Book and Web Fraud - Cyber Security Informer

Booking.com Phishers May Leave You With Reservations

Krebs on Security

NOVEMBER 1, 2024

KrebsOnSecurity last week heard from a reader whose close friend received a targeted phishing message within the Booking mobile app just minutes after making a reservation at a California. The phishing message our reader’s friend received after making a reservation at booking.com in late October.

Phishing

Phishing Accountability Artificial Intelligence Cybercrime

The Fake Browser Update Scam Gets a Makeover

Krebs on Security

OCTOBER 18, 2023

One of the oldest malware tricks in the book — hacked websites claiming visitors need to update their Web browser before they can view any content — has roared back to life in the past few months.

Scams

Scams Malware Cryptocurrency Hacking

LastPass: ‘Horse Gone Barn Bolted’ is Strong Password

Krebs on Security

SEPTEMBER 22, 2023

“LastPass in my book is one step above snake-oil. . “And now this is blaming the users — ‘you should have used a longer passphrase’ — not them for having weak defaults that were never upgraded for existing users,” Weaver said. ”

Passwords

Passwords Encryption Password Management Cryptocurrency

‘Land Lordz’ Service Powers Airbnb Scams

Krebs on Security

APRIL 14, 2019

site that helps him manage more than 500 scam properties and interactions with up to 100 (soon-to-be-scammed) “guests” looking to book the fake listings. The ne’er-do-well who set up the account below has been paying $550 a month for a Land Lordz “basic plan” subscription at landlordz[.]site

Scams

Scams Advertising Accountability Phishing

Calendar Meeting Links Used to Spread Mac Malware

Krebs on Security

FEBRUARY 28, 2024

Sure, Doug said, here’s my Calendly profile, book a time and we’ll do it then. The investor expressed interest in financially supporting Doug’s startup, and asked if Doug could find time for a video call to discuss investment prospects. Doug then messaged the Mr.

Malware

Malware Cryptocurrency Software Phishing

Don’t Let Your Domain Name Become a “Sitting Duck”

Krebs on Security

JULY 31, 2024

More than a million domain names — including many registered by Fortune 100 firms and brand protection companies — are vulnerable to takeover by cybercriminals thanks to authentication weaknesses at a number of large web hosting providers and domain registrars, new research finds. Image: Shutterstock.

DNS

DNS Internet Internet Phishing

Russian Reshipping Service ‘SWAT USA Drop’ Exposed

Krebs on Security

NOVEMBER 2, 2023

SWAT apparently kept its books in a publicly accessible Google Sheets document, and that document reveals Fearlless and his business partner each routinely made more than $100,000 every month operating their various reshipping businesses.

Cybercrime

Cybercrime Marketing Scams Retail

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

A booking photo of Noah Michael Urban released by the Volusia County Sheriff. The missives asked users to click a link and log in at a phishing page that mimicked their employer’s Okta authentication page. Those who submitted credentials were then prompted to provide the one-time password needed for multi-factor authentication.

Social Engineering

Social Engineering Mobile Passwords Cybercrime

Why Malware Crypting Services Deserve More Scrutiny

Krebs on Security

JUNE 21, 2023

ru , which for many years was a place to download pirated e-books. According to DomainTools, the Unforgiven email address was used to register roughly a dozen domains, including three that were originally registered to Keren’s email address — pepyak@gmail.com (e.g., antivirusxp09[.]com). was thelib[.]ru DomainTools says thelib[.]ru

Malware

Malware Antivirus Cybercrime Hacking

Bomb Threat, Sextortion Spammers Abused Weakness at GoDaddy.com

Krebs on Security

JANUARY 22, 2019

Grasping the true breadth of Bryant’s prescient discovery requires a brief and simplified primer on how Web sites work. When someone wants to register a domain at a registrar like GoDaddy, the registrar will typically provide two sets of DNS records that the customer then needs to assign to his domain.

DNS

DNS Internet Internet Computers and Electronics

‘Spam Nation’ Villain Vrublevsky Charged With Fraud

Krebs on Security

MARCH 22, 2022

Pavel Vrublevsky , founder of the Russian payment technology firm ChronoPay and the antagonist in my 2014 book “ Spam Nation ,” was arrested in Moscow this month and charged with fraud.

Banking

Banking Marketing DDOS Risk

The Technology Adoption Lifecycle of Genesis Market

Digital Shadows

MAY 3, 2021

Any Product Marketing professional worth their salt will have read the seminal “Crossing the Chasm” book, which highlights how technology. The post The Technology Adoption Lifecycle of Genesis Market first appeared on Digital Shadows.

Marketing

Marketing Technology Web Fraud Cybercrime

‘Spam Nation’ Villain Vrublevsky Charged With Fraud

Security Boulevard

MARCH 22, 2022

Pavel Vrublevsky, founder of the Russian payment technology firm ChronoPay and the antagonist in my 2014 book "Spam Nation," was arrested in Moscow this month and charged with fraud.

Marketing

Marketing Technology Web Fraud

Double-Your-Crypto Scams Share Crypto Scam Host

Krebs on Security

APRIL 11, 2022

In many ways, the crypto giveaway scam is a natural extension of perhaps the oldest cyber fraud in the book: Advanced-fee fraud. The complaint alleges the advertisements, which endorsed investment in cryptocurrency or money-making schemes, could have misled Facebook users into believing they were promoted by famous Australians.

Scams

Scams Cryptocurrency Media Hacking

Meet the World’s Biggest ‘Bulletproof’ Hoster

Krebs on Security

JULY 16, 2019

In 2010, this author received a massive data dump from a source that had hacked into or otherwise absconded with more than four years of email records from ChronoPay — at the time a major Russian online payment provider whose CEO and co-founders were the chief subjects of my 2014 book, Spam Nation: The Inside Story of Organized Cybercrime.

Cybercrime

Cybercrime Phishing Banking Malware

A Single Cloud Compromise Can Feed an Army of AI Sex Bots

Krebs on Security

OCTOBER 3, 2024

“A typical jailbreak will pose a very specific scenario, like you’re a writer who’s doing research for a book, and everyone involved is a consenting adult, even though they often end up chatting about nonconsensual things,” Ahl said.

Accountability

Accountability Artificial Intelligence Web Fraud Cryptocurrency

It’s Way Too Easy to Get a.gov Domain Name

Krebs on Security

NOVEMBER 26, 2019

John Levine , a domain name expert, consultant and author of the book The Internet for Dummies , said the.gov domain space wasn’t always so open as it is today. Such a hoax could well decide the fate of a close national election. “Back in the day, everyone not in the federal government was supposed to register in the.us

Government

Government Internet Internet Web Fraud

Cyber Security Informer

Booking.com Phishers May Leave You With Reservations

The Fake Browser Update Scam Gets a Makeover

Trending Sources

LastPass: ‘Horse Gone Barn Bolted’ is Strong Password

‘Land Lordz’ Service Powers Airbnb Scams

Calendar Meeting Links Used to Spread Mac Malware

Don’t Let Your Domain Name Become a “Sitting Duck”

Russian Reshipping Service ‘SWAT USA Drop’ Exposed

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Why Malware Crypting Services Deserve More Scrutiny

Bomb Threat, Sextortion Spammers Abused Weakness at GoDaddy.com

‘Spam Nation’ Villain Vrublevsky Charged With Fraud

The Technology Adoption Lifecycle of Genesis Market

‘Spam Nation’ Villain Vrublevsky Charged With Fraud

Double-Your-Crypto Scams Share Crypto Scam Host

Meet the World’s Biggest ‘Bulletproof’ Hoster

A Single Cloud Compromise Can Feed an Army of AI Sex Bots

It’s Way Too Easy to Get a.gov Domain Name

Stay Connected