panel. million Italians.

Passwords 351

Passwords Phishing Accountability Mobile 351

Krebs on Security

JULY 31, 2024

More than a million domain names — including many registered by Fortune 100 firms and brand protection companies — are vulnerable to takeover by cybercriminals thanks to authentication weaknesses at a number of large web hosting providers and domain registrars, new research finds. Image: Shutterstock.

DNS 272

DNS Internet Internet Phishing 272

Krebs on Security

FEBRUARY 28, 2023

In each case, the goal of the attackers was the same: Phish T-Mobile employees for access to internal company tools, and then convert that access into a cybercrime service that could be hired to divert any T-Mobile user’s text messages and phone calls to another device. ” TMO UP!

Mobile 333

Mobile Phishing Authentication Advertising 333

Krebs on Security

JANUARY 30, 2024

.” Group-IB dubbed the gang by a different name — 0ktapus — which was a nod to how the criminal group phished employees for credentials. The missives asked users to click a link and log in at a phishing page that mimicked their employer’s Okta authentication page. On July 28 and again on Aug.

Social Engineering 334

Social Engineering Mobile Passwords Cybercrime 334

Krebs on Security

NOVEMBER 16, 2022

A financial cybercrime group calling itself the Disneyland Team has been making liberal use of visually confusing phishing domains that spoof popular bank brands using Punycode , an Internet standard that allows web browsers to render domain names with non-Latin alphabets like Cyrillic. com — which was created to phish U.S.

Malware 297

Malware Banking Phishing DDOS 297

Krebs on Security

SEPTEMBER 29, 2021

In February, KrebsOnSecurity wrote about a novel cybercrime service that helped attackers intercept the one-time passwords (OTPs) that many websites require as a second authentication factor in addition to passwords. That is true two-factor authentication: Something you have, and something you know (and maybe also even something you are).

Passwords 341

Passwords Mobile Authentication Banking 341

Krebs on Security

NOVEMBER 19, 2021

Naturally, a great deal of phishing schemes that precede these bank account takeovers begin with a spoofed text message from the target’s bank warning about a suspicious Zelle transfer. What follows is a deep dive into how this increasingly clever Zelle fraud scam typically works, and what victims can do about it.

Scams 361

Scams Banking Passwords Authentication 361

Krebs on Security

NOVEMBER 9, 2024

.” Echoing the FBI’s warning, Donahue said far too many police departments in the United States and other countries have poor account security hygiene, and often do not enforce basic account security precautions — such as requiring phishing-resistant multifactor authentication. dot-gov emails get hacked.

Hacking 242

Hacking Accountability Government Social Engineering 242

Krebs on Security

MAY 5, 2021

After a user logs in, the link prompts them to install a malicious but innocuously-named app that gives the attacker persistent, password-free access to any of the user’s emails and files, both of which are then plundered to launch malware and phishing scams against others.

Accountability 345

Accountability Advertising Passwords Phishing 345

Krebs on Security

JULY 29, 2021

Our continued reliance on passwords for authentication has contributed to one toxic data spill or hack after another. TARGETED PHISHING. The targeted phishing message that went out to classicfootballshirts.co.uk In essence, you effectively get to use the same password across all Web sites. customers this month.

Passwords 361

Passwords Password Management Phishing Scams 361

Krebs on Security

NOVEMBER 21, 2020

In March, a voice phishing scam targeting GoDaddy support employees allowed attackers to assume control over at least a half-dozen domain names, including transaction brokering site escrow.com. authenticate the phone call before sensitive information can be discussed. 2019 that wasn’t discovered until April 2020.

Cryptocurrency 363

Cryptocurrency VPN Scams Social Engineering 363

Krebs on Security

AUGUST 30, 2019

But when accounts at those CRM providers get hacked or phished, the results can be damaging for both the client’s brand and their customers. Here’s a look at a recent CRM-based phishing campaign that targeted customers of Fortune 500 construction equipment vendor United Rentals. Stamford, Ct. . Image: APWG.

Phishing 217

Phishing Marketing Accountability DNS 217

Krebs on Security

SEPTEMBER 2, 2024

agency , a once popular online service that helped attackers intercept the one-time passcodes (OTPs) that many websites require as a second authentication factor in addition to passwords. KrebsOnSecurity profiled OTP Agency in a February 2021 story about arrests tied to another phishing-related service based in the U.K.

Accountability 250

Accountability Banking Passwords Scams 250

Krebs on Security

JULY 15, 2024

In some cases, the attackers were able to redirect the hijacked domains to phishing sites set up to steal visitors’ cryptocurrency funds. New York City-based Squarespace purchased roughly 10 million domain names from Google Domains in June 2023, and it has been gradually migrating those domains to its service ever since. .’

Accountability 280

Accountability Cryptocurrency Passwords DNS 280

Security Boulevard

SEPTEMBER 29, 2021

In February, KrebsOnSecurity wrote about a novel cybercrime service that helped attackers intercept the one-time passwords (OTPs) that many websites require as a second authentication factor in addition to passwords. The post The Rise of One-Time Password Interception Bots appeared first on Security Boulevard.

Passwords 96

Passwords Cybercrime Phishing Authentication 96

Krebs on Security

SEPTEMBER 2, 2021

Bill said this criminal group averages between five and ten million email authentication attempts daily, and comes away with anywhere from 50,000 to 100,000 of working inbox credentials. “For context, our research indicates that multi-factor authentication prevents more than 99.9%

Accountability 315

Accountability Authentication Passwords Hacking 315

Krebs on Security

APRIL 14, 2019

But when the interested party inquires about the listing, they are sent a link to a site that looks like Airbnb.com but which is actually a phishing page. Airbnb could help by adding some type of robust multi-factor authentication, such as Security Keys — which would defeat these Airbnb phishing pages.

Scams 247

Scams Advertising Accountability Phishing 247

Krebs on Security

MAY 30, 2023

Scavuzzo said the administrator’s account was hijacked even though she had multi-factor authentication turned on. Scavuzzo, who is based in Maine, said the attackers waited until around midnight in his timezone time before using the administrator’s account to send out an unauthorized message about a new Ocean airdrop.

Hacking 307

Hacking Accountability Scams Cryptocurrency 307

Krebs on Security

NOVEMBER 23, 2018

Even so, anti-phishing company PhishLabs found in a survey last year that more than 80% of respondents believed the green lock indicated that a website was either legitimate and/or safe. Now that anyone can get SSL certificates for free , phishers and other scammers that ply their trade via fake Web sites are starting to up their game.

Scams 275

Scams Wireless Phishing Banking 275

Krebs on Security

JANUARY 22, 2019

Contacted by KrebsOnSecurity, GoDaddy acknowledged the authentication weakness documented by Guilmette. “After investigating the matter, our team confirmed that a threat actor(s) abused our DNS setup process,” the company said in an emailed statement.

DNS 244

DNS Internet Internet Computers and Electronics 244

Krebs on Security

NOVEMBER 6, 2018

” Rose said mobile phone stores could cut down on these crimes in much the same way that potential victims can combat SIM swapping: By relying on dual authentication. He advises people instead use a mobile app like Authy or Google Authenticator to generate the one-time code. ” TWO-FACTOR BREAKDOWN. ” Lt.

Mobile 241

Mobile Cryptocurrency Accountability Passwords 241

Krebs on Security

SEPTEMBER 13, 2024

At the end of 2023, malicious hackers figured out that many major companies have uploaded massive amounts of valuable and sensitive customer data to Snowflake servers, all the while protecting those Snowflake accounts with little more than a username and password (no multi-factor authentication required).

Cybercrime 285

Cybercrime Accountability Mobile Hacking 285

Krebs on Security

NOVEMBER 26, 2019

One way fraudsters might make a fake.gov domain even more convincing would be to equip the site with an SSL certificate so that the phony domain displays the green padlock icon in a user’s Web browser. “It turns out that the GSA is pretty good at doing boring clerical stuff,” he said. ”

Government 343

Government Internet Internet Web Fraud 343