Scams, Software and Web Fraud - Cyber Security Informer

PayPal Phishing Scam Uses Invoices Sent Via PayPal

Krebs on Security

AUGUST 18, 2022

Recipients who call the supplied toll-free number to contest the transaction are soon asked to download software that lets the scammers assume remote control over their computer. While the phishing message attached to the invoice is somewhat awkwardly worded, there are many convincing aspects of this hybrid scam.

Scams

Scams Phishing Accountability Software

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. According to the hacker, their spam software has been in private use until the last few weeks, when it was released as open source code. . “On Twitter, more spam and crypto scam.”

Scams

Scams DDOS Cryptocurrency Accountability

Scam ‘Funeral Streaming’ Groups Thrive on Facebook

Krebs on Security

SEPTEMBER 18, 2024

One of the many scam funeral group pages on Facebook. One of many look-alike landing pages for video streaming services linked to scam Facebook funeral groups. Malware purveyors will often deploy infostealer malware by bundling it with “cracked” or pirated software titles.

Scams

Scams DNS Internet Internet

‘Land Lordz’ Service Powers Airbnb Scams

Krebs on Security

APRIL 14, 2019

Scammers who make a living swindling Airbnb.com customers have a powerful new tool at their disposal: A software-as-a-service offering called “ Land Lordz ,” which helps automate the creation and management of fake Airbnb Web sites and the sending of messages to advertise the fraudulent listings.

Scams

Scams Advertising Accountability Phishing

Using Google Search to Find Software Can Be Risky

Krebs on Security

JANUARY 25, 2024

Google continues to struggle with cybercriminals running malicious ads on its search platform to trick people into downloading booby-trapped copies of popular free software applications. And by most accounts, the threat from bad ads leading to backdoored software has subsided significantly compared to a year ago. com , filezillasoft[.]com

Software

Software Advertising Malware Accountability

How Phished Data Turns into Apple & Google Wallets

Krebs on Security

FEBRUARY 18, 2025

“The software can work from anywhere in the world,” Merrill said. “These guys provide the software for $500 a month, and it can relay both NFC enabled tap-to-pay as well as any digital wallet. Three individuals charged with using ghost tap software at an electronics store in Singapore. Image: The Straits Times.

Phishing

Phishing Mobile Scams Retail

Beware of Hurricane Florence Relief Scams

Krebs on Security

SEPTEMBER 24, 2018

All of the domains mentioned above have been reported to the Justice Department’s National Center for Disaster Fraud , which accepts tips at disaster@leo.gov. Let me be clear: Just because a site is listed here doesn’t mean it’s a scam (or that it will be). that is collecting money for Hurricane Florence victims.

Scams

Scams Accountability Media Web Fraud

Scammers Sent Uber to Take Elderly Lady to the Bank

Krebs on Security

AUGUST 4, 2022

Email scammers sent an Uber to the home of an 80-year-old woman who responded to a well-timed email scam, in a bid to make sure she went to the bank and wired money to the fraudsters. But my mom went over to the neighbor’s house and they saw it for what it was — a scam.”

Banking

Banking Scams Accountability Passwords

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Krebs on Security

NOVEMBER 21, 2020

The attacks were facilitated by scams targeting employees at GoDaddy , the world’s largest domain name registrar, KrebsOnSecurity has learned. In March, a voice phishing scam targeting GoDaddy support employees allowed attackers to assume control over at least a half-dozen domain names, including transaction brokering site escrow.com.

Cryptocurrency

Cryptocurrency VPN Scams Social Engineering

Service Rents Email Addresses for Account Signups

Krebs on Security

JUNE 6, 2023

Kopeechka also has multiple affiliate programs, including one that pays app developers for embedding Kopeechka’s API in their software. “There was nothing in the Mastodon software to detect that activity, and the protocol is not designed to handle this.” com site,” the Trend researchers wrote. .

Accountability

Accountability Scams Cryptocurrency Advertising

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

Krebs on Security

FEBRUARY 8, 2021

Cyber cops in Ukraine carried out an arrest and several raids last week in connection with the author of a U-Admin , a software package used to administer what’s being called “one of the world’s largest phishing services.” The U-Admin phishing panel interface.

Phishing

Phishing Scams Banking Mobile

Calendar Meeting Links Used to Spread Mac Malware

Krebs on Security

FEBRUARY 28, 2024

In a post to its Twitter/X account last month, Signum Capital warned that a fake profile pretending to be their employee Mr. Lee was trying to scam people on Telegram. When you do decide to install a piece of software, make sure you are downloading it from the original source, and then keep it updated with any new security fixes.

Malware

Malware Cryptocurrency Software Phishing

A Deep Dive Into the Residential Proxy Service ‘911’

Krebs on Security

JULY 18, 2022

911 says its network is made up entirely of users who voluntarily install its “free VPN” software. re network uses at least two free VPN services to lure its users to install a malware-like software that achieves persistence on the user’s computer,” the researchers wrote. “The 911[.]re

VPN

VPN Computers and Electronics Antivirus Software

Teach a Man to Phish and He’s Set for Life

Krebs on Security

AUGUST 4, 2023

The file included in this phishing scam uses what’s known as a “right-to-left override” or RLO character. The best advice to sidestep phishing scams is to avoid clicking on links that arrive unbidden in emails, text messages and other mediums.

Phishing

Phishing Scams Computers and Electronics Software

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

The general manager of Escrow.com said he suspected the call was a scam, but decided to play along for about an hour — all the while recording the call and coaxing information out of the scammer. One multifactor option — physical security keys — appears to be immune to these advanced scams.

Hacking

Hacking Social Engineering Phishing Scams

This Service Helps Malware Authors Fix Flaws in their Code

Krebs on Security

MAY 18, 2020

Almost daily now there is news about flaws in commercial software that lead to computers getting hacked and seeded with malware. But the reality is most malicious software also has its share of security holes that open the door for security researchers or ne’er-do-wells to liberate or else seize control over already-hacked systems.

Malware

Malware Cybercrime Ransomware Marketing

How to Shop Online Like a Security Pro

Krebs on Security

NOVEMBER 23, 2018

‘Tis the season when even those who know a thing or two about Internet scams tend to let down their guard in the face of an eye-popping discount or the stress of last-minute holiday shopping. Even people who shop mainly at big-name online stores can get scammed if they’re not wary of too-good-to-be-true offers.

Scams

Scams Wireless Phishing Banking

Malicious Office 365 Apps Are the Ultimate Insiders

Krebs on Security

MAY 5, 2021

After a user logs in, the link prompts them to install a malicious but innocuously-named app that gives the attacker persistent, password-free access to any of the user’s emails and files, both of which are then plundered to launch malware and phishing scams against others.

Accountability

Accountability Advertising Passwords Phishing

No SOCKS, No Shoes, No Malware Proxy Services!

Krebs on Security

AUGUST 2, 2022

Here’s what part of their current homepage looks like: The SocksEscort home page says its services are perfect for people involved in automated online activity that often results in IP addresses getting blocked or banned, such as Craigslist and dating scams, search engine results manipulation, and online surveys. The disruption at 911[.]re

Malware

Malware Cybercrime Internet Internet

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Krebs on Security

FEBRUARY 28, 2023

First, they included an offer to use a mutually trusted “middleman” or escrow provider for the transaction (to protect either party from getting scammed). The key works without the need for any special software drivers. One of the groups that reliably posted “Tmo up!”

Mobile

Mobile Phishing Authentication Advertising

Interview With a Crypto Scam Investment Spammer

Security Boulevard

MAY 22, 2023

Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. According to the hacker, their spam software has been in private use until the last few weeks, when it was released as open source code.

Scams

Scams Cryptocurrency Accountability Software

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

In that incident, the attackers exploited a security vulnerability in a Plex media server that the employee was running on his home network, and succeeded in installing malicious software that stole passwords and other authentication credentials.

Social Engineering

Social Engineering Mobile Passwords Cybercrime

Gift Card Gang Extracts Cash From 100k Inboxes Daily

Krebs on Security

SEPTEMBER 2, 2021

Some of the most successful and lucrative online scams employ a “low-and-slow” approach — avoiding detection or interference from researchers and law enforcement agencies by stealing small bits of cash from many people over an extended period. mail server responds “OK” = successful access).

Accountability

Accountability Authentication Passwords Hacking

Who’s Behind the Botnet-Based Service BHProxies?

Krebs on Security

FEBRUARY 24, 2023

Last year, researchers at Minerva Labs spotted the botnet being used to blast out sextortion scams. But according to a new report from BitSight , the Mylobot botnet’s main functionality has always been about transforming the infected system into a proxy. The account didn’t resume posting on the forum until April 2014.

Accountability

Accountability Advertising Marketing Malware

PayPal Phishing Scam Uses Invoices Sent Via PayPal

Security Boulevard

AUGUST 18, 2022

Recipients who call the supplied toll-free number to contest the transaction are soon asked to download software that lets the scammers assume remote control over their computer. The post PayPal Phishing Scam Uses Invoices Sent Via PayPal appeared first on Security Boulevard.

Scams

Scams Phishing Accountability Software

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

The SocksEscort home page says its services are perfect for people involved in automated online activity that often results in IP addresses getting blocked or banned, such as Craigslist and dating scams, search engine results manipulation, and online surveys. Usually, these users have no idea their systems are compromised.

Malware

Malware VPN Internet Internet

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

Security Boulevard

FEBRUARY 8, 2021

Cyber cops in Ukraine carried out an arrest and several raids last week in connection with the author of a U-Admin, a software package used to administer what’s being called “one of the world’s largest phishing services.” The post Arrest, Raids Tied to ‘U-Admin’ Phishing Kit appeared first on Security Boulevard.

Phishing

Phishing Scams Software Web Fraud

Cyber Security Informer

PayPal Phishing Scam Uses Invoices Sent Via PayPal

Interview With a Crypto Scam Investment Spammer

Trending Sources

Scam ‘Funeral Streaming’ Groups Thrive on Facebook

‘Land Lordz’ Service Powers Airbnb Scams

Using Google Search to Find Software Can Be Risky

How Phished Data Turns into Apple & Google Wallets

Beware of Hurricane Florence Relief Scams

Scammers Sent Uber to Take Elderly Lady to the Bank

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Service Rents Email Addresses for Account Signups

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

Calendar Meeting Links Used to Spread Mac Malware

A Deep Dive Into the Residential Proxy Service ‘911’

Teach a Man to Phish and He’s Set for Life

When Low-Tech Hacks Cause High-Impact Breaches

This Service Helps Malware Authors Fix Flaws in their Code

How to Shop Online Like a Security Pro

Malicious Office 365 Apps Are the Ultimate Insiders

No SOCKS, No Shoes, No Malware Proxy Services!

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Interview With a Crypto Scam Investment Spammer

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Gift Card Gang Extracts Cash From 100k Inboxes Daily

Who’s Behind the Botnet-Based Service BHProxies?

PayPal Phishing Scam Uses Invoices Sent Via PayPal

Who and What is Behind the Malware Proxy Service SocksEscort?

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

Stay Connected