Malwarebytes

JULY 19, 2022

Together with the Department of Homeland Security (DHS) and the Cybersecurity and Infrastructure Security Agency (CISA), the FBI has released a warning about cybercriminals creating fraudulent cryptocurrency investment apps in order to defraud cryptocurrency investors. Stay safe, everyone!

Cryptocurrency 86

Cryptocurrency Mobile Banking Internet 86

Malwarebytes

JULY 19, 2021

We’ve observed a 419-style scam (also known as an advance fee scam) which combines the promise of cryptocurrency riches with WhatsApp conversation. Folks already involved in cryptocurrency would likely have suspicions raised after reading the below. It’s all about that personal touch in the land of cryptocurrency scams.

Accountability 105

Accountability Scams Cryptocurrency Banking 105

Security Affairs

NOVEMBER 13, 2023

The APT group’s campaigns focus on cryptocurrency exchanges, venture capital firms, and banks. Microsoft researchers warn of a new social engineering campaign aimed at IT job seekers that relied on a new cluster of bogus skills assessment portals. ” warns Microsoft through a series of posts on X.

Social Engineering 111

Social Engineering Cryptocurrency Engineering Malware 111

SecureList

JANUARY 13, 2022

BlueNoroff is the name of an APT group coined by Kaspersky researchers while investigating the notorious attack on Bangladesh’s Central Bank back in 2016. See our earlier publication about BlueNoroff attacks on the banking sector. Also, we have previously reported on cryptocurrency-focused BlueNoroff attacks.

Cryptocurrency 130

Cryptocurrency Malware Accountability Banking 130

CyberSecurity Insiders

AUGUST 17, 2022

The aim behind the said social engineering attack is simple, one to trap employees with fake job offers and second to lure customers in signing up the page and then steal their currency. But now have spread malware in disguise of a PDF file to employees in reputable positions at Coinbase.

Social Engineering 117

Social Engineering Cryptocurrency Education Cybercrime 117

The Last Watchdog

APRIL 14, 2022

The CFO commonly carries out such tasks and arranges a wire transfer using the account information provided on the invoice. In actuality, the request is coming from a BEC fraud ring, and the payment details direct the funds to an account controlled by the attackers. Scenario 2. Scenario 3. Planned attacks.

Phishing 247

Phishing Accountability Scams Social Engineering 247

Krebs on Security

DECEMBER 29, 2022

You just knew 2022 was going to be The Year of Crypto Grift when two of the world’s most popular antivirus makers — Norton and Avira — kicked things off by installing cryptocurrency mining programs on customer computers. A single bitcoin is trading at around $45,000.

Cryptocurrency 239

Cryptocurrency Cybercrime Computers and Electronics Scams 239

Malwarebytes

MARCH 1, 2024

Cybercriminals are targeting Mac users interested in cryptocurrency opportunities with fake calendar invites. Scammers, impersonating cryptocurrency investors, are active on Telegram channels to get interested people to attend a meeting about a future partnership. Topics are cryptocurrency investment opportunities.

Cryptocurrency 100

Cryptocurrency Malware Authentication Banking 100

Security Affairs

JANUARY 3, 2024

Resecurity has uncovered a cybercriminal faction known as “ GXC Team “, who specializes in crafting tools for online banking theft, ecommerce deception, and internet scams. For the tool to function, the operator must input a list of compromised email accounts to be scanned.

Artificial Intelligence 111

Artificial Intelligence Banking Scams Cybercrime 111

eSecurity Planet

SEPTEMBER 30, 2021

Underground services are cropping up that are designed to enable bad actors to intercept one-time passwords (OTPs), which are widely used in two-factor authentication programs whose purpose is to better protect customers’ online accounts. By using the services, cybercriminals can gain access to victims’ accounts to steal money.

Authentication 111

Authentication Social Engineering Phishing Banking 111

SecureList

NOVEMBER 23, 2021

We should expect more fraud, targeting mostly BTC , because this cryptocurrency is the most popular. In fact, from January through the end of October, Kaspersky detected more than 2,300 fraudulent global resources aimed at 85,000 potential crypto investors or users who are interested in cryptocurrency mining. Extortion on the rise.

Cryptocurrency 110

Cryptocurrency Banking Cybercrime Ransomware 110

Krebs on Security

APRIL 20, 2023

In many cases, the phony profiles spoofed chief information security officers at major corporations , and some attracted quite a few connections before their accounts were terminated. which owns LinkedIn, said in September 2022 that it had detected a wide range of social engineering campaigns using a proliferation of phony LinkedIn accounts.

Malware 289

Malware Software Technology Accountability 289

Krebs on Security

AUGUST 19, 2020

According to interviews with several sources, this hybrid phishing gang has a remarkably high success rate, and operates primarily through paid requests or “bounties,” where customers seeking access to specific companies or accounts can hire them to target employees working remotely at home. A phishing page (helpdesk-att[.]com)

Phishing 360

Phishing VPN Social Engineering Media 360

Malwarebytes

AUGUST 13, 2021

A fair few cryptocurrency scams have been doing the rounds across 2021. One of the sneakiest ways to grab a code is to jump into customer support discussions on social media. Scammers set up fake customer support style accounts, then direct potential victims to phishing pages hosted elsewhere. Recovery code theft.

Scams 105

Scams Cryptocurrency Social Engineering Media 105

SecureWorld News

AUGUST 2, 2021

Robinhood is an increasingly popular trading app where you can buy and sell stocks, as well as cryptocurrency. Phishing attempts come via email where scammers use different social engineering tactics to pose as a reputable sender like the IRS, your bank or brokerage firm. How to spot phishing emails.

Phishing 84

Phishing Social Engineering Scams Identity Theft 84

Malwarebytes

APRIL 28, 2021

This is aided by imitation accounts modelled to look like the genuine organisation’s account. The victim is typically sent to a phishing page where accounts, payment details, identities, or other things can be stolen. The scam isn’t being spread by just one account, nor is there just one bogus support form.

Phishing 121

Phishing Cryptocurrency Accountability Scams 121

Malwarebytes

JUNE 23, 2022

This operation also led the Belgian Police (Police Fédérale/Federale Politie) and the Dutch Police (Politie) to nine arrests, 24 house searches, and the seizure of firearms, ammunition, jewelry, electronic devices, cash, and cryptocurrency. Once recipients opened the link, they would be directed to a bogus bank website.

Phishing 102

Phishing Banking Cryptocurrency Scams 102

Security Affairs

OCTOBER 20, 2020

Group-IB assisted Paxful, an international peer-to-peer cryptocurrency marketplace, in countering web-bot and social engineering attacks. Group-IB Secure Portal also managed to identify over 100,000 accounts with three or more logins from the same device. About Group-IB.

Cryptocurrency 57

Cryptocurrency Social Engineering eCommerce Engineering 57

Krebs on Security

NOVEMBER 6, 2018

that has been tracking down individuals engaged in unauthorized “SIM swaps” — a complex form of mobile phone fraud that is often used to steal large amounts of cryptocurrencies and other items of value from victims. SIM swapping attacks primarily target individuals who are visibly active in the cryptocurrency space.

Mobile 243

Mobile Cryptocurrency Accountability Passwords 243

SC Magazine

MAY 12, 2021

Researchers found 167 counterfeit Android and iOS apps that attackers used to steal money from victims who believed they installed a financial trading, banking or cryptocurrency app. If targets later tried to withdraw funds or close the account, the attackers would block access. Photo by Justin Sullivan/Getty Images).

Scams 62

Scams Cryptocurrency Social Engineering Banking 62

SecureList

NOVEMBER 22, 2022

As the financial threat landscape has been dramatically evolving over the past few years, with the expansion of such activities as ransomware or cryptofraud, we believe it is no longer sufficient to look at the threats to traditional financial institutions (like banks), but rather assess financial threats as a whole.

Cryptocurrency 91

Cryptocurrency Mobile Ransomware Banking 91

Appknox

JUNE 23, 2022

Thus, these Australian attacks significantly contribute to the rising trend in socially engineered attacks. Cryptocurrency and NFT attacks are rising as decentralized finance, and digital art assets become sophisticated socially engineered threats. Common Trends Among the Australian Mobile Threats.

Social Engineering 92

Social Engineering Mobile Scams Engineering 92

Security Affairs

AUGUST 6, 2023

Reptile Rootkit employed in attacks against Linux systems in South Korea New PaperCut flaw in print management software exposes servers to RCE attacks A cyberattack impacted operations of multiple hospitals in several US states Married couple pleaded guilty to laundering billions in cryptocurrency stolen from Bitfinex in 2016 Malicious packages in (..)

Malware 72

Malware Cybercrime Cryptocurrency Social Engineering 72

Malwarebytes

APRIL 7, 2021

Several users of Trezor, a small hardware device that acts as a cryptocurrency wallet, have been duped by a fake app with the same name. He wanted to check his cryptocurrency balance on his phone and decided to search for and download an app instead of plugging the device into his computer via a USB connection. He lost 17.1

Cryptocurrency 104

Cryptocurrency Scams Engineering Accountability 104

eSecurity Planet

SEPTEMBER 14, 2022

To this end, some impressive technology has been created to combat the technological side of the issue, to keep hackers and similar bad actors from accessing data and account privileges they shouldn’t. 70% of attacks were on banks. Social Tactics. Phishing attacks made up 40% of all attacks in the sector. Technological tactics.

Social Engineering 117

Social Engineering Energy and Utilities Phishing Scams 117

SecureList

DECEMBER 6, 2022

Phishers primarily seek to extract confidential information from victims, such as credentials or bank card details, while scammers deploy social engineering to persuade targets to transfer money on their own accord. At around the same time, phishers started targeting online payment systems and internet banks.

Scams 98

Scams Phishing Social Engineering Banking 98

SecureList

MARCH 7, 2024

To get access to the content (or contest), phishing sites prompted the victim to sign in to one of their gaming accounts. If the victim entered their credentials on the phishing form, the account was hijacked. The information could later be used to steal both funds from victims’ accounts and their identities.

Phishing 101

Phishing Scams Cryptocurrency Accountability 101

Hot for Security

MARCH 2, 2021

By applying high-pressure tactics and the promise of expedited payments, scammers have managed to dupe recipients into providing their personal information and bank account numbers or paying a small “processing fees.” IRS and Bank-related scams. Billions of unsolicited emails are sent to inboxes every day.

Scams 116

Scams Identity Theft Banking Phishing 116

Malwarebytes

APRIL 19, 2022

In the past we have seen Twitter scams where a fake account answers a question in the replies to a tweet by a well known organisation and pretends to be customer support , hijacking the conversation and directing victims to a phishing page. There are some ways to try and reduce ( not eliminate) this, though: Check the account creation date.

Scams 106

Scams Accountability Media Phishing 106

Security Affairs

NOVEMBER 26, 2018

He gained access to his phone number and used it impersonate the executive and steal $500,000 from two accounts he had at Coinbase and Gemini. But he wasn’t quick enough to stop a hacker from draining $500,000 from two separate accounts he had at Coinbase and Gemini, according to Santa Clara officials.”

Cryptocurrency 80

Cryptocurrency Identity Theft Social Engineering Advertising 80

SecureWorld News

MARCH 22, 2021

Business Email Compromise (BEC) and Email Account Compromise (EAC) are scams targeting individuals or organizations performing transfers of funds. This scam is most often used when an attacker compromises legitimate email accounts through social engineering or computer intrusion techniques. Business Email Compromise 2020.

Cybercrime 54

Cybercrime Scams Banking Accountability 54

SecureList

JUNE 7, 2023

Mobile statistics Targeted attacks BlueNoroff introduces new methods bypassing MotW At the close of 2022, we reported the recent activities of BlueNoroff , a financially motivated threat actor known for stealing cryptocurrency. The threat actor uses social engineering to infect a PoS terminal.

DNS 101

DNS Malware Cryptocurrency Retail 101

Security Affairs

JUNE 4, 2021

A person’s credit card details and account balance are sold for 150 USD if the account balance is under 1000 USD, but 240 if it is under 5000 USD. Stolen Paypal account details, Neteller, PerfectMoney, TransferGo, and other payment services are also on the list. An American Express, though, is 35 USD. What about services?

Accountability 106

Accountability Marketing Hacking Cryptocurrency 106

Identity IQ

FEBRUARY 8, 2024

Transactions on the dark web are typically conducted using cryptocurrencies such as Bitcoin to maintain anonymity. The deep web is also made up of content that is not indexed by search engines and requires a login to access. The dark web is similar in that it can’t be found by search engines, but that is where the similarities end.

Identity Theft 98

Identity Theft Cryptocurrency Government Engineering 98

Security Affairs

SEPTEMBER 2, 2018

The Loki Bot attacks started in July and aimed at stealing passwords from browsers, messaging applications, mail and FTP clients, and cryptocurrency wallets. Loki Bot operators employ various social engineering technique to trick victims into opening weaponized attachments that would deploy the Loki Bot stealer.

Social Engineering 51

Social Engineering Cryptocurrency Advertising Malware 51

Security Through Education

NOVEMBER 9, 2022

The use of ransomware has also seen a surge in recent years, accounting for a 13% increase this year alone, which is more than in the last 5 years combined. While others would impersonate real banks or relief causes. At Social Engineer LLC, our purpose is to bring education and awareness to all users of technology.

Scams 64

Scams Social Engineering Phishing Engineering 64

Malwarebytes

APRIL 11, 2023

There are crawlers that can search your phone for personally identifiable information (PII), account credentials, banking-related or credit card data in seconds. Instead, hackers know that our mobile devices store a lot of PII, which can be sold on the dark web for profit or re-used in social engineering campaigns.

Mobile 98

Mobile Banking Malware Spyware 98