Krebs on Security

JANUARY 7, 2025

Before we get to the Apple scam in detail, we need to revisit Tony’s case. The Owner: The phishing panel owner, who will frequently listen in on and participate in scam calls. The phishing domain used to steal roughly $4.7 million in cryptocurrencies from Tony was verify-trezor[.]io.

Phishing 338

Phishing Cryptocurrency Accountability Social Engineering 338

Krebs on Security

JULY 29, 2021

Our continued reliance on passwords for authentication has contributed to one toxic data spill or hack after another. And as the phishing examples above demonstrate, many of today’s phishing scams use elements from hacked databases to make their lures more convincing. Urgency should be a giant red flag. Take a deep breath.

Passwords 363

Passwords Password Management Phishing Scams 363

Krebs on Security

FEBRUARY 3, 2022

The trouble is, there’s little to stop criminals from leveraging newly registered or hacked LinkedIn business accounts to create their own ad campaigns using Slinks. Urlscan also found this phishing scam from Jan. Here’s the very first Slink created: [link] which redirects to the homepage for LinkedIn Marketing Solutions.

Phishing 358

Phishing Marketing Scams Accountability 358

Krebs on Security

NOVEMBER 2, 2023

One of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure. Most reshipping scams promise employees a monthly salary and even cash bonuses. The login page for the criminal reshipping service SWAT USA Drop.

Cybercrime 326

Cybercrime Marketing Scams Retail 326

Krebs on Security

FEBRUARY 28, 2024

In a post to its Twitter/X account last month, Signum Capital warned that a fake profile pretending to be their employee Mr. Lee was trying to scam people on Telegram. Those domains indicate this North Korean hacking group is hiding behind a number of phony crypto firms, like the six-month-old website for Cryptowave Capital (cryptowave[.]capital).

Malware 325

Malware Cryptocurrency Software Phishing 325

Krebs on Security

SEPTEMBER 2, 2021

Some of the most successful and lucrative online scams employ a “low-and-slow” approach — avoiding detection or interference from researchers and law enforcement agencies by stealing small bits of cash from many people over an extended period.

Accountability 342

Accountability Authentication Passwords Hacking 342

Krebs on Security

MAY 18, 2020

Almost daily now there is news about flaws in commercial software that lead to computers getting hacked and seeded with malware. But the reality is most malicious software also has its share of security holes that open the door for security researchers or ne’er-do-wells to liberate or else seize control over already-hacked systems.

Malware 348

Malware Cybercrime Ransomware Marketing 348

Krebs on Security

NOVEMBER 23, 2018

‘Tis the season when even those who know a thing or two about Internet scams tend to let down their guard in the face of an eye-popping discount or the stress of last-minute holiday shopping. Even people who shop mainly at big-name online stores can get scammed if they’re not wary of too-good-to-be-true offers.

Scams 279

Scams Wireless Phishing Banking 279

Krebs on Security

MAY 5, 2021

After a user logs in, the link prompts them to install a malicious but innocuously-named app that gives the attacker persistent, password-free access to any of the user’s emails and files, both of which are then plundered to launch malware and phishing scams against others. Image: Proofpoint.

Accountability 350

Accountability Advertising Passwords Phishing 350

Krebs on Security

AUGUST 16, 2022

This identity has been highly active on Breached and its predecessor RaidForums for more than two years, mostly selling databases from hacked Mexican entities. ” asked Ohad Zaidenberg , founder of CTI League , a volunteer emergency response community that emerged in 2020 to help fight COVID-19 related scams. “Who does it?

Data breaches 318

Data breaches Banking Cybercrime Marketing 318

Krebs on Security

APRIL 30, 2020

Most online retailers years ago stopped shipping to regions of the world most frequently associated with credit card fraud, including Eastern Europe, North Africa, and Russia. For example, reshipping scams have over the years become easier for both reshipping mule operators and the mules themselves.

Cybercrime 346

Cybercrime Computers and Electronics Marketing Scams 346

Krebs on Security

JANUARY 30, 2024

authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. Sources close to the investigation tell KrebsOnSecurity the accused was a key member of a criminal hacking group blamed for a string of cyber intrusions at major U.S.

Social Engineering 355

Social Engineering Mobile Passwords Cybercrime 355

Krebs on Security

FEBRUARY 28, 2023

First, they included an offer to use a mutually trusted “middleman” or escrow provider for the transaction (to protect either party from getting scammed). One of the groups that reliably posted “Tmo up!” ” messages to announce SIM-swap availability against T-Mobile customers also reliably posted “Tmo down!

Mobile 340

Mobile Phishing Authentication Advertising 340

Krebs on Security

AUGUST 17, 2023

The international police organization INTERPOL said last week it had shuttered the notorious 16Shop, a popular phishing-as-a-service platform launched in 2017 that made it simple for even complete novices to conduct complex and convincing phishing scams.

Phishing 227

Phishing Passwords Internet Internet 227

Krebs on Security

MARCH 22, 2022

According to Russian prosecutors, the scam went like this: Consumers would receive an SMS with links to sites that falsely claimed a number of well-known companies were sponsoring drawings and lotteries for people who enrolled or agreed to answer surveys. A Google-translated snippet of the hacked ChronoPay Confluence installation.

Banking 229

Banking Marketing DDOS Risk 229

Krebs on Security

AUGUST 2, 2022

With the recent demise of several popular “proxy” services that let cybercriminals route their malicious traffic through hacked PCs, there is now something of a supply chain crisis gripping the underbelly of the Internet. Image: Spur.us. The disruption at 911[.]re

Malware 314

Malware Cybercrime Internet Internet 314

Krebs on Security

JANUARY 25, 2024

” Almost a month later, another FreeCAD user reported getting stung by the same scam. The apparent owner of that photography website did not respond to requests for comment, but it’s also likely his Google advertising account was hacked and used to run these malicious ads. They paid Google for sponsored posts.”

Software 317

Software Advertising Malware Accountability 317

Krebs on Security

JULY 25, 2023

Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service called SocksEscort , which rents hacked residential and small business devices to cybercriminals looking to hide their true location online. Image: Lumen’s Black Lotus Labs. Usually, these users have no idea their systems are compromised.

Malware 235

Malware VPN Internet Internet 235

Krebs on Security

FEBRUARY 24, 2023

Last year, researchers at Minerva Labs spotted the botnet being used to blast out sextortion scams. “I had an account that was simply hacked from me shortly after and I never bothered about it because it wasn’t mine in the first place,” he explained.

Accountability 287

Accountability Advertising Marketing Malware 287

Krebs on Security

JANUARY 22, 2019

Large-scale spam campaigns often are conducted using newly-registered or hacked email addresses, and/or throwaway domains. Guilmette told KrebsOnSecurity he initially considered the possibility that GoDaddy had been hacked, or that thousands of the registrar’s customers perhaps had their GoDaddy usernames and passwords stolen.

DNS 267

DNS Internet Internet Computers and Electronics 267

Krebs on Security

APRIL 11, 2022

Online scams that try to separate the unwary from their cryptocurrency are a dime a dozen, but a great many seemingly disparate crypto scam websites tend to rely on the same dodgy infrastructure providers to remain online in the face of massive fraud and abuse complaints from their erstwhile customers. ” Ark-x2[.]org

Scams 230

Scams Cryptocurrency Media Hacking 230

Krebs on Security

MARCH 17, 2020

But KrebsOnSecurity received copious amounts of information about this scam from Milwaukee, Wisc. ” Americans shouldn’t feel left out of the scam: Hold Security founder Alex Holden says his analysts also intercepted a nearly identical set of scam templates targeting job seekers in the United States.

Banking 361

Banking Scams Accountability Healthcare 361

Krebs on Security

AUGUST 9, 2021

That was right after KrebsOnSecurity broke the news that someone had hacked BriansClub and siphoned information on 26 million stolen debit and credit accounts. The hacked BriansClub database had an estimated collective street value of $566 million , and that data was subsequently shared with thousands of financial institutions.

Phishing 362

Phishing Cybercrime Accountability Advertising 362

Krebs on Security

JULY 18, 2022

net available at the Wayback Machine shows that in 2016 this domain was used for the “ ExE Bucks ” affiliate program, a pay-per-install business which catered to people already running large collections of hacked computers or compromised websites. A cached copy of flashupdate[.]net

VPN 348

VPN Computers and Electronics Antivirus Software 348

Krebs on Security

DECEMBER 18, 2024

A scammer called using a real Google phone number to warn his Gmail account was being hacked, sent email security alerts directly from google.com, and ultimately seized control over the account by convincing him to click “yes” to a Google prompt on his mobile device. “It’s almost like there’s no consequences. .

Cryptocurrency 363

Cryptocurrency Accountability Authentication Phishing 363

Krebs on Security

JANUARY 30, 2025

In October 2024, the security firm Silent Push published a lengthy analysis of how Amazon AWS and Microsoft Azure were providing services to Funnull, a two-year-old Chinese content delivery network that hosts a wide variety of fake trading apps, pig butchering scams , gambling websites, and retail phishing pages.

Accountability 235

Accountability Scams Passwords Retail 235