Mobile and Web Fraud - Cyber Security Informer

How Phished Data Turns into Apple & Google Wallets

Krebs on Security

FEBRUARY 18, 2025

But a flurry of innovation from cybercrime groups in China is breathing new life into the carding industry, by turning phished card data into mobile wallets that can be used online and at main street stores. And they are not traditional SMS phishing or “ smishing ” messages, as they bypass the mobile networks entirely.

Phishing

Phishing Mobile Scams Retail

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Krebs on Security

FEBRUARY 28, 2023

Image: Shutterstock.com Three different cybercriminal groups claimed access to internal networks at communications giant T-Mobile in more than 100 separate incidents throughout 2022, new data suggests. Each advertises their claimed access to T-Mobile systems in a similar way. ” or “ Tmo up!

Mobile

Mobile Phishing Authentication Advertising

Chinese Innovations Spawn Wave of Toll Phishing Via SMS

Krebs on Security

JANUARY 16, 2025

Those who fall for the scam are asked to provide payment card data, and eventually will be asked to supply a one-time password sent via SMS or a mobile authentication app. Notably, none of the phishing pages will even load unless the website detects that the visitor is coming from a mobile device.

Phishing

Phishing Scams Mobile Passwords

Booking.com Phishers May Leave You With Reservations

Krebs on Security

NOVEMBER 1, 2024

KrebsOnSecurity last week heard from a reader whose close friend received a targeted phishing message within the Booking mobile app just minutes after making a reservation at a California. ” The phony booking.com website generated by visiting the link in the text message.

Phishing

Phishing Accountability Artificial Intelligence Cybercrime

Recycle Your Phone, Sure, But Maybe Not Your Number

Krebs on Security

MAY 19, 2021

Many online services allow users to reset their passwords by clicking a link sent via SMS, and this unfortunately widespread practice has turned mobile phone numbers into de facto identity documents. Which means losing control over one thanks to a divorce, job termination or financial crisis can be devastating.

Mobile

Mobile Wireless Accountability Authentication

How 1-Time Passcodes Became a Corporate Liability

Krebs on Security

AUGUST 30, 2022

A recent spate of SMS phishing attacks from one cybercriminal group has spawned a flurry of breach disclosures from affected companies, which are all struggling to combat the same lingering security threat: The ability of scammers to interact directly with employees through their mobile devices. In an Aug.

Mobile

Mobile Phishing Authentication Accountability

Two Charged in SIM Swapping, Vishing Scams

Krebs on Security

NOVEMBER 3, 2020

Bryan hijacked social media and bitcoin accounts using a mix of voice phishing or “ vishing ” attacks and “ SIM swapping ,” a form of fraud that involves bribing or tricking employees at mobile phone companies. In a private message dated Nov.

Scams

Scams Wireless Identity Theft Mobile

The Rise of One-Time Password Interception Bots

Krebs on Security

SEPTEMBER 29, 2021

.” Many websites now require users to supply both a password and a numeric code/OTP token sent via text message, or one generated by mobile apps like Authy and Google Authenticator. agency — advertised a web-based bot designed to trick targets into giving up OTP tokens.

Passwords

Passwords Mobile Authentication Banking

Busting SIM Swappers and SIM Swap Myths

Krebs on Security

NOVEMBER 6, 2018

that has been tracking down individuals engaged in unauthorized “SIM swaps” — a complex form of mobile phone fraud that is often used to steal large amounts of cryptocurrencies and other items of value from victims. That’s just too risky for the attackers, he said.

Mobile

Mobile Cryptocurrency Accountability Passwords

‘Tis the Season for the Wayward Package Phish

Krebs on Security

NOVEMBER 4, 2021

Louis Morton , a security professional based in Fort Worth, Texas, forwarded an SMS phishing or “smishing” message sent to his wife’s mobile device that indicated a package couldn’t be delivered. com — from a desktop web browser redirects the visitor to a harmless page with ads for car insurance quotes. .”

Phishing

Phishing Scams Mobile DNS

How Coinbase Phishers Steal One-Time Passwords

Krebs on Security

OCTOBER 13, 2021

In each case, the phishers manually would push a button that caused the phishing site to ask visitors for more information, such as the one-time password from their mobile app. Armed with the target’s mobile number, they could also click “Send verification SMS” with a text message prompting them to text back a one-time code.

Passwords

Passwords Phishing Accountability Mobile

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

In each attack, the victims saw their email and financial accounts compromised after suffering an unauthorized SIM-swap, wherein attackers transferred each victim’s mobile phone number to a new device that they controlled. Prosecutors say Noah Michael Urban of Palm Coast, Fla.,

Social Engineering

Social Engineering Mobile Passwords Cybercrime

How Malicious Android Apps Slip Into Disguise

Krebs on Security

AUGUST 3, 2023

Researchers say mobile malware purveyors have been abusing a bug in the Google Android platform that lets them sneak malicious code into mobile apps and evade security scanning tools. At issue is a mobile malware obfuscation method identified by researchers at ThreatFabric , a security firm based in Amsterdam.

Mobile

Mobile Malware Banking Cybercrime

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

Krebs on Security

FEBRUARY 8, 2021

Brad Marden , superintendent of cybercrime operations for the Australian Federal Police (AFP), said their investigation into who was behind U-Admin began in late 2018, after Australian citizens began getting deluged with phishing attacks via mobile text messages that leveraged the software.

Phishing

Phishing Scams Banking Mobile

Would You Have Fallen for This Phone Scam?

Krebs on Security

APRIL 28, 2020

But in a phone interview with KrebsOnSecurity earlier this week, Jim made a call to Citi’s automated system from his mobile phone on file with the bank, and I could hear Citi’s systems asking him to enter the last four digits of his credit card number before he could review recent transactions.

Scams

Scams Banking Accountability Financial Services

Facebook, Instagram, TikTok and Twitter Target Resellers of Hacked Accounts

Krebs on Security

FEBRUARY 4, 2021

Usually, this is a mobile app that generates a one-time code, but some sites like Twitter and Facebook now support even more robust options — such as physical security keys. SIM swapping involves convincing mobile phone company employees to transfer ownership of the target’s phone number to a device the attackers control.

Accountability

Accountability Hacking Media Mobile

Man Robbed of 16 Bitcoin Sues Young Thieves’ Parents

Krebs on Security

AUGUST 25, 2021

In those cases, the plaintiffs have sought to extract compensation for their losses from the mobile phone companies — but so far those lawsuits have largely failed to yield results and are often pushed into arbitration.

Cryptocurrency

Cryptocurrency Malware Mobile Accountability

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Krebs on Security

MARCH 14, 2023

That story showed that the previous owner of the Doxbin also was part of a teenage hacking group that specialized in offering fake EDRs as a service on the dark web. KT, the current administrator of Doxbin, declined a request for comment on the charges.

Hacking

Hacking Government Media Accountability

Apple AirTag Bug Enables ‘Good Samaritan’ Attack

Krebs on Security

SEPTEMBER 28, 2021

The new $30 AirTag tracking device from Apple has a feature that allows anyone who finds one of these tiny location beacons to scan it with a mobile phone and discover its owner’s phone number if the AirTag has been set to lost mode.

Mobile

Mobile Phishing Malware Software

RaidForums Gets Raided, Alleged Admin Arrested

Krebs on Security

APRIL 12, 2022

One incident described in an affidavit by prosecutors (PDF) appears related to the sale of tens of millions of consumer records stolen last year from T-Mobile , although the government refers to the victim only as a major telecommunications company and wireless network operator in the United States.

Government

Government Identity Theft Mobile Data breaches

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

A residential proxy generally refers to a computer or mobile device running some type of software that enables the system to be used as a pass-through for Internet traffic from others. Very often, this proxy software is installed surreptitiously, such as through a “Free VPN” service or mobile app.

Scams

Scams DDOS Cryptocurrency Accountability

Fighting Fake EDRs With ‘Credit Ratings’ for Police

Krebs on Security

APRIL 27, 2022

For example, in its latest transparency report mobile giant Verizon reported receiving 114,000 data requests of all types from U.S. The most recent transparency report published by T-Mobile says the company received more than 164,000 “emergency/911” requests in 2020 — but it does not specifically call out EDRs.

Mobile

Mobile Government Media Technology

PayPal Phishing Scam Uses Invoices Sent Via PayPal

Krebs on Security

AUGUST 18, 2022

It’s no accident that one of the most prolific scams going right now — the Zelle Fraud Scam — starts with a text message about an unauthorized payment that appears to come from your bank.

Scams

Scams Phishing Accountability Software

Local Networks Go Global When Domain Names Collide

Krebs on Security

AUGUST 23, 2024

Caturegli said he knows this because he “defensively” registered local.ad, which he said is currently used by multiple large organizations for Active Directory setups — including a European mobile phone provider, and the City of Newcastle in the United Kingdom. and schema.ad.

DNS

DNS Internet Internet Authentication

Lamborghini Carjackers Lured by $243M Cyberheist

Krebs on Security

OCTOBER 9, 2024

Ortiz earned the distinction of being the first person convicted of SIM-swapping, a crime that involves using mobile phone company insiders or compromised employee accounts to transfer a target’s phone number to a mobile device controlled by the attackers.

Cryptocurrency

Cryptocurrency Social Engineering Accountability Mobile

Be Very Sparing in Allowing Site Notifications

Krebs on Security

NOVEMBER 17, 2020

An increasing number of websites are asking visitors to approve “notifications,” browser modifications that periodically display messages on the user’s mobile or desktop device.

Antivirus

Antivirus Advertising Internet Internet

Owners of 1-Time Passcode Theft Service Plead Guilty

Krebs on Security

SEPTEMBER 2, 2024

The call would prompt the target to enter a one-time passcode generated by their phone’s mobile app, and the code was then relayed to the scammer’s user panel at the OTP Agency website. A statement published Aug. 30 by the U.K.’s

Accountability

Accountability Banking Passwords Scams

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Krebs on Security

DECEMBER 13, 2022

USDoD told KrebsOnSecurity their phony application was submitted in November in the CEO’s name, and that the application included a contact email address that they controlled — but also the CEO’s real mobile phone number. “I wasn’t expected to be approve[d].”

Hacking

Hacking Energy and Utilities Cybercrime Accountability

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

Krebs on Security

SEPTEMBER 30, 2024

’s mobile number to a list of those associated with an unrelated firearms investigation. The FBI’s complaint leaves open the question of how Woody and Islam got the phones in the first place, but the implication is that Iza may have instigated the harassment by having mobile phones smuggled to the prisoners.

Cryptocurrency

Cryptocurrency Government Internet Internet

Phishing for Apples, Bobbing for Links

Krebs on Security

JANUARY 13, 2020

Past stories here have examined how scammers working with organized gangs try to phish iCloud credentials from Apple customers who have a mobile device that is lost or stolen. Today’s piece looks at the well-crafted links used in some of these lures.

Phishing

Phishing Scams Mobile Encryption

Scam ‘Funeral Streaming’ Groups Thrive on Facebook

Krebs on Security

SEPTEMBER 18, 2024

com show this user’s PC became infected immediately after they downloaded a booby-trapped mobile application development toolkit. Malware purveyors will often deploy infostealer malware by bundling it with “cracked” or pirated software titles. Indeed, the stealer logs for the administrator of apkdownloadweb[.]com

Scams

Scams DNS Internet Internet

Fake Emergency Search Warrants Draw Scrutiny from Capitol Hill

Krebs on Security

MARCH 31, 2022

On Tuesday, KrebsOnSecurity warned that hackers increasingly are using compromised government and police department email accounts to obtain sensitive customer data from mobile providers, ISPs and social media companies. Today, one of the U.S.

Government

Government Accountability Education Media

Why Malware Crypting Services Deserve More Scrutiny

Krebs on Security

JUNE 21, 2023

Most of the two-dozen domains registered to pepyak@gmail.com shared a server at one point with a small number of other domains, including mobile-soft[.]su DomainTools found that virtually all of the 15 domain names registered to gumboldt@gmail.com (including the aforementioned mobile-soft[.]su) DomainTools says thelib[.]ru

Malware

Malware Antivirus Cybercrime Hacking

Disneyland Malware Team: It’s a Puny World After All

Krebs on Security

NOVEMBER 16, 2022

Look carefully, and you’ll notice small dots beneath the “a” and the second “e” You could be forgiven if you mistook one or both of those dots for a spec of dust on your computer screen or mobile device.

Malware

Malware Banking Phishing DDOS

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

Many companies now require employees to supply a one-time password — such as one sent via SMS or produced by a mobile authenticator app — in addition to their username and password when logging in to company assets online.

Hacking

Hacking Social Engineering Phishing Scams

Sipping from the Coronavirus Domain Firehose

Krebs on Security

APRIL 16, 2020

Subdomains can not only make phishing domains appear more legitimate , but they also tend to lengthen the domain so that key parts of it get pushed off the URL bar in mobile browsers.

Cyber threats

Cyber threats Phishing Data collection Government

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

Krebs on Security

SEPTEMBER 5, 2023

Importantly, none appeared to have suffered the sorts of attacks that typically preface a high-dollar crypto heist, such as the compromise of one’s email and/or mobile phone accounts. Monahan said virtually all of the victims she has assisted were longtime cryptocurrency investors, and security-minded individuals.

Cryptocurrency

Cryptocurrency Passwords Encryption Accountability

Identity Thieves Bypassed Experian Security to View Credit Reports

Krebs on Security

JANUARY 9, 2023

The bureaus pitch these credit lock services as a way for consumers to easily toggle their credit file availability with push of a button on a mobile app, but they do little to prevent the bureaus from continuing to sell your information to others. My advice: Ignore the lock services, and just freeze your credit files already.

Identity Theft

Identity Theft Accountability Authentication Web Fraud

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

And a great many of these “proxy” networks are marketed primarily to cybercriminals seeking to anonymize their traffic by routing it through an infected PC, router or mobile device. “The best way to secure the transmissions of your mobile device is VPN,” reads HideIPVPN’s description on the Apple Store.

Malware

Malware VPN Internet Internet

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

Krebs on Security

SEPTEMBER 26, 2024

The government believes the brains behind Joker’s Stash is Timur Kamilevich Shakhmametov , an individual who is listed in Russian incorporation documents as the owner of Arpa Plus , a Novosibirsk company that makes mobile games. ru , which periodically published hacking tools and exploits for software vulnerabilities.

Cryptocurrency

Cryptocurrency Cybercrime Retail Government

Massive Losses Define Epidemic of ‘Pig Butchering’

Krebs on Security

JULY 21, 2022

“It’s important to be able to mobilize quickly and know how to freeze and seize crypto and get it back to its rightful owner,” West said. “We definitely have made seizures in cases involving pig butchering, but we haven’t gotten that back to the rightful owners yet.”

Scams

Scams Cryptocurrency Marketing Internet

How Do You Fight a $12B Fraud Problem? One Scammer at a Time

Krebs on Security

OCTOBER 25, 2018

Earlier this month, Tokazowski was given the JD Falk award by the Messaging Malware Mobile Anti-Abuse Working Group (M3AAWG) for his efforts in building and growing the BEC List (loyal readers here may recognize the M3AAWG name: KrebsOnSecurity received a different award from M3AAWG in 2014 ).

Scams

Scams Accountability Media Banking

Recycle Your Phone, Sure, But Maybe Not Your Number

Security Boulevard

MAY 19, 2021

Many online services allow users to reset their passwords by clicking a link sent via SMS, and this unfortunately widespread practice has turned mobile phone numbers into de facto identity documents. Which means losing control over one thanks to a divorce, job termination or financial crisis can be devastating.

Mobile

Mobile Wireless Financial Services Passwords

Fake Emergency Search Warrants Draw Scrutiny from Capitol Hill

Security Boulevard

MARCH 31, 2022

On Tuesday, KrebsOnSecurity warned that hackers increasingly are using compromised government and police department email accounts to obtain sensitive customer data from mobile providers, ISPs and social media companies. Today, one of the U.S.

Mobile

Mobile Media Government Accountability

How Phished Data Turns into Apple & Google Wallets

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Trending Sources

Chinese Innovations Spawn Wave of Toll Phishing Via SMS

Booking.com Phishers May Leave You With Reservations

Recycle Your Phone, Sure, But Maybe Not Your Number

How 1-Time Passcodes Became a Corporate Liability

Two Charged in SIM Swapping, Vishing Scams

The Rise of One-Time Password Interception Bots

Busting SIM Swappers and SIM Swap Myths

‘Tis the Season for the Wayward Package Phish

How Coinbase Phishers Steal One-Time Passwords

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

How Malicious Android Apps Slip Into Disguise

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

Would You Have Fallen for This Phone Scam?

Facebook, Instagram, TikTok and Twitter Target Resellers of Hacked Accounts

Man Robbed of 16 Bitcoin Sues Young Thieves’ Parents

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Apple AirTag Bug Enables ‘Good Samaritan’ Attack

RaidForums Gets Raided, Alleged Admin Arrested

Interview With a Crypto Scam Investment Spammer

Fighting Fake EDRs With ‘Credit Ratings’ for Police

PayPal Phishing Scam Uses Invoices Sent Via PayPal

Local Networks Go Global When Domain Names Collide

Lamborghini Carjackers Lured by $243M Cyberheist

Be Very Sparing in Allowing Site Notifications

Owners of 1-Time Passcode Theft Service Plead Guilty

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

Phishing for Apples, Bobbing for Links

Scam ‘Funeral Streaming’ Groups Thrive on Facebook

Fake Emergency Search Warrants Draw Scrutiny from Capitol Hill

Why Malware Crypting Services Deserve More Scrutiny

Disneyland Malware Team: It’s a Puny World After All

When Low-Tech Hacks Cause High-Impact Breaches

Sipping from the Coronavirus Domain Firehose

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

Identity Thieves Bypassed Experian Security to View Credit Reports

Who and What is Behind the Malware Proxy Service SocksEscort?

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

Massive Losses Define Epidemic of ‘Pig Butchering’

How Do You Fight a $12B Fraud Problem? One Scammer at a Time

Recycle Your Phone, Sure, But Maybe Not Your Number

Fake Emergency Search Warrants Draw Scrutiny from Capitol Hill

Stay Connected