VPN and Web Fraud - Cyber Security Informer

Why Your VPN May Not Be As Secure As It Claims

Krebs on Security

MAY 6, 2024

Virtual private networking (VPN) companies market their services as a way to prevent anyone from snooping on your Internet usage. ” The feature being abused here is known as DHCP option 121 , and it allows a DHCP server to set a route on the VPN user’s system that is more specific than those used by most VPNs. .”

VPN

VPN Wireless Internet Internet

A Deep Dive Into the Residential Proxy Service ‘911’

Krebs on Security

JULY 18, 2022

911 says its network is made up entirely of users who voluntarily install its “free VPN” software. In this scenario, users indeed get to use a free VPN service, but they are often unaware that doing so will turn their computer into a proxy that lets others use their Internet address to transact online. “The 911[.]re

VPN

VPN Computers and Electronics Antivirus Software

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Krebs on Security

NOVEMBER 21, 2020

The phishers often will explain that they’re calling from the employer’s IT department to help troubleshoot issues with the company’s email or virtual private networking (VPN) technology. Restrict VPN access hours, where applicable, to mitigate access outside of allowed times.

Cryptocurrency

Cryptocurrency VPN Scams Social Engineering

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Tech CEO Sentenced to 5 Years in IP Address Scheme

Krebs on Security

OCTOBER 17, 2023

Shortly after Spamhaus started blocking Micfo’s IP address ranges, Micfo shifted gears and began reselling IP addresses mainly to companies marketing “virtual private networking” or VPN services that help customers hide their real IP addresses online. Golestan did not respond to a request for comment.

Internet

Internet Internet VPN Marketing

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

Krebs on Security

OCTOBER 8, 2020

In conducting research for this story, KrebsOnSecurity learned that Dr. Samuil is the handle used by the proprietor of multi-vpn[.]biz .” WHO IS DR. SAMUIL?

Cybercrime

Cybercrime Malware VPN Ransomware

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

.” Lumen’s research team said the purpose of AVrecon appears to be stealing bandwidth – without impacting end-users – in order to create a residential proxy service to help launder malicious activity and avoid attracting the same level of attention from Tor-hidden services or commercially available VPN services. com, sscompany[.]net,

Malware

Malware VPN Internet Internet

911 Proxy Service Implodes After Disclosing Breach

Krebs on Security

JULY 29, 2022

But some of them — like 911 — build their networks in part by offering “free VPN” or “free proxy” services that are powered by software which turns the user’s PC into a traffic relay for other users.

Cybercrime

Cybercrime Software VPN Backups

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

The goal is to convince the target to enter their credentials at a website set up by the attackers that mimics the organization’s corporate email or VPN portal. The phishers will usually claim that they’re calling from the employer’s IT department, supposedly to help troubleshoot some issue.

Hacking

Hacking Social Engineering Phishing Scams

Does Your Domain Have a Registry Lock?

Krebs on Security

JANUARY 24, 2020

Anyone curious about why this might be a good approach should have a look at this deep-dive from 2019 on “DNSpionage,” the name given to the exploits of an Iranian group that has successfully stolen countless passwords and VPN credentials from major companies via DNS-based attacks.

DNS

DNS Social Engineering Engineering Accountability

Experian, You Have Some Explaining to Do

Krebs on Security

JULY 10, 2022

“Experian now sometimes does require MFA for me now if I use a new browser or have my VPN on,” Rishi said, but he’s not sure if Experian’s free service would have operated differently. “We believe these are isolated incidents of fraud using stolen consumer information,” Experian’s statement reads.

Accountability

Accountability Passwords Authentication Password Management

Gift Card Gang Extracts Cash From 100k Inboxes Daily

Krebs on Security

SEPTEMBER 2, 2021

.” Bill says that in general companies have a great many more tools available for securing and analyzing employee email traffic when that access is funneled through a Web page or VPN, versus when that access happens via IMAP.

Accountability

Accountability Authentication Passwords Hacking

Giving a Face to the Malware Proxy Service ‘Faceless’

Krebs on Security

APRIL 18, 2023

Riley Kilmer is co-founder of Spur.us , a company that tracks thousands of VPN and proxy networks, and helps customers identify traffic coming through these anonymity services. In this post we’ll examine clues left behind over the past decade by the proprietor of Faceless, including some that may help put a face to the name.

Malware

Malware Passwords Accountability Advertising

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Very often, this proxy software is installed surreptitiously, such as through a “Free VPN” service or mobile app. A residential proxy generally refers to a computer or mobile device running some type of software that enables the system to be used as a pass-through for Internet traffic from others.

Scams

Scams DDOS Cryptocurrency Accountability

Hackers Gaining Power of Subpoena Via Fake “Emergency Data Requests”

Krebs on Security

MARCH 29, 2022

This is very illegal and you will get raided if you don’t use a vpn. You won’t get the login for the account, but you’ll basically obtain everything in the account if you play your cards right. I am not legally responsible if you mishandle this.

Accountability

Accountability Government Hacking Social Engineering

How to Lose a Fortune with Just One Bad Click

Krebs on Security

DECEMBER 18, 2024

Griffin said a follow-up investigation revealed the attackers had used his Gmail account to gain access to his Coinbase account from a VPN connection in California, providing the multi-factor code from his Google Authenticator app.

Cryptocurrency

Cryptocurrency Accountability Authentication Phishing

Cyber Security Informer

Why Your VPN May Not Be As Secure As It Claims

A Deep Dive Into the Residential Proxy Service ‘911’

Webinars

Trending Sources

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Webinars

Tech CEO Sentenced to 5 Years in IP Address Scheme

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

Who and What is Behind the Malware Proxy Service SocksEscort?

911 Proxy Service Implodes After Disclosing Breach

When Low-Tech Hacks Cause High-Impact Breaches

Does Your Domain Have a Registry Lock?

Experian, You Have Some Explaining to Do

Gift Card Gang Extracts Cash From 100k Inboxes Daily

Giving a Face to the Malware Proxy Service ‘Faceless’

Interview With a Crypto Scam Investment Spammer

Hackers Gaining Power of Subpoena Via Fake “Emergency Data Requests”

How to Lose a Fortune with Just One Bad Click

Stay Connected