Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Scam. Show all posts
Scam
Browser confidential documents Cyber Security Emails phishing Scam

When Trusted Sites Turn Dangerous: How Hackers Are Fooling Users

 


A recent cyberattack has revealed how scammers are now using reliable websites and tailored links to steal people's login credentials. This new method makes it much harder to spot the scam, even for trained eyes.


How It Was Caught

A cybersecurity team at Keep Aware was silently monitoring browser activity to observe threats in real time. They didn’t interrupt the users — instead, they watched how threats behaved from start to finish. That’s how they noticed one employee typed their login details into a suspicious page.

This alert led the team to investigate deeper. They confirmed that a phishing attack had occurred and quickly took action by resetting the affected user’s password and checking for other strange activity on their account.

What stood out was this: the phishing page didn’t come from normal browsing. The user likely clicked a link from their email app, meaning the scam started in their inbox but took place in their browser.


How the Scam Worked

The employee landed on a real, long-standing website known for selling outdoor tents. This site was over 9 years old and had a clean online reputation. But cybercriminals had broken in and added a fake page without anyone noticing.

The page showed a message saying the user had received a “Confidential Document” and asked them to type in their email to view a payment file. This is a typical trick — creating a sense of urgency to get the person to act without thinking.


Tactics Used by Hackers

The fake page was designed to avoid being studied by experts. It blocked right-clicking and common keyboard shortcuts so that users or researchers couldn’t easily inspect it.

It also had smart code that responded to how the person arrived. If the phishing link already included the target’s email address, the page would automatically fill it in. This made the form feel more genuine and saved the user a step — making it more likely they’d complete the action.

This technique also allowed attackers to keep track of which targets clicked and which ones entered their information.


Why It Matters

This attack shows just how advanced phishing scams have become. By using real websites, targeted emails, and smooth user experiences, scammers are getting better at fooling people.

To stay safe, always be cautious when entering personal information online. Even if a site looks familiar, double-check the web address and avoid clicking suspicious email links. If something feels off, report it before doing anything else.


Read more »
SSA
Cybersecurity Datatheft Fraud IdentityTheft malware phishing remotetool Scam screenconnect SSA

Cybercriminals Target Social Security Users with Sophisticated Phishing Scam

 

A new wave of phishing attacks is exploiting public trust in government agencies. Cybercriminals are sending fraudulent emails that appear to come from the Social Security Administration (SSA), aiming to trick recipients into downloading a remote access tool that gives hackers full control over their computers, according to a report by Malwarebytes.

The scam emails, often sent from compromised WordPress websites, claim to offer a downloadable Social Security statement. However, the entire message is typically embedded as an image—a tactic that allows it to bypass most email filters. Clicking on the link initiates the installation of ScreenConnect, a powerful malware tool that enables attackers to infiltrate your device remotely.

The campaign has been attributed to a phishing group known as Molatori, whose goal is to extract personal, banking, and other sensitive information. “Once in, the attackers can steal your data, commit financial fraud, and engage in identity theft,” the report warns.

To avoid falling victim, experts suggest staying alert to red flags. These scam emails often contain poor grammar, missing punctuation, strange formatting, and unusual colour schemes for links. Such errors—evident in screenshots shared by Malwarebytes and the SSA—are clear signs of a scam, even as AI-driven tactics make phishing attempts more convincing than ever.

“If you want to view your Social Security statement, the safest option is to visit ssa.gov,” the SSA advises.

What to Do If  You're Targeted:

  • Cut off all communication with the scammer
  • Report the incident to the SSA Office of the Inspector General (OIG)
  • File a report with your local police
  • If you've lost money, submit a complaint to the FBI’s Internet Crime Complaint Center (IC3)

As phishing threats continue to evolve, cybersecurity awareness remains your best defense.


Read more »
virus
Apple Macbook malware Scam virus

One Click Is All It Takes: New Mac Malware Steals Your Data

 



A growing number of Mac users are being tricked into downloading harmful software through fake verification messages. These scams look like normal human checks, such as Google’s “I’m not a robot” box, but are actually part of a malware campaign targeting Apple computers.

Researchers recently found that over 2,800 websites have been hacked to spread a malware called Atomic Stealer. This software is designed to steal passwords, browser data, crypto wallets, and personal files from infected Macs.


How the scam works

The attack begins when someone visits one of these infected websites. A fake pop-up appears, asking them to prove they’re human. It looks like a regular verification step we’re used to seeing online. Most people would not think twice before clicking.

But once the user clicks the button, a hidden code is quietly copied to their clipboard. Then, the pop-up gives strange instructions that tell the person to open the Terminal app on their Mac and paste the copied code.

If they follow these steps and press Enter, the malware gets installed on their system. The software then begins stealing information saved in the system’s password manager and browsers, as well as any crypto assets stored on the device.


Why this trick is dangerous

This attack is hard to catch because the victim unknowingly helps install the malware. Instead of using a typical virus download, the scam relies on people following the instructions themselves. This method can bypass antivirus programs, making it even more dangerous.

What makes this more troubling is that this malware is being sold as a service. Hackers pay monthly to use Atomic Stealer, which means many groups can launch similar attacks using different techniques.


How to protect yourself

If a website ever tells you to open Terminal or paste something into your system, close it right away. This is not a normal request and should be treated as a red flag.

While Apple devices include built-in security tools, it’s also a good idea to install trusted antivirus software for added safety. Identity theft protection services can also help if your personal information is ever misused.

This scam is successful because it plays on our habits. Many people don’t question familiar actions, especially when under pressure. Share this information with friends and family so they can stay safe, too. Avoid unfamiliar websites, think carefully before clicking, and never follow odd instructions from online pop-ups.

Read more »
Scam
Cyber Fraud Cyberattack CyberCrime Hacking Pune Scam

Pune Company Falls Victim to ₹6.49 Crore Cyber Fraud in Major Man-in-the-Middle Attack

 

A 39-year-old director of a Mohammedwadi-based firm, which operates in IT services and dry fruit imports, was duped into transferring ₹6.49 crore following a sophisticated Man-in-the-Middle (MitM) cyberattack on March 27. In a MitM scam, cybercriminals secretly intercept communications between two parties, impersonating one to deceive the other, often stealing sensitive information or funds.

According to investigators, the company director was at his residence near NIBM Road when he received what appeared to be a legitimate payment request via email from a business associate. Trusting the authenticity, he initiated the payment and even instructed his bank to process it. However, when he later contacted the exporter to confirm receipt, they denied getting any money.

Upon closer inspection, the director discovered subtle changes in the sender's email ID and bank account details — just one letter altered in the email address and a different bank account number. These minor discrepancies went unnoticed initially, police said.

Senior Inspector Swapnali Shinde of the Cyber Police told TOI, "It has two divisions, one for IT services and another for importing dry fruits. The company director would import the dry fruits from different countries, including the United States and those in the Middle-East. On March 27, he received a payment request from an exporter of dry fruits based in the US. The email demanded payment of nearly Rs 6.5 crore. The victim, thinking it was for the almonds he'd recently imported, initiated the transaction."

Realizing the fraud only on April 17, the director registered an FIR with Pune's cyber police on April 23.

Shinde added, "Officials from his bank called him to verify the transaction, but he told them to proceed. The amount was across in five transactions," explaining that the online ledger displayed only the first few letters of the firm's name and bank details.

"The victim did not realise that the account number of the company, with whom he had regular business with, was changed. He just clicked on the button and initiated the transactions," Shinde said.

Cyber investigators are now tracing the trail of the siphoned funds. "The cash went to several accounts. We're still trying to establish a trail. As of now we can say that about Rs 3 crore is yet to reach the suspects. We will try our best to salvage the money," Shinde stated.
Read more »
Scam
Cyber Crime Payment QR Codes Quishing Scam

QR Code Frauds Growing Fast in the UK: What You Should Know

 



A new kind of digital scam is spreading across the UK, where criminals trick people using fake QR codes. This type of scam is called “quishing,” and it has been growing quickly. In 2023, there were over 1,300 reports of this scam, compared to only 100 cases in 2019, showing just how fast it's increasing.


How These Scams Work

Scammers take advantage of everyday places where QR codes are used for payments or information. This includes locations like parking spots or restaurant tables where you scan codes to pay or view menus. What these scammers do is cover the real QR codes with fake ones that they control.

When someone scans the fake code, it sends them to a fake website. The site may ask them to enter payment details, thinking it's a normal payment page. In some cases, clicking the link may even install harmful software on the person’s phone without them knowing.


Why It’s Hard to Notice

These scams can be hard to detect. Unlike large frauds that take big sums of money at once, these scams often take small amounts over time, making it less likely for someone to notice. The charges might look like monthly fees or parking payments, so they often go unnoticed.

Cyber experts say that what makes this scam dangerous is how real the fake websites appear. The links that come up after scanning look just like real ones, so people don’t think twice before entering their card numbers or other personal information.


What You Can Do to Stay Safe

Here are some simple steps to protect yourself:

1. Only scan QR codes that you trust. If the code looks tampered with or placed unevenly, avoid using it.

2. Never enter sensitive information like card numbers on a website you reached through a QR code unless you’re sure it’s safe.

3. Before submitting any details, double-check the website’s name or URL for spelling errors or anything unusual.

4. Use a reliable security app on your phone that can detect harmful links or files.


QR codes were created to make daily tasks faster and more convenient. But now, scammers are misusing them to steal people’s information and money. As these scams become more common, the best defense is to be alert and avoid scanning any QR code that looks even slightly suspicious.


Read more »
TaxSeason
2FA Cybersecurity Data Breach GoogleAds OTP phishing QuickBooks Scam TaxSeason

Cybercriminals Target QuickBooks Users with Phishing Attacks via Google Ads Ahead of Tax Deadline

 

With the April 15 U.S. tax deadline looming, millions of users are logging in to manage their finances online—unfortunately, cybercriminals are watching too. Leveraging this surge in digital activity, attackers are exploiting trusted platforms like Google to deceive users of Intuit’s QuickBooks.

By purchasing top Google Ads placements, hackers are directing users to authentic-looking but fraudulent login pages. These fake portals are designed to steal crucial information including usernames, passwords, and even one-time passcodes (OTPs)—granting criminals access to victims’ financial data needed for filing taxes.

Understanding how this scam works is the first step toward staying safe. Phishing scams targeting accounting software are nothing new. Fraudulent support calls and infected software downloads—often traced to large-scale operations in India and nearby regions—have long been tactics in the scammer playbook.

Late last year, security experts uncovered a malicious QuickBooks installer that prompted users to call a fake support number through a deceptive pop-up.

This new scam is even more concerning. Instead of malware, attackers are now going straight for login credentials. The scam begins with a simple Google search. An ad mimicking Intuit’s branding for “QuickBooks Online” leads users to a convincing fake website.
  • Domain Name: QUICCKBOORKS-ACCCOUNTING.COM
  • Registrar URL: https://www.hostinger.com
  • Creation Date: 2025-04-07T01:44:46Z
The phishing site mirrors the actual QuickBooks login portal. Once users enter their credentials, the information is harvested in real-time and sent to cybercriminals.

"Passwords alone offer a limited level of security because they can be easily guessed, stolen through phishing, or compromised in data breaches. It is highly recommended to enhance account protection by enabling a second form of authentication like one-time passcodes sent to your device or utilizing a 2FA app for an extra layer of verification."

However, even two-factor authentication (2FA) and OTPs are being targeted. Modern phishing kits use advanced tactics like “man-in-the-middle” or “adversary-in-the-middle” (AiTM) attacks to intercept this second layer of protection.

As users unknowingly submit both their password and OTP to a fake login page, the information is relayed instantly to the attacker—who uses it before the code expires.

Cybercriminals ramp up efforts during tax season, banking on urgency and the volume of financial activity to catch users off guard. Their tools? Deceptive Google ads that closely resemble legitimate QuickBooks links. These reroute users to cloned websites that can collect sensitive data—or even install malware.

While 2FA and OTPs still offer critical protection against many threats, they must be used on verified platforms to be effective. If you land on a malicious site, even the best security tools can be bypassed.
Read more »
Tax
Cyber Fraud IRS Cybersecurity phishing Scam Tax

Microsoft Warns of Tax-Themed Phishing Scams Targeting Americans This April

 

As the tax deadline looms, cybercriminals are seizing the opportunity to exploit anxious taxpayers. Microsoft has sounded the alarm on a new surge of sophisticated phishing scams that are preying on individuals during the 2025 tax season.

From fake IRS communications to malicious PDFs and QR codes, scammers are using increasingly deceptive methods to trick users into handing over sensitive information or installing malware.

These phishing campaigns are engineered to deliver a variety of dangerous payloads including Latrodectus, BruteRatel C4, and AHKBot. They also often deploy remote access trojans (RATs), enabling hackers to take over infected systems, steal financial data, or commit identity theft.

The fraudulent emails appear convincing, often featuring urgent subject lines such as "Unusual Activity Detected in Your IRS Filing" or "Important Action Required: IRS Audit." With one click, users are redirected to fake websites—like spoofed DocuSign pages—that automatically trigger malware downloads.

In some cases, scammers are playing the long game. One tactic involves emails from fake "clients" claiming tax-related emergencies due to past CPA errors. A response to these emails could lead to receiving a malicious attachment disguised as a tax document.

Microsoft has flagged a particularly stealthy campaign aimed at accountants. The bait? A malware-laced PDF that deploys GuLoader, a tool that leverages encrypted shellcode and cloud-based services to bypass standard security protocols. Once installed, Remcos, a remote access trojan, takes over the device, allowing hackers to manipulate files or exfiltrate data unnoticed.

“Scammers thrive on panic, so don't let them rush you. Always double-check sender addresses, avoid clicking links in unexpected emails, and never download attachments unless you're absolutely certain they're safe,” the advisory warns.

The IRS, it’s important to note, does not contact individuals via email, text, or social media for sensitive information.

Microsoft reassures users that their security solutions are actively combating these threats.

“Defender for Office 365 automatically flags and blocks phishing emails and malicious attachments, while Defender for Endpoint provides comprehensive protection across devices.”

With awareness and caution, individuals can better protect themselves from falling victim during this high-risk season.
Read more »
Scam
Antivirus Cyber Fraud Cybersecurity Fraud Hackers phishing Scam

Phishing Scams Are Getting Smarter – And More Subtle : Here’s All You Need to Know

 

Cybercriminals are evolving. Those dramatic emails warning about expired subscriptions, tax threats, or computer hacks are slowly being replaced by subtler, less alarming messages. New research suggests scammers are moving away from attention-grabbing tactics because people are finally catching on.

Kendall McKay, strategic lead for cyber threat intelligence at Cisco’s Talos division, said phishing scams are adapting to stay effective. “They probably know that we've caught on to this and the tricky, sensational email isn't going to work anymore,” McKay said. “So they've moved towards these benign words, which are likely to show up in your inbox every day."

Cisco’s 2024 Year in Review report found that common phishing emails now include subject lines like “request,” “forward,” and “report”—a shift from the usual “urgent” or “payment overdue.” Despite the growing use of advanced tools like AI, scammers still favor phishing because it works. Whether they’re targeting large corporations or individuals, their aim remains the same: to trick users into clicking malicious links or giving up sensitive information.

The most impersonated brands in blocked phishing emails last year included:
  • Microsoft Outlook – 25% of total phishing attempts
  • LinkedIn
  • Amazon
  • PayPal
  • Apple
  • Shein
“Phishing is still prominent, phishing is effective, and phishing is only getting better and better, especially with AI,” McKay said.

Common phishing tactics include:
  • Unsolicited messages via email, text, or social media—especially if they come from people or companies you haven’t contacted.
  • Fake job offers that appear legitimate. Always verify recruiter details, and never share personal information unless it’s through a trusted channel.
  • Requests for gift cards or cryptocurrency payments—these are favored by scammers because they’re untraceable. Official entities like the IRS won’t ever ask for payment in these forms or reach out via email, phone, or text.
  • Online romance scams that play on emotional vulnerability. The FTC reported $384 million in losses from romance scams in just the first nine months of 2024.
  • Charity scams tied to current events or disasters. Always donate through official websites or verified sources.
To protect yourself if you think you’ve been phished:
  • Install and update antivirus software regularly—it helps filter spam and block malware-laced attachments.
  • Use strong, unique passwords for every account. A password manager can help manage them if needed.
  • Enable two-factor authentication (2FA) using apps or physical security keys (avoid SMS-based 2FA when possible).
  • Freeze your credit if your Social Security number or personal data may have been compromised. Experts even suggest freezing children’s credit to prevent unnoticed identity theft.
  • Scams are no longer loud or obvious. As phishing becomes more polished and AI-powered, the best defense is staying alert—even to the emails that seem the most routine.
Read more »
Subscribe to: Posts (Atom)