Blog and Web Fraud - Cyber Security Informer

A Day in the Life of a Prolific Voice Phishing Crew

Krebs on Security

JANUARY 7, 2025

The image that Lookout used in its blog post for Crypto Chameleon can be seen in the lower right hooded figure. That latter domain was created and deployed shortly after Lookout published its blog post on Crypto Chameleon. com and two other related control domains — thebackendserver[.]com com and lookoutsucks[.]com.

Phishing

Phishing Cryptocurrency Accountability Social Engineering

Sudanese Brothers Arrested in ‘AnonSudan’ Takedown

Krebs on Security

OCTOBER 17, 2024

. “Where their potential impact becomes really significant is when they then acquire access to thousands of other machines — typically misconfigured web servers — through which almost anyone can funnel attack traffic,” Amazon explained in a blog post.

DDOS

DDOS Government Internet Internet

How 1-Time Passcodes Became a Corporate Liability

Krebs on Security

AUGUST 30, 2022

In a blog post earlier this month, Cloudflare said it detected the account takeovers and that no Cloudflare systems were compromised. 12 blog post , the attackers used their access to Mailchimp employee accounts to steal data from 214 customers involved in cryptocurrency and finance. Image: Cloudflare.com. According to an Aug.

Mobile

Mobile Phishing Authentication Accountability

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Calendar Meeting Links Used to Spread Mac Malware

Krebs on Security

FEBRUARY 28, 2024

A search in Google for a string of text from that script turns up a December 2023 blog post from cryptocurrency security firm SlowMist about phishing attacks on Telegram from North Korean state-sponsored hackers. “When the project team clicks the link, they encounter a region access restriction,” SlowMist wrote.

Malware

Malware Cryptocurrency Software Phishing

Scam ‘Funeral Streaming’ Groups Thrive on Facebook

Krebs on Security

SEPTEMBER 18, 2024

Although many domains correspond to websites for electronics stores or blogs about IT topics, just as many contain a fair amount of placeholder content (think “lorem ipsum” text on the “contact” page). Mazidul Islam’s LinkedIn page says he is the organizer of a now defunct IT blog called gadgetsbiz[.]com,

Scams

Scams DNS Internet Internet

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

Krebs on Security

FEBRUARY 8, 2021

2020 blog post on an ongoing Qakbot campaign that was first documented three months earlier by Check Point Research. .” The operation was carried out in coordination with the FBI and authorities in Australia, which was particularly hard hit by phishing scams perpetrated by U-Admin customers. The U-Admin phishing panel interface.

Phishing

Phishing Scams Banking Mobile

Who’s Behind the ‘Web Listings’ Mail Scam?

Krebs on Security

MARCH 23, 2020

One from May 2011 at onlineprnews.com sings the praises of Weblistingsinc.info , weblistingsinc.org and web-listings.net in the same release, and lists the point of contact simply as “Mark.” ” Historic WHOIS registration records from Domaintools [an advertiser on this blog] say Weblistingsinc.org was registered in Nov.

Scams

Scams Marketing Internet Internet

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Krebs on Security

NOVEMBER 21, 2020

. “A domain hosting provider ‘GoDaddy’ that manages one of our core domain names incorrectly transferred control of the account and domain to a malicious actor,” Liquid CEO Kayamori said in a blog post. ” In the early morning hours of Nov.

Cryptocurrency

Cryptocurrency VPN Scams Social Engineering

How Phishers Are Slinking Their Links Into LinkedIn

Krebs on Security

FEBRUARY 3, 2022

Way back in 2016, security firm Fortinet blogged about LinkedIn’s redirect being used to promote phishing sites and online pharmacies. 26 sample from Urlscan shows a LinkedIn link redirecting to a Paypal phishing page. Let me be clear that the activity described in this post is not new.

Phishing

Phishing Marketing Scams Accountability

Be Very Sparing in Allowing Site Notifications

Krebs on Security

NOVEMBER 17, 2020

Indeed, Malwarebytes’ Pieter Arntz warned about malicious browser push notifications in a January 2019 blog post. That post includes detailed instructions on how to tell which sites you’ve allowed to send notifications, and how to remove them.

Antivirus

Antivirus Advertising Internet Internet

The Fake Browser Update Scam Gets a Makeover

Krebs on Security

OCTOBER 18, 2023

In August 2023, security researcher Randy McEoin blogged about a scam he dubbed ClearFake , which uses hacked WordPress sites to serve visitors with a page that claims you need to update your browser before you can view the content.

Scams

Scams Malware Cryptocurrency Hacking

New Anti Anti-Money Laundering Services for Crooks

Krebs on Security

AUGUST 13, 2021

ET: Elliptic updated its blog post to confirm the connection between Antinanlysis and AMLBot, noting that AMLBot itself is a reseller of yet another service: “As first suggested in an article by Brian Krebs, we can now confirm that the results provided by Antinalysis are identical to those provided by AMLBot. ” Update, 1:42 p.m.

Cryptocurrency

Cryptocurrency Marketing Ransomware Financial Services

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

Krebs on Security

SEPTEMBER 5, 2023

In a December 2022 blog post , Palant explained that the crackability of the LastPass master passwords depends largely on two things: The complexity of the master password, and the default settings for LastPass users, which appear to have varied quite a bit based on when those users began patronizing the service.

Cryptocurrency

Cryptocurrency Passwords Encryption Accountability

The Rise of One-Time Password Interception Bots

Krebs on Security

SEPTEMBER 29, 2021

“Intel 471 has seen an uptick in services on the cybercrime underground that allow attackers to intercept one-time password (OTP) tokens,” the company wrote in a blog post today.

Passwords

Passwords Mobile Authentication Banking

This Service Helps Malware Authors Fix Flaws in their Code

Krebs on Security

MAY 18, 2020

biz , which frequently blogs about security weaknesses in popular malware tools. Enter malware testing services like the one operated by “ RedBear ,” the administrator of a Russian-language security site called Krober[.]biz

Malware

Malware Cybercrime Ransomware Marketing

LastPass: ‘Horse Gone Barn Bolted’ is Strong Password

Krebs on Security

SEPTEMBER 22, 2023

A chart on Palant’s blog post offers an idea of how increasing password iterations dramatically increases the costs and time needed by the attackers to crack someone’s master password.

Passwords

Passwords Encryption Password Management Cryptocurrency

Don’t Let Your Domain Name Become a “Sitting Duck”

Krebs on Security

JULY 31, 2024

Three years before that, the same pervasive weakness was described in a blog post by security researcher Matthew Bryant , who showed how one could commandeer at least 120,000 domains via DNS weaknesses at some of the world’s largest hosting providers.

DNS

DNS Internet Internet Phishing

Judge Orders U.S. Lawyer in Russian Botnet Case to Pay Google

Krebs on Security

DECEMBER 5, 2022

. “While Glupteba operators have resumed activity on some non-Google platforms and IoT devices, shining a legal spotlight on the group makes it less appealing for other criminal operations to work with them,” reads a blog post from Google’s General Counsel Halimah DeLaine Prado and vice president of engineering Royal Hansen.

Cybercrime

Cybercrime Malware Internet Internet

‘Land Lordz’ Service Powers Airbnb Scams

Krebs on Security

APRIL 14, 2019

This 2018 story from travel blog goatsontheroad.com tells the tale of a couple that was very nearly scammed by a Land Lordz-like trap, before the wife figures out they’re no longer on airbnb.com.

Scams

Scams Advertising Accountability Phishing

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

12 blog post , the attackers used their access to Mailchimp employee accounts to steal data from 214 customers involved in cryptocurrency and finance. Among those was the encrypted messaging app Signal , which said the breach could have let attackers re-register the phone number on another device for about 1,900 users. According to an Aug.

Social Engineering

Social Engineering Mobile Passwords Cybercrime

Facebook, Instagram, TikTok and Twitter Target Resellers of Hacked Accounts

Krebs on Security

FEBRUARY 4, 2021

. “We know hackers sometimes delete content when they gain access to an account, and until now people had no way of easily getting their photos and videos back,” Instagram explained in a blog post.

Accountability

Accountability Hacking Media Mobile

Gift Card Gang Extracts Cash From 100k Inboxes Daily

Krebs on Security

SEPTEMBER 2, 2021

” In a December 2020 blog post about how Microsoft is moving away from passwords to more robust authentication approaches, the software giant said an average of one in every 250 corporate accounts is compromised each month.

Accountability

Accountability Authentication Passwords Hacking

Fake Lawsuit Threat Exposes Privnote Phishing Sites

Krebs on Security

APRIL 4, 2024

For example, this account at Medium has authored more than a dozen blog posts in the past year singing the praises of Tornote as a secure, self-destructing messaging service. com is currently selling security cameras made by the Chinese manufacturer Hikvision , via an Internet address based in Hong Kong. io seem like a legitimate website.

Phishing

Phishing Cryptocurrency DDOS Internet

Karma Catches Up to Global Phishing Service 16Shop

Krebs on Security

AUGUST 17, 2023

” According to the Indonesian security blog Cyberthreat.id , Saputra admitted being the administrator of 16Shop , but told the publication he handed the project off to others by early 2020. 16Shop documentation instructing operators on how to deploy the kit.

Phishing

Phishing Passwords Hacking Internet

Feds Bust Up Dark Web Hub Wall Street Market

Krebs on Security

MAY 3, 2019

Writing for ZDNet’s Zero Day blog , Catalin Cimpanu noted that “in this midst of all of this, one of the site’s moderators –named Med3l1n — began blackmailing WSM vendors and buyers, asking for 0.05 The seizure message that replaced the homepage of the Wall Street Market on on May 2.

Marketing

Marketing Accountability Scams Engineering

Bomb Threat, Sextortion Spammers Abused Weakness at GoDaddy.com

Krebs on Security

JANUARY 22, 2019

” Bryant said after he published his initial research in 2016, a number of managed DNS providers mentioned in his blog posts said they’d taken steps to blunt the threat, including Amazon Web Services (AWS), hosting provider Digital Ocean , and Google Cloud. “But it’s clearly still a big problem.”

DNS

DNS Internet Internet Computers and Electronics

3 Cybersecurity Resolutions to Survive 2021

Security Boulevard

FEBRUARY 1, 2021

Predicting a global pandemic that reshaped how we interact with each other and our devices at a fundamental level […]. The post 3 Cybersecurity Resolutions to Survive 2021 appeared first on NuData Security. The post 3 Cybersecurity Resolutions to Survive 2021 appeared first on Security Boulevard.

Cybersecurity

Cybersecurity Web Fraud Authentication IoT

Keeping employee data safe – no matter where they may be

Security Boulevard

APRIL 23, 2021

how to secure wifi for remote work, working from home securely, security home network, secure wifi network, remote work security risks, work from home security best practices. The post Keeping employee data safe – no matter where they may be appeared first on NuData Security.

Network Security

Network Security Risk Web Fraud Authentication

Escaping the echo chamber: How to make cybersecurity accessible for all

Security Boulevard

FEBRUARY 23, 2021

We’ve all experienced digital growing pains in the era of COVID-19. Whether it’s ordering food delivery off a smartphone […]. The post Escaping the echo chamber: How to make cybersecurity accessible for all appeared first on NuData Security.

Cybersecurity

Cybersecurity Web Fraud Authentication Technology

The not-so-obvious cost of fraud to your company’s bottom line

Security Boulevard

FEBRUARY 1, 2021

The post The not-so-obvious cost of fraud to your company’s bottom line appeared first on NuData Security. The post The not-so-obvious cost of fraud to your company’s bottom line appeared first on Security Boulevard. It’s no longer a matter of if your business data has been breached; it’s a matter of how much […].

Web Fraud

Web Fraud Authentication Risk

New report: Application fraud is a serious threat to financial institutions

Security Boulevard

MAY 11, 2021

One fraud executive interviewed for this report summarized the problem with application fraud in one phrase: “Identity is broken.”. The post New report: Application fraud is a serious threat to financial institutions appeared first on NuData Security.

Web Fraud

Web Fraud Authentication Risk

Google Suspends Chinese E-Commerce App Pinduoduo Over Malware

Krebs on Security

MARCH 22, 2023

28, 2023, researchers at the Chinese security firm DarkNavy published a blog post purporting to show evidence that a major Chinese ecommerce company’s app was using this same three-exploit chain to read user data stored by other apps on the affected device, and to make its app nearly impossible to remove.

Malware

Malware eCommerce Mobile Media

The Stark Truth Behind the Resurgence of Russia’s Fin7

Krebs on Security

JULY 10, 2024

Malwarebytes blogged about a similar campaign in April, but did not attribute the activity to any particular group. In May 2024, security firm eSentire warned that Fin7 was spotted using sponsored Google ads to serve pop-ups prompting people to download phony browser extensions that install malware.

Phishing

Phishing Cybercrime Malware Software

Crafty Web Skimming Domain Spoofs “https”

Krebs on Security

MARCH 11, 2020

If you run an e-commerce Web site, it would be a great idea to read up on leveraging Content Security Policy (CSP) response headers and Subresource Integrity security features offered by modern Web browsers. These offer mitigation options to prevent your site from being used in these card skimming attacks.

Retail

Retail Hacking Advertising Web Fraud

Scary Fraud Ensues When ID Theft & Usury Collide

Krebs on Security

JANUARY 25, 2022

“The reason is clear: Genuine tribal businesses are entitled to ‘tribal immunity,’ meaning they can’t be sued,” Bailey wrote in a blog post.

Financial Services

Financial Services Banking Accountability Identity Theft

The Dark Nexus Between Harm Groups and ‘The Com’

Krebs on Security

SEPTEMBER 13, 2024

HACKING RINGS, STALKING VICTIMS In June 2022, this blog told the story of two men charged with hacking into the Ring home security cameras of a dozen random people and then methodically swatting each of them. The final page of Noah Michael Urban’s indictment shows the investigating agent redacted their name from charging documents.

Cybercrime

Cybercrime Accountability Mobile Hacking

Double-Your-Crypto Scams Share Crypto Scam Host

Krebs on Security

APRIL 11, 2022

” According to FinTelegram , a blog that bills itself as a crowdsourced financial intelligence service that covers investment scams, SmartApe is a “ Russian-Israeli hosting company for cybercriminals.”

Scams

Scams Cryptocurrency Media Hacking

Hackers Gaining Power of Subpoena Via Fake “Emergency Data Requests”

Krebs on Security

MARCH 29, 2022

In a blog post about their recent hack, Microsoft said LAPSUS$ succeeded against its targets through a combination of low-tech attacks, mostly involving old-fashioned social engineering — such as bribing employees at or contractors for the target organization.

Accountability

Accountability Government Hacking Social Engineering

A Day in the Life of a Prolific Voice Phishing Crew

Sudanese Brothers Arrested in ‘AnonSudan’ Takedown

Webinars

Trending Sources

How 1-Time Passcodes Became a Corporate Liability

Webinars

Calendar Meeting Links Used to Spread Mac Malware

Scam ‘Funeral Streaming’ Groups Thrive on Facebook

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

Who’s Behind the ‘Web Listings’ Mail Scam?

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

How Phishers Are Slinking Their Links Into LinkedIn

Be Very Sparing in Allowing Site Notifications

The Fake Browser Update Scam Gets a Makeover

New Anti Anti-Money Laundering Services for Crooks

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

The Rise of One-Time Password Interception Bots

This Service Helps Malware Authors Fix Flaws in their Code

LastPass: ‘Horse Gone Barn Bolted’ is Strong Password

Don’t Let Your Domain Name Become a “Sitting Duck”

Judge Orders U.S. Lawyer in Russian Botnet Case to Pay Google

‘Land Lordz’ Service Powers Airbnb Scams

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Facebook, Instagram, TikTok and Twitter Target Resellers of Hacked Accounts

Gift Card Gang Extracts Cash From 100k Inboxes Daily

Fake Lawsuit Threat Exposes Privnote Phishing Sites

Karma Catches Up to Global Phishing Service 16Shop

Feds Bust Up Dark Web Hub Wall Street Market

Bomb Threat, Sextortion Spammers Abused Weakness at GoDaddy.com

3 Cybersecurity Resolutions to Survive 2021

Keeping employee data safe – no matter where they may be

Escaping the echo chamber: How to make cybersecurity accessible for all

The not-so-obvious cost of fraud to your company’s bottom line

New report: Application fraud is a serious threat to financial institutions

Google Suspends Chinese E-Commerce App Pinduoduo Over Malware

The Stark Truth Behind the Resurgence of Russia’s Fin7

Crafty Web Skimming Domain Spoofs “https”

Scary Fraud Ensues When ID Theft & Usury Collide

The Dark Nexus Between Harm Groups and ‘The Com’

Double-Your-Crypto Scams Share Crypto Scam Host

Hackers Gaining Power of Subpoena Via Fake “Emergency Data Requests”

Stay Connected