Event, Identity Theft and Social Engineering

National Consumer Protection Week: Keeping your personal data safe in a digitally connected world

Webroot

MARCH 3, 2025

The event is sponsored by the Federal Trade Commission (FTC), and other participating agencies include the Federal Deposit Insurance Corporation (FDIC), AARP , and the Better Business Bureau (BBB). Millions of customers were put at risk when their social security numbers, phone numbers, and other sensitive personal information were leaked.

Consumer Protection

Consumer Protection Identity Theft Scams Social Engineering

Confessions of an ID Theft Kingpin, Part I

Krebs on Security

AUGUST 26, 2020

At the height of his cybercriminal career, the hacker known as “ Hieupc ” was earning $125,000 a month running a bustling identity theft service that siphoned consumer dossiers from some of the world’s top data brokers. Ngo’s former identity theft service, superget[.]info. Secret Service.

Identity Theft

Identity Theft Computers and Electronics Hacking Accountability

Electronic payment gateway Slim CD disclosed a data breach impacting 1.7M individuals

Security Affairs

SEPTEMBER 9, 2024

The company notified federal law enforcement regarding the event and launched an investigation into the incident with the help of a third-party specialist. Card verification numbers (CVV) were not exposed, however, threat actors can obtain them from cardholders through social engineering attacks.

Data breaches

Data breaches Identity Theft Computers and Electronics Social Engineering

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Experts warn of the new sophisticate Crocodilus mobile banking Trojan

Security Affairs

MARCH 29, 2025

The malware also supports advanced keylogger capabilities by capturing all Accessibility events and screen elements. Overlay Attacks: Checks for available overlays targeting installed applications, typically for credential theft. Notifications & Social Engineering: Posts fake push notifications to trick users.

Banking

Banking Mobile Identity Theft Malware

Don’t use AI-based apps, Philippine defense ordered its personnel

Security Affairs

OCTOBER 23, 2023

Teodoro ordered “to refrain from using AI photo generator applications and practice vigilance in sharing information online” At this time, it remains unclear whether the order was issued in response to a specific event or to address potential attacks aimed at exploiting the data collected by these applications.

Identity Theft

Identity Theft Social Engineering Data collection Risk

MY TAKE: What NortonLifeLock’s $8 billion buyout of Avast portends for consumer security

The Last Watchdog

AUGUST 18, 2021

Mellen: This deal seems to be betting on the importance of offering a consolidated consumer security portfolio that incorporates identity theft protection, antivirus, and other security tools like VPNs. Also, one of the top ways attackers can target individuals is via social engineering or phishing.

Antivirus

Antivirus Marketing Identity Theft Social Engineering

GUEST ESSAY: A new year, a familiar predicament — consumers face intensifying cybersecurity risks

The Last Watchdog

JANUARY 3, 2023

For instance, phishing, one of the most common, is a social engineering attack used to steal user data. Even events like the World Cup are being used by cyber criminals to target unsuspecting victims through things like fake streaming sites designed to steal private information. Cybercriminals often target the young.

Risk

Risk Cybersecurity Antivirus Phishing

Email compromise leads to healthcare data breach at Kaiser Permanente

Malwarebytes

JUNE 15, 2022

From the breach notice: After discovering the event, we quickly took steps to terminate the unauthorized party’s access to the employee’s emails. The lurking menace of social engineering. There’s also another issue: data stolen in breaches like this can be used for future social engineering attacks.

Healthcare

Healthcare Data breaches Social Engineering Identity Theft

What is Digital Identity?

Identity IQ

FEBRUARY 18, 2021

When you share your thoughts and life events on social media, it allows you to connect with family and friends. The following vectors represent some of the most common ways a criminal could gain access to your accounts and is also known as an account takeover : Social Engineering. population vulnerable to identity theft.

Identity Theft

Identity Theft Passwords Data breaches Scams

You’ve Never Heard of the C-Suite Targeting Scam, but It’s a Killer

Adam Levin

MARCH 16, 2020

That is exponentially more expensive than other cyber events. With the W2 variety, a citizen of the c-suite requests all the W2s from human resources or accounting–thereby collecting a rich file of personally identifiable information that can be used to commit tax-related fraud as well as all stripe of identity theft.

Scams

Scams Identity Theft Phishing Accountability

LinkedIn Hack is Scraped Data, Company Claims

eSecurity Planet

JUNE 30, 2021

What’s more, Hodson observed, the email addresses and phone numbers in the leak can easily be leveraged for email or phone scams, spam campaigns, and identity theft. ” Based on the events of the past few months, it appears those defenses are insufficient. ” LinkedIn’s Response. “Bottom line? .

Hacking

Hacking Social Engineering Identity Theft Data breaches

Penetration Testing Remote Workers

SecureWorld News

JUNE 28, 2020

The information can then be used to access other accounts associated with the individual, install malware, initiate a ransomware infection, or conduct identity theft impacting the business. SMishing is social engineering in the form of SMS text messages. Social media. Remote access. Remote Access.

Penetration Testing

Penetration Testing Social Engineering VPN Phishing

Cybercriminals Are Targeting AI Conversational Platforms

Security Affairs

OCTOBER 9, 2024

Another important aspect is whether the collected user input will be retained for further training and whether such data will later be sanitized to minimize the disclosure of PII (Personally Identifiable Information) and other data that may impact user privacy in the event of a breach.

Social Engineering

Social Engineering Risk Identity Theft Technology

RockYou2024: The Largest Password Compilation (10 Billion) Ever Leaked

SecureWorld News

JULY 8, 2024

For individual users, the exposure of passwords means an increased risk of account takeovers, identity theft, and fraud. A privileged access management (PAM) platform is essential for managing and securing privileged credentials, ensuring least privilege access and preventing lateral movement in the event of a breach."

Passwords

Passwords Password Management Education Accountability

Disney's Slack Breached, Sensitive Data Leaked by Hackers

SecureWorld News

JULY 16, 2024

Similarly, the exposure of proprietary studio technology discussions could lead to intellectual property theft, compromising Disney's innovative edge. Unauthorized access to personal data can lead to identity theft, fraud, and other malicious activities, impacting individuals who entrusted Disney with their information.

Data breaches

Data breaches Identity Theft Phishing Social Engineering

Strong Authentication – Robust Identity and Access Management Is a Strategic Choice

Security Affairs

JULY 29, 2022

The IAM Security Boundary Strong authentication is a critical component of modern-day identity and access management. Reduce identity theft from phishing and other social engineering schemes. MFA allows you to: Protect against the compromise made possible by weak passwords.

Authentication

Authentication Passwords Data privacy Identity Theft

Hijacking Azure Machine Learning Notebooks (via Storage Accounts)

NetSpi Technical

JANUARY 8, 2025

If youre curious about exfiltrating Managed Identity tokens from other Azure services, check out the NetSPI Presentation Identity Theft is Not a Joke, Azure! Attacks here could include running arbitrary Az CLI commands, generating user and Managed Identity tokens, or misusing compute resources 4. on YouTube.

Accountability

Accountability Authentication Identity Theft Social Engineering

Scammers Exploit Canada Post Strike with Fraud Campaigns

SecureWorld News

DECEMBER 6, 2024

It collects information and criminal intelligence on matters such as mass marketing fraud, advance fee fraud, internet fraud, and identity theft complaints. Individuals are more susceptible to social engineering manipulation when they are pressed for urgent action.

Scams

Scams Identity Theft Phishing Social Engineering

How Hackers Evade Detection

eSecurity Planet

APRIL 8, 2022

This is where EDR and UEBA can identify unwanted modifications in security policies and unusual events – but watch for attempts to bypass EDR systems too. keystrokes, screenshots, confidential information) to identity theft and malware distribution. All have associated registry entries that can be modified.

Antivirus

Antivirus Malware Identity Theft Software

Ransomware and Cyber Extortion in Q3 2024

Digital Shadows

OCTOBER 14, 2024

Together, they use native English speakers to execute sophisticated social engineering operations, contributing significantly to their newfound dominance. To counter these methods, organizations should prioritize educating users on phishing and social engineering techniques. compared to Q3 2023.

Ransomware

Ransomware Social Engineering Insurance Cyber Insurance

Research partnership to examine how fraudsters abuse financial tech innovations

SC Magazine

JULY 2, 2021

Moreover, it will look at cybercriminal activities related to circumventing identity and authentication mechanisms for these innovations, including the development of synthetic identities, identity theft and account takeovers. Perhaps the researchers may even uncover schemes that were previously unknown or underreported.

Financial Services

Financial Services Banking Identity Theft Media

Watch Out for These Summer Break Scams

Security Through Education

MAY 21, 2024

Clicking on any links or downloading attachments within these emails can lead to malware infections, identity theft, or financial loss. Fake Event Tickets and Excursions: Summer brings a plethora of events, concerts, and outdoor excursions, making it prime time for scammers to peddle counterfeit tickets or fraudulent tour packages.

Scams

Scams Identity Theft Advertising Phishing

Social Media Botnets – Hackers leveraging bots for large-scale attacks.

Hacker's King

OCTOBER 3, 2024

Brands and individuals often exploit these bots to boost their online presence, giving the illusion of popularity and influence, while others may use them for more malicious activities like spreading disinformation or executing large-scale social engineering attacks.

Media

Media Social Engineering Marketing Scams

Websites repeatedly stalked by fraudulent copycats, say researchers

SC Magazine

JULY 13, 2021

Digital Shadows reports that out of its total client base, businesses operating in the financial services, food and beverage, technology, health care, and insurance verticals were responsible for nearly half of all total risk events observed. “We

Phishing

Phishing Identity Theft Social Engineering Technology

How Bad Actors Exploit World Tragedy

Security Through Education

DECEMBER 5, 2023

From natural disasters to global pandemics and geopolitical conflicts, we have all witnessed events that shake us to our core. The personal information collected could then be used to fraudulently bill federal health care programs and commit medical identity theft. The world is no stranger to tragedy.

Scams

Scams Identity Theft Media Social Engineering

It’s a Holiday Security Breach Blowout

SiteLock

AUGUST 27, 2021

Three breach notices in one week could have been an upsetting event. Spear phishing is an advanced social engineering technique where a person at an organization, the mark, is targeted with trojaned messages or files that include accurate, if not personal, information regarding the target org.

Data breaches

Data breaches Passwords Identity Theft Firewall

Top 5 Industries Most Vulnerable to Data Breaches in 2023

Security Boulevard

JUNE 26, 2023

Unfortunately, the increasing reliance on digital systems and capabilities has also attracted an ever-growing number of malicious actors seeking to defraud businesses through phishing , social engineering , or ransomware attacks. The end result of these types of cyber attacks are often highly public and damaging data breaches.

Data breaches

Data breaches Healthcare Telecommunications Financial Services

5 Critical Threat Actors You Need to Know About

Digital Shadows

OCTOBER 29, 2024

Among these experienced affiliates is the “Scattered Spider” group, known for its custom tools and advanced social engineering skills, which helped RansomHub become the most active ransomware group in Q3 2024 (see Figure 1). BACKDOOR.MESSAGETAP, DEADLYSIGN) and legitimate tools like Cobalt Strike and Metasploit.

Ransomware

Ransomware Encryption Technology Malware

How to Prevent Data Leaks

Spinone

NOVEMBER 30, 2018

In March 2014, hackers used login information leaked by eBay employees to access sensitive user data of 145 million customers , putting these users at risk of identity theft, password theft and phishing risks. The breach was not fully disclosed until September 2016.

Data breaches

Data breaches Passwords Backups Accountability

5 Critical Threat Actors You Need to Know About

Digital Shadows

OCTOBER 29, 2024

Among these experienced affiliates is the “Scattered Spider” group, known for its custom tools and advanced social engineering skills, which helped RansomHub become the most active ransomware group in Q3 2024 (see Figure 1). BACKDOOR.MESSAGETAP, DEADLYSIGN) and legitimate tools like Cobalt Strike and Metasploit.

Ransomware

Ransomware Encryption Technology Malware

The Credential Abuse Cycle: Theft, Trade, and Exploitation

Digital Shadows

NOVEMBER 5, 2024

This can lead to account takeover, identity theft, financial loss, and data breaches. This indicates that threat actors are undeterred by recent events and still using the platform. The attacker likely obtained the SSN from a previous data breach, highlighting the risk of using static information for identity verification.

Passwords

Passwords Accountability Data breaches Marketing

The Credential Abuse Cycle: Theft, Trade, and Exploitation

Digital Shadows

NOVEMBER 5, 2024

This can lead to account takeover, identity theft, financial loss, and data breaches. This indicates that threat actors are undeterred by recent events and still using the platform. The attacker likely obtained the SSN from a previous data breach, highlighting the risk of using static information for identity verification.

Passwords

Passwords Accountability Data breaches Marketing

ID theft ghouls targeting Surfside victims is appalling, but no surprise

Malwarebytes

JULY 21, 2021

We’ve written at length about account compromise and identity theft , and how criminals will often hijack accounts belonging to dead people. In many ways, it’s the perfect crime for anyone indulging in social engineering. Digging into identity theft. ” Preventing identity theft.

Identity Theft

Identity Theft Social Engineering Accountability Scams

3 Steps to Prevent a Case of Compromised Credentials

Duo's Security Blog

MAY 23, 2023

The answer, like most other cybersecurity-adjacent answers, lies in a combination of factors including social engineering , weak passwords, and other risky security moves or attacks. What to do when your credentials are compromised How are credentials compromised in the first place? As a result, about 3.9

Authentication

Authentication Passwords Data breaches Phishing

GUEST ESSAY. Everyone should grasp these facts about cyber threats that plague digital commerce

The Last Watchdog

FEBRUARY 28, 2021

Cybercriminals often leverage social engineering tactics like phishing and spear-phishing to propagate sophisticated malware. Cybercriminals can utilize the botnet to carry out malicious activities, such as phishing, identity theft and bypassing security to access private networks. Less common types.

Cyber threats

Cyber threats Computers and Electronics Adware Spyware

The Most Common Types of Malware in 2021

CyberSecurity Insiders

JANUARY 31, 2021

Cybercriminals often leverage social engineering tactics like phishing and spear-phishing to propagate sophisticated malware. Cybercriminals can utilize the botnet to carry out malicious activities, such as phishing, identity theft and bypassing security to access private networks. Less Common Types of Malware.

Malware

Malware Computers and Electronics Adware Spyware

Privacy predictions 2023

SecureList

NOVEMBER 28, 2022

We think the geopolitical and economic events of 2022, as well as new technological trends, will be the major factors influencing the privacy landscape in 2023. Companies will fight the human factor in cybersecurity to curb insider threat and social engineering to protect user data.

Insurance

Insurance Social Engineering IoT Data breaches

Spam and phishing in 2022

SecureList

FEBRUARY 16, 2023

The scheme likely aimed at identity theft: the illegal use of others’ personal details for deriving profit. The “giveaways” were timed to coincide with events that were directly or indirectly associated with cryptocurrency. The 2022 geopolitical crisis was no exception.

Phishing

Phishing Scams Accountability Energy and Utilities

National Consumer Protection Week: Keeping your personal data safe in a digitally connected world

Confessions of an ID Theft Kingpin, Part I

Webinars

Trending Sources

Electronic payment gateway Slim CD disclosed a data breach impacting 1.7M individuals

Webinars

Experts warn of the new sophisticate Crocodilus mobile banking Trojan

Don’t use AI-based apps, Philippine defense ordered its personnel

MY TAKE: What NortonLifeLock’s $8 billion buyout of Avast portends for consumer security

GUEST ESSAY: A new year, a familiar predicament — consumers face intensifying cybersecurity risks

Email compromise leads to healthcare data breach at Kaiser Permanente

What is Digital Identity?

You’ve Never Heard of the C-Suite Targeting Scam, but It’s a Killer

LinkedIn Hack is Scraped Data, Company Claims

Penetration Testing Remote Workers

Cybercriminals Are Targeting AI Conversational Platforms

RockYou2024: The Largest Password Compilation (10 Billion) Ever Leaked

Disney's Slack Breached, Sensitive Data Leaked by Hackers

Strong Authentication – Robust Identity and Access Management Is a Strategic Choice

Hijacking Azure Machine Learning Notebooks (via Storage Accounts)

Scammers Exploit Canada Post Strike with Fraud Campaigns

How Hackers Evade Detection

Ransomware and Cyber Extortion in Q3 2024

Research partnership to examine how fraudsters abuse financial tech innovations

Watch Out for These Summer Break Scams

Social Media Botnets – Hackers leveraging bots for large-scale attacks.

Websites repeatedly stalked by fraudulent copycats, say researchers

How Bad Actors Exploit World Tragedy

It’s a Holiday Security Breach Blowout

Top 5 Industries Most Vulnerable to Data Breaches in 2023

5 Critical Threat Actors You Need to Know About

How to Prevent Data Leaks

5 Critical Threat Actors You Need to Know About

The Credential Abuse Cycle: Theft, Trade, and Exploitation

The Credential Abuse Cycle: Theft, Trade, and Exploitation

ID theft ghouls targeting Surfside victims is appalling, but no surprise

3 Steps to Prevent a Case of Compromised Credentials

GUEST ESSAY. Everyone should grasp these facts about cyber threats that plague digital commerce

The Most Common Types of Malware in 2021

Privacy predictions 2023

Spam and phishing in 2022

Stay Connected