Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Online Scams. Show all posts
Online Scams
AIdeepfakes Cyber Fraud Fake Accounts Fake business accounts financial scams Fraud Alert Internet scammers Online App online fraud prevention online frauds Online Scams

Scamfluencers Use Social Media to Orchestrate Sophisticated Online Fraud

 

Scamfluencers, a rising category of deceptive internet personalities, are leveraging their online influence to run sophisticated scams that have already cost Americans an estimated $1.9 billion in 2024. 

These individuals masquerade as experts in finance, health, or other trusted domains to exploit trust and extract money from their followers. By blending online popularity with calculated deceit, scamfluencers are proving to be one of the most dangerous forms of digital manipulation today. 

According to Adewale Adeife, a cybersecurity consultant at EY, scamfluencers are especially dangerous because they merge their social credibility with modern deception tactics. These often include emotional manipulation, fabricated social proof such as fake likes and engagement pods, and now, even AI-generated deepfakes to bolster their authority. Scamfluencers fabricate credentials, pose as professionals, and often use emotionally charged content to draw in followers. 

In one infamous example, teenager Malachi Love-Robinson posed as a medical doctor, tricking patients and professionals alike. Others may impersonate financial experts, promising “get-rich-quick” results backed by fake testimonials and limited-time offers. Tactics also include exploiting psychological tendencies like authority bias, where users are more likely to believe information from someone who appears famous or credentialed. 

Scamfluencers also use the consistency principle—starting with small asks that escalate into larger scams. Fear, greed, and urgency are common emotional triggers they use to lower victims’ skepticism. To protect yourself, cybersecurity experts recommend several steps. 

Always verify an influencer’s claims and professional background. Be wary of requests for unconventional payments such as cryptocurrency or gift cards. If the person reacts defensively to questions, or if their results seem too good to be true, it’s likely a red flag. If you suspect you’ve encountered a scamfluencer, stop communication immediately, save all evidence, report it to your financial institution, and file complaints with law enforcement and cybercrime units. 

Social media companies are stepping up their defenses, using AI to detect fake accounts, manipulated media, and suspicious behavior. Despite these efforts, experts emphasize that individual vigilance is still the best defense against scamfluencer tactics. 

In an increasingly digital world, where influence can easily be faked and trust weaponized, staying informed and skeptical is essential. Recognizing the signs of scamfluencers helps prevent fraud and contributes to creating a safer and more authentic online environment.
Read more »
recruiters
Authenticity Identity Theft Job Search Linkedin Online Scams recruiters

Think That Job Offer on LinkedIn Is Real? Not Without This Badge

 






LinkedIn has taken a major step toward improving online safety by extending its identity verification feature beyond its own platform. This update is part of the company’s ongoing efforts to help users avoid fake profiles and internet scams, especially in professional spaces.


Verification Now Available Outside LinkedIn

Last year, LinkedIn introduced a system that allowed users to confirm their identity, work history, or education. This could be done by uploading a government ID, using a work email, or verifying through trusted services like Microsoft Entra or CLEAR. Once verified, a small badge appeared on the user’s profile to show they were a real person.

Now, that same badge can be used on other websites too. Platforms like Adobe’s Content Authenticity tool and Behance now support LinkedIn verification. This means that designers, freelancers, and other professionals can show proof of their LinkedIn verification outside the site, helping build trust wherever they share their work.


Fake Profiles: A Growing Problem

Online scams that involve fake identities are a serious issue, especially on business-focused platforms like LinkedIn. Criminal groups often create false accounts pretending to be recruiters or professionals. These accounts are then used to reach out to real users and trick them into clicking malicious links or sharing personal information.

One major example involved a hacker group from North Korea, known as Lazarus. They created a fake LinkedIn profile and pretended to be offering a job to a blockchain developer. During the interview process, the developer was unknowingly sent harmful software, which was used to steal around $600 million worth of cryptocurrency. Experts called this series of attacks “Operation DreamJob.”

In other cases, scammers even created fake developer identities to get hired by real companies. Once inside, they used their access to collect private company data.


More Protection for Job Seekers

In response to these risks, LinkedIn has also added a feature to confirm whether a recruiter is legitimate. Verified recruiters now have a special checkmark on their profiles, making it easier for job seekers to know who they can trust.


What This Means for Users

These new steps help users feel safer while networking or job hunting online. The verification badge shows others that the person they are talking to has been confirmed by LinkedIn, either as a real employee, job seeker, or recruiter. By making this system available on other platforms, LinkedIn is helping more people protect their identities and avoid falling for fake offers or scams.

Read more »
ransomware attacks
Cybersecurity Threats Document converter malware Fake file converters malware Online Scams ransomware attacks

FBI Warns Against Fake Online Document Converters Spreading Malware

 

iThe FBI Denver field office has issued a warning about cybercriminals using fake online document converters to steal sensitive data and deploy ransomware on victims' devices. Reports of these scams have been increasing, prompting authorities to urge users to be cautious and report incidents.

"The FBI Denver Field Office is warning that agents are increasingly seeing a scam involving free online document converter tools, and we want to encourage victims to report instances of this scam," the agency stated.

Cybercriminals create fraudulent websites that offer free document conversion, file merging, or media download services. While these sites may function as expected, they secretly inject malware into downloaded files, enabling hackers to gain remote access to infected devices.

"To conduct this scheme, cybercriminals across the globe are using any type of free document converter or downloader tool," the FBI added.

These sites may claim to:
  • Convert .DOC to .PDF or other file formats.
  • Merge multiple .JPG files into a single .PDF.
  • Offer MP3 or MP4 downloads.
Once users upload their files, hackers can extract sensitive information, including:
  • Names and Social Security Numbers
  • Cryptocurrency wallet addresses and passphrases
  • Banking credentials and passwords
  • Email addresses
Scammers also use phishing tactics, such as mimicking legitimate URLs by making slight alterations (e.g., changing one letter or replacing "CO" with "INC") to appear trustworthy.

“Users who in the past would type ‘free online file converter’ into a search engine are vulnerable, as the algorithms used for results now often include paid results, which might be scams,” said Vikki Migoya, Public Affairs Officer for FBI Denver.

Cybersecurity experts have confirmed that these fraudulent websites are linked to malware campaigns. Researcher Will Thomas recently identified fake converter sites, such as docu-flex[.]com, distributing malicious executables like Pdfixers.exe and DocuFlex.exe, both flagged as malware.

Additionally, a Google ad campaign in November was found promoting fake converters that installed Gootloader malware, a malware loader known for:

  1. Stealing banking credentials
  2. Installing trojans and infostealers
  3. Deploying Cobalt Strike beacons for ransomware attacks

"Visiting this WordPress site (surprise!), I found a form for uploading a PDF to convert it to a .DOCX file inside a .zip," explained a cybersecurity researcher.

Instead of receiving a legitimate document, users were given a JavaScript file that delivered Gootloader, which is often used in ransomware attacks by groups like REvil and BlackSuit.

In order to stay safe,
  • Avoid unknown document conversion sites. Stick to well-known, reputable services.
  • Verify file types before opening. If a downloaded file is an .exe or .JS instead of the expected document format, it is likely malware.
  • Check reviews before using any online converter. If a site has no reviews or looks suspicious, steer clear
  • Report suspicious sites to authorities. Victi
  • ms can file reports at IC3.gov.
  • While not all file converters are malicious, thorough research and caution are crucial to staying safe online.
Read more »
Online Scams
Collectibles.com Customer Information Data Breach Online Scams

Massive Data Leak Exposes Nearly a Million Collectors – Are You at Risk?

 



A major online platform for collectible items, Collectibles.com, has accidentally exposed the private information of nearly a million users. This security flaw could put many people at risk of identity theft, fraud, and online scams, according to cybersecurity experts.  


How the Data Was Leaked  

Cybersecurity researchers from Cybernews discovered that the website had an unprotected database, meaning anyone could access it without a password. This database contained 300GB of data and over 870,000 records, each linked to a different user. The leaked information included full names, email addresses, profile pictures, account details, records of collectible card sales, and other transaction history.  

Experts warn that such leaks can be dangerous because cybercriminals might use this data for fraudulent activities, such as identity theft or phishing scams. Phishing is when scammers send fake emails or messages pretending to be from a trusted company to trick users into revealing passwords or financial information.  


What Is Collectibles.com?  

Previously known as Cardbase, Collectibles.com is an online marketplace where users can buy, sell, and track trading cards, comics, and memorabilia. In 2024, the company announced it had around 300,000 users. However, this data leak suggests the number of affected users might be much higher.  


Company’s Response and Security Concerns  

Cybernews contacted Collectibles.com to inform them about the security issue. However, aside from an automated response, the company did not take immediate action. It took ten days for the exposed database to be secured, but it remains unclear how long the data was accessible before it was discovered.  

There is also uncertainty about whether hackers accessed the information before Cybernews reported it. If cybercriminals obtained this data, they could already be using it for scams or fraud.  


Why Do These Leaks Happen?  

One of the main reasons for data leaks is unsecured cloud databases. Many companies store customer information online but do not always follow proper security practices. Some businesses assume that cloud providers are fully responsible for security, but in reality, companies must also take steps to protect their data.  

Cybercriminals and researchers alike use tools to search the internet for unprotected databases. Once found, these databases can be exploited in different ways, from selling private information to launching scams.  


How Users Can Protect Themselves  

If you have an account on Collectibles.com, consider taking the following steps:  

1. Change your password immediately to ensure your account remains secure.  

2. Enable two-factor authentication (2FA) to add an extra layer of protection.  

3. Be cautious of phishing emails that may try to trick you into revealing personal details.  

4. Monitor your accounts for suspicious activity and report anything unusual.  

Cybersecurity experts emphasize that companies must take data security seriously to prevent such leaks. At the same time, users should remain cautious and take steps to protect their personal information online.  


Read more »
Polymorphic Attack
cyber attack Google malware Online Scams Phishing Attack Polymorphic Attack

New Polymorphic Attack Enables Malicious Chrome Extensions to Impersonate Password Managers and Banking Apps

Researchers at SquareX Labs have uncovered a sophisticated “polymorphic” attack targeting Google Chrome extensions, allowing malicious extensions to seamlessly morph into trusted ones, such as password managers, cryptocurrency wallets, and banking apps. The attack exploits Chrome’s ‘chrome.management’ API to gain insights into the user’s installed extensions and then impersonates them to steal sensitive information. 

The attack begins when an unsuspecting user installs a seemingly legitimate extension—such as an AI-powered marketing tool—through the Chrome Web Store. Once installed, the extension gains access to the list of other installed extensions using the ‘chrome.management’ API. If this permission is not granted, attackers can use a stealthier approach, injecting malicious code into web pages to detect installed extensions based on unique resource requests. 

This information is then sent to an attacker-controlled server, which determines whether a targeted extension is present. If a high-value target, such as a password manager, is detected, the malicious extension initiates the impersonation process. SquareX demonstrated how attackers could disable a legitimate extension, like 1Password, using the ‘chrome.management’ API or by manipulating the user interface to hide it. Simultaneously, the malicious extension changes its name, icon, and behavior to mimic the real one. 
To lure victims into entering their credentials, attackers deploy deceptive tactics, such as displaying fake session expiration messages that prompt users to log back in via a phishing form.

The stolen credentials are then sent to the attackers, after which the malicious extension reverts to its original state and re-enables the genuine extension, making detection nearly impossible. 

SquareX Labs has responsibly disclosed the vulnerability to Google, warning that it remains exploitable even in the latest Chrome version. The researchers recommend that Google strengthen security measures by restricting abrupt extension modifications, such as icon or HTML changes, or at the very least, issuing user alerts when such modifications occur. They also criticize Google’s classification of the ‘chrome.management’ API as a “medium risk,” given its extensive use in widely trusted extensions, including ad blockers and password managers. 

As of now, Google has not implemented any direct countermeasures against this attack. BleepingComputer has reached out to the company for a statement and will update its report accordingly. Meanwhile, users are advised to exercise caution when installing Chrome extensions and to be wary of unusual login prompts that could be phishing attempts.
Read more »
Phishing Scams
2FA Cyber Attacks cybersecurity challenges Google Google Ads Hackers MalwareBytes Online Advertising Online Scams phishing kit Phishing Scams

Google Ads Phishing Scam Reaches New Extreme, Experts Warn of Ongoing Threat


Cybercriminals Target Google Ads Users in Sophisticated Phishing Attacks

Cybercriminals are intensifying their phishing campaigns against Google Ads users, employing advanced techniques to steal credentials and bypass two-factor authentication (2FA). This new wave of attacks is considered one of the most aggressive credential theft schemes, enabling hackers to gain unauthorized access to advertiser accounts and exploit them for fraudulent purposes.

According to cybersecurity firm Malwarebytes, attackers are creating highly convincing fake Google Ads login pages to deceive advertisers into entering their credentials. Once stolen, these login details allow hackers to fully control compromised accounts, running malicious ads or reselling access on cybercrime forums. Jérôme Segura, Senior Director of Research at Malwarebytes, described the campaign as a significant escalation in malvertising tactics, potentially affecting thousands of advertisers worldwide.

How the Attack Works

The attack process is alarmingly effective. Cybercriminals design fake Google Ads login pages that closely mimic official ones. When advertisers enter their credentials, the phishing kits deployed by attackers capture login details, session cookies, and even 2FA tokens. With this information, hackers can take over accounts instantly, running deceptive ads or selling access to these accounts on the dark web.

Additionally, attackers use techniques like cloaking to bypass Google’s ad policies. Cloaking involves showing different content to Google’s reviewers and unsuspecting users, allowing fraudulent ads to pass through Google's checks while leading victims to harmful websites.

Google’s Response and Recommendations

Google has acknowledged the issue and stated that measures are being taken to address the threat. “We have strict policies to prevent deceptive ads and actively remove bad actors from our platforms,” a Google spokesperson explained. The company is urging advertisers to take immediate steps if they suspect their accounts have been compromised. These steps include resetting passwords, reviewing account activity, and enabling enhanced security measures like security keys.

Cybersecurity experts, including Segura, recommend advertisers exercise caution when clicking on sponsored ads, even those that appear legitimate. Additional safety measures include:

  • Using ad blockers to limit exposure to malicious ads.
  • Regularly monitoring account activity for any unauthorized changes.
  • Being vigilant about the authenticity of login pages, especially for critical services like Google Ads.

Despite Google’s ongoing efforts to combat these attacks, the scale and sophistication of phishing campaigns continue to grow. This underscores the need for increased vigilance and robust cybersecurity practices to protect sensitive information and prevent accounts from being exploited by cybercriminals.

Read more »
Wan Kuok-koi
Cryptocurrency Fraud Cyber Attacks global cybercrime human trafficking Online Scams pig butchering scams Wan Kuok-koi

Global Cybercrime Epidemic: Pig-Butchering Scams Exploit Vulnerable Victims and Flourish Amidst Enforcement Gaps

 

The phenomenon of “pig-butchering” scams has emerged as a significant cybercrime, exploiting vulnerabilities intensified by the Covid-19 pandemic. These schemes involve creating fraudulent investment platforms and manipulating victims emotionally, often targeting them through social media. Shockingly, these operations are frequently linked to human trafficking networks across Southeast Asia.

Central to these allegations is Wan Kuok-koi, also known as “Broken Tooth,” a former Macau gangster. According to The Wall Street Journal, Wan is believed to be a key figure behind these scams. Despite his alleged connections to organized crime, Wan remains at large, shedding light on the failures of international enforcement efforts.

Named for the analogy of “fattening” victims with trust before “butchering” them financially, pig-butchering scams typically involve scammers posing as friends or romantic partners online. Once trust is established, victims are persuaded to invest in fake cryptocurrency platforms, often losing vast sums of money.

One striking example involved a Kansas banker who embezzled $547.1 million from his own bank to cover his losses. A study by finance professor John Griffin found that criminal networks moved over $75 billion through cryptocurrency exchanges in just four years, with Tether being the most commonly used stablecoin.

“These are large criminal organized networks, and they’re operating largely unscathed,” Griffin stated.

Wan Kuok-koi, infamous for his leadership of Macau’s 14K Triad in the 1990s, served 14 years in prison for organized crime. After his release, he resurfaced as a businessman. In 2018, he established the Hongmen Association in Cambodia, which purported to be a cultural organization but has been linked to cybercrime operations.

The group's activities expanded into Myanmar with the establishment of the Dongmei Zone, described by investigators as one of the first scam compounds. At a 2020 ribbon-cutting ceremony, Wan appeared alongside militia members, solidifying the zone’s association with illicit activities. The U.S. Treasury has since sanctioned the Dongmei Zone for its role in human trafficking and cyber scams.

Thousands of individuals have been trafficked into scam compounds like Dongmei under false promises of legitimate work. Victims are forced to surrender their passports and engage in fraudulent activities under constant surveillance.

Lu Yihao, a Chinese man enslaved for seven months in Dongmei, said: “As far as I could tell, from my personal experience, Dongmei was specifically built for criminal purposes.” The United Nations estimates that over 200,000 people are trapped in such conditions across Southeast Asia.

Efforts to combat pig-butchering scams are hindered by the role of cryptocurrencies, which facilitate laundering and obfuscation of funds. Platforms like Tokenlon have been identified as tools for scam proceeds, while Binance has worked with authorities to freeze fraudulent accounts.

Jan Santiago, a consultant for Chainbrium, explained: “People in the U.S., their money is going straight to Southeast Asia, into this underground economy.”

The Covid-19 pandemic provided fertile ground for these scams, as isolation left many more susceptible to emotional manipulation. Victims have lost not only their savings but also their trust.

A recent study titled How Do Crypto Flows Finance Slavery? The Economics of Pig Butchering emphasized the global scale of these operations. Paolo Ardoino, Tether’s CEO, stated: “With Tether, every action is online, every action is traceable, every asset can be seized, and every criminal can be caught,” though critics argue that cryptocurrencies remain attractive for illicit activities.

Wan has denied any involvement in criminal operations. In a 2020 video, he claimed that his Hongmen Association “follows the law.” However, his continued appearances at Hongmen events, including the recent opening of a Macau office, raise questions. Investigators remain unable to locate him.

Pig-butchering scams have expanded significantly, exploiting the perfect storm of the pandemic and the complexities of cryptocurrency tracking. Authorities face ongoing challenges in dismantling these sprawling networks.
Read more »
Scam
Hong Kong malware Online Scams phishing Scam

Cybersecurity Attacks Rise in Hong Kong, Scammers Steal Money


Hong Kong has experienced a rise in cybersecurity threats, scammers are targeting individuals and businesses. A recent survey highlighted by the South China Morning Post (SCMP) reveals that nearly two-thirds of victims have suffered financial losses or wasted valuable time due to these cyber threats. This alarming trend underscores the urgent need for heightened awareness and robust cybersecurity measures.

The Growing Menace of Cyber Scams

In the past year, 49% of Hong Kong respondents faced online threats, up from 40% previously, according to Norton. Scams were the most common, impacting 34% of respondents, with nearly two-thirds losing money or time. Phishing and malware each affected 28% of respondents.

Cyber scams have become the most prevalent online threat in Hong Kong. These scams range from phishing emails and fraudulent websites to sophisticated social engineering tactics. 

Phishing and Malware

Phishing attacks, where cybercriminals disguise as legitimate entities to steal personal information, have seen a marked increase. These attacks often come in emails or messages that appear to be from trusted sources, such as banks or government agencies. Once the victim clicks on a malicious link or downloads an attachment, their personal data is compromised.

Malware attacks are another growing concern. These malicious software programs can infiltrate systems, steal data, and cause extensive damage. The SCMP survey indicates that a considerable portion of the population has been affected by malware, leading to data breaches and financial losses.

In June, police arrested 10 individuals for impersonating mainland security officials and defrauding a 70-year-old businesswoman of HK$258 million (US$33.2 million) in a phone scam. 

By August, local authorities, including the police and the Hong Kong Monetary Authority (HKMA), instructed 32 banks and 10 stored-value-facility operators to broaden their anti-fraud alerts to cover suspicious transactions at bank counters and online.

The Human Factor: A Critical Vulnerability

Despite advancements in technology, human vulnerabilities remain a significant risk factor. Cybercriminals often exploit the lack of awareness and vigilance among users. For instance, clicking on suspicious links, using weak passwords, and failing to update software are common mistakes that can lead to security breaches.

Read more »
Subscribe to: Posts (Atom)