Krebs on Security

JULY 21, 2022

The term “pig butchering” refers to a time-tested, heavily scripted, and human-intensive process of using fake profiles on dating apps and social media to lure people into investing in elaborate scams. In a more visceral sense, pig butchering means fattening up a prey before the slaughter. “The scale of this is so massive.

Scams 333

Scams Cryptocurrency Marketing Internet 333

Krebs on Security

OCTOBER 25, 2018

The fraudsters behind the often laughable Nigerian prince email scams have long since branched out into far more serious and lucrative forms of fraud, including account takeovers, phishing, dating scams, and malware deployment. The FBI says BEC scams netted thieves more than $12 billion between 2013 and 2018.

Scams 229

Scams Accountability Media Banking 229

Krebs on Security

AUGUST 16, 2022

The missive alleged that an auction on the site for data stolen from 10 million customers of Mexico’s second-largest bank was fake news and harming the bank’s reputation. The administrator responded to this empty threat by purchasing the stolen banking data and leaking it on the forum for everyone to download.

Data breaches 323

Data breaches Banking Cybercrime Marketing 323

Krebs on Security

OCTOBER 13, 2021

Holden said each time a new victim submitted credentials at the Coinbase phishing site, the administrative panel would make a loud “ding” — presumably to alert whoever was at the keyboard on the other end of this phishing scam that they had a live one on the hook. Then you can call your bank or wherever else you need.

Passwords 363

Passwords Phishing Accountability Mobile 363

Security Boulevard

NOVEMBER 19, 2021

One of the more common ways cybercriminals cash out access to bank accounts involves draining the victim's funds via Zelle, a "peer-to-peer" (P2P) payment service used by many financial institutions that allows customers to quickly send cash to friends and family.

Scams 111

Scams Banking Accountability Phishing 111

Krebs on Security

JULY 29, 2021

The emails encouraged recipients to click a link to accept the cash back offer, and the link went to a look-alike domain that requested bank information. And as the phishing examples above demonstrate, many of today’s phishing scams use elements from hacked databases to make their lures more convincing. customers this month.

Passwords 363

Passwords Password Management Phishing Scams 363

Krebs on Security

MAY 23, 2020

When a reliable method of scamming money out of people, companies or governments becomes widely known, underground forums and chat networks tend to light up with activity as more fraudsters pile on to claim their share. And that’s exactly what appears to be going on right now as multiple U.S.

Insurance 358

Insurance Accountability Banking Government 358

Krebs on Security

NOVEMBER 23, 2018

‘Tis the season when even those who know a thing or two about Internet scams tend to let down their guard in the face of an eye-popping discount or the stress of last-minute holiday shopping. Even people who shop mainly at big-name online stores can get scammed if they’re not wary of too-good-to-be-true offers.

Scams 279

Scams Wireless Phishing Banking 279

Krebs on Security

SEPTEMBER 2, 2024

Scammers who had already stolen someone’s bank account credentials could enter the target’s phone number and name, and the service would initiate an automated phone call to the target that warned them about unauthorized activity on their account. More on SMSRanger in an upcoming post. Just hang up, full stop.

Accountability 300

Accountability Banking Passwords Scams 300

Krebs on Security

OCTOBER 31, 2023

The top-level domain for the United States — US — is home to thousands of newly-registered domains tied to a malicious link shortening service that facilitates malware and phishing scams, new research suggests. The findings come close on the heels of a report that identified.US domains registered daily.US US phishing domains.

Phishing 331

Phishing Telecommunications Malware Scams 331

Krebs on Security

FEBRUARY 25, 2021

Much of this fraud exploits weak authentication methods used by states that have long sought to verify applicants using static, widely available information such as Social Security numbers and birthdays. Many states also lacked the ability to tell when multiple payments were going to the same bank accounts.

Scams 339

Scams Insurance DDOS Authentication 339

Krebs on Security

MARCH 22, 2022

According to Russian prosecutors, the scam went like this: Consumers would receive an SMS with links to sites that falsely claimed a number of well-known companies were sponsoring drawings and lotteries for people who enrolled or agreed to answer surveys. Some pay, some don’t.

Banking 233

Banking Marketing DDOS Risk 233

Krebs on Security

APRIL 30, 2020

Most online retailers years ago stopped shipping to regions of the world most frequently associated with credit card fraud, including Eastern Europe, North Africa, and Russia. For example, reshipping scams have over the years become easier for both reshipping mule operators and the mules themselves.

Cybercrime 349

Cybercrime Computers and Electronics Marketing Scams 349

Krebs on Security

FEBRUARY 28, 2024

In a post to its Twitter/X account last month, Signum Capital warned that a fake profile pretending to be their employee Mr. Lee was trying to scam people on Telegram. The file that Doug ran is a simple Apple Script (file extension “ scpt”) that downloads and executes a malicious trojan made to run on macOS systems.

Malware 329

Malware Cryptocurrency Software Phishing 329

Krebs on Security

JULY 18, 2022

Namely, the ability to route one’s malicious traffic through a computer that is geographically close to the consumer whose credit card they’re about to charge at some website, or whose bank account they’re about to empty.

VPN 352

VPN Computers and Electronics Antivirus Software 352

Krebs on Security

AUGUST 9, 2021

Playing along, I said I was sorry to hear about his ordeal, and asked Mitch if there were any stolen cards issued by a particular bank or to a specific region that he was seeking. After all, nobody who gets phished or scammed is going to report the crime to the authorities. Caveat Emptor!

Phishing 362

Phishing Cybercrime Accountability Advertising 362

Security Boulevard

AUGUST 4, 2022

Email scammers sent an Uber to the home of an 80-year-old woman who responded to a well-timed email scam, in a bid to make sure she went to the bank and wired money to the fraudsters. The post Scammers Sent Uber to Take Elderly Lady to the Bank appeared first on Security Boulevard.

Banking 59

Banking Scams Web Fraud 59

Krebs on Security

SEPTEMBER 1, 2023

Domain names ending in “ US ” — the top-level domain for the United States — are among the most prevalent in phishing scams, new research shows. This is noteworthy because.US is overseen by the U.S. government, which is frequently the target of phishing domains ending in.US. “Ironically, at least 109 of the.US

Phishing 296

Phishing Telecommunications Government DNS 296

Krebs on Security

JANUARY 22, 2019

Facebook ; Gap (Apparel) Inc ; Fifth Third Bancorp ; Hearst Communications ; Hilton Interntional ; ING Bank ; the Massachusetts Institute of Technology (MIT); McDonalds Corp. ; NBC Universal Media ; NRG Energy ; Oath, Inc (a.k.a Yahoo + AOL) ; Oracle ; Tesla Motors ; Time Warner ; US Bank; US Steel Corp.;

DNS 270

DNS Internet Internet Computers and Electronics 270

Malwarebytes

JUNE 8, 2022

We’ve noted the gradual emergence of Bitcoin ATMs in scams previously; here, cryptocurrency ATMs are more popular as a payment method to SSNDOB than other dubious online services. Chainalysis also notes a potential connection between SSNDOB and another dark web market trading in credit cards which called it quits in 2021.

DDOS 126

DDOS Cryptocurrency Data breaches Scams 126

Krebs on Security

AUGUST 4, 2022

Email scammers sent an Uber to the home of an 80-year-old woman who responded to a well-timed email scam, in a bid to make sure she went to the bank and wired money to the fraudsters. So they sent her some information about where to wire the money, and asked her to go to the bank.

Banking 312

Banking Scams Accountability Passwords 312

Krebs on Security

FEBRUARY 18, 2025

“This is much bigger than the banks are prepared to say.” For example, a would-be smishing victim might enter their personal and financial information, but then decide the whole thing is scam before actually submitting the data.

Phishing 286

Phishing Mobile Scams Banking 286

Krebs on Security

MARCH 17, 2020

But KrebsOnSecurity received copious amounts of information about this scam from Milwaukee, Wisc. You will need to receive cash atm or at your bank branch.” Money mule scammers specialize in hacking employer accounts at job recruitment Web sites like Monster.com, Hotjobs.com and other popular employment search services.

Banking 362

Banking Scams Accountability Healthcare 362

Krebs on Security

JANUARY 30, 2025

In October 2024, the security firm Silent Push published a lengthy analysis of how Amazon AWS and Microsoft Azure were providing services to Funnull, a two-year-old Chinese content delivery network that hosts a wide variety of fake trading apps, pig butchering scams , gambling websites, and retail phishing pages.

Accountability 241

Accountability Scams Passwords Retail 241