Krebs on Security

NOVEMBER 3, 2020

Bryan hijacked social media and bitcoin accounts using a mix of voice phishing or “ vishing ” attacks and “ SIM swapping ,” a form of fraud that involves bribing or tricking employees at mobile phone companies. Milleson , 21 of Timonium, Md. and 19-year-old Kingston, Pa. resident Kyell A.

Scams 345

Scams Wireless Identity Theft Mobile 345

Security Affairs

FEBRUARY 3, 2025

The Russian-speaking Crazy Evil group runs over 10 social media scams, tricking victims into installing StealC, AMOS, and Angel Drainer malware. Since 2021, the Crazy Evil gang has become a major cybercriminal group, using phishing, identity fraud, and malware to steal cryptocurrency. ” reads the report published by Insikt Group.

Scams 84

Scams Media Cryptocurrency Cybercrime 84

Krebs on Security

MAY 30, 2023

A number of Discord communities focused on cryptocurrency have been hacked this past month after their administrators were tricked into running malicious Javascript code disguised as a Web browser bookmark. “I’ve seen all kinds of crypto scams, but I’ve never seen one like this.”

Hacking 345

Hacking Accountability Scams Cryptocurrency 345

Krebs on Security

AUGUST 28, 2020

Email service provider Sendgrid is grappling with an unusually large number of customer accounts whose passwords have been cracked, sold to spammers, and abused for sending phishing and email malware attacks.

Accountability 362

Accountability Hacking Authentication Marketing 362

The Last Watchdog

DECEMBER 16, 2024

Part two of a four-part series The explosion of AI-driven phishing, insider threats, and business logic abuse has forced a shift toward more proactive, AI-enhanced defenses. Meanwhile, while business logic hacks, supply chain holes, and cyber extortion continue to loom large. Attackers arent hacking in theyre logging in.

Cyber threats 264

Cyber threats CISO IoT Phishing 264

Krebs on Security

FEBRUARY 3, 2022

The trouble is, there’s little to stop criminals from leveraging newly registered or hacked LinkedIn business accounts to create their own ad campaigns using Slinks. This search via Urlscan reveals dozens of recent phishing attacks that have leveraged the Slinks feature. Urlscan also found this phishing scam from Jan.

Phishing 360

Phishing Marketing Scams Accountability 360

Security Affairs

DECEMBER 2, 2024

Operation HAECHI V (July-Nov 2024) targeted cyber frauds like phishing, romance scams, sextortion, investment fraud, online gambling, BEC, and e-commerce fraud. Korean and Chinese authorities dismantled a voice phishing syndicate that caused $1.1B in losses to 1,900+ victims. The operation led to 27 arrests and 19 indictments.

Cryptocurrency 127

Cryptocurrency Phishing Scams Cybercrime 127

SecureList

DECEMBER 6, 2022

There are two main types of online fraud aimed at stealing user data and money: phishing and scams. The history of scams and phishing. The term “phishing” was coined back in 1996, when cybercriminals attacked users of America Online (AOL), the largest internet provider at that time.

Scams 134

Scams Phishing Social Engineering Banking 134

Security Affairs

APRIL 7, 2025

A campaign named PoisonSeed uses stolen CRM and bulk email credentials to send crypto seed scams, aiming to empty victims’ digital wallets. PoisonSeed threat actors created convincing phishing pages for CRM and email platforms like Mailchimp and SendGrid. The scheme mimics security steps to mislead users into self-compromising.

Scams 73

Scams Cryptocurrency Phishing Cybercrime 73

Malwarebytes

JANUARY 15, 2025

Table of contents Overview Criminals impersonate Google Ads Lures hosted on Google Sites Phishing for Google account credentials Victimology Who is behind these campaigns? Some of those hacked accounts already had hundreds of other legitimate ads running, and one of them was for a popular Taiwanese electronics company.

Advertising 132

Advertising Accountability Phishing Scams 132

Krebs on Security

AUGUST 17, 2023

You’ve probably never heard of “ 16Shop ,” but there’s a good chance someone using it has tried to phish you. A 16Shop phishing page spoofing Apple and targeting Japanese users. The INTERPOL statement says the platform sold hacking tools to compromise more than 70,000 users in 43 countries.

Phishing 233

Phishing Passwords Hacking Internet 233

Security Affairs

NOVEMBER 21, 2024

The cybercrime group Scattered Spider is suspected of hacking into hundreds of organizations over the past two years, including Twilio , LastPass , DoorDash , and Mailchimp. Between September 2021 and April 2023, the hackers carried out phishing attacks to steal login credentials from employees of 12 companies and individuals.

Cybercrime 110

Cybercrime Identity Theft Cryptocurrency Phishing 110

Krebs on Security

JULY 29, 2021

Our continued reliance on passwords for authentication has contributed to one toxic data spill or hack after another. TARGETED PHISHING. The targeted phishing message that went out to classicfootballshirts.co.uk So hopefully by this point it should be clear why re-using passwords is generally a bad idea. customers this month.

Passwords 363

Passwords Password Management Phishing Scams 363

Adam Levin

NOVEMBER 17, 2020

Here are 50 ways to avoid getting scammed on Black Friday — and beyond. Popular browsers, like Safari or Firefox, frequently issue updates to protect against scams. Conduct a password audit before you start your holiday shopping — and after, to decrease the odds of getting hacked after the holiday season is over.

Scams 243

Scams Retail Banking Passwords 243

Adam Levin

JULY 24, 2020

Barely a day goes by without news of an elite hacking team creating a more stealth exploit– malware , elaborate spear-phishing attacks, trojans, and a killer array of ransomware that can take factories and other organizations offline, or even hobble entire cities. Cyberattacks are constantly getting more sophisticated.

Hacking 237

Hacking Phishing Risk Accountability 237

CyberSecurity Insiders

JANUARY 25, 2023

United States Cybersecurity and Infrastructure Security Agency (CISA) along with two other agencies; National Security Agency (NSA) and Multi-State Information Sharing and Analysis Center (MS-ISAC) have issued a warning to federal agencies against a phishing scam taking place through Remote Monitoring and Management (RMM) Software.

Scams 134

Scams Software Phishing Social Engineering 134

Security Affairs

JANUARY 10, 2025

CrowdStrike warns of a phishing campaign that uses its recruitment branding to trick recipients into downloading a fake application, which finally installs the XMRig cryptominer. ” The attack begins with a phishing email impersonating CrowdStrike recruitment, directing recipients to a malicious website.”

Phishing 113

Phishing Scams Malware Authentication 113

Security Affairs

APRIL 21, 2022

Threat intelligence firm Resecurity details how crooks are delivering IRS tax scams and phishing attacks posing as government vendors. The identified phishing e-mail warned the victims about overdue payments to the IRS, which should then be paid via PayPal, the e-mail contained an HTML attachment imitating an electronic invoice.

Scams 130

Scams Phishing Government Passwords 130

Malwarebytes

JULY 28, 2021

And while actual, measurable cyberrattacks and hacks surrounding The Olympics did not truly get rolling until 2008 in Beijing, The Olympic games have traditionally been quite the target for malicious acts of all kinds, dating back years. It was also the first major Olympics event where organizers braced for hacking related impact.

Scams 143

Scams Hacking Malware Mobile 143

SecureList

JULY 5, 2023

Hot wallets and attempts at hacking them A hot wallet is a cryptocurrency wallet with permanent access to the internet. Hence, cybercriminals have little motivation to invest heavily into phishing campaigns, and so, techniques used in email attacks on hot wallets are hardly ever original or complex.

Scams 131

Scams Phishing Cryptocurrency Social Engineering 131

Tech Republic Security

MARCH 26, 2020

Cybercriminals may be staying home, but they're not taking a break from phishing attempts and password hacking during the coronavirus outbreak.

Scams 218

Scams Phishing Passwords Malware 218

Krebs on Security

AUGUST 19, 2020

The COVID-19 epidemic has brought a wave of email phishing attacks that try to trick work-at-home employees into giving away credentials needed to remotely access their employers’ networks. The employee phishing page bofaticket[.]com. Image: urlscan.io.

Phishing 363

Phishing VPN Social Engineering Media 363

eSecurity Planet

APRIL 2, 2025

The hack, attributed to a cybercriminal operating under the alias GHNA, occurred when the attacker accessed a system used by Samsungs German customer service. According to cybersecurity firm Hudson Rock, the hack was made possible by a set of stolen credentials compromised in 2021. How can malicious actors exploit this?

Identity Theft 122

Identity Theft Cybersecurity Scams Accountability 122

Security Affairs

FEBRUARY 2, 2025

A joint law enforcement operation led to the seizure of 39 domains tied to a Pakistan-based HeartSender cybercrime group (aka Saim Raza and Manipulators Team) known for selling hacking and fraud tools. The HeartSender group has sold phishing tools to criminals since 2020, causing over $3 million in U.S.

Cybercrime 109

Cybercrime Advertising Phishing Hacking 109

SecureList

AUGUST 14, 2023

Examples include automation with phishing kits or Telegram bots. Another tactic, popular with scammers big and small, phishers included, is hacking websites and placing malicious content on those, rather than registering new domains. What sites get hacked the most Abandoned websites end up captured by cybercriminals fairly often.

Phishing 98

Phishing Hacking Banking Scams 98

Malwarebytes

MARCH 20, 2025

In this blog post, we detail how fraudsters are taking an indirect approach to hacking Google advertisers and by the same token likely gaining access to Semrush accounts. With 40% of Fortune 500 companies and 117,000 paying customers relying on Semrush, the platform presents a highly attractive target for online criminals.

Scams 64

Scams Accountability Phishing Advertising 64

SecureList

APRIL 5, 2023

They have become adept at using Telegram both for automating their activities and for providing various services — from selling phishing kits to helping with setting up custom phishing campaigns — to all willing to pay. ” Links to the channels are spread via YouTube, GitHub and phishing kits they make.

Phishing 144

Phishing Marketing Scams Accountability 144

Hacker's King

DECEMBER 28, 2024

Data breaches and account hacks are a growing concern for users, especially with the personal and professional information shared on the platform. If youre worried about your Instagram account being hacked , it's essential to take proactive steps to protect your data. Revoke access to any app you no longer use or trust.

Data breaches 52

Data breaches Hacking Passwords Accountability 52

Jane Frankland

JANUARY 19, 2025

While this might protect our mental bandwidth, and in some cases help us avoid hacking attempts via exhaustion tactics, it also has unintended consequenceswhen it comes to cybersecurity. Mistrust in Communication: With the rise of spam, scams, and misinformation, people are becoming more skeptical of digital communication.

Cybersecurity 130

Cybersecurity Technology Scams Risk 130

SecureBlitz

NOVEMBER 22, 2023

Learn how to spot and stop phishing scams in this post. Just lately, thousands of people are falling victim to Instagram hacks relating to forex and money making – people have no way of getting their accounts back. Dangers hide behind every digital corner.

Scams 98

Scams Phishing Accountability Hacking 98

The Last Watchdog

JUNE 9, 2022

And, let’s be honest , the deceptive writing phishing assaults and other cyber threats today employ are skilled enough to fool even the most trained, internet-savvy experts. That said, here are what I consider to be the Top 5 online threats seniors face today: •Computer tech support scams. Ever present threats.

Identity Theft 274

Identity Theft Scams Insurance Internet 274

Security Affairs

NOVEMBER 25, 2024

These attacks aim at spreading malware by including malicious links that infect devices, phish information by tricking users into sharing personal or financial data, and causing disruptions by overwhelming networks or targeting individuals with spam.

Mobile 124

Mobile Scams Technology Telecommunications 124

Krebs on Security

MARCH 25, 2020

government properties and phishing pages. Here’s a sobering statistic: According to PhishLabs , by the end of 2019 roughly three-quarters (74 percent) of all phishing sites were using SSL certificates. The truth is anyone can get an SSL certificate for free, and that’s a big reason why most phishing sites now have them.

Government 341

Government Phishing Encryption Scams 341

SecureList

JUNE 10, 2024

Unfortunately, its popularity has spurred on the development of many methods to hack or bypass it that keep evolving and adapting to current realities. The particular hack scheme depends on the type of 2FA that it targets. Malicious actors can obtain OTPs in a variety of ways including complex, multi-stage hacks.

Phishing 145

Phishing Banking Social Engineering Accountability 145

Schneier on Security

APRIL 7, 2020

This makes the data more likely to be hacked and stolen. Here are some examples of what's been observed in the past few days: Doubling of email phishing attempts. For the last couple of months coronavirus-themed malware and phishing scams have been on the rise.

Cybersecurity 274

Cybersecurity VPN Scams Phishing 274

Security Affairs

DECEMBER 3, 2021

Threat actors have started to exploit the interest in the Omicron COVID-19 variant and are using it as a lure in phishing campaigns. Crooks have already started exploiting the interest in the Omicron COVID-19 variant and are using it as a lure in phishing attacks. SecurityAffairs – hacking, Omicron COVID-19).

Phishing 134

Phishing Scams Banking Consumer Protection 134

The Hacker News

FEBRUARY 17, 2025

We cover everything from device code phishing to cloud exploits, breaking down the technical details into simple, easy-to-follow insights. Threat of the Week Russian Threat Actors Leverage Device Code Phishing to Hack

Hacking 118

Hacking Scams Phishing Cyber Attacks 118