Cybercrime, Cybersecurity and Phishing - Cyber Security Informer

A Day in the Life of a Prolific Voice Phishing Crew

Krebs on Security

JANUARY 7, 2025

Besieged by scammers seeking to phish user accounts over the telephone, Apple and Google frequently caution that they will never reach out unbidden to users this way. million in an elaborate voice phishing attack. The phishing domain used to steal roughly $4.7 Image: Shutterstock, iHaMoo. “ Annie.”

Phishing

Phishing Cryptocurrency Accountability Social Engineering

News alert: SpyCloud accelerates supply chain risk analysis with new ‘IDLink’ correlation capability

The Last Watchdog

OCTOBER 10, 2024

SpyCloud Investigations is a powerful cybercrime and identity threat investigation solution used by analysts and investigators to discover and act on threats by navigating the world’s largest repository of recaptured breach, malware, and phishing data. Austin, TX, Oct.

Risk

Risk Cybercrime Identity Theft Phishing

Operation Heart Blocker: International Police Disrupt Phishing Network

SecureWorld News

FEBRUARY 3, 2025

In a significant victory against cybercrime, U.S. and Dutch law enforcement agencies have dismantled 39 domains and their associated servers in an effort to disrupt a Pakistan-based network of online marketplaces selling phishing and fraud-enabling tools. According to the U.S.

Phishing

Phishing Cybercrime Scams Authentication

CrowdStrike 2025 Global Threat Report: 51-Second Breaches Shake Cybercrime

eSecurity Planet

MARCH 3, 2025

In a comprehensive new report, cybersecurity leader CrowdStrike unveiled a rapidly evolving threat landscape that challenges traditional defenses. The business of cybercrime Cybercriminals are no longer disorganized hackers. They are now running highly efficient operations that mirror legitimate business models.

Threat Reports

Threat Reports Cybercrime Artificial Intelligence Social Engineering

Gmail Under Siege: FBI Warns of Unusual AI-Driven Phishing Attacks

eSecurity Planet

FEBRUARY 10, 2025

In a stark warning to organizations and everyday users alike, cybersecurity experts and government agencies have sounded the alarm over a new breed of Gmail-targeted phishing attacks. AI-Enhanced Cyberthreats Recent intelligence indicates that the sophistication of Gmail phishing campaigns has reached new heights.

Phishing

Phishing Artificial Intelligence Password Management Accountability

U.S. Justice Department Cracks Down on Scattered Spider Phishing Ring

SecureWorld News

NOVEMBER 22, 2024

The United States Department of Justice (DOJ) has unsealed charges against five individuals accused of orchestrating sophisticated phishing campaigns tied to the notorious Scattered Spider cybercrime group. This case highlights the critical role of employee awareness and robust cybersecurity measures.

Phishing

Phishing Identity Theft Cryptocurrency Cybercrime

Russian Phobos ransomware operator faces cybercrime charges

Security Affairs

NOVEMBER 19, 2024

Russian Phobos ransomware operator Evgenii Ptitsyn, accused of managing attacks, was extradited from South Korea to the US to face cybercrime charges. Russian Phobos ransomware operator Evgenii Ptitsyn, suspected of playing a key role in the ransomware operations, was extradited from South Korea to the US to face cybercrime charges.

Cybercrime

Cybercrime Ransomware Healthcare Education

WordPress Plugin Exploited to Turn Legitimate Sites Into Phishing Traps

Security Boulevard

JANUARY 6, 2025

A WordPress plugin known as PhishWP, has been discovered on Russian cybercrime forums and is being exploited by cybercriminals to steal sensitive data from unsuspecting users. The post WordPress Plugin Exploited to Turn Legitimate Sites Into Phishing Traps appeared first on Security Boulevard.

Phishing

Phishing Cybercrime Cybersecurity

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

Krebs on Security

FEBRUARY 8, 2021

Cyber cops in Ukraine carried out an arrest and several raids last week in connection with the author of a U-Admin , a software package used to administer what’s being called “one of the world’s largest phishing services.” The U-Admin phishing panel interface. Image: fr3d.hk/blog. ” U-Admin, a.k.a.

Phishing

Phishing Scams Banking Mobile

The Cost of Cybercrime

Schneier on Security

JUNE 4, 2019

Really interesting paper calculating the worldwide cost of cybercrime: Abstract: In 2012 we presented the first systematic study of the costs of cybercrime. Several new cybercrimes are significant enough to mention, including business email compromise and crimes involving cryptocurrencies. and more on response.

Cybercrime

Cybercrime Scams Cryptocurrency Antivirus

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

Krebs on Security

FEBRUARY 28, 2025

Security experts say the Russia-based service provider Prospero OOO (the triple O is the Russian version of “LLC”) has long been a persistent source of malicious software, botnet controllers, and a torrent of phishing websites. The bulletproof hosting provider BEARHOST. This screenshot has been machine-translated from Russian. .

Malware

Malware Antivirus Software DDOS

US, European Law Enforcement Shut Down Cybercrime-Friendly VPN Services

Adam Levin

DECEMBER 23, 2020

Law enforcement agencies from the United States and Europe seized domain names and servers belonging to a virtual private network (VPN) provider long linked to online cybercrime. The post US, European Law Enforcement Shut Down Cybercrime-Friendly VPN Services appeared first on Adam Levin. In a press release issued December 22, U.S.

VPN

VPN Cybercrime Phishing Ransomware

Canadian Man Arrested in Snowflake Data Extortions

Krebs on Security

NOVEMBER 5, 2024

Judische would repeat that claim in Star Chat on May 13 — the day before Santander publicly disclosed a data breach — and would periodically blurt out the names of other Snowflake victims before their data even went up for sale on the cybercrime forums. prosecutors and federal law enforcement agencies. “Negotiate a deal in Telegram.”

Cybercrime

Cybercrime Mobile Media Hacking

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Krebs on Security

NOVEMBER 9, 2024

One English-speaking cybercriminal who goes by the nicknames “ Pwnstar ” and “ Pwnipotent ” has been selling fake EDR services on both Russian-language and English cybercrime forums. “Unfortunately, a lot of this is phishing or malware campaigns,” Donahue said. dot-gov emails get hacked. ”

Hacking

Hacking Accountability Government Social Engineering

A Year Later, Cybercrime Groups Still Rampant on Facebook

Krebs on Security

APRIL 8, 2019

Almost exactly one year ago, KrebsOnSecurity reported that a mere two hours of searching revealed more than 100 Facebook groups with some 300,000 members openly advertising services to support all types of cybercrime, including spam, credit card fraud and identity theft. Facebook responded by deleting those groups.

Cybercrime

Cybercrime Passwords Identity Theft Accountability

New ‘Lucid’ Phishing Platform Abuses iMessage, Android RCS to Slip Past Defenses

eSecurity Planet

MARCH 28, 2025

A sophisticated cybercrime service known as “Lucid” is exploiting vulnerabilities in Apples iMessage and Androids Rich Communication Services (RCS), allowing cyberthieves to conduct large-scale phishing attacks with alarming success. Automated mobile farms that deploy phishing messages at scale.

Phishing

Phishing Scams Cybercrime Retail

This AI-Powered Cybercrime Service Bundles Phishing Kits with Malicious Android Apps

The Hacker News

JULY 26, 2024

A Spanish-speaking cybercrime group named GXC Team has been observed bundling phishing kits with malicious Android applications, taking malware-as-a-service (MaaS) offerings to the next level.

Cybercrime

Cybercrime Phishing Malware Cybersecurity

Cybercriminals Exploit Valentine’s Day with Romance Scams, Phishing Attacks

Security Boulevard

FEBRUARY 12, 2025

As Valentines Day approaches, cybercriminals are ramping up their efforts to exploit consumers through romance scams, phishing campaigns and fraudulent e-commerce offers. The post Cybercriminals Exploit Valentines Day with Romance Scams, Phishing Attacks appeared first on Security Boulevard.

Scams

Scams Phishing Security Awareness Cybercrime

GUEST ESSAY: The rise of ‘PhaaS’ — and a roadmap to mitigate ‘Phishing-as-a-Service’

The Last Watchdog

SEPTEMBER 21, 2022

Cybersecurity is a top concern for individuals and businesses in the increasingly digital world. Phishing is one of the most common social engineering tactics cybercriminals use to target their victims. Phishing is one of the most common social engineering tactics cybercriminals use to target their victims. Rising popularity.

Phishing

Phishing Artificial Intelligence Cybercrime Social Engineering

COVID-19 Has United Cybersecurity Experts, But Will That Unity Survive the Pandemic?

Krebs on Security

APRIL 15, 2020

” Using threat intelligence feeds donated by dozens of cybersecurity companies, the CTC is poring over more than 100 million pieces of data about potential threats each day, running those indicators through security products from roughly 70 different vendors. . “I’ve never seen this volume of phishing,” Rogers told Reuters. “I

Cybersecurity

Cybersecurity Cyber threats Government Phishing

News alert: SpyCloud operationalizes darknet data, pioneers shift to holistic identity threat protection

The Last Watchdog

FEBRUARY 4, 2025

“The cybersecurity industry has spent years and billions of dollars securing accounts, but criminals have moved far beyond account-level access,” said Ted Ross, SpyClouds CEO and Co-Founder. SpyClouds innovative identity threat protection is about as important as it gets in cyber; identity is everything, said John N. .

Cybercrime

Cybercrime Phishing Accountability Malware

APWG’s eCrime 2021 Symposium Shows Cybercrime Evolving

Security Boulevard

DECEMBER 23, 2021

Cybercrime is here, it is dynamic and it is not going anywhere. The Anti-Phishing Working Group (APWG) hosted its 16th annual Electronic Crime Research symposium, APWG eCrime 2021 in early December. The post APWG’s eCrime 2021 Symposium Shows Cybercrime Evolving appeared first on Security Boulevard. The three tracks.

Cybercrime

Cybercrime Phishing Cybersecurity Social Engineering

Russian Cybersecurity Executive Arrested for Alleged Role in 2012 Megahacks

Krebs on Security

JUNE 29, 2023

Nikita Kislitsin , formerly the head of network security for one of Russia’s top cybersecurity firms, was arrested last week in Kazakhstan in response to 10-year-old hacking charges from the U.S. Department of Justice.

Cybersecurity

Cybersecurity Cybercrime Hacking Government

News alert: SpyCloud study shows Darknet identity exploitation arising to become a primary cyber risk

The Last Watchdog

MARCH 19, 2025

Attackers now have access to extensive identity data from multiple sourcesincluding data breaches, infostealer malware infections, phishing campaigns, and combolistsposing a challenge for organizations whose security measures have not yet adapted to address the full scope of interconnected identity exposures holistically.

Cyber Risk

Cyber Risk Risk Phishing Cybercrime

New advanced FIN7’s Anubis backdoor allows to gain full system control on Windows

Security Affairs

APRIL 2, 2025

FIN7 cybercrime group has been linked to Anubis, a Python-based backdoor that provides remote access to compromised Windows systems. Delivered via phishing and hosted on compromised SharePoint sites, it remains undetected by most antivirus solutions, posing a serious security risk.

Antivirus

Antivirus Cybercrime Malware Encryption

Interpol Operation Shuts Down 22,000 Malicious Servers

Security Boulevard

NOVEMBER 6, 2024

Interpol, other law enforcement agencies, and cybersecurity firms teamed up for Operation Synergia II, shutting down 22,000 malicious servers that supported ransomware, phishing, and other attacks and arresting 41 people connected to the cybercrime campaigns.

Cybercrime

Cybercrime Phishing Ransomware Cybersecurity

MUT-1244 Campaign Steals Hundreds of Thousands of WordPress Credentials and More

SecureWorld News

DECEMBER 17, 2024

Researchers at Datadog Security Labs have uncovered a year-long, large-scale cybercrime campaign by a threat actor tracked as MUT-1244. Simultaneously, a phishing campaign tricked targets into installing a fake kernel update. Follow SecureWorld News for more stories related to cybersecurity.

Phishing

Phishing Threat Detection Social Engineering Cybercrime

Cryptocurrencies and cybercrime: A critical intermingling

Security Affairs

APRIL 26, 2024

As cryptocurrencies have grown in popularity, there has also been growing concern about cybercrime involvement in this sector Cryptocurrencies have revolutionized the financial world, offering new investment opportunities and decentralized transactions.

Cryptocurrency

Cryptocurrency Cybercrime Education Scams

The Stark Truth Behind the Resurgence of Russia’s Fin7

Krebs on Security

JULY 10, 2024

The Russia-based cybercrime group dubbed “ Fin7 ,” known for phishing and malware attacks that have cost victim organizations an estimated $3 billion in losses since 2013, was declared dead last year by U.S. Among the new Fin7 domains Silent Push found are several sites phishing people seeking tickets at the Louvre.

Phishing

Phishing Cybercrime Malware Software

How Website Localization Strengthens Cybersecurity in Global Markets

SecureWorld News

FEBRUARY 4, 2025

Cybercrime has been steadily on the rise for the past years. This made the need for strengthening cybersecurity so apparent to everyone that U.S. The best approach one can adopt is always having cybersecurity at the forefront of their mind whichever aspect of their business they approach. Canada, and the U.K.,

Marketing

Marketing Cybersecurity eCommerce Data breaches

Security Affairs newsletter Round 496 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

NOVEMBER 3, 2024

Chinese threat actors use Quad7 botnet in password-spray attacks FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide PTZOptics cameras zero-days actively exploited in the wild New LightSpy spyware (..)

Cryptocurrency

Cryptocurrency Hacking Phishing Cyber Attacks

Are Cybersecurity Jobs in High Demand?

Hacker's King

OCTOBER 19, 2024

Cybersecurity has become one of the most critical fields in technology, ensuring that data, networks, and systems are protected from unauthorized access and malicious attacks. As cyber threats escalate, the demand for skilled professionals in cybersecurity is skyrocketing. trillion annually.

Cybersecurity

Cybersecurity Healthcare Cyber threats Government

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 1)

The Last Watchdog

DECEMBER 12, 2023

A look back at the cybersecurity landscape in 2023 rings all-too familiar: cyber threats rapidly evolved and scaled up , just as they have, year-to-year, for the past 20 years. Eyal Benishti , CEO, IRONSCALES Benishti Generative AI (GenAI) reshaped cybersecurity in 2023. The comments we received were uniformly insightful and helpful.

Cybersecurity

Cybersecurity Social Engineering Cyber threats Software

FBI: Compromised US academic credentials available on various cybercrime forums

Security Affairs

MAY 27, 2022

The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors to access their networks. Crooks obtain the information by conducting spear-phishing and ransomware attacks, or other means. ” reads the alert published by the FBI. Pierluigi Paganini.

Cybercrime

Cybercrime Education Accountability Phishing

FBI: Investment Scams Surpass BEC as Most Costly Cybercrime

SecureWorld News

MARCH 15, 2023

The FBI's Internet Crime Complaint Center (IC3) has released its 2022 Internet Crime Report , which reveals the trends and impacts of cybercrime in the United States. The report shows that phishing schemes were the most common type of cybercrime reported by victims in 2022, with 300,497 complaints.

Cybercrime

Cybercrime Scams Cryptocurrency Identity Theft

Top 10 Cybersecurity Trends to Expect in 2025

Hacker's King

DECEMBER 24, 2024

As the digital landscape evolves, cybersecurity remains a critical concern for businesses, governments, and individuals alike. With the advent of new technologies and rising cyber threats , 2025 promises significant shifts in the cybersecurity domain. YOU MAY ALSO WANT TO READ ABOUT: Can Cybersecurity Make You a Millionaire?

Cybersecurity

Cybersecurity Cyber Insurance IoT Insurance

U.S. Cybersecurity Agencies Warn of Scattered Spider's Gen Z Cybercrime Ecosystem

The Hacker News

NOVEMBER 16, 2023

cybersecurity and intelligence agencies have released a joint advisory about a cybercriminal group known as Scattered Spider that's known to employ sophisticated phishing tactics to infiltrate targets.

Social Engineering

Social Engineering Cybercrime Cybersecurity Engineering

Banshee macOS stealer supports new evasion mechanisms

Security Affairs

JANUARY 10, 2025

Check Point researchers discovered a new version of the Banshee macOS infostealer which is distributed through phishing websites and fake GitHub repositories, often masqueraded as popular software. The malicious code was advertised on cybercrime forums for $3,000 per month.

Malware

Malware Advertising Antivirus Cybercrime

GhostGPT: Uncensored Chatbot Used by Cyber Criminals for Malware Creation, Scams

Tech Republic Security

JANUARY 23, 2025

Researchers from Abnormal Security discovered an advert for the chatbot on a cybercrime forum and tested its capabilities by asking it to create a DocuSign phishing email.

Scams

Scams Cybercrime Malware Phishing

March Madness Meets Cyber Mayhem: How Cybercriminals Are Playing Offense this Season

SecureWorld News

MARCH 20, 2025

March Madness is here, and while fans are busy filling out brackets and making last-minute bets, cybercriminals are running their own full-court presstargeting unsuspecting fans with phishing scams, fake betting apps, and credential-harvesting schemes. This scenario follows the common phishing tactics: strike at personal interest.

Scams

Scams Social Engineering Mobile Phishing

The great Google Ads heist: criminals ransack advertiser accounts via fake Google ads

Malwarebytes

JANUARY 15, 2025

Table of contents Overview Criminals impersonate Google Ads Lures hosted on Google Sites Phishing for Google account credentials Victimology Who is behind these campaigns? Figure 12: The actual phishing page that follows Finally, all the data is combined with the username and password and sent to the remote server via a POST request.

Advertising

Advertising Accountability Phishing Scams

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

The Last Watchdog

APRIL 13, 2022

Additionally, there are also Russian cybercrime organizations that are not state-sponsored but are allowed to operate. Although there’s no one magic solution to eliminating cyberattacks and cybercrime risks, there are steps you can take to reduce the chances of becoming a victim. businesses called #ShieldsUp. The efficacy of hygiene.

Cybersecurity

Cybersecurity Cybercrime Education Government

Zero-day broker Operation Zero offers up to $4 million for Telegram exploits

Security Affairs

MARCH 21, 2025

Law Enforcement and Cybercrime Control Russian authorities may want to monitor criminal organizations, opposition groups, or foreign entities using Telegram. Gaining access without cooperation from Telegram itself could be highly valuable. The ban does not affect Ukrainian citizens. continues the announcement.

Government

Government Surveillance Mobile Hacking

Disneyland Malware Team: It’s a Puny World After All

Krebs on Security

NOVEMBER 16, 2022

A financial cybercrime group calling itself the Disneyland Team has been making liberal use of visually confusing phishing domains that spoof popular bank brands using Punycode , an Internet standard that allows web browsers to render domain names with non-Latin alphabets like Cyrillic. com — which was created to phish U.S.

Malware

Malware Banking Phishing DDOS

A Day in the Life of a Prolific Voice Phishing Crew

News alert: SpyCloud accelerates supply chain risk analysis with new ‘IDLink’ correlation capability

Trending Sources

Operation Heart Blocker: International Police Disrupt Phishing Network

CrowdStrike 2025 Global Threat Report: 51-Second Breaches Shake Cybercrime

Gmail Under Siege: FBI Warns of Unusual AI-Driven Phishing Attacks

U.S. Justice Department Cracks Down on Scattered Spider Phishing Ring

Russian Phobos ransomware operator faces cybercrime charges

WordPress Plugin Exploited to Turn Legitimate Sites Into Phishing Traps

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

The Cost of Cybercrime

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

US, European Law Enforcement Shut Down Cybercrime-Friendly VPN Services

Canadian Man Arrested in Snowflake Data Extortions

FBI: Spike in Hacked Police Emails, Fake Subpoenas

A Year Later, Cybercrime Groups Still Rampant on Facebook

New ‘Lucid’ Phishing Platform Abuses iMessage, Android RCS to Slip Past Defenses

This AI-Powered Cybercrime Service Bundles Phishing Kits with Malicious Android Apps

Cybercriminals Exploit Valentine’s Day with Romance Scams, Phishing Attacks

GUEST ESSAY: The rise of ‘PhaaS’ — and a roadmap to mitigate ‘Phishing-as-a-Service’

COVID-19 Has United Cybersecurity Experts, But Will That Unity Survive the Pandemic?

News alert: SpyCloud operationalizes darknet data, pioneers shift to holistic identity threat protection

APWG’s eCrime 2021 Symposium Shows Cybercrime Evolving

Russian Cybersecurity Executive Arrested for Alleged Role in 2012 Megahacks

News alert: SpyCloud study shows Darknet identity exploitation arising to become a primary cyber risk

New advanced FIN7’s Anubis backdoor allows to gain full system control on Windows

Interpol Operation Shuts Down 22,000 Malicious Servers

MUT-1244 Campaign Steals Hundreds of Thousands of WordPress Credentials and More

Cryptocurrencies and cybercrime: A critical intermingling

The Stark Truth Behind the Resurgence of Russia’s Fin7

How Website Localization Strengthens Cybersecurity in Global Markets

Security Affairs newsletter Round 496 by Pierluigi Paganini – INTERNATIONAL EDITION

Are Cybersecurity Jobs in High Demand?

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 1)

FBI: Compromised US academic credentials available on various cybercrime forums

FBI: Investment Scams Surpass BEC as Most Costly Cybercrime

Top 10 Cybersecurity Trends to Expect in 2025

U.S. Cybersecurity Agencies Warn of Scattered Spider's Gen Z Cybercrime Ecosystem

Banshee macOS stealer supports new evasion mechanisms

GhostGPT: Uncensored Chatbot Used by Cyber Criminals for Malware Creation, Scams

March Madness Meets Cyber Mayhem: How Cybercriminals Are Playing Offense this Season

The great Google Ads heist: criminals ransack advertiser accounts via fake Google ads

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

Zero-day broker Operation Zero offers up to $4 million for Telegram exploits

Disneyland Malware Team: It’s a Puny World After All

Stay Connected