Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Cyber Scam. Show all posts
scam tactics
Cyber Criminals Cyber Fraud Cyber Scam Cyber Threats CyberCrime Delhi cybercrime rise Delhi Police digital house arrest forged letterheads Fraud Online fraud police alert scam tactics

Delhi Police Alerts Citizens to New Cyber Scam

 

Authorities in Delhi are cautioning residents to remain vigilant against a recent surge in cyber fraud cases known as ‘digital house arrest,’ with over 200 incidents reported monthly in the capital.

Described as a serious threat by senior officials, this tactic employed by cybercriminals aims to coerce victims into parting with their money once ensnared in their schemes.

In this scheme, scammers posing as law enforcement officers deceive victims into believing their bank accounts, SIM cards, Aadhaar cards, or other linked documents have been compromised. The victims are then virtually confined to their homes and pressured into paying the scammers.

According to a senior officer from the Intelligence Fusion and Strategic Operations (IFSO) unit of the Delhi Police, cases involving amounts exceeding Rs 50 lakh are investigated by their specialized team.

In a recent case, a man preparing for work received a call from someone claiming to be from the Mumbai Crime Branch. The caller accused the victim of involvement in drug trafficking using his Aadhaar card and instructed him not to leave his house during a prolonged interrogation session. The victim, fearing repercussions, complied. Eventually, the scammers gained remote access to his computer, drained his bank account, and vanished.

These fraudsters often employ forged police letterheads and use translation tools to enhance their communication. They specifically target vulnerable individuals, such as the elderly. Victims are urged to immediately report such incidents to the police helpline for assistance.

According to the National Crime Records Bureau (NCRB), cybercrime cases in Delhi nearly doubled in 2022, with reported incidents increasing from 345 to 685. This marks a significant rise from the 166 cases reported in 2020.
Read more »
User Security
Cyber Fraud Cyber Scam Data Privacy Hollywood Movie Movie Scam User Security

Movie Scam: Fraudsters Take Advantage of the Popularity of Barbie and Oppenheimer

 

The films Barbie and Oppenheimer quickly rose to the top of the list of the year's most anticipated films. Unfortunately, scammers seized the opportunity to use Barbie and Oppenheimer's enormous popularity for their own nefarious purposes right away, as is sometimes the case with such well-liked subjects.

Kaspersky has now discovered that con artists are misleading unwary users by disseminating phishing scams that take advantage of the excitement around movie debuts, all with the purpose of stealing their hard-earned money and sensitive personal information. 

Modus operandi 

Users are lured to one of the fake pages with special Barbie doll offers timed to the release of the movie. A limited-edition doll of the lead actress Margot Robbie, which costs about £12 (GBP), is among the movie-related dolls that are being offered to customers in addition to the standard dolls. For an additional £56 (after an "exclusive" discount), they can add a helicopter, bringing the total cost of the purchase to £60. 

Users are then brought to a purchase form after choosing an item to buy, where they must enter personal identification information like their name, address, phone number, and banking credentials. Oblivious users unknowingly submit money and confidential information to fraudsters. The possibility of the stolen data being sold on the dark web market, in addition to the financial threats, makes this fraud a severe privacy issue. 

Another well-liked release, Oppenheimer, which is due out on the same day, was not missed by the fraudsters. By promising a free movie stream, they deceived consumers into giving them financial information and money. Scammers frequently use the strategy of requesting a little registration fee, such as one dollar or one euro, in such circumstances. This seemingly insignificant payment obligation, however, might raise questions. They demand that a bank card be attached in order to move forward with the registration, allowing for illegal and difficult-to-cancel debits from consumers' accounts. 

Mitigation tips

Beware of phishing scams: Be wary of questionable emails, messages, or websites that offer special offers or freebies. Check the source's legitimacy before disclosing personal information or conducting online transactions. 

Verify website security: When purchasing items or viewing related content online, be sure the website has a secure connection. To identify a secure website, look for "https://" in the URL and a padlock icon in the address bar. 

Be cautious when disclosing personal information online, especially sensitive information such as your address, phone number, or financial information. Such information should only be shared on verified and secure platforms. 

Count on trusted sources: For purchasing items, viewing movie content, or acquiring information about the premiere, use official websites, approved stores, and trusted sources.
Read more »
Quick Heal
CNBC Cyber Attacks Cyber Fraudester Cyber Scam CyberCrime Cyberfraud Metro Cities NCRB Quick Heal

Elevated Cybercrime Risks in Metro Cities: Understanding Urban Vulnerabilities

 


In metropolitan cities, cyber fraudsters understand how people think. It is not surprising that they provide certain services so quickly and efficiently to people with busy lives. Experts have found that this puts them at a higher risk of scams. With the help of cyber security pundits and regular victims of this problem, CNBC-TV18 gets to the bottom of the problem. 

Major metropolitan cities are seen as prime targets for cybercriminals as cybercrime becomes more common. They set up more operations to achieve their goals.  It is possible to estimate the gravity of the situation by looking at Chennai, which has been the victim of nearly 8 million malware-related attacks in its history alone.  

Metropolitan cities are more vulnerable to cybercrimes as they have a lot of digital infrastructure and online services available to them. However, they lack strong data protection policies for their customers. The rise in cybercrime focuses cybercriminals' attention on the major metropolitan areas of the country. 

By simply looking at Chennai's condition, which received nearly 8 million malware-related attacks last year, one can determine the gravity of the situation, which can be calculated by looking at the condition there.

It has been announced by QuickHeal that more than 80,000 malware threats are detected and blocked every hour of the day, according to their official report. It has been estimated that there have been more than 1.91 million ransomware attacks to date. There have been numerous attacks resulting from the pandemic that have been used to benefit attackers. Arogya Setu is an app that you need to install on your smartphone if you want to attend Arogya Setu classes. 

People and organizations needed to track Covid-19-related information on the internet and social media regularly. Due to this, attackers were able to take advantage of it and created fake COVID-19 links to spread these links. 

Users clicked on the links in these messages, and malicious files were loaded onto their systems. Many of these files were detected and blocked by antivirus software. It was not only covid-19 that was included in the phishing links, but also other things like offers for jobs, free internet, online money, and other interesting things as well.  

Among the services QuickHeal provides, it has been reported that people are starting to become more familiar with the use of digital tools and antivirus software to protect their computers. Despite all this, there is still a long way to go since Internet usage is not considered a healthy activity by most people.  

In the order of most detected malware, the following were the most detected malware types: Trojans, Infectors, Worms, and Potentially Unwanted Applications (PUAs). The threat landscape still has its place for ransomware as it continues to encrypt sensitive user information, which is then sold on the dark web by attackers in exchange for money. 

Cybersecurity experts do not take data security very seriously and rely on third parties to maintain their data. According to these experts, many of these companies outsource their data maintenance to third parties. These third parties then sell the data to cyber criminals and cyber criminals get easy access to the data. Having more data means more opportunities for cyber fraudsters to commit fraud.

In 2019, according to the National Crime Record Bureau, there were 18,500 cases of cyber fraud reported in 19 metropolitan cities of the country, which accounted for 41 percent of the total cases of cyber fraud detected in the country. This number increased marginally in 2020 as 18,657 cases were reported in the metropolises of India - 37 percent of India's total number of cases that year. 

In contrast, cyber fraud cases in metropolitan cities have decreased since 2021, according to statistics - there were 17,115 reported cases - accounting for 32 percent of the total cases relating to cyber fraud in India. It is estimated that there are many more cases than reported, according to experts. 

As a result of the high number of cybercrime incidents targeting metropolitan cities, the authorities are aware of this problem. Several states and cities have created specialized cyber cells to combat such frauds, and they work together. Although, these authorities allege that operation hurdles have made it difficult to eradicate such crimes, which makes bringing them down difficult. 

When a person has realized that they have been scammed by a scammer, experts recommend that they log onto the cybercrime portal or call 1930 immediately. The experts suggest that any request for personal information, such as debit or credit card pins, or a one-time password should raise red flags and should be reported as soon as possible. 

Furthermore, these experts urge that all online transactions should only be carried out through secure, verified portals, and individuals should not upload sensitive documents or information to unverified or unknown portals without prior confirmation from the portal's owner.

Cybersecurity experts recommend that people avoid answering video calls from unknown numbers and not fall for lucrative offers. Anything that appears too unbelievable to be true is a scam. Thus, the best method of preventing cybercrime remains precaution and awareness. 

As per the findings of the National Crime Records Bureau (NCRB), 962 cybercrime cases were reported in India in 2014, 11592 cases were investigated in 2015, and 12,317 cases were reported in 2016. I believe that cybercrime incidents in India are increasing. 

Business is moving online, which means organizations have to ensure the network that their customers are using is safe and secure. As well as upgrading their technology, they should also hire employees with good management and security skills, who are trained in the protocols of security management, and who are adept at managing and securing sensitive customer data. 

The protection of adults' data is of paramount importance, especially for those over the age of 75. These people have an insufficient understanding of how technology works at the moment. As a result, companies and individuals both must understand how to tackle cyberattacks and educate the public about their detection. 
Read more »
OpenAI
ChatGPT Cyber Fraud Cyber Scam Fake Apps Fake ChatGPT Apps Fleeceware OpenAI

Fake ChatGPT Apps may Fraud you out of Your Money


The growing popularity of ChatGPT has given online scammers a good chance to take it as an opportunity to scam its users. Numerous bogus apps have now been released on the Google Play Store and the Apple App Store as a result of the thrill surrounding this popular chatbot.

Cybersecurity firm Sophos has now made the users acknowledge the case of fake ChatGPT apps. It claims that downloading these apps can be risky, that they have almost no functionality, and that they are continually sending advertisements. According to the report, these apps lure unaware users into subscribing for a subscription that can costs hundreds of dollars annually.

How Does the Fake ChatGPT App Scam Work? 

Sophos refers these fake ChatGPT apps as fleeceware, describing them as ones that bombard users with adverts until they give in and purchase the subscription. These apps are purposefully made to only be used for a short period of time after the free trial period ends, causing users to remove them without realizing they are still obligated to make weekly or monthly membership payments.

According to the report, five investigated bogus ChatGPT apps with names like "Chat GBT" were available in order to deceive users and increase their exposure in the Google Play or App Store rankings. The research also claimed that whereas these fake apps charged users ranging from $10 per month to $70 per year, OpenAl's ChatGPT offers key functionality that could be used for free online. Another scam app named Genie lured users into subscribing for $7 weekly or $70 annually, generating $1 million in income over the previous month.

“Scammers have and always will use the latest trends or technology to line their pockets. ChatGPT is no exception," said Sean Gallagher, principal threat researcher, Sophos. "With interest in AI and chatbots arguably at an all-time high, users are turning to the Apple App and Google Play Stores to download anything that resembles ChatGPT. These types of scam apps—what Sophos has dubbed ‘fleeceware’—often bombard users with ads until they sign up for a subscription. They’re banking on the fact that users won’t pay attention to the cost or simply forget that they have this subscription. They’re specifically designed so that they may not get much use after the free trial ends, so users delete the app without realizing they’re still on the hook for a monthly or weekly payment."

While some of the bogus ChatGPT fleeceware have already been tracked and removed from the app stores, they are expected to resurface in the future. Hence, it is recommended for users to stay cautious of these fake apps, and make sure that the apps they are downloading are legitimate.

For users who have already download these apps are advised to follow protocols provided by the App Store or Google Play store on how to “unsubscribe,” since just deleting the bogus apps would not cancel one’s subscription.  

Read more »
User Security
Adware Cyber Fraud Cyber Scam Internet Fraud threat report User Security

Internet Users are Inundated With Adware and False Advise Frauds Thanks to Hackers

 


Avast, a leading provider of cybersecurity software, has released its Q4 2022 Threat Report, which closely examines the kinds of scams that prey on unsuspecting consumers. 

One of the most well-known scam types was social engineering, which highlights the human error, as well as techniques for refund and invoice fraud and purported tech support scams. Like in prior quarters, lottery-related adware campaigns were still widely used. In addition to scams, the business identified two zero-day exploits in Chrome and Windows, which have since been patched, underscoring consumers' need to maintain software updates. 

Widespread email fraud 

Jakub Kroustek, Director of Avast Virus Research, argued that hackers attribute a significant percentage of their success to human nature, which causes us to react with urgency, anxiety, and a desire to recover control of situations.

According to Kroustek, "at the end of 2022, we witnessed an increase in human-centered threats, such as scams tricking people into thinking their computer is infected, or that they have been charged for goods they didn’t order. It’s human nature to react to urgency, and fear and try to regain control of issues, and that’s where cybercriminals succeed.

When people face surprising pop-up messages or emails, we recommend they stay calm and take a moment to think before they act. Threats are so ubiquitous today that it’s hard for consumers to keep up. It is our mission to help protect people by detecting threats and alerting users before they can do any harm, using the latest AI-based technology.”

During the latter months of 2022 running up to Christmas, an alarming rise in the refund and invoice fraud was observed, with duped victims giving hostile actors access to their screens and online banking. Uncertain individuals may prefer to go directly to the platform's website and use a number they are sure of rather than dialing the number on the scam email. 

Along with the Arkei information stealer, which showed a startling 437% growth, other lottery-style popups and other sources of data theft also occurred. Among other places, Arkei is renowned for stealing data from autofill forms in browsers. Two zero-day vulnerabilities have also been discovered in Windows and Google Chrome. According to Avast, the risk to users was reduced because both businesses were alerted and responded quickly.
Read more »
User Security
Cyber Fraud Cyber Scam data security Payment Gateway Firm User Security

Payment Gateway Firm Razorpay Loses ₹7.3 Crore in Cyber Fraud Incident

 

The South East cybercrime police are investigating a fraudulent case where a hacker stole ₹7.3 crores over three months by exploiting the authorization process of Razorpay Software Private Limited, a payment gateway company to authenticate 831 failed transactions. 

The fraud came to light when officials of the payment gateway company Razorpay Software Private Limited conducted an audit of the transactions, and they couldn’t accommodate the receipt of Rs. 7,38,36,192 against 831 transactions. 

Razorpay Software Private Limited was founded by Shashank Kumar and Harshil Mathur in 2015. The company offers online payment services that allow businesses in India to collect payments via credit card, debit card, net banking, and wallets. 

On May 16, Abhishek Abhinav Anand, head of Legal Disputes and Law Enforcement at Razorpay Software Private Limited, lodged a complaint with the South East cybercrime police. The police are currently attempting to track down the hacker on the basis of online transactions.
 
An internal probe has revealed that some person or persons have tampered with and manipulated the authorization and authentication process. As a result, false ‘approvals’ were sent to Razorpay against the 831 failed transactions, resulting in a loss amounting to ₹7,38,36,192. The company provided details of the 831 failed transactions, including date, time, IP address, and other relevant information to the police. 

"Razorpay's payment gateway is at par with the industry standards on data security. During a routine payment process, an unauthorized actor(s) with malicious intent used the browser to tamper with authorization data on a few merchant sites that used an older version of Razorpay's integration, due to gaps in their payment verification process. The company has conducted an audit of the platform to ensure no other systems, no merchant data, and funds, and neither their end-consumers were affected by this incident,” Razorpay’s spokesperson stated. 

According to the ministry of electronics and information technology (Meity), between 2018 and 2021, there was an over a five-fold jump in the number of cybercrime and fraud incidents recorded by the government. 

Basically, the number of incidents surged from 208,456 in 2018 to 1,402,809 in 2021, as per the Data available with the Indian Computer Emergency Response Team (Cert-In). Indian Computer Emergency Response Team is the government agency for computer security.
Read more »
User Security
Cyber Scam Hacking Instagram Instagram Mobile Security security threat User Privacy User Security

Scammers Employ Instagram Stories to Target Users

 

Instagram is the fourth most popular social media platform in the world, with over one billion monthly active users. Almost everyone, from celebrities to your kids, has an Instagram account. This global success makes it a very lucrative target for threat actors. 

According to BBC, the scamming has worsened over the past year, with the Instagram fraud reports increasing by 50% since the coronavirus outbreak began in 2020. Scammers just need a handful of those people who will help someone without thinking. And since they’re not after money, just a bit of someone’s time, they already have one foot in the door. 

The latest scam involves Instagram backstories. Fraudsters will ask you for help, tell their backstory, and put their fate in your hands. Here are some of the Instagram stories that fraudsters employ to target users: 

  •  "I’m launching my own product line." 
  •  "I’m in a competition and need you to vote for me." 
  • "I’m trying to get verified on Instagram and need people to confirm my fanbase with a link."
  • "I need a help link to get into Instagram on my other phone." This is the most common tactic employed by scammers. 
  • "I’m contesting for an ambassadorship spot at an online influencers program." This one is surprisingly popular, with fake influencers everywhere. 

Scammers try to get access to your Instagram account by sending you a suspicious link, either as an Instagram direct message or via email. They will then ask you not to click the link but merely take a screenshot and send the image back to them. The link is a legitimate Instagram “forgotten password” URL for your account, and fraudsters want you to screenshot it so they can use the URL to reset your password, take over your account, and lock you out. 

Regardless, any requests for link screenshots should be treated with extreme suspicion. Whether product lines or ambassador programs, you can safely ignore these messages. If you think you’ve been scammed, report it to Instagram. Change your password and enable two-factor authentication. If you reuse passwords, a scammer could break into more of your accounts. Change those passwords.
Read more »
User Security
Card Skimming Credit Card Cyber Fraud Cyber Scam User Security

WooCommerce Credit Card Stealer Found Implanted in Fake Images

 

Card skimming and card details theft is one such sophisticated technique attack that seldom fails. Earlier this week, cybersecurity researchers at Sucuri blog unmasked a malicious campaign where a credit card swiper was injected into WordPress’ wp-settings.php file. The WooCommerce customers reported that images were disappearing from the cart almost as soon as they were uploaded. 

According to researchers, the credit card skimmer was buried deep down into the file titled '../../Maildir/sub.main', and it was easy to miss on a casual review. Scammers usually prefer to deploy malicious content out of the way so it is more difficult to detect. The common tactic employed is to create directories that look like system directories, or to place malware in existing core CPanel or other server directories. 

Upon analyzing the malicious file, researchers uncovered over 150 lines of code that had been obfuscated with str_rot13 and base64. Attackers also used multiple functions to store credit card data concealed in the wp-content/uploads/highend/dyncamic.jpg image file. When decoded, that data revealed not only credit card details submitted to the site, but also admin credentials to the site’s backend. 

Injecting card skimmers into WordPress plugin files is the newest trend, avoiding the heavily watched ‘wp-admin’ and ‘wp-includes’ core folders, where most injections are short-lived. It is one of the most lucrative and stealth attack tactics employed by scammers to make money. 

There are a couple reasons why this is a useful tactic. The primary reason is that it makes it very easy for scammers to download the stolen details in their browser or a console. Secondly, most website/server malware detection scans focus on website file extensions such as PHP, JS, and HTML. Image files, particularly those in a wp-content/uploads sub-directories, can sometimes be overlooked.

“Scammers are aware that most security plugins for WordPress contain some way to monitor the file integrity of core files (that is, the files in wp-admin and wp-includes directories). This makes any malware injected into these files very easy to spot even by less experienced website administrators. The next logical step for them would be to target plugin and theme files,” researchers explained.
Read more »
security threat
Cyber Scam Mobile Security Phishing Campaign security threat

Beware of New Phishing Campaign Targeting Facebook Users

 

Facebook users need to remain vigilant after researchers at Abnormal Security uncovered the new phishing campaign designed to steal passwords from admin that run company Facebook pages. The scam begins with a victim being sent a phishing email claiming to be from 'The Facebook Team’. 

The email warns that the user's account might be disabled or the page might be removed over repeatedly posting content that infringes on someone else’s rights. 

Once scaring a victim into thinking their Facebook profile could soon be taken down, the victim is invited to appeal the report by clicking on a link that the security researchers said goes to a Facebook post – and within this post, there's another link that directs users to a separate website. To file an ‘appeal’, a Facebook user is told to enter sensitive information including their name, email address, and Facebook password. 

All this information is sent to the threat actor, who can exploit it to log in to the victim's Facebook page, gather sensitive details from their account, and potentially lock them out of it. If the victim re-uses their Facebook email address and password for other websites and applications, the attacker can access those too. One of the reasons phishing attacks like this are successful is because they create a sense of urgency. 

“What makes this attack interesting (and particularly effective) is that the threat actors are leveraging Facebook’s actual infrastructure to execute the attack. Rather than sending the target straight to the phishing site via a link in the email, the attackers first redirect them to a real post on Facebook. Because the threat actors use a valid Facebook URL in the email, it makes the landing page especially convincing and minimizes the chance the target will second-guess the legitimacy of the initial email,” researchers explained. 

“In addition, it appears the attackers are targeting accounts of people who manage Facebook Pages for companies. For these individuals, a disabled Facebook account wouldn’t just be an inconvenience; it could have an impact on their marketing, branding, and revenue. If they believed their account was at risk, they would be particularly motivated to act quickly.” 

If you have already been a victim of this campaign, or want to stay safe from any future threats, Facebook on its website has issued recommendations for its users. The social network advises anyone who thinks they’ve fallen for a phishing scam to report it, change their password, and make sure they log out of any devices they don’t recognize. Facebook also recommends users turn on multi-factor authentication, which helps to add an extra level of security to their account.
Read more »
User Security
Cyber Scam Malicious Campaign Mobile Security User Privacy User Security

Scammers are Using Novel Technique to Target iPhone and Android Users

 

Cybersecurity researchers have unearthed a new methodology employed by fraudsters to target iPhone and Android users by tricking them into installing malware via dubious apps and use it to swipe thousands of dollars.

According to researchers at cybersecurity firm Sophos, a scam campaign dubbed CryptoRom typically begins with social-engineering attack, in which a scammer befriends a victim through dating apps like Tinder, Bumble, or Facebook Dating.

The scammer then moves their conversation to messaging apps such as WhatsApp and asks the victim to install a cryptocurrency trading application that's designed to mimic popular brands and lock people out of their accounts and freeze their funds. In some cases, victims are forced to pay a “tax” to withdraw their money, which they learn by chatting with an in-app customer service representative who is part of the malicious campaign. 

"This style of cyber-fraud, known as sha zhu pan — literally 'pig butchering plate' — is a well-organized, syndicated scam operation that uses a combination of often romance-centered social engineering and fraudulent financial applications and websites to ensnare victims and steal their savings after gaining their confidence," stated Sophos analyst Jagadeesh Chandraiah. 

The malicious campaign exploits iOS TestFlight and Apple WebClip to deploy fake mobile apps and websites onto victims’ phones without being subject to the rigorous app store approval process. The malicious campaign was initially used in Asia but has hit the U.S. and European victims since October 2021. 

TestFlight is used for testing the beta version of apps before they head to the App Store. It is used for small internal tests, sent out to 100 users by email, and public beta tests distributed to up to 10,000 users. But the scammers exploit the TestFlight feature, which provides a way for users to download bogus apps outside of the App Store, researchers explained. 

Sophos researchers said some victims installed malicious versions of the legitimate BTCBOX Japanese crypto exchange app that were made available through the TestFlight feature. 

The fraudsters also employed iOS WebClips to trick iPhone users, as they were sent malicious URLs via the service. WebClips offers fast access to favorite webpages or links, as Apple highlights, with researchers stating that it can be employed to design fake apps to appear more authentic.
Read more »
User Privacy
Cyber Fraud Cyber Scam Cybercriminal Tactics data security Fraudsters Microsoft phishing Safety Security User Data User Privacy

Attackers Revive 20-Year-Old Tactic in Microsoft 365 Phishing Attacks

 

A classic phishing tactic using mislabeled files is being used to deceive Microsoft 365 users into revealing their credentials. Malicious actors are dusting off Right-to-Left Override (RLO) attacks to fool victims into running files with altered extensions, as per cybersecurity researchers at Vade. Victims are requested to enter their Microsoft 365 login details when they open the files. 

In the previous two weeks, Vade's threat analysis team has discovered more than 200 RLO attacks targeting Microsoft 365 users. The technique of assault was: 

Within the Unicode encoding system, the RLO character [U+202e] is a special non-printing character. The symbol was created to support languages like Arabic and Hebrew, which are written and read from right to left. 

The special character, which can be found in the Windows and Linux character maps, can be used to mask the file type. The executable file abc[U+202e]txt.exe, for example, will display in Windows as abcexe.txt, misleading people to believe it is a.txt file. 

The threat has been present for more than a decade, and CVE-2009-3376 was first identified in 2008 in Mozilla Foundation and Unicode technical reports. 

"While Right-to-Left Override (RLO) attack is an old technique to trick users into executing a file with a disguised extension, this spoofing method is back with new purposes," noted researchers. 

RLO spoofing was previously a common technique for hiding malware in attachments. According to Vade researchers, the approach is currently being used to phish Microsoft 365 business users in order to gain access to a company's data. The team encountered one RLO attack in which an email was delivered with what seemed to be a voicemail.mp3 attachment. 

Researchers stated, "This kind of scam preys on the curiosity of the recipient, who is not expecting a voicemail, and who maybe intrigued enough to click the phishing link in the body of the email or the attachment, which is often an html file."
  
"Most likely attackers are taking advantage of the COVID-19 pandemic, with the expansion of remote working," hypothesized the analysts, who also noted that "RLO spoofing attachments is more convincing with the lack of interpersonal communication due to teleworking."
Read more »
Money Laundering
Cyber Crime Cyber Scam Dark Web Money Laundering

DeepDotWeb Operator Sentenced to Eight Years for Role in $8.4 million Kickback Scheme

 

An Israeli national was sentenced to 97 months in prison in connection with operating the DeepDotWeb (DDW), a website that connected internet users with darknet marketplaces.

From 2013, Prihar (37) and co-defendant Michael Phan (34), started operating DeepDotWeb and provided a platform for Dark Web news and links to marketplaces, redirecting visitors to their .onion addresses -- websites that are not available via standard search engines in the clear web.

The conviction of Tal Prihar, 37, was announced last week by the U.S. Department of Justice and U.S. Attorney Cindy K. Chung for the Western District of Pennsylvania for money laundering and was ordered to forfeit $8,414,173, ASUS laptop, iPhone, and accounts at various cryptocurrency exchanges such as Kraken, Binance and OKCoin. 

Prihar had pleaded guilty to conspiracy to commit money laundering in March 2021, almost two years after his arrest and the site's seizure, while Phan remains in Israel and is currently undergoing extradition proceedings.

For linking users with the illegal darknet marketplaces, Prihar received a total of 8,155 bitcoins from his affiliate marketing deals with marketplace operators. To conceal the sources of these payments, Prihar converted them to fiat currency and laundered it through other Bitcoin and bank accounts he controlled in the name of shell companies. 

"To conceal the nature and source of these illegal kickback payments, Prihar transferred the payments from his DDW bitcoin wallet to other bitcoin accounts and to bank accounts he controlled in the names of shell companies." explains the DoJ announcement. 

The investigation into DDW involved the FBI's Pittsburgh Field Office, French authorities, Europol, the IRS, German law enforcement, the Israeli National Police, and the UK's National Crime Agency (NCA), among other organizations. 

Additionally, the DoJ also announced the sentencing of an associate of the Dark Overlord hacking group for his role in possessing and selling more than 1,700 stolen identities, including social security numbers, on the dark web marketplace AlphaBay. 

Slava Dmitriev, a 29-year-old Canadian citizen who was arrested in Greece in September 2020 and extradited to the U.S. in January 2021, was sentenced to a jail term of three years after he pleaded guilty in August 2021 to fraud charges.
Read more »
Subscribe to: Posts (Atom)