Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Phishing scam. Show all posts
Site Hack
Cyber Attacks eBay Phishing scam Site Hack

eBay, VMware, and McAfee Taken Down in Widespread Phishing Operation


Hackers have taken control of over 8,000 subdomains belonging to reputable companies and organizations to launch a massive phishing campaign that sends millions of malicious emails every day.

Among the companies involved in "SubdoMailing" are MSN, VMware, McAfee, The Economist, Cornell University, CBS, Marvel, and eBay. The campaign, which is the center of a larger cybercrime operation and damages the credibility and trust of the compromised organizations, was identified by researchers from Guardio Labs. 

"The discovered operation entails the manipulation of thousands of hijacked sub-domains associated with or related to major brands," security researcher Oleg Zaytsev and CEO of Guardio Labs-Cybersecurity Nati Tal stated in a Medium article. "Complex DNS manipulations for these domains allowed the dispatch of vast quantities of spammy and just outright malicious emails, falsely authorized under the guise of internationally recognized brands."

According to the researchers, the effort is designed to evade all industry-standard email security mechanisms, such as Sender Policy Framework (SPF), DKIM, SMTP Server, and DMARC, that are normally in place to prevent suspicious messages. Instead, emails appear to originate from trustworthy sites.

Finding the Hijacking Scheme

In the post, Guardio provides a detailed explanation of how its email protection algorithms detected an unusual trend in an email's metadata, leading to the operation's discovery. It led the researchers down a rabbit hole that eventually resulted in the lifestyle expert Martha Stewart and MSN.com parting ways for a long time.

"A particularly insidious email" warning of allegedly suspicious activity in a cloud storage account ended up in a user's "Primary" inbox when it should have been reported as spam, according to the example given.

More about the threat actor

According to Guardio, the vast effort is the result of a threat actor known as "ResurrecAds," which uses the tactic of resurrecting "dead" domains of large brands or those connected to them to utilize them as backdoors to exploit reputable services and businesses to ultimately make money as an "Ad-Network" entity.

"This approach enables them to circumvent contemporary email protection measures, showcasing their adeptness at manipulating the digital advertising ecosystem for nefarious gains," the authors stated.

According to Guardio, the actor's malicious behavior involves them constantly searching the Internet for abandoned subdomains of reputable brands to find chances to buy them or compromise them to send malicious emails.

Looking for damage

The campaign highlights the increasing sophistication of hostile email operations, which have been around almost since the beginning of digital communication. However, they are still evolving as more defenders use security measures like SPM, DKIM, and DMARC.

"Our research has revealed that threat actors are not merely reacting to security measures; they’ve been proactively adapting and evolving for some time," the investigators stated.

Guardio developed a unique website with the tool SubdoMailing Checker to determine whether a site's abandoned domain is being used in the operation due to the operation's widespread and ongoing nature.






Read more »
Temu
Credential Theft Fake Domains Phishing scam Privacy Temu

More than 800 False "Temu" Domains Trick Customers Into Losing Their Credentials

Credential Theft

Cybersecurity experts caution against falling for Temu phishing scams since they use phony freebies to obtain passwords. In the last three months, more than 800 new "Temu" domains have been registered.

The most recent company that con artists have used for their phishing schemes is Temu. With over 800 new domains registered as "Temu" in the last three months, cybersecurity researcher Jeremy Fuchs of Checkpoint's Harmony Email has observed that hackers are taking advantage of Temu's giveaway offers to persuade users to divulge their passwords.

Just so you know, Temu is an international e-commerce site with 40% of its users residing in the United States. It provides customers with direct shipping of discounted goods. Launched in 2022, Temu is accessible in 48 nations, encompassing Australia, Southeast Asia, Europe, and the Middle East.

It ranks second in the Apple App Store and first in the Google Play Store for shopping apps as of February 7, 2024. The majority of app users are older folks, aged 59 and up.

The Scam

According to analysts, Temu Rewards is the source of the example phishing email. On closer inspection, though, you'll see that it was received from an unconnected onmicrosoft.com email account. The email has a link to a page that harvests credentials and a blank image. By telling recipients they have won, the threat actors hope to draw in receivers.

Phishing and Brand Names

Threat actors have previously used popular brands and current trends to their advantage to obtain sensitive data, including credentials, from unsuspecting consumers.

Cyjax researchers uncovered a sophisticated phishing campaign that was aimed at over 400 firms in a variety of industries. To spread malware and get money from advertisements, the con artists—who most likely have Chinese ties—used 42,000 domains, and at least 24,000 survey and landing pages to advertise the scheme.

Bloster AI cybersecurity experts have uncovered a USPS Delivery phishing campaign that employs sophisticated tactics to target victims in the United States. CheckPhish from Bolster found more than 3,000 phishing domains that imitated Walmart. Customers were misled by the advertising into believing they had failed delivery and unpaid bills. Threat actors have refined their attack strategies, moving from misleading messaging to enticing victims to download apps that steal banking or financial data.

In January 2024, it was found that business owners of Meta Platforms, Inc. were the target of a phishing scam that attempted to obtain their email addresses and passwords to gain control of their Facebook page, profile, and financial information. The hoax created a sense of urgency and authenticity by leveraging Meta Platforms' authority.

Cybersecurity and Temu

Temu has experienced several cybersecurity-related problems, including claims that it was gathering data from users and devices, including SMS messages and bank account details.

A class-action lawsuit was launched in November 2023 in the United States, claiming that the corporation had obtained its customers' data illegally. Moreover, an additional revelation emerged that implicated Temu in the unapproved release of customer information, specifically concerning data that allegedly surfaced for sale on the dark web following transactions made by users of the app.


Read more »
Website Security
Cyber Phishing Data Beach Phishing scam Telegram Website Security

Decrypting the Threat: Telegram's Dark Markets and the Growing Menace of Phishing Networks

 

In the last few years, social media has gradually become a one-stop shop for scammers. With easily available information, scammers are able to hand-pick their target and create a customized scam for them.

Telegram is one such platform that has also emerged as a hub for all things any scammer might need to create a perfect scam. Information that was once hidden behind the screens of the dark web is now readily and publicly available on Telegram, many of which are even free to access. 

From instructional guides and phishing kits to the services of hackers for hire, this application has increasingly become a comprehensive hub, providing scammers with everything they might require for their illicit activities.

For a newcomer, it is astonishing to see how easy it is to find these marketplaces on Telegram, which were previously deep inside Tor Onion networks. Messages flow incessantly, unveiling an array of products, services, tips, and tricks—knowledge that was once exclusive to the depths of the dark web is now readily accessible. 

One of the most known examples of such a scam is the “Bank of America” phishing page scam which was circulated in the US network. This scam was made to extract the bank account details of potential targets, which were then sold to higher players. 

These scammers who work on the higher chain work by delving into the criminal abyss of cash extraction from these accounts unveils a new echelon of illicit activity, characterized by heightened complexity. This is precisely where the orchestrated network of the scammer's supply chain comes into play. 

Planning a scheme as elaborate as this involves assembling several essential elements: 

Firstly, the foundation lies in crafting a sophisticated phishing web page, often termed a "scam page." To deploy this page seamlessly, a dependable hosting solution is indispensable. An effective email-sending system is then required to initiate the deceptive process. Crafting a compelling email message, strategically designed to lure victims to the scam page, serves as another crucial element. The acquisition of targeted email addresses, known as "Leads," becomes pivotal for precision targeting. Unsurprisingly, there is a separate marketplace that is solely focused on gathering data of potential targets through malicious websites, surveys and pop-up emails offering discounts and free rewards. 
 
Lastly, a mechanism for monetizing the stolen credentials completes the construction. Notably, all these necessary building blocks are readily available on Telegram, with some offered at remarkably low prices, and astonishingly, certain elements are even accessible for free. This holistic approach underscores the alarming accessibility and affordability of these illicit tools within the Telegram ecosystem. 

After analyzing the scam creation process, it's evident that phishing scams exploit compromised security on legitimate websites.

Owners of such sites bear a dual responsibility of safeguarding their business interests and preventing their platforms from being exploited by scammers. This includes protecting against the hosting of phishing operations, sending deceptive emails, and other illicit activities that may occur without their knowledge. Vigilance and proactive measures are essential to ensure the integrity and security of online platforms.
Read more »
Phishing scam
Cyber Attacks Google Google AMP Phishing Attack Phishing scam

Security Alert: Google AMP Used in Evasive Phishing Attacks

Google AMP

In recent times, there has been an increase in phishing activity that abuses Google Accelerated Mobile Pages (AMP) to bypass email security measures and get to the inboxes of enterprise employees. This has been a cause of concern for security researchers and organizations alike.

What is Google AMP?

Google AMP is an open-source HTML framework co-developed by Google and 30 partners to make web content load faster on mobile devices. It is designed to improve the user experience by providing faster loading times for web pages. However, threat actors have found a way to abuse this technology for malicious purposes.

How are attackers using Google AMP?

According to a report by Bleeping Computers, attackers are using Google AMP to create phishing pages that can bypass email security measures. These pages are designed to look like legitimate login pages for popular services such as Microsoft Office 365 or Google Workspace. Unsuspecting users who enter their credentials into these fake login pages risk having their accounts compromised.

The use of Google AMP in phishing attacks is particularly concerning because it allows attackers to create pages that are difficult to detect by traditional security measures. AMP pages are hosted on Google's servers, meaning they have a high level of trust and legitimacy. This makes it easier for attackers to bypass email security measures and get their phishing emails into the inboxes of enterprise employees.

What can organizations do?

Organizations need to be aware of this threat and take steps to protect themselves from these types of attacks. This can include educating employees about the dangers of phishing and how to spot fake login pages, as well as implementing advanced email security measures to detect and block phishing emails that use Google AMP.

The abuse of Google AMP by threat actors for evasive phishing attacks is a growing concern for organizations. Companies must stay vigilant and take steps to protect themselves from these types of attacks. By being proactive and implementing strong security measures, organizations can reduce their risk of falling victim to these attacks.

Read more »
Phishing scam
AI Phishing AI Scams ChatGPT Cyber Fraud Malicious Campaign Phishing scam

Watch Out For These ChatGPT and AI Scams

 

Since ChatGPT's inception in November of last year, it has consistently shown to be helpful, with people all around the world coming up with new ways to use the technology every day. The strength of AI tools, however, means that they may also be employed for sinister purposes like creating malware programmes and phishing emails. 

Over the past six to eight months, hackers have been observed exploiting the trend to defraud individuals of their money and information by creating false investment opportunities and scam applications. They have also been observed using artificial intelligence to plan scams. 

AI scams are some of the hardest to spot, and many people don't use technologies like Surfshark antivirus, which alerts users before they visit dubious websites or download dubious apps. As a result, we have compiled a list of all the prevalent strategies that have lately been seen in the wild. 

Phishing scams with AI assistance 

Phishing scams have been around for a long time. Scammers can send you emails or texts pretending to be from a trustworthy organisation, like Microsoft, in an effort to trick you into clicking a link that will take you to a dangerous website.

A threat actor can then use that location to spread malware or steal sensitive data like passwords from your device. Spelling and grammar mistakes, which a prominent corporation like Microsoft would never make in a business email to its clients, have historically been one of the simplest ways to identify them. 

However, in 2023 ChatGPT will be able to produce clear, fluid copy that is free of typos with just a brief suggestion. This makes it far more difficult to differentiate between authentic letters and phishing attacks. 

Voice clone AI scams

In recent months, frauds utilising artificial intelligence (AI) have gained attention. 10% of respondents to a recent global McAfee study said they have already been personally targeted by an AI voice scam. 15% more people claimed to be acquainted with a victim. 

AI voice scams use text-to-speech software to create new content that mimics the original audio by stealing audio files from a target's social network account. These kinds of programmes have valid, non-nefarious functions and are accessible online for free. 

The con artist will record a voicemail or voice message in which they portray their target as distressed and in need of money desperately. In the hopes that their family members won't be able to tell the difference between their loved one's voice and an AI-generated one, this will then be transmitted to them. 

Scams with AI investments

 
Scammers are using the hype surrounding AI, as well as the technology itself, in a manner similar to how they did with cryptocurrencies, to create phoney investment possibilities that look real.

Both "TeslaCoin" and "TruthGPT Coin" have been utilised in fraud schemes, capitalising on the attention that Elon Musk and ChatGPT have received in the media and positioning themselves as hip investment prospects. 

According to California's Department of Financial Protection & Innovation, Maxpread Technologies fabricated an AI-generated CEO and programmed it with a script enticing potential investors to make investments. An order to cease and desist has been given to the corporation. 

The DFPI claims that Harvest Keeper, another investment firm, collapsed back in March. According to Forbes, Harvest Keeper employed an actor to pose as their CEO in an effort to calm irate clients. This demonstrates the lengths some con artists will go to make sure their sales spiel is plausible enough.

Way forward

Consumers in the US lost a staggering $8.8 billion to scammers in 2022, and 2023 is not expected to be any different. Periods of financial instability frequently coincide with rises in fraud, and many nations worldwide are experiencing difficulties. 

Artificial intelligence is currently a goldmine for con artists. Although everyone is talking about it, relatively few people are actually knowledgeable about it, and businesses of all sizes are rushing AI products to market. 

Keeping up with the most recent scams is crucial, and now that AI has made them much more difficult to detect, it's even more crucial. Following them on social media for the most recent information is strongly encouraged because the FTC, FBI, and other federal agencies frequently issue warnings. 

Security professionals advised buying a VPN that detects spyware, such NordVPN or Surfshark. In addition to alerting you to dubious websites hidden on Google Search results pages, they both will disguise your IP address like a conventional VPN. It's crucial to arm oneself with technology like this if you want to be safe online.
Read more »
User Security
Cyber Fraud Online Safety Phishing scam QR Codes Quishing User Security

Beware of "Quishing": Fraudsters Steal Data Using QR Codes

 

The vulnerability of protected health data may be increased by the usage of QR codes, which are intended to speed up processes like picture file transfers but actually expose organisations' weak points in mobile device security.

A fake QR code that links people to a website that seems identical to the real thing might be substituted by cunning cybercriminals in order to intercept user data and patients' personal information. In a practice called "quishing," they can even incorporate fake QR codes inside emails that appear to be from trusted sources. 

QR code scam 

With a projected increase of more than seven times in 2022, "scan scams" are now virtually regular occurrences.

Patient data breaches, malware infestations, and identity theft are all risks posed by QR code phishing in particular to healthcare organisations and patients. Cybercriminals deceive clients or staff into scanning a QR code that takes them to a website that seems authentic and asks for personal information or log-in credentials. 

To access patient portals, provider networks, and other digital services, hackers steal sensitive data, including medical histories, insurance details, social security numbers, and other personal identity data. 

Patient data is an extremely alluring target since it has a market on the dark web. In fact, depending on the level of data, a single patient record can fetch up to $1,000 on the underground market. That sum of money is over 50 times greater than what is typically recorded on credit cards. 

Role of organisations 

Organisations can increase provider, carer, and patient communication and openness with the aid of QR codes. Employing a QR code generator with integrated capabilities like single sign-on, multi-factor authentication, custom domain, and user management can help healthcare organisations safeguard this technology. 

The second crucial component is a platform for QR codes with incident management tools and security measures that are subject to recurring in-depth examinations. But education also contributes to preventing QR code fraud.

Healthcare organisations must educate their staff members and patients on how to use QR codes safely, including how to spot and stay away from malware, phishing scams, and other security risks. 

Mitigation tips 

Patients should be encouraged to check the legitimacy of the QR codes they scan before providing personal information. There are also security and privacy problems because a lot of individuals open a link right away after scanning a QR code without even checking it. To determine whether a destination is reliable, patients should check the website or app URL linked to the QR code or use a reliable QR code scanner app. 

Additionally, patients must only scan QR codes from reputable websites and applications, such as the printed materials, website, or app of their healthcare practitioner. Patients shouldn't scan a QR code if it seems sketchy or is from an unknown source. 

Finally, patients should exercise caution when sharing sensitive information via a QR code, such as their medical history or insurance details. They should only provide this information to reputable healthcare practitioners who can vouch for its secure and encrypted transmission.
Read more »
User Security
Crypto Phishing Crypto Scam Cyber Fraud Online Security Phishing scam User Privacy User Security

Cryptocurrency Scams: How to Detect and Avoid Them

 

Due to the prevalence of fraudulent activity since its inception, the bitcoin market has become well-known. Scammers employ a number of techniques to trick bitcoin consumers and take their hard-earned money. 

How do crypto phishing scams work?

The well-known cyberattack known as phishing has been around for a while. The FBI Internet Crime Report for 2022 states that phishing was the most prevalent technique, with 300,497 victims losing $52 million as a result. This fraudulent activity has now spread to the world of cryptocurrencies. 

A crypto phishing scam is a strategy used by scammers to steal sensitive information, such as the private key to your wallet. They accomplish this by posing as a trustworthy organisation or individual and requesting personal information from you. The information you supply is then used to steal your digital assets. 

Crypto phishing scams have become more frequent in recent years. A well-known cryptocurrency hardware wallet maker, Trezor, issued a warning regarding a large crypto phishing attack in February 2023. Users of Trezor were the target of scammers who sent them fictitious security breach alerts in an effort to get them to divulge their recovery seed phrase, which the attackers could then use to steal their cryptocurrency. 

Identifying crypto phishing scams

Following are five warning signals to watch out for to prevent becoming a victim: 

The majority of the time, cybercriminals send mass emails or messages without checking the language, spelling, or sentence structure. As a result, grammatical errors are the clearest indication of a phishing letter. Clear communication with their clients is important to reputable businesses. 

Scammers frequently copy the logos, colour schemes, typefaces, and messaging tones of respectable businesses. The branding of the crypto businesses you utilise should therefore be familiar to you. 

The URLs in the message should always be double-checked because phishers often utilise links that look real but actually take you to dangerous websites. 

Prevention tips 

Don't disclose your private keys: Your private keys are what allow you to access your cryptocurrency wallet. Keep them confidential and never give them out. 

Educate yourself: Stay up to date on the latest cyber risks and best practises for keeping your cryptocurrency secure. The more you know about self-defense, the better prepared you'll be to defend against cyber-attacks.

In-depth research: Before investing in any cryptocurrency, properly investigate the concept and the team behind it. Examine the project's website, white paper, and social media outlets to establish its legitimacy.
Read more »
Phishing scam
Artificial Intelligence ChatGPT Cyber Security Encryption EU Malicious actor Phishing scam

EU Privacy Watchdog Forms ChatGPT Task Force

The European Union’s privacy watchdog, known as the European Data Protection Supervisor (EDPS), has recently announced the formation of a task force to examine the potential privacy and data protection issues related to the ChatGPT language model. ChatGPT is a powerful artificial intelligence (AI) system that is designed to understand natural language and generate human-like responses to queries.

The EDPS has expressed concerns that ChatGPT could potentially pose significant privacy risks if it is not properly regulated and monitored. In particular, they have highlighted the potential for ChatGPT to be used for phishing scams, identity theft, and other forms of cybercrime.

One of the key vulnerabilities of ChatGPT is its ability to learn from the data it is given. This means that if it is fed with biased or malicious data, it could learn to replicate that behavior in its responses. This could potentially lead to harmful or discriminatory behavior towards certain groups of people.

Furthermore, ChatGPT is designed to generate responses based on a given context. This means that if it is given access to sensitive information, it could potentially reveal that information to unauthorized parties. This could lead to serious privacy breaches and data leaks.

To address these concerns, the EDPS has formed a task force that will work to develop guidelines and regulations for the use of ChatGPT. This task force will bring together experts from a range of fields, including AI research, privacy law, and cybersecurity.

The task force will be tasked with developing a set of best practices and guidelines for the use of ChatGPT. This will include recommendations on how to mitigate potential privacy risks, such as using robust encryption and access controls to protect sensitive data.

Overall, the formation of the ChatGPT task force is an important step towards ensuring that the use of AI systems like ChatGPT is properly regulated and monitored. By addressing potential vulnerabilities and developing best practices for their use, the EU can help to mitigate the risks associated with these powerful technologies and ensure that they are used in a responsible and ethical manner.
Read more »
Youtube
Cybersecurity email security online threats Phishing scam Youtube

Don't Get Hooked: How Scammers are Reeling in YouTube Users with Authentic Email Phishing

YouTube phishing scam

Are you a YouTube user? Beware of a new phishing scam that has been making rounds lately! In recent times, YouTube users have been targeted by a new phishing scam. The scammers use an authentic email address from YouTube, which makes it difficult to differentiate between a genuine email and a fraudulent one. 

What is a phishing scam?

Phishing scams are fraudulent attempts to obtain sensitive information, such as usernames, passwords, and credit card details, by disguising themselves as trustworthy entity in electronic communication. Typically, scammers use social engineering techniques to trick users into clicking on a malicious link or downloading malware.

What is the new YouTube phishing scam?

The new YouTube phishing scam involves the use of an authentic email address from YouTube. The email appears to be from YouTube's support team, and it informs the user that their channel is at risk of being deleted due to a copyright infringement violation. 

The email contains a link to a website where the user is asked to enter their YouTube login credentials. Once the user enters their login credentials, the scammers can access the user's account and potentially steal sensitive information or perform unauthorized actions.

How to identify the new YouTube phishing scam?

The new YouTube phishing scam is difficult to identify because the email address used by the scammers appears to be genuine. However, there are a few signs that you can look out for to identify the scam:

  • Check the sender's email address: Even though the email address appears to be genuine, you should always check the sender's email address carefully. In most cases, scammers use a similar email address to the genuine one but with a few minor differences.
  • Check the content of the email: The new YouTube phishing scam typically informs the user that their channel is at risk of being deleted due to a copyright infringement violation. However, if you have not received any copyright infringement notice, then you should be cautious.
  • Check the link in the email: Always check the link in the email before clicking on it. Hover your mouse over the link and check if the URL is genuine. If you are unsure, do not click on the link.

How to protect yourself from the new YouTube phishing scam?

To protect yourself from the new YouTube phishing scam, follow these tips:

  • Enable two-factor authentication: Two-factor authentication adds an extra layer of security to your account. Even if the scammers obtain your login credentials, they will not be able to access your account without the second factor of authentication.
  • Do not share your login credentials: Never share your login credentials with anyone, even if the email appears to be from a genuine source.
  • Report suspicious emails: If you receive a suspicious email, report it to YouTube immediately. This will help to prevent other users from falling victim to the scam.
  • Keep your software up to date: Keep your operating system and software up to date to ensure that you have the latest security patches and updates.

Stay cautious

The new phishing scam using an authentic email address is a serious threat to YouTube users. However, by following the tips mentioned in this blog, you can protect yourself from falling victim to the scam. Always be vigilant and cautious when dealing with emails that request sensitive information. Remember, if you are unsure, do not click on the link.


Read more »
User Safety
Cyber Fraud Data Leak Data Safety Email Phishing Phishing scam User Privacy User Safety

Watch Out for These Common Signs to Identify an Email Phishing Scam

 

Cybercriminals most frequently use phishing as a method of attack. This communication is a hoax designed to trick the recipient into disclosing private information, sending money, or clicking on a dangerous link. Usually, it is transmitted by email, social media direct messages, or some other text-based method. 

There are many different kinds of phishing, but for big firms, whaling or imitation phishing is the most dangerous. In this kind of attack, the cybercriminal poses as a senior executive to target the employees of the target company. In order to mislead the recipient, deceptively similar email addresses, display names, and messages are used. Since an email from top management or a professional acquaintance is typically taken to be authentic and doesn't arouse suspicion, it is a particularly effective strategy.

To mitigate risks, watch out for these tell-tale signs to identify a phishing email.

Unexpected or unsolicited correspondence 

When an email arrives unexpectedly, that's your first clue that it might be a fraud. Do you recall any offline or in-person discussions about the aforementioned subject? A warning sign that an email may be a phoney message is when you unexpectedly receive one from a top leader, client, or vendor without any prior context.

Scan the display name and email address 

Always check the display name and email address of the sender. On closer inspection, you might discover that a "O" has been changed to a "0" or a I has been changed to a "!". It might initially appear to be genuine. Also, you need to regularly check the domains of the emails you get. 

Internal communications will almost never come through a free email provider and will almost always come from the company's official domain. The same is true of external communication from other enterprises and companies. When you hover over a domain, the fraudulent one will often appear to be real or similar to the company's email address. 

Prompting urgency 

In most cases, phishing emails sound urgent. They want the victim to act without considering or confirming the legitimacy of the email's sender or contents. So, you should be wary of senior executives who unexpectedly request money transfers or information disclosures over email. Always confirm such requests using alternative methods. Call the sender directly, for instance, to confirm the communication. 

Unusual query

Take into account the requests made in the email. There are some common calls to action in phishing emails. They request that you send them private or delicate business information that shouldn't ideally be communicated through email in an unforeseen or initial discussion. It can also request that you click a link to submit this data. You can be led to assume that a senior executive has sent you a paper pertinent to your job by including it in an email. It might even request that you transfer money, either your own or, if you have the power, the company's. 

Prevention tips 

The first thing to do if you think you've received a phishing email is to say nothing. That is, never reply to emails, click on any links, or download any attachments. Next, if you have any doubts about the communication's legitimacy, you should always get in touch with the sender directly through a different method, such as by phone, text, or in person.

Additionally, keep an eye on the emails that arrive in your mailbox. Even if they are from within the company, use extra caution when dealing with emails or senders you weren't anticipating.
Read more »
Phishing scam
Cyber Attacks CyberCrime data security Password Phishing scam

Password Managers Can Protect Your Online Security


Users need to create unique passwords for all their online accounts so that they can keep track of which password is associated with which account. Users should use both capital and lowercase letters, numbers, and symbols in their passwords.  

Using the same password for everything will not cut it, yes, if you don't want to make yourself an easy target for cybercriminals, it would be smart to choose a different password for each account. Incorporating one easy-to-remember code across all of your accounts may be tempting, but it will end up jeopardizing your online security and you do not want to make yourself a victim of cybercrime.  

Using a password manager can be one of the most vital tools you have to ensure that you remain safe online. This is because they simplify the process of creating, using, and protecting strong passwords that help you stay safe online. 

It won't take you very long to figure out how to use them, and they are extremely easy. Although four out of five Americans do not use password managers at all, a study from Security.org found that nine out of ten do use one at some point.  

Is a password manager necessary and what are the benefits?


Password managers are online services that allow you to store your passwords and any other data that you may need regularly. This includes credit card numbers, bank account information, and identification documents, in a secure, encrypted environment. It simplifies your job by removing this vulnerability.

You must not develop unwise password habits to ensure your digital security. It is advisable to use strong passwords on your accounts. This is because weak passwords make them easy to crack, and reusing passwords increases your risk of credential stuffing, an attack that can compromise accounts that use similar passwords.

By using a password manager, you only have to remember one master password. The password manager will handle the rest for you. This way, you can create strong, unique passwords for each of your online accounts without having to worry about remembering anything else. If you aren't sure how to create a strong password, you do not have to come up with one all by yourself. A password manager can generate one for you if you don't know how to come up with one on your own. Password managers also include current passwords. This will enable you to know which ones are weak or reused and need to be changed to prevent you from using them again.

There are also secure ways to share passwords and sensitive documents between you and your family and friends if necessary. If you are shopping online, you may be able to quickly and easily fill out your credit card information. This is because you may not need to worry about getting your physical credit card if you are making purchases online.  
Read more »
Phishing scam
Bitcoins cryptocurrency Cyber Fraud Digital WAllets NFTs Phishing scam

OpenSea Phishing Scam Swindled Millions in NFTs

 

On Saturday, a phishing attack targeted 17 users of OpenSea, one of the major NFT markets, according to the company. The hack apparently resulted in the theft of over 250 NFTs worth at least $1.7 million. 

A nonfungible token, or NFT, is a way of proving ownership of a digital asset. NFTs linked to digital art have been increasingly popular in recent months, owing to the involvement of high-profile personalities. The attacker, or attackers, stole NFTs from OpenSea users over a 3-hour window on Saturday by compromising the underlying code that allows NFTs to be bought and sold. 

OpenSea tweeted late Sunday that the attack didn't appear to be active, with the most recent action 15 hours before. Nadav Hollander, the CTO of OpenSea, also provided a technical breakdown of the phishing attack. Phishing attacks are frequently carried out using emails that contain harmful links and fraudulently purport to be from a company. It's still unknown how OpenSea customers were lured into the phishing scam.

While the identity of the wallet's owner can be hidden in digital wallets used to keep NFTs, the transactions of digital assets on a blockchain are normally public. As a result, anyone with technical knowledge can track the NFTs from wallet to wallet. 

OpenSea CEO Devin Finzer in a post on Twitter on Saturday after the attack stated, "The attacker has $1.7 million of ETH in his wallet from selling some of the stolen NFTs." 

The hacker also appears to have returned some of the NFTs to the original owners. OpenSea tweeted on Sunday that the investigation into Saturday's phishing attack is still ongoing. OpenSea's CTO, Nadav Hollander, posted a Twitter thread summarising the company's current understanding of the attack, which the company believes did not originate from OpenSea. 

Hollander said, "All of the malicious orders contain valid signatures from the affected users, indicating that they did sign an order somewhere, at some point in time. However, none of these orders were broadcasted to OpenSea at the time of signing."
Read more »
Virus Attack
cybercriminals Cybersecurity Fake news malware Misinformation Phishing scam Tactics Targeted cyber attacks Virus Attack

Misinformation is a Hazard to Cyber Security

 

Most cybersecurity leaders recognize the usefulness of data, but data is merely information. What if the information you've been given is actually false? Or it is deception? What methods does your cybersecurity program use to determine what is real and what isn't?

Ian Hill, Global Director of Cyber Security with Royal BAM Group defined misinformation as "inaccurate or purposely misleading information." This might be anything from misinformation to deceptive advertising to satire carried too far. So, while disinformation isn't meant to be destructive, it can cause harm. 

The ideas, tactics, and actions used in cybersecurity and misinformation attacks are very similar. Misinformation takes advantage of our cognitive biases and logical fallacies, whereas cyberattacks target computer systems. Information that has been distorted, miscontextualized, misappropriated, deep fakes, and cheap fakes are all used in misinformation attacks. To wreak even more harm, nefarious individuals combine both attacks. 

Misinformation has the potential to be more damaging than viruses, worms, and other malware. Individuals, governments, society, and corporations can all be harmed by misinformation operations to deceive and damage people. 

The attention economy and advertisement-centric business models to launch a sophisticated misinformation campaign that floods the information channels the truth at unprecedented speed and scale. Understanding the agent, message, and interpreter of a specific case of information disorder is critical for organizations to stop it. Find out who's behind it — the "agent" — and what the message is that's being sent. Understanding the attack's target audience — the interpreter — is just as critical.

Misconceptions and deceptions from basic phishing scams, cyberattacks have progressed. Misinformation and disinformation are cybersecurity risks for four reasons, according to Disinfo. EU. They're known as the 4Ts:

  •  Terrain, or the infrastructure that disseminates falsehoods 
  •  Misinformation tactics, or how the misinformation is disseminated
  •  The intended victims of the misinformation that leads to cyberattacks, known as targets.
  •  Temptations, or the financial motivations for disseminating false information in cyberattacks.
 
Employees who are educated on how threat actors, ranging from an amateur hacker to a nation-state criminal, spread false information will be less likely to fall for false narratives and harmful untruths. It is now up to cybersecurity to distinguish between the true and the fraudulent.
Read more »
USA
Cyber Security hacker arrested Impersonation Techniques Phishing and Spam Phishing Attacks Phishing Campaign Phishing scam USA

US Arrested Multi-year Phishing Scam Suspect

 

An Italian man who was involved in a multi-year phishing scam aimed towards fraudulently stealing hundreds of unpublished book manuscripts from popular authors such as Margaret Atwood and Ethan Hawke − has been imprisoned. The accused will be in prison for a maximum of 20 years if found guilty of wire fraud and another additional two years for a count of aggravated identity theft. 

The Department of Justice while reporting on the incident, stated, that the man is 29-year-old Filippo Bernardini, was arrested by the FBI on Wednesday at the John F. Kennedy International Airport, in New York. The report also said that he was previously working at London-based publisher Simon & Schuster who allegedly impersonated editors, agents, and others personnel involved in the publishing industry to obtain manuscripts of unpublished books fraudulently. 

“We were shocked and horrified on Wednesday to learn of the allegations of fraud and identity theft by an employee of Simon & Schuster UK. The employee has been suspended pending further information on the case…” Simon & Schuster said in a statement to Variety. 

“…The safekeeping of our authors’ intellectual property is of primary importance to Simon & Schuster, and for all in the publishing industry, and we are grateful to the FBI for investigating these incidents and bringing charges against the alleged perpetrator.” 

Following the incident, agencies said that the scheme was started in August 2016 wherein Bernardini used various fake email addresses which were linked to over 160 domains spoofing literary talent agencies, literary scouting agencies, and publishing houses. 

Furthermore, he also sent phishing emails attacking employees of a New York City-based literary scouting company and obtained their sensitive data to gain access to the organization’s database of synopses and other information regarding upcoming books. 

"These prepublication manuscripts are valuable, and the unauthorized release of a manuscript can dramatically undermine the economics of publishing, and publishing houses generally work to identify and stop the release of pirated, prepublication, manuscripts," the Department of Justice said today. 

"Such pirating can also undermine the secondary markets for published work, such as film and television, and can harm an author’s reputation where an early draft of the written material is distributed in a working form that is not in a finished state."
Read more »
USA
Data Breach Data threats Lookout Phishing scam USA

Phishing Scam Tempts Military Families

 

Threat analysts at Lookout have reported in new findings that a phishing campaign is victimizing members of the United States military units and their families. As per the report, it is a long-running operation that has impersonated various military support organizations and personnel profiles to lure victims into advance-fee scams, stealing sensitive personal information and financial data. 

Motivated by monetary benefits, malicious actors are stealing financial sensitive data from victims which includes bank account information, photo identification, names, addresses, and phone numbers, Lookout said in the report. 

“Based on our analysis, it’s clear that the threat actor is looking to steal sensitive data from victims such as their photo identification, bank account information, name, address, and phone number…,” wrote Lookout’s threat analysts in a blog post published today. 

“…With this information, the actor could easily steal the victim’s identity, empty their bank account and impersonate the individual online,” the blog further read.

The group of scammers created a series of websites that appears legitimate and genuine, the operators enhanced the authenticity of the sites by adding various advertisements for Department of Defense services (DODS) to falsely indicate their affiliation with the military. 

Sources accounted, the operators offer high-priced services that are never delivered such as leave applications, communication permits, and care packages, to lure clients into thinking that they are interacting with a military member. Cybersecurity threat analysts have also reported that Nigeria is the scammers’ operational base. 

“The websites were primarily hosted by Nigerian providers that are offshore or ignore the Digital Millennium Copyright Act (DMCA). We were able to further confirm the operator’s location from a phone number one of the web developers accidentally left on the draft version of the site. The country code of the number is from Nigeria,” said researchers. 

“We were also able to link this group to numerous other scams advertising fake delivery services, crypto-currency trading, banks, and even online pet sales,” researchers added.
Read more »
Security Alert
Cyber Data Cyber Security Frauds Phishing scam Scam SEC Security Alert

US SEC Alerts Investors of Ongoing Fraud

 

The Securities and Exchange Commission (SEC) is alerting investors about scammers posing as SEC officials and attempting to mislead them. 

Fraudsters are contacting investors via phone calls, voicemails, emаils, and letters, according to the SEC's Office of Investor Educаtion and Advocаcy (OIE). 

The alert stated, “We аre аwаre thаt severаl individuаls recently received phone cаlls or voicemаil messаges thаt аppeаred to be from аn SEC phone number. The cаlls аnd messаges rаised purported concerns аbout unаuthorized trаnsаctions or other suspicious аctivity in the recipients’ checking or cryptocurrency аccounts. These phone cаlls аnd voicemаil messаges аre in no wаy connected to the Securities аnd Exchаnge Commission.” 

The SEC warned it never asks for payments linked to enforcement activities, offer to confirm trades, or seek sensitive personal and financial information in unsolicited communication, including emails and letters. It further stated that SEC officials will not inquire about shareholdings, account numbers, PINs, passwords, or other personal information. 

Scammers appear to be employing a growing number of strategies in order to boost their chances of success. Investors should not disclose any personal information if they get communication that seems to be from the Securities and Exchange Commission, as per the notice. They are encouraged to contact the commission directly.

Investors can use the SEC's personnel locаtor at (202) 551-6000, call (800) SEC-0330, or emаil help@SEC.gov to confirm the identity of people behind calls or messages. Investors can also register a complaint with the Securities and Exchange Commission's Office of Inspector General by visiting www.sec.gov/oig or calling (833) SEC-OIG1 (732-6441). 

Further, the alert stated, “Bewаre of government impersonаtor schemes. Con аrtists hаve used the nаmes of reаl SEC employees аnd emаil messаges thаt fаlsely аppeаr to be from the Securities аnd Exchаnge Commission to trick victims into sending the frаudster’s money. Impersonаtion of US Government аgencies аnd employees (аs well аs of legitimаte finаnciаl services entities) is one common feаture of аdvаnce fee solicitаtions аnd other frаudulent schemes. Even where the frаudsters do not request thаt funds be sent directly to them, they mаy use personаl informаtion they obtаin to steаl аn individuаl’s identity or misаppropriаte their finаnciаl аssets.”
Read more »
Phishing scam
Cyber Crime Dark Web Netflix Payment Data Phishing scam

Researchers Have Issued a Warning About Phishing Scams That Imitate Netflix

 

The tremendous shift of movie and television audiences to streaming services over the last year has offered scammers a golden opportunity to conduct phishing attacks in order to trick future customers into handing over their payment information. Cybercriminals will always follow payment data, according to Kaspersky's Leonid Grustniy, who warned of phishing attempts disguised as Netflix, Amazon Prime, and other streaming service offers. 

Depending on their current streaming subscription status, Kaspersky's researchers detected several lures aimed at targets. Fake sign-up pages for services like Netflix were used to obtain victims' email addresses and credit card information. “Armed with your info, they can withdraw or spend your money right away; your email address should come in handy for future attacks,” Grustniy wrote. 

Fans who did not have subscriptions were lured in by cybercriminals who offered them the chance to view popular series on a bogus website. They usually display a short clip as a teaser, which they try to pass off as a fresh, previously unaired episode. It's usually taken from trailers that have been in the public domain for a long time. Victims who are interested are then prompted to purchase a low-cost subscription in order to continue viewing. What happens next is a standard scenario: any payment information entered by users is sent directly to the fraudsters, and the never-before-seen episode continues. 

Account credentials for streaming services are also popular among cybercriminals, who are interested in more than just bank account information. Because hijacked accounts with paid subscriptions are sold on the dark web. 

Scammers are increasingly using the extensive cultural influence of video streaming platforms as a weapon. For example, the worldwide enthusiasm in Netflix's Squid Game has recently been used to scam crypto investors out of more than $3.3 million. Check Point Research identified a fraudulent Netflix application in the Google Play store last spring, which spread via WhatsApp chats.

Users should avoid clicking on any emails that appear to be affiliated with streaming services and be aware of obvious signals that it's a scam, such as misspellings in messages when payment information is requested. “Do not trust any person or site promising viewings of movies or shows before the official premiere,” Grustniy added.
Read more »
Verizon
Mobile Security Personal Information Phishing scam Spam SMS Verizon

Verizon Phishing Scam Uses Text Messages to Target Customers

 

Verizon subscribers had started to get malicious texts from unknown senders, according to a report published by Phone Arena on Saturday, October 9. Sending messages to a receiver using a suspicious phone number is a phishing technique. The precise contact number is 562-666-1159, and it informs users that their prior month's fee has already been paid. The exact message reads as follows: "Verizon Free Message: Sept bill is paid. Thanks, (first name of the customer)! Here's a little gift for you." 

According to Phone Arena, the majority of Verizon customers have already paid their September bills. As a result, the old invoice suggested that the hacker's message was entirely fictitious. In addition, Verizon is unlikely to deliver a gift to users who have paid their bills in advance. This current phishing attack could indicate that the user's personal information is about to be stolen. 

This attack was similar to what T-Mobile customers experienced previously. Phone Arena said it's conceivable that the phone numbers used to send the phoney messages came from T-Mobile's recent data hack, which affected 48 million members. The text pretended to be from T-Mobile and promised the recipients of the message a $100 free gift as compensation for an outage that occurred somewhere around that time. 

The way T-Mobile was spelled as Tmobile was one of the obvious clues that the whole affair was a hoax. The truth was hidden in the tiny print: the SMS was sent by a marketing firm with no ties to T-Mobile, and the firm was attempting to acquire information about T-Mobile consumers, presumably gathering confirmed phone numbers of the carrier's subscribers.

Coming back to Verizon, the cybercriminals behind the text message will request personal information from subscribers. If a subscriber falls for this ruse, his or her security number, bank account number, and other personal data will be stolen. The threat actor would have access to the required details of a subscriber's Verizon account if this happened. Once the scam is successful, the hackers will order a phone that the user will have to pay for. 

If customers are concerned whether a text or email is real, they should phone the carrier and inquire if someone from that company sent them the message in question, according to Phone Arena. They also recommended that anyone having a wireless account set up a password or PIN to keep their account safe from prying eyes.
Read more »
Technology
Australia Bitcoin cryptocurrency Identity Theft Phishing scam Technology

Cryptoscams Cost Australians About AU$6.6 Million Every Month

 

From the beginning of the year to the end of August, losses due to cryptocurrency investment scams accounted for over a quarter of all scams reported to the Australian Competition and Consumer Commission (ACCC). The ACCC said that it received 3,007 reports totaling losses of AU$53.2 million in response to a notice from the Senate Select Committee on Australia as a Technology and Financial Centre. This accounted for 55% of all investment fraud losses and 48% of all investment fraud reports. 

New South Wales had 860 reports for losses of AU$20.6 million, Victoria had 563 reports for losses of AU$12.6 million, Queenslanders lost AU$8.2 million and submitted 485 reports, and Western Australia had 268 reports for losses of AU$3.8 million. 

People in the 55-64 age group lost over AU$12.6 million and submitted 365 complaints, while those over 65 lost AU$10.7 million and filed 356 reports, and those in the 44-54 age group filed 352 reports and lost AU$8.7 million. The losses declined with age, with individuals aged 35-44 reporting 627 losses totaling AU$7.6 million. Young people aged 25 to 34 lost AU$7 million and filed 570 reports. 

Between January and July 2021, Australians lost over 70 million AUD (or 50 million USD) as a result of such scams, according to Delia Rickard, ACCC Deputy Chair. The most popular investment frauds included cryptocurrencies, particularly Bitcoin. 

Ms. Rickard went on to say that threat actors frequently entice victims with promises of high earnings and minimal risk. She cautioned that such incidents should draw the attention of investors rather than luring them in carelessly. “Be wary of investment opportunities with low risk and high returns. If something sounds too good to be true, it probably is,” she said. 

"While the proportion of reports involving a financial loss has dropped this year, the people who do lose money are losing bigger amounts. The average loss so far this year is about AU$11,000 compared to AU$7,000 for the same period in 2020," Delia said. 

According to the ACCC, phishing scams have increased by 261%, remote access scams have increased by 144%, and identity theft has increased by 234%. The consumer watchdog said it has been giving scammer phone numbers to Australian carriers and working with banks to "raise awareness with their consumers" who may have been infected with the Android spyware Flubot.
Read more »
Phishing scam
Banking Trojan Income Tax Returns India malware Phishing scam

Banking Trojan Posing as I-T Refund hits 27 Indian Banks

 

In India, cyberspace has identified a banking Trojan virus that lurks at attacking bankers using Android smartphones, stated the country’s federal cyber security agency, CERT-In, in an advisory alert. Further, the Indian Computer Emergency Response Team (CERT-In ) has claimed that the virus has attacked clients from over 27 public and private sector banks. 

The phishing malware seems to masquerade as the 'income tax refund' – a social engineering piece of malware which targets personal information – and can 'effectually endanger the confidentiality of sensitive customer information and lead to massive attacks and financial frauds,' the CERT-In said, adding: “It has been observed that Indian banking customers are being targeted by a new type of mobile banking campaign using Drinik Android malware.” 

While explaining the invasion operation, the agency said that a victim would have been prompted to fill in personally identifiable information, download and install malicious APK files to finish the requisite verification on a phishing website (as it is on the website of the tax service). The victim would get a link redirecting it to a phishing website. 

“If the user does not enter any information on the website, the same screen with the form is displayed in the Android application and the user is asked to fill in to proceed,” they said. 

Furthermore, Full name, PAN number, Aadhaar number, permanent addresses, birthdates, cell phone number, and financial information, such as bank details, account number, IFSC code, CIF number, debit cards, expiration date, CVV, and PINs, are included as part of the data asked to be filled by the user. 

Once the user has submitted the details, the program claims that a refund amount may be deposited to the user's bank account, and the application exhibits an error and displays a false upgrade page whenever the user enters the amount and selects the "transfer" options. 

During the display of the screen to install the update, Trojan will forward the information about the user to the attacker. 

"These details are then used by the attacker to generate the bank-specific mobile banking screen and render it on the user's machine. The user is then requested to enter the mobile banking credentials which are captured by the attacker," it said. 

The advisory proposes several counter efforts to stop such attacks and malware, such as downloading apps from the official app shops, installing suitable updates and patches on Android, using secured internet browsing tools, carrying out detailed research before clicking on a link in the message, and looking for true certificates of encryption by checking for a green browser lock.
Read more »
Subscribe to: Posts (Atom)