Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Fake Accounts. Show all posts
Phishing Attack
Cyber Security cybercriminal group Europol Fake Accounts Fake SIM Card Fraud Interpol Phishing Attack

Europol Dismantles SIMCARTEL Network Behind Global Phishing and SIM Box Fraud Scheme

 

Europol has taken down a vast international cybercrime network responsible for orchestrating large-scale phishing, fraud, and identity theft operations through mobile network systems. The coordinated crackdown, codenamed “SIMCARTEL,” led to multiple arrests and the seizure of a massive infrastructure used to fuel telecom-based criminal activity across more than 80 countries. 

Investigators from Austria, Estonia, and Latvia spearheaded the probe, linking the criminal network to over 3,200 cases of fraud, including fake investment scams and emergency call frauds designed for quick financial gain. The financial toll of the operation reached approximately $5.3 million in Austria and $490,000 in Latvia, highlighting the global scale of the scheme. 

The coordinated action, conducted primarily on October 10 in Latvia, resulted in the arrest of seven suspects and the seizure of 1,200 SIM box devices loaded with nearly 40,000 active SIM cards. Authorities also discovered hundreds of thousands of unused SIM cards, along with five servers, two websites, and several luxury vehicles. Around $833,000 in funds across bank and cryptocurrency accounts were also frozen during the operation. 

According to Europol, the infrastructure was designed to mask the true identities and locations of perpetrators, allowing them to create fake social media and communication accounts for cybercrimes. “The network enabled criminals to establish fraudulent online profiles that concealed their real identity and were then used to carry out phishing and financial scams,” Europol said in a statement. 

Investigators have traced the network to over 49 million fake accounts believed to have been created and distributed by the suspects. These accounts were used in a range of crimes, including extortion, smuggling, and online marketplace scams, as well as fake investment and e-commerce schemes. 

The operation highlights the growing global threat of SIM farms—collections of SIM boxes that allow cybercriminals to automate scams, send spam, and commit fraud while remaining undetected by telecom providers. These systems have become a preferred tool for large-scale phishing and social engineering attacks worldwide. 

Just weeks earlier, the U.S. Secret Service dismantled a similar network in New York City, seizing over 300 servers and 100,000 SIM cards spread across several locations. 

Cybersecurity intelligence firm Unit 221B also issued a warning that SIM farms are rapidly multiplying and putting telecom providers, banks, and consumers at risk. “We’ve identified at least 200 SIM boxes operating across dozens of U.S. sites,” said Ben Coon, Chief Intelligence Officer at Unit 221B. 

While the SIMCARTEL takedown marks a major victory for law enforcement, Europol noted that investigations are still underway to uncover the full extent of the criminal infrastructure. Authorities emphasize that combating SIM box networks is essential to defending users against phishing, identity fraud, and telecom-based cyberattacks that continue to grow in sophistication and scale.
Read more »
Online Scams
AIdeepfakes Cyber Fraud Fake Accounts Fake business accounts financial scams Fraud Alert Internet scammers Online App online fraud prevention online frauds Online Scams

Scamfluencers Use Social Media to Orchestrate Sophisticated Online Fraud

 

Scamfluencers, a rising category of deceptive internet personalities, are leveraging their online influence to run sophisticated scams that have already cost Americans an estimated $1.9 billion in 2024. 

These individuals masquerade as experts in finance, health, or other trusted domains to exploit trust and extract money from their followers. By blending online popularity with calculated deceit, scamfluencers are proving to be one of the most dangerous forms of digital manipulation today. 

According to Adewale Adeife, a cybersecurity consultant at EY, scamfluencers are especially dangerous because they merge their social credibility with modern deception tactics. These often include emotional manipulation, fabricated social proof such as fake likes and engagement pods, and now, even AI-generated deepfakes to bolster their authority. Scamfluencers fabricate credentials, pose as professionals, and often use emotionally charged content to draw in followers. 

In one infamous example, teenager Malachi Love-Robinson posed as a medical doctor, tricking patients and professionals alike. Others may impersonate financial experts, promising “get-rich-quick” results backed by fake testimonials and limited-time offers. Tactics also include exploiting psychological tendencies like authority bias, where users are more likely to believe information from someone who appears famous or credentialed. 

Scamfluencers also use the consistency principle—starting with small asks that escalate into larger scams. Fear, greed, and urgency are common emotional triggers they use to lower victims’ skepticism. To protect yourself, cybersecurity experts recommend several steps. 

Always verify an influencer’s claims and professional background. Be wary of requests for unconventional payments such as cryptocurrency or gift cards. If the person reacts defensively to questions, or if their results seem too good to be true, it’s likely a red flag. If you suspect you’ve encountered a scamfluencer, stop communication immediately, save all evidence, report it to your financial institution, and file complaints with law enforcement and cybercrime units. 

Social media companies are stepping up their defenses, using AI to detect fake accounts, manipulated media, and suspicious behavior. Despite these efforts, experts emphasize that individual vigilance is still the best defense against scamfluencer tactics. 

In an increasingly digital world, where influence can easily be faked and trust weaponized, staying informed and skeptical is essential. Recognizing the signs of scamfluencers helps prevent fraud and contributes to creating a safer and more authentic online environment.
Read more »
Phishing Scams
counterfeit Cyber Security Cyber Squatting Domain Fake Accounts Fake Domains fake websites imposter frauds Malwares Phishing Scams

Understanding Cybersquatting: How Malicious Domains Threaten Brands and Individuals

 

Cybersquatting remains a persistent threat in the digital landscape, targeting businesses, individuals, and public figures alike. This deceptive practice involves registering domain names that closely resemble those of legitimate brands or individuals, often with malicious intent. Despite rising awareness and improved security measures, cybersquatting continues to flourish. According to the World Intellectual Property Organization (WIPO), nearly 6,200 domain disputes related to cybersquatting were filed with its Arbitration and Mediation Center in 2024, indicating the scale of the problem. 

Typically, cybersquatters aim to exploit the reputation of an existing brand by acquiring a domain that looks similar to the original. They might register a domain before a business secures it, or take advantage of minor spelling variations that are easily overlooked by users. This allows them to mislead consumers, drive traffic to fraudulent websites, or sell the domain back to the rightful owner at a premium. In more dangerous scenarios, these domains are used to host phishing scams, distribute malware, or promote counterfeit products. One common technique employed by cybersquatters is typosquatting, where domains are registered with intentional misspellings or typographical errors. Unsuspecting users who mistype a URL may unknowingly land on malicious sites. 

A notable example occurred in 2006 when a domain resembling “Google.com” was used to trick visitors into installing fake antivirus software. Another tactic involves registering domains tied to celebrities or public figures, often with the intent to damage reputations or spread spam. A high-profile case involved Madonna, who successfully reclaimed a domain bearing her name that was being used to host adult content. Some cybersquatters engage in identity-based attacks, closely imitating official company domains to carry out fraud or data theft. For example, Dell once had to legally pursue entities that had registered over 1,100 domains using names resembling its brand. Others use a tactic called reverse cybersquatting, where they first register a business and then secure the corresponding domain, falsely claiming legitimacy to obstruct the actual brand’s efforts to recover it.

In another method, known as domain name warehousing, attackers monitor expiring domains and quickly register them if the original owner forgets to renew. In one case, a former campaign domain linked to politician Nigel Farage was redirected to an opponent’s site as a form of protest. While legal frameworks exist to combat cybersquatting, enforcement can be complex. In the United States, the Anti-Cybersquatting Consumer Protection Act (ACPA) empowers victims to take legal action and potentially reclaim their domains along with financial damages. 

The European Union Intellectual Property Office (EUIPO) also provides mechanisms to enforce trademark rights in domain disputes. Additionally, WIPO can facilitate domain transfers when bad faith registration is proven. Despite these protections, prevention remains key. Organizations are encouraged to register not only their primary domains but also common misspellings, different extensions, and regional variations to minimize the risk of cybersquatters exploiting their identity.
Read more »
Social Media threats
Account Hack account protection Cyber Security Fake Accounts Google Account online account security Social Media threats

Avoiding Social Media Scams When Recovering a Locked Gmail Account

 

Losing access to your Gmail account can be a frightening experience, especially given that Gmail is deeply integrated into the online lives of more than 2.5 billion users globally. Unfortunately, the popularity of Gmail has also attracted scammers who exploit users seeking help after being locked out of their accounts. These attackers wait for users to post their issues publicly on social media platforms, particularly X (formerly Twitter). They pose as helpful people or even official support agents, suggesting that they can help users recover their accounts. By using fake accounts that appear credible, they deceive users into sharing personal information or even paying money under the guise of assistance. 

Engaging with these fake accounts is risky, as scammers may ask for payment without helping or, worse, obtain the victim’s login credentials, gaining full access to their accounts. In the initial panic of losing an account, people often turn to social media for immediate help. This public search for help exposes them to a swarm of scammers using automated bots to detect posts about lost accounts. These bots then direct users to supposed “support agents” who, in reality, are fraudsters attempting to capitalize on the vulnerability of those locked out of their accounts. Victims may be asked to pay for a recovery service or provide personal details, like account passwords or two-factor authentication codes. 

Often, the scammers promise assistance but deliver none, leaving users at risk of both financial loss and further account compromise. In some cases, attackers use these interactions to access the victim’s Gmail credentials and take over not just the email but other connected Google services, leading to a much larger security breach. While the need for quick support is understandable, it’s essential to avoid turning to public platforms like X or Facebook, which can make users easy targets. Instead, Google has official account recovery methods to retrieve locked accounts safely. The company provides a structured recovery process, guiding users through steps that don’t involve sharing details with strangers. This includes using backup email addresses or two-factor authentication to regain access. 

Additionally, Google has an official support community where users can discuss issues and seek guidance in a more secure environment, reducing the likelihood of encountering scammers. By following these steps, users can regain access to their accounts without exposing themselves to further risk. Even in stressful situations, staying cautious and using verified recovery options is the safest course. Publicly seeking help with sensitive matters like account access opens doors to fraudsters who thrive on desperation. Taking time to verify recovery resources and avoiding social media platforms for assistance can help users avoid falling victim to predatory scams. By following Google’s secure processes, users can ensure the safety of their accounts and keep their personal information secure.
Read more »
Social Media
AI technology ChatGPT ChatGPT. OpenAI Cyber Attacks Cyber Criminals Fake Accounts Open AI Social Media

OpenAI’s Disruption of Foreign Influence Campaigns Using AI

 

Over the past year, OpenAI has successfully disrupted over 20 operations by foreign actors attempting to misuse its AI technologies, such as ChatGPT, to influence global political sentiments and interfere with elections, including in the U.S. These actors utilized AI for tasks like generating fake social media content, articles, and malware scripts. Despite the rise in malicious attempts, OpenAI’s tools have not yet led to any significant breakthroughs in these efforts, according to Ben Nimmo, a principal investigator at OpenAI. 

The company emphasizes that while foreign actors continue to experiment, AI has not substantially altered the landscape of online influence operations or the creation of malware. OpenAI’s latest report highlights the involvement of countries like China, Russia, Iran, and others in these activities, with some not directly tied to government actors. Past findings from OpenAI include reports of Russia and Iran trying to leverage generative AI to influence American voters. More recently, Iranian actors in August 2024 attempted to use OpenAI tools to generate social media comments and articles about divisive topics such as the Gaza conflict and Venezuelan politics. 

A particularly bold attack involved a Chinese-linked network using OpenAI tools to generate spearphishing emails, targeting OpenAI employees. The attack aimed to plant malware through a malicious file disguised as a support request. Another group of actors, using similar infrastructure, utilized ChatGPT to answer scripting queries, search for software vulnerabilities, and identify ways to exploit government and corporate systems. The report also documents efforts by Iran-linked groups like CyberAveng3rs, who used ChatGPT to refine malicious scripts targeting critical infrastructure. These activities align with statements from U.S. intelligence officials regarding AI’s use by foreign actors ahead of the 2024 U.S. elections. 

However, these nations are still facing challenges in developing sophisticated AI models, as many commercial AI tools now include safeguards against malicious use. While AI has enhanced the speed and credibility of synthetic content generation, it has not yet revolutionized global disinformation efforts. OpenAI has invested in improving its threat detection capabilities, developing AI-powered tools that have significantly reduced the time needed for threat analysis. The company’s position at the intersection of various stages in influence operations allows it to gain unique insights and complement the work of other service providers, helping to counter the spread of online threats.
Read more »
Threat Intelligence
Cloud Security Cyber Crime Fake Accounts Illicit Activity Threat Intelligence

Unveiling Storm-1152: A Top Creator of Fake Microsoft Accounts

 

The Digital Crimes Unit of Microsoft disrupted a major supplier of cybercrime-as-a-service (CaaS) last week, dubbed Storm-1152. The attackers had registered over 750 million fake Microsoft accounts, which they planned to sell online to other cybercriminals, making millions of dollars in the process.

"Storm-1152 runs illicit websites and social media pages, selling fraudulent Microsoft accounts and tools to bypass identity verification software across well-known technology platforms," Amy Hogan-Burney, general manager for Microsoft's DCU, stated . "These services reduce the time and effort needed for criminals to conduct a host of criminal and abusive behaviors online.” 

Cybercriminals can employ fraudulent accounts linked to fictitious profiles as a virtually anonymous starting point for automated illegal operations including ransomware, phishing, spamming, and other fraud and abuse. Furthermore, Storm-1152 is the industry leader in the development of fictitious accounts, offering account services to numerous prominent cyber threat actors. 

Microsoft lists Scattered Spider (also known as Octo Tempest) as one of these cybercriminals. They are the ones responsible for the ransomware attacks on Caesars Entertainment and the MGM Grand this fall). 

Additionally, Hogan-Burney reported that the DCU had located the group's primary ringleaders, Tai Van Nguyen, Linh Van Nguyá»…n (also known as Nguyá»…n Van Linh), and Duong Dinh Tu, all of whom were stationed in Vietnam.

"Our findings show these individuals operated and wrote the code for the illicit websites, published detailed step-by-step instructions on how to use their products via video tutorials, and provided chat services to assist those using their fraudulent services," Burney noted. 

Sophisticated crimeware-as-a-service ring 

Storm-1152's ability to circumvent security measures such as CAPTCHAs and construct millions of Microsoft accounts linked to nonexistent people highlights the group's expertise, according to researchers.

The racket was likely carried out by "leveraging automation, scripts, DevOps practices, and AI to bypass security measures like CAPTCHAs." The CaaS phenomenon is a "complex facet of the cybercrime ecosystem... making advanced cybercrime tools accessible to a wider spectrum of malicious actors," stated Craig Jones, vice president of security operations at Ontinue. 

According to Critical Start's Callie Guenther, senior manager of cyber threat research, "the use of automatic CAPTCHA-solving services indicates a fairly high level of sophistication, allowing the group to bypass one of the primary defences against automated account creation.”

Platforms can take a number of precautions to prevent unwittingly aiding cybercrime, the researchers noted. One such safeguard is the implementation of sophisticated detection algorithms that can recognise and flag suspicious conduct at scale, ideally with the help of AI. 

Furthermore, putting robust multifactor authentication (MFA) in place for the creation of accounts—especially those with elevated privileges—can greatly lower the success rate of creating fake accounts. However, Ontinue's Jones emphasises that more work needs to be done on a number of fronts.
Read more »
Microsoft
Criminal Ring Cyber Crime Fake Accounts Illegal Funds Microsoft

Microsoft Shuts Down a Criminal Ring Responsible for Creating Over 750 Million Fake Accounts

 

Microsoft Corp. has shut down a cybercrime group's US-based infrastructure, which created more than 750 million fake accounts across the company's services. 

Microsoft carried out the takedown with the support of Arkose Labs Inc., a venture-backed cybersecurity firm. The latter sells a cloud platform that allows businesses in blocking fraud and hacking efforts aimed at their services. Storm-1152 is the threat actor that Microsoft has identified. 

Several hacking organisations' tactic is to create fake accounts in services like Microsoft Outlook and then use them for phishing or spam campaigns. Furthermore, fraudulent accounts can be employed to launch distributed denial-of-service (DDoS) attacks. Hackers typically do not create such accounts themselves, but rather purchase them from cybercrime-as-a-service outfits such as Storm-1152, the threat actor that Microsoft has disrupted. 

Storm-1152 is believed to be the "number one seller" of fake Microsoft accounts, the company stated. It is estimated that the gang created 750 million such accounts and also created fraudulent users on other companies' services. Furthermore, Storm-1152 sold software for circumventing CAPTCHAs, which are used by many online sites to ensure that a login request comes from a human and not an automated system.

Microsoft believes that several cybercrime groups' hacking efforts were fueled by the fake accounts that Storm-1152 created. Scattered Spider, the threat actor behind the widely reported attacks against Caesars Entertainment Inc. and MGM Resorts International earlier this year, is believed to be one of those groups. According to Microsoft's investigation, Storm-1152 earned millions of dollars in illegal money while incurring far larger expenses for the companies who made an effort to thwart it. 

“While our case focuses on fraudulent Microsoft accounts, the websites impacted also sold services to bypass security measures on other well-known technology platforms,” Amy Hogan-Burney, Microsoft’s general manager and associate general counsel for cybersecurity policy and protection, explained. “Today’s action therefore has a broader impact, benefiting users beyond Microsoft.” 

Microsoft disrupted the four websites by obtaining a seizure order from a federal court in the Southern District of New York. As part of its efforts to thwart Storm-1152's operations, Microsoft has also discovered that the group is led by three Vietnamese citizens : Duong Dinh Tu, Linh Van Nguyn, and Tai Van Nguyen. The company stated that it has reported its findings to law enforcement.
Read more »
Twitter
Cyber Fraud Eli Lilly Elon Musk Fake Accounts Pharmaceutical Twitter

The Twitter Blue Scandal Caused Eli Lilly to Lose Billions of Dollars


It seems that Twitter Inc. has suspended its recently announced $8 blue check subscription following a proliferation of fake accounts on its platform. However, the decision to suspend the service came too late for one pharmaceutical company due to how fast online accounts proliferated. 

American pharmaceutical giant Eli Lilly (LLY) lost billions of dollars after its stock plummeted on Friday due to a false tweet claiming "insulin is free now" sent on Thursday by a fake account, verified with a blue tick. 

A fake account impersonating Eli Lilly on social media promised free insulin as part of its promotion on Friday, according to The Star newspaper. However, the stock of the company dropped 4.37 percent, wiping out over $15 billion in market capitalization. 

In a tweet posted from its official Twitter account, Eli Lilly provided clarification regarding the matter.

A flood of fake Twitter accounts has sprung up since Elon Musk's revised subscription guidelines for Twitter Blue were announced. Eli Lilly is only one of the victims. 

Twitter's Blue Saga


It was reported on Friday by AFP that Twitter took action on Friday to curb the proliferation of fake accounts. This has been seen since Elon Musk took over the company. There has been a suspension of new sign-ups for the newly introduced paid checkmark system on Twitter, and some accounts have been restored to their gray badges. 

Before the new law, the coveted blue tick used to be available only to politicians, famed personalities, journalists, and other public figures. It was also available to government organizations and private organizations. 

The official Twitter account @twittersupport tweeted on Friday about restoring the "official" label on accounts to stop the flood of fake accounts. The tweet stated "To combat impersonation, we have added an "official" label to some accounts." 

There is evidence that Twitter has temporarily disabled the feature as documented by a memo sent internally to its employees, obtained by US media including The Washington Post, to address "impersonation issues."
Read more »
Subscribe to: Comments (Atom)