Krebs on Security

SEPTEMBER 18, 2024

One of the many scam funeral group pages on Facebook. One of many look-alike landing pages for video streaming services linked to scam Facebook funeral groups. But as luck would have it, sometime last year the administrator of apkdownloadweb.com managed to infect their Windows PC with password-stealing malware.

Scams 65

Scams DNS Internet Internet 65

Krebs on Security

MARCH 14, 2025

In this scam, dubbed “ ClickFix ,” the visitor to a hacked or malicious website is asked to distinguish themselves from bots by pressing a combination of keyboard keys that causes Microsoft Windows to download password-stealing malware.

Phishing 272

Phishing Malware Scams Passwords 272

Penetration Testing

NOVEMBER 5, 2024

LastPass, a leading password management platform, has issued a critical warning to users about a social engineering campaign targeting its customer base through deceptive reviews on its Chrome Web Store... The post Warning: LastPass Alerts Users to Phishing Scam Using Fake Support Reviews on Chrome Web Store appeared first on Cybersecurity (..)

Scams 87

Scams Phishing Social Engineering Password Management 87

Krebs on Security

APRIL 14, 2019

site that helps him manage more than 500 scam properties and interactions with up to 100 (soon-to-be-scammed) “guests” looking to book the fake listings. The Land Lordz administrative panel for a scammer who’s running dozens of Airbnb scams in the United Kingdom. The price is € 250 + €500 secure deposit.

Scams 271

Scams Advertising Accountability Phishing 271

eSecurity Planet

MARCH 31, 2025

Streaming giant Netflix is at the center of a rising wave of online scams, cybersecurity experts warn. “Netflix is an all-year scam because there are so many people using it that hackers dont need to do anything special,” Zilberstein explained. Use a strong, unique password for your Netflix account.

Scams 107

Scams Artificial Intelligence Phishing Passwords 107

Krebs on Security

JULY 3, 2023

Here’s a look at the most recent incarnation of this scam — DomainNetworks — and some clues about who may be behind it. The Better Business Bureau listing for DomainNetworks gives it an “F” rating, and includes more than 100 reviews by people angry at receiving one of these scams via snail mail.

Scams 293

Scams Business Services Accountability Marketing 293

Krebs on Security

MAY 10, 2021

One financial startup that’s targeting the gig worker market is offering up to $500 to anyone willing to hand over the payroll account username and password given to them by their employer, plus a regular payment for each month afterwards in which those credentials still work. This ad, from workplaceunited[.]com, Click to enlarge.

Passwords 321

Passwords Mobile Accountability Marketing 321

Security Affairs

MARCH 24, 2025

The FBI warns of a significant increase in scams involving free online document converters to infect users with malware. “The FBI Denver Field Office is warning that agents are increasingly seeing a scam involving free online document converter tools, and we want to encourage victims to report instances of this scam.”

Malware 113

Malware Scams Identity Theft Antivirus 113

Krebs on Security

JANUARY 7, 2025

Before we get to the Apple scam in detail, we need to revisit Tony’s case. The Owner: The phishing panel owner, who will frequently listen in on and participate in scam calls. In the first step of the attack, they peppered the target’s Apple device with notifications from Apple by attempting to reset his password.

Phishing 339

Phishing Cryptocurrency Accountability Social Engineering 339

Adam Levin

NOVEMBER 23, 2020

of all reports to the BBB Scam Tracker “were online purchase scams, up from 24.3% of those consumers lost money due to those scams, up from 71.2% A BBB survey conducted in August found that the majority of these scammed consumers made purchases for which they never received products. Change your passwords.

Scams 239

Scams Banking Retail Consumer Protection 239

Adam Levin

NOVEMBER 17, 2020

Here are 50 ways to avoid getting scammed on Black Friday — and beyond. Make sure your smartphone, tablet and laptop are password-protected, particularly if you’re in the habit of carrying them around wherever you go. Popular browsers, like Safari or Firefox, frequently issue updates to protect against scams. Lock your devices.

Scams 243

Scams Retail Banking Passwords 243

Webroot

APRIL 11, 2025

Thats why each year, the IRS releases its list of Dirty Dozen Tax Scams. Common tax scams to watch out for in 2025 IRS Impersonation: The most common type of tax fraud starts with a phone call, text or email. Its easy to avoid these scams by remembering this important tip – the first time the IRS contacts you, it will be by U.S.

Scams 60

Scams Identity Theft Backups Phishing 60

Krebs on Security

NOVEMBER 3, 2020

That allowed them to seize control over a target’s incoming phone calls and text messages, which were used to reset the password for email, social media and cryptocurrency accounts tied to those numbers. Interestingly, the conspiracy appears to have unraveled over a business dispute between the two men.

Scams 343

Scams Wireless Identity Theft Mobile 343

Krebs on Security

JULY 29, 2021

Every time there is another data breach, we are asked to change our password at the breached entity. Our continued reliance on passwords for authentication has contributed to one toxic data spill or hack after another.

Passwords 363

Passwords Password Management Phishing Scams 363

Troy Hunt

NOVEMBER 7, 2018

The first one was about HSBC disclosing a "security incident" which, upon closer inspection, boiled down to this: The security incident that HSBC described in its letter seems to fit the characteristics of brute-force password-guessing attempts, also known as a credentials stuffing attack. link] — Troy Hunt (@troyhunt) November 6, 2018.

Passwords 252

Passwords Accountability Hacking Education 252

Malwarebytes

JANUARY 3, 2025

If interested, the victim will receive a download link and a password for the archive containing the promised installer. But the end goal to this scam, and most others, is monetary gain. So keep an eye on your digital and flat currency if youve fallen for one of these scams.

Scams 143

Scams Identity Theft Media Accountability 143

Malwarebytes

APRIL 16, 2025

But, as with all sextortion scams, this threat is an entirely empty one. The scammer says they know your password or compromised your account. Change the password and enable 2FA if possible. Scary stuff, and it supports the claims the scammer makes. Often youre only allowed one day to pay.

Accountability 73

Accountability Scams Passwords Phishing 73

Malwarebytes

MARCH 26, 2025

As such, readers should be the lookout for any scams or phishing attempts in the coming weeks. Hunt also noticed that, when he tried to log into his Mailchimp account by following the phishing emails link, his password manager did not auto-fill his account details. But Hunts immediate disclosure of the attack should be commended.

Phishing 122

Phishing Data breaches Password Management Scams 122

Malwarebytes

APRIL 8, 2025

By purchasing prominent Google Ads, they are creating highly convincing fake login pages designed to pilfer sensitive information, including usernames, passwords, and even one-time passcodes (OTPs) the keys to someone’s financial data needed for tax compliance.

Phishing 85

Phishing Scams Accountability Passwords 85

SecureWorld News

FEBRUARY 14, 2025

Be wary of romance scams "People can be vulnerable on February 14th," said Dave Machin , Partner at The Berkeley Partnership. "If Using strong, unique passwords for dating apps and online stores is also a good idea." Verify charities before donating Scam emails and messages impersonating charities are common.

Scams 74

Scams Cybercrime Social Engineering Phishing 74

Malwarebytes

OCTOBER 15, 2024

Political ads could be hiding online scams, many people feel, and the election, they say, will likely fall victim to some type of “cyber interference.” 52% are “very concerned” or “concerned” about “falling prey to a scam when interacting with political messages.” Avoid robocalls and phone scams.

Scams 141

Scams Identity Theft Cybercrime Accountability 141

Hacker's King

DECEMBER 25, 2024

Tools designed for password cracking often exploit weak security practices, but understanding these methods is vital for safeguarding your account. This guide explores Snapchat password-cracking tools while focusing on ethical ways to enhance security. Weak or simple passwords are particularly vulnerable.

Passwords 52

Passwords Social Engineering Accountability Scams 52

Malwarebytes

MAY 2, 2024

A campaign using sponsored search results is targeting home users and taking them to tech support scams. For systems running Windows, we found visitors are redirected to tech support scam websites such as this one. Tech Support Scam site telling the visitor to call 1-844-476-5780 You undoubtedly know the type.

Scams 144

Scams Advertising Identity Theft Passwords 144

Hacker's King

DECEMBER 28, 2024

A compromised password can lead to identity theft and data breaches. To safeguard your Gmail password, you need to adopt a few best practices that will enhance your accounts security and keep cyber threats at bay. If hackers gain access to your Gmail password , they could potentially compromise these connected services too.

Passwords 52

Passwords Identity Theft Accountability Data breaches 52

Troy Hunt

JULY 31, 2024

How many attempted scams do you get each day? The sender then attached a text file with 197 lines of email addresses and passwords belonging to users of Scott's pride and joy. Most with the same password too, because a normal person obviously owns this email address. Here are just the first ten: Google.

Scams 347

Scams Passwords Malware Accountability 347

Krebs on Security

NOVEMBER 21, 2024

The targeted SMS scams asked employees to click a link and log in at a website that mimicked their employer’s Okta authentication page. The bot allowed the attackers to use the phished username, password and one-time code to log in as that employee at the real employer website.

Identity Theft 255

Identity Theft Phishing Cryptocurrency Accountability 255

Krebs on Security

NOVEMBER 4, 2021

Here’s a look at a fairly elaborate SMS-based phishing scam that spoofs FedEx in a bid to extract personal and financial information from unwary recipients. Most phishing scams invoke a temporal element that warns of negative consequences should you fail to respond or act quickly. com, g001bfedeex[.]com, com, and so on.

Phishing 339

Phishing Scams Mobile DNS 339

Krebs on Security

JANUARY 31, 2025

“The Saim Raza-run websites operated as marketplaces that advertised and facilitated the sale of tools such as phishing kits, scam pages and email extractors often used to build and maintain fraud operations,” the DOJ explained. “Presumably, these buyers also include Dutch nationals.

Phishing 256

Phishing Cybercrime Advertising Malware 256

Malwarebytes

JANUARY 27, 2025

But shortly after the payment, ALPHV disappeared in an unconvincing exit scam designed to make it look as if the groups website had been seized by the FBI, forgetting to pay its affiliates in the process. Change your password. You can make a stolen password useless to thieves by changing it. Watch out for fake vendors.

Data breaches 130

Data breaches Healthcare Passwords Insurance 130

Krebs on Security

NOVEMBER 21, 2020

The attacks were facilitated by scams targeting employees at GoDaddy , the world’s largest domain name registrar, KrebsOnSecurity has learned. In March, a voice phishing scam targeting GoDaddy support employees allowed attackers to assume control over at least a half-dozen domain names, including transaction brokering site escrow.com.

Cryptocurrency 364

Cryptocurrency VPN Scams Social Engineering 364

Krebs on Security

NOVEMBER 1, 2024

Booking.com said it now requires 2FA , which forces partners to provide a one-time passcode from a mobile authentication app (Pulse) in addition to a username and password. A scan of social media networks showed this is not an uncommon scam. .” The phony booking.com website generated by visiting the link in the text message.

Phishing 264

Phishing Accountability Artificial Intelligence Cybercrime 264

Krebs on Security

SEPTEMBER 19, 2024

Those who clicked the link for details were asked to distinguish themselves from bots by pressing a combination of keyboard keys that causes Microsoft Windows to download password-stealing malware. Executing this series of keypresses prompts the built-in Windows Powershell to download password-stealing malware.

Phishing 328

Phishing Scams Malware Passwords 328

Malwarebytes

NOVEMBER 20, 2024

How to avoid the “sad announcement” scam Always compare the actual sender address with the email address this person would normally use to send you an email. So what should you do if you have fallen victim to a tech support scam? Consider using a password manager and enable 2FA for important accounts.

Scams 145

Scams Accountability Passwords Banking 145

Krebs on Security

DECEMBER 2, 2020

The hack was acknowledged by the forum’s current administrator, who assured members that their passwords were protected with a password obfuscation technology that was extremely difficult to crack. Roughly a week ago, the OGUsers homepage was defaced with a message stating the forum’s user database had been compromised.

Accountability 347

Accountability Hacking Scams Media 347

Krebs on Security

FEBRUARY 26, 2023

million customers, including website administrator passwords, sFTP credentials, and private SSL keys; -December 2022: Hackers gained access to and installed malware on GoDaddy’s cPanel hosting servers that “intermittently redirected random customer websites to malicious sites.”

Hacking 328

Hacking Social Engineering Phishing Scams 328

SecureWorld News

MAY 2, 2024

In our digitally connected world, passwords are the gateway to protecting our online lives—from email and social media accounts to banking and private data. Yet, many of us still use alarmingly weak passwords or reuse the same ones across multiple sites, putting our digital identities at severe risk.

Passwords 113

Passwords Password Management Identity Theft Authentication 113

Malwarebytes

MARCH 17, 2025

Other passwords and session tokens that could allow the scammers to bypass multi-factor authentication (MFA). Change all your passwords and do this using a clean, trusted device. IOCs Below are some recent examples of domains involved in this type of scam and the reason why Malwarebytes products block them. Email addresses.

Malware 141

Malware Adware Education Phishing 141