Krebs on Security

JANUARY 29, 2022

a Norwegian company formed in 2017 that was seeking the equivalent of USD $100 million investment to bring its green fleet of 30 new offshore service vessels to fruition. The scam artist John Bernard (left) in a recent Zoom call, and a photo of John Clifton Davies from 2015. “Bernard appeared to be experienced.

Scams 261

Scams Technology Web Fraud 261

Krebs on Security

AUGUST 9, 2021

While it may be hard to believe that authorities would go after crooks stealing from one another, in 2017 a Connecticut man pleaded guilty to charges of phishing several criminal dark web markets in a scheme that eventually netted over $365,000 and more than 10,000 stolen user credentials.

Phishing 355

Phishing Cybercrime Accountability Advertising 355

Krebs on Security

FEBRUARY 24, 2023

A security firm has discovered that a six-year-old crafty botnet known as Mylobot appears to be powering a residential proxy service called BHProxies , which offers paying customers the ability to route their web traffic anonymously through compromised computers. The BHProxies website.

Accountability 229

Accountability Advertising Marketing Malware 229

Krebs on Security

JANUARY 9, 2023

And as we saw with Equifax’s consolidated class-action settlement in response to letting state-sponsored hackers from China steal data on nearly 150 million Americans back in 2017 , class-actions and more laughable “free credit monitoring” services from the very same companies that created the problem aren’t going to cut it.

Identity Theft 334

Identity Theft Accountability Authentication Web Fraud 334

Krebs on Security

JULY 10, 2022

More greatest hits from Experian: 2017: Experian Site Can Give Anyone Your Credit Freeze PIN. . “I do think it’s important to point out that their real customers do have a choice, and they should switch to TransUnion and Equifax,” he added. 2015: Experian Breach Affects 15 Million Customers.

Accountability 315

Accountability Passwords Authentication Password Management 315

Krebs on Security

MARCH 22, 2022

In February 2017, Horohorin was released after serving four years in a U.S. Russian banks are prohibited from processing payments for online gambling, and as a result many online gaming sites catering to Russian speakers have chosen to process credit card payments through Ukrainian financial institutions.

Banking 193

Banking Marketing DDOS Risk 193

Krebs on Security

JANUARY 7, 2020

Second, this attack is not exactly new: In 2017, for instance, phishers used a similar technique to plunder accounts at Google’s Gmail service. Still, this phishing tactic is worth highlighting because recent examples of it received relatively little press coverage.

Phishing 241

Phishing Passwords Accountability Authentication 241

Krebs on Security

JANUARY 25, 2022

” In 2017, the Consumer Financial Protection Bureau sued four tribal online payday lenders in federal court — including Mountain Summit Financial — for allegedly deceiving consumers and collecting debt that was not legally owed in many states.

Financial Services 217

Financial Services Banking Accountability Identity Theft 217

Krebs on Security

NOVEMBER 23, 2018

Now that anyone can get SSL certificates for free , phishers and other scammers that ply their trade via fake Web sites are starting to up their game. In December 2017, PhishLabs estimated that a quarter of all phishing Web sites were outfitting their scam pages with SSL certificates to make them appear more trustworthy.

Scams 273

Scams Wireless Phishing Banking 273

Krebs on Security

OCTOBER 15, 2019

million stolen cards; 2017 saw some 4.9 The leaked data shows that in 2015, BriansClub added just 1.7 million card records for sale. But business would pick up in each of the years that followed: In 2016, BriansClub uploaded 2.89 million cards added; 2018 brought in 9.2 million more. million cards.

Hacking 212

Hacking Cybercrime Marketing Banking 212

Krebs on Security

JANUARY 22, 2019

Mozilla spokesperson Ellen Canale said Mozilla took ownership of virtualfirefox.com in September 2017 after a trademark dispute, but that the DNS nameserver for the record was not reset until January of 2019. “We’ve reviewed the configuration of both our registrar and nameservers and have found no indication of misuse.

DNS 235

DNS Internet Internet Computers and Electronics 235

Krebs on Security

FEBRUARY 2, 2021

ValidCC, circa 2017. The proprietors of the popular store said their servers were seized as part of a coordinated law enforcement operation designed to disconnect and confiscate its infrastructure.

Cybercrime 209

Cybercrime Media Accountability Hacking 209

Krebs on Security

JULY 16, 2019

Yalishanda would re-brand and market his pricey bulletproof hosting services under a variety of nicknames and cybercrime forums over the years, including one particularly long-lived abuse-friendly project aptly named abushost[.]ru. “Bulletproof hosting is probably the biggest enabling service that you find in the underground.

Cybercrime 183

Cybercrime Phishing Banking Malware 183

Krebs on Security

APRIL 22, 2024

The Russian news outlet Kommersant reports that all four of those who cooperated were released with probation or correctional labor. Zaitsev received a sentence of 3.5 years in prison, and defendant Alexander Kovalev got four years.

Cybercrime 246

Cybercrime Hacking Software Web Fraud 246