Passwords, Phishing and Web Fraud - Cyber Security Informer

A Day in the Life of a Prolific Voice Phishing Crew

Krebs on Security

JANUARY 7, 2025

Besieged by scammers seeking to phish user accounts over the telephone, Apple and Google frequently caution that they will never reach out unbidden to users this way. million in an elaborate voice phishing attack. The phishing domain used to steal roughly $4.7 Image: Shutterstock, iHaMoo. “ Annie.”

Phishing

Phishing Cryptocurrency Accountability Social Engineering

Chinese Innovations Spawn Wave of Toll Phishing Via SMS

Krebs on Security

JANUARY 16, 2025

Researchers say the surge in SMS spam coincides with new features added to a popular commercial phishing kit sold in China that makes it simple to set up convincing lures spoofing toll road operators in multiple U.S. Reports of similar SMS phishing attacks against customers of other U.S.

Phishing

Phishing Scams Mobile Passwords

How Coinbase Phishers Steal One-Time Passwords

Krebs on Security

OCTOBER 13, 2021

A recent phishing campaign targeting Coinbase users shows thieves are getting cleverer about phishing one-time passwords (OTPs) needed to complete the login process. A Google-translated version of the now-defunct Coinbase phishing site, coinbase.com.password-reset[.]com. The Coinbase phishing panel.

Passwords

Passwords Phishing Accountability Mobile

Tricky Phish Angles for Persistence, Not Passwords

Krebs on Security

JANUARY 7, 2020

Late last year saw the re-emergence of a nasty phishing tactic that allows the attacker to gain full access to a user’s data stored in the cloud without actually stealing the account password. The phishing lure starts with a link that leads to the real login page for a cloud email and/or file storage service.

Phishing

Phishing Passwords Accountability Authentication

Booking.com Phishers May Leave You With Reservations

Krebs on Security

NOVEMBER 1, 2024

This story examines a recent spear-phishing campaign that ensued when a California hotel had its booking.com credentials stolen. KrebsOnSecurity last week heard from a reader whose close friend received a targeted phishing message within the Booking mobile app just minutes after making a reservation at a California.

Phishing

Phishing Accountability Artificial Intelligence Cybercrime

The Rise of One-Time Password Interception Bots

Krebs on Security

SEPTEMBER 29, 2021

In February, KrebsOnSecurity wrote about a novel cybercrime service that helped attackers intercept the one-time passwords (OTPs) that many websites require as a second authentication factor in addition to passwords. An ad for the OTP interception service/bot “SMSRanger.”

Passwords

Passwords Mobile Authentication Banking

‘Tis the Season for the Wayward Package Phish

Krebs on Security

NOVEMBER 4, 2021

Here’s a look at a fairly elaborate SMS-based phishing scam that spoofs FedEx in a bid to extract personal and financial information from unwary recipients. One of dozens of FedEx-themed phishing sites currently being advertised via SMS spam. ” Attempting to visit the domain in the phishing link — o001cfedeex[.]com

Phishing

Phishing Scams Mobile DNS

This Windows PowerShell Phish Has Scary Potential

Krebs on Security

SEPTEMBER 19, 2024

Many GitHub users this week received a novel phishing email warning of critical security holes in their code. Those who clicked the link for details were asked to distinguish themselves from bots by pressing a combination of keyboard keys that causes Microsoft Windows to download password-stealing malware.

Phishing

Phishing Scams Malware Passwords

Fake Lawsuit Threat Exposes Privnote Phishing Sites

Krebs on Security

APRIL 4, 2024

The disclosure revealed a profitable network of phishing sites that behave and look like the real Privnote, except that any messages containing cryptocurrency addresses will be automatically altered to include a different payment address controlled by the scammers. A screenshot of the phishing domain privatemessage dot net.

Phishing

Phishing Cryptocurrency DDOS Internet

‘The Manipulaters’ Improve Phishing, Still Fail at Opsec

Krebs on Security

APRIL 3, 2024

Roughly nine years ago, KrebsOnSecurity profiled a Pakistan-based cybercrime group called “ The Manipulaters ,” a sprawling web hosting network of phishing and spam delivery platforms. Manipulaters advertisement for “Office 365 Private Page with Antibot” phishing kit sold on the domain heartsender,com.

Phishing

Phishing Cybercrime Malware Advertising

The Life Cycle of a Breached Database

Krebs on Security

JULY 29, 2021

Every time there is another data breach, we are asked to change our password at the breached entity. Our continued reliance on passwords for authentication has contributed to one toxic data spill or hack after another.

Passwords

Passwords Password Management Phishing Scams

Karma Catches Up to Global Phishing Service 16Shop

Krebs on Security

AUGUST 17, 2023

You’ve probably never heard of “ 16Shop ,” but there’s a good chance someone using it has tried to phish you. A 16Shop phishing page spoofing Apple and targeting Japanese users. Image: Akamai.com. The INTERPOL statement says the platform sold hacking tools to compromise more than 70,000 users in 43 countries.

Phishing

Phishing Passwords Internet Internet

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Krebs on Security

JUNE 15, 2024

.” In a SIM-swapping attack, crooks transfer the target’s phone number to a device they control and intercept any text messages or phone calls sent to the victim — including one-time passcodes for authentication, or password reset links sent via SMS. A Scattered Spider phishing lure sent to Twilio employees.

Hacking

Hacking Phishing Cybercrime Passwords

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

But it’s worth revisiting how this group typically got in to targeted companies: By calling employees and tricking them into navigating to a phishing website. But we do know the March 2020 attack was precipitated by a spear-phishing attack against a GoDaddy employee. In a filing with the U.S.

Hacking

Hacking Social Engineering Phishing Scams

How 1-Time Passcodes Became a Corporate Liability

Krebs on Security

AUGUST 30, 2022

A recent spate of SMS phishing attacks from one cybercriminal group has spawned a flurry of breach disclosures from affected companies, which are all struggling to combat the same lingering security threat: The ability of scammers to interact directly with employees through their mobile devices. 2, and Aug.

Mobile

Mobile Phishing Authentication Accountability

Malicious Office 365 Apps Are the Ultimate Insiders

Krebs on Security

MAY 5, 2021

After a user logs in, the link prompts them to install a malicious but innocuously-named app that gives the attacker persistent, password-free access to any of the user’s emails and files, both of which are then plundered to launch malware and phishing scams against others.

Accountability

Accountability Advertising Passwords Phishing

The ‘Zelle Fraud’ Scam: How it Works, How to Fight Back

Krebs on Security

NOVEMBER 19, 2021

Naturally, a great deal of phishing schemes that precede these bank account takeovers begin with a spoofed text message from the target’s bank warning about a suspicious Zelle transfer. What follows is a deep dive into how this increasingly clever Zelle fraud scam typically works, and what victims can do about it.

Scams

Scams Banking Passwords Authentication

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

.” Group-IB dubbed the gang by a different name — 0ktapus — which was a nod to how the criminal group phished employees for credentials. The missives asked users to click a link and log in at a phishing page that mimicked their employer’s Okta authentication page. On July 28 and again on Aug. According to an Aug.

Social Engineering

Social Engineering Mobile Passwords Cybercrime

Two Charged in SIM Swapping, Vishing Scams

Krebs on Security

NOVEMBER 3, 2020

Bryan hijacked social media and bitcoin accounts using a mix of voice phishing or “ vishing ” attacks and “ SIM swapping ,” a form of fraud that involves bribing or tricking employees at mobile phone companies. Milleson , 21 of Timonium, Md. and 19-year-old Kingston, Pa. resident Kyell A.

Scams

Scams Wireless Identity Theft Mobile

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Krebs on Security

NOVEMBER 21, 2020

In March, a voice phishing scam targeting GoDaddy support employees allowed attackers to assume control over at least a half-dozen domain names, including transaction brokering site escrow.com. 2019 that wasn’t discovered until April 2020. “Luckily, we fought them off well and they did not gain access to any important service.

Cryptocurrency

Cryptocurrency VPN Scams Social Engineering

Disneyland Malware Team: It’s a Puny World After All

Krebs on Security

NOVEMBER 16, 2022

A financial cybercrime group calling itself the Disneyland Team has been making liberal use of visually confusing phishing domains that spoof popular bank brands using Punycode , an Internet standard that allows web browsers to render domain names with non-Latin alphabets like Cyrillic. com — which was created to phish U.S.

Malware

Malware Banking Phishing DDOS

Researchers: Weak Security Defaults Enabled Squarespace Domains Hijacks

Krebs on Security

JULY 15, 2024

In some cases, the attackers were able to redirect the hijacked domains to phishing sites set up to steal visitors’ cryptocurrency funds. “And since there’s no password on the account, it just shoots them to the ‘create password for your new account’ flow.

Accountability

Accountability Cryptocurrency Passwords DNS

The Rise of One-Time Password Interception Bots

Security Boulevard

SEPTEMBER 29, 2021

In February, KrebsOnSecurity wrote about a novel cybercrime service that helped attackers intercept the one-time passwords (OTPs) that many websites require as a second authentication factor in addition to passwords. The post The Rise of One-Time Password Interception Bots appeared first on Security Boulevard.

Passwords

Passwords Cybercrime Phishing Authentication

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Krebs on Security

FEBRUARY 28, 2023

In each case, the goal of the attackers was the same: Phish T-Mobile employees for access to internal company tools, and then convert that access into a cybercrime service that could be hired to divert any T-Mobile user’s text messages and phone calls to another device.

Mobile

Mobile Phishing Authentication Advertising

Owners of 1-Time Passcode Theft Service Plead Guilty

Krebs on Security

SEPTEMBER 2, 2024

agency , a once popular online service that helped attackers intercept the one-time passcodes (OTPs) that many websites require as a second authentication factor in addition to passwords. KrebsOnSecurity profiled OTP Agency in a February 2021 story about arrests tied to another phishing-related service based in the U.K.

Accountability

Accountability Banking Passwords Scams

Gift Card Gang Extracts Cash From 100k Inboxes Daily

Krebs on Security

SEPTEMBER 2, 2021

For the past three years, the source — we’ll call him “Bill” to preserve his requested anonymity — has been watching one group of threat actors that is mass-testing millions of usernames and passwords against the world’s major email providers each day. What do you do?

Accountability

Accountability Authentication Passwords Hacking

How to Shop Online Like a Security Pro

Krebs on Security

NOVEMBER 23, 2018

Even so, anti-phishing company PhishLabs found in a survey last year that more than 80% of respondents believed the green lock indicated that a website was either legitimate and/or safe. Now that anyone can get SSL certificates for free , phishers and other scammers that ply their trade via fake Web sites are starting to up their game.

Scams

Scams Wireless Phishing Banking

Calendar Meeting Links Used to Spread Mac Malware

Krebs on Security

FEBRUARY 28, 2024

Unfortunately for us, Doug freaked out after deciding he’d been tricked — backing up his important documents, changing his passwords, and then reinstalling macOS on his computer. While this a perfectly sane response, it means we don’t have the actual malware that was pushed to his Mac by the script. ” Image: SlowMist.

Malware

Malware Cryptocurrency Software Phishing

Why Your VPN May Not Be As Secure As It Claims

Krebs on Security

MAY 6, 2024

Woodcock said anyone who might be a target of spear phishing attacks should be very concerned about using VPNs on an untrusted network. “They create a password-locked LAN with automatic network address translation,” the researchers wrote of cellular hot-spots.

VPN

VPN Wireless Internet Internet

‘Land Lordz’ Service Powers Airbnb Scams

Krebs on Security

APRIL 14, 2019

But when the interested party inquires about the listing, they are sent a link to a site that looks like Airbnb.com but which is actually a phishing page. The fake site simply forwards all requests on this page to Airbnb.com, and records any usernames and passwords submitted through the site.

Scams

Scams Advertising Accountability Phishing

‘ValidCC,’ a Major Payment Card Bazaar and Looter of E-Commerce Sites, Shuttered

Krebs on Security

FEBRUARY 2, 2021

“We don’t know users’ balances, or your account logins or passwords, or the [credit cards] you purchased, or anything else! SPR countered that ValidCC couldn’t return balances because it no longer had access to its own ledgers. “We don’t know anything!,” ” SPR pleaded.

Cybercrime

Cybercrime Media Accountability Hacking

Bomb Threat, Sextortion Spammers Abused Weakness at GoDaddy.com

Krebs on Security

JANUARY 22, 2019

In July 2018, email users around the world began complaining of receiving spam which began with a password the recipient used at some point in the past and threatened to release embarrassing videos of the recipient unless a bitcoin ransom was paid.

DNS

DNS Internet Internet Computers and Electronics

Busting SIM Swappers and SIM Swap Myths

Krebs on Security

NOVEMBER 6, 2018

Soon after, the attackers were able to use their control over his mobile number to reset his Gmail account password. “The next thing they do is go to these accounts and use the ‘forgot password’ function and request a password reset link via SMS to gain access to those accounts. ” Lt.

Mobile

Mobile Cryptocurrency Accountability Passwords

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

Krebs on Security

SEPTEMBER 30, 2024

The complaint against Iza says the FBI interviewed Woody in Manilla where he is currently incarcerated, and learned that Iza has been harassing him about passwords that would unlock access to cryptocurrencies. The complaint says Iza ran this business with another individual identified only as “ T.H. ,” and that at some point T.H.

Cryptocurrency

Cryptocurrency Government Internet Internet

SSNDOB marketplace shut down by global law enforcement operation

Malwarebytes

JUNE 8, 2022

You run the risk of being targeted for spear phishing, or having your personal information used for fraudulent applications. Password reuse is one big reason for credential stuffing (using stolen data across additional sites) being so popular. Criminals will make use of it however they can to make money.

DDOS

DDOS Cryptocurrency Data breaches Scams

The Dark Nexus Between Harm Groups and ‘The Com’

Krebs on Security

SEPTEMBER 13, 2024

One account of the hack came from a 17-year-old in the United Kingdom, who told reporters the intrusion began when one of the English-speaking hackers phoned a tech support person at MGM and tricked them into resetting the password for an employee account. ” Beige members were implicated in two stories published here in 2020.

Cybercrime

Cybercrime Accountability Mobile Hacking

Phishers Spoof USPS, 12 Other Natl’ Postal Services

Krebs on Security

OCTOBER 9, 2023

The fake USPS phishing page. Recent weeks have seen a sizable uptick in the number of phishing scams targeting U.S. Here’s a look at an extensive SMS phishing operation that tries to steal personal and financial data by spoofing the USPS, as well as postal services in at least a dozen other countries. com usps.trckspost[.]com

Phishing

Phishing Scams Passwords Web Fraud

Thread Hijacking: Phishes That Prey on Your Curiosity

Krebs on Security

MARCH 28, 2024

Here’s the story of a recent thread hijacking attack in which a journalist was copied on a phishing email from the unwilling subject of a recent scoop. But Sholtis said he didn’t enter his Outlook username and password. “We were just perplexed,” Murse said. “We were just perplexed,” Murse said.

Phishing

Phishing Scams Accountability Passwords

How to Lose a Fortune with Just One Bad Click

Krebs on Security

DECEMBER 18, 2024

GRAND THEFT AUTOMATED Just days after Griffin was robbed, a scammer impersonating Google managed to phish 45 bitcoins — approximately $4,725,000 at today’s value — from Tony , a 42-year-old professional from northern California. I put my seed phrase into a phishing site, and that was it.” My brain went haywire.

Cryptocurrency

Cryptocurrency Accountability Authentication Phishing

Infrastructure Laundering: Blending in with the Cloud

Krebs on Security

JANUARY 30, 2025

In October 2024, the security firm Silent Push published a lengthy analysis of how Amazon AWS and Microsoft Azure were providing services to Funnull, a two-year-old Chinese content delivery network that hosts a wide variety of fake trading apps, pig butchering scams , gambling websites, and retail phishing pages. based cloud providers.

Accountability

Accountability Scams Passwords Retail

A Day in the Life of a Prolific Voice Phishing Crew

Chinese Innovations Spawn Wave of Toll Phishing Via SMS

Trending Sources

How Coinbase Phishers Steal One-Time Passwords

Tricky Phish Angles for Persistence, Not Passwords

Booking.com Phishers May Leave You With Reservations

The Rise of One-Time Password Interception Bots

‘Tis the Season for the Wayward Package Phish

This Windows PowerShell Phish Has Scary Potential

Fake Lawsuit Threat Exposes Privnote Phishing Sites

‘The Manipulaters’ Improve Phishing, Still Fail at Opsec

The Life Cycle of a Breached Database

Karma Catches Up to Global Phishing Service 16Shop

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

When Low-Tech Hacks Cause High-Impact Breaches

How 1-Time Passcodes Became a Corporate Liability

Malicious Office 365 Apps Are the Ultimate Insiders

The ‘Zelle Fraud’ Scam: How it Works, How to Fight Back

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Two Charged in SIM Swapping, Vishing Scams

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Disneyland Malware Team: It’s a Puny World After All

Researchers: Weak Security Defaults Enabled Squarespace Domains Hijacks

The Rise of One-Time Password Interception Bots

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Owners of 1-Time Passcode Theft Service Plead Guilty

Gift Card Gang Extracts Cash From 100k Inboxes Daily

How to Shop Online Like a Security Pro

Calendar Meeting Links Used to Spread Mac Malware

Why Your VPN May Not Be As Secure As It Claims

‘Land Lordz’ Service Powers Airbnb Scams

‘ValidCC,’ a Major Payment Card Bazaar and Looter of E-Commerce Sites, Shuttered

Bomb Threat, Sextortion Spammers Abused Weakness at GoDaddy.com

Busting SIM Swappers and SIM Swap Myths

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

SSNDOB marketplace shut down by global law enforcement operation

The Dark Nexus Between Harm Groups and ‘The Com’

Phishers Spoof USPS, 12 Other Natl’ Postal Services

Thread Hijacking: Phishes That Prey on Your Curiosity

How to Lose a Fortune with Just One Bad Click

Infrastructure Laundering: Blending in with the Cloud

Stay Connected