Security Affairs

JANUARY 18, 2020

I’m preparing the slides for my next speech and I decided to create this post while searching for interesting cybercrime statistics in 2020. Cybercrime will cost as much as $6 trillion annually by 2021. The global expense for organizations to protect their systems from cybercrime attacks will continue to grow.

Cybercrime 126

Cybercrime Small Business Data breaches Mobile 126

CyberSecurity Insiders

JANUARY 3, 2023

Already some have used the OpenAI platform to have ChatGPT write phishing emails and insert malicious links. The emails don’t have the usual spelling, grammar, and syntax errors that today’s phishing messages composed by non-native-English speakers tend to contain – errors that serve as a tip-off to recipients.

Technology 135

Technology Cybercrime Artificial Intelligence Government 135

Krebs on Security

APRIL 8, 2019

Almost exactly one year ago, KrebsOnSecurity reported that a mere two hours of searching revealed more than 100 Facebook groups with some 300,000 members openly advertising services to support all types of cybercrime, including spam, credit card fraud and identity theft. Facebook responded by deleting those groups.

Cybercrime 199

Cybercrime Passwords Identity Theft Accountability 199

Security Affairs

JULY 6, 2021

The alleged perpetrator, who turned out to be a citizen of Morocco, was arrested in May by the Moroccan police based on the data about his cybercrimes that was provided by Group-IB. Almost each of the scripts contained in the phishing kit had its creator’s nickname, Dr HeX, and contact email address.

Cybercrime 96

Cybercrime Phishing Banking Telecommunications 96

Security Affairs

SEPTEMBER 18, 2021

Security researchers from the Cisco Talos team uncovered a spear-phishing campaign targeting the aviation industry for two years avoiding detection. Security researchers from Cisco Talos uncovered a spear-phishing campaign targeting, dubbed Operation Layover, that targeted the aviation industry for two years without being detected.

Malware 98

Malware Phishing DNS Cybercrime 98

Security Affairs

JANUARY 30, 2019

According to the ENISA Threat Landscape Report 2018, 2018 has brought significant changes in the techniques, tactics, and procedures associated with cybercrime organizations and nation-state actors. ” reads the ENISA Threat Landscape Report 2018. Exploit Kits have lost their importance in the cyberthreat landscape.

Cyber threats 82

Cyber threats IoT Social Engineering Advertising 82

Malwarebytes

JUNE 8, 2021

Sometimes, it’s used even if an attack being discussed is a basic phish, or maybe some very generic malware. A Latvian woman has been charged for their alleged role in a transnational cybercrime organisation. As touched on above, the group hired experts in a variety of cybercrime fields. What happened this week, you ask?

Cybercrime 112

Cybercrime Malware Banking Phishing 112

SecureWorld News

MAY 2, 2022

Another day, another dollar, another phishing scam that'll make you holler. Department of Justice (DOJ) recently announced the conviction of a California man who stole more than $23 million from the Department of Defense (DOD) through a complex phishing scam. On October 10, 2018, the DOD transferred $23.5

Phishing 78

Phishing Computers and Electronics Banking Scams 78

Security Affairs

NOVEMBER 3, 2022

It focused on deploying POS malware and launching targeted spear-phishing attacks against organizations worldwide. aka BIRDDOG)’ It is a backdoor that was used by the FIN7 group since at least 2018, it also connects to a C2 IP address 45[.]67[.]229[.]148 ” Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Cybercrime 96

Cybercrime Ransomware Antivirus Malware 96

Krebs on Security

OCTOBER 31, 2023

The top-level domain for the United States — US — is home to thousands of newly-registered domains tied to a malicious link shortening service that facilitates malware and phishing scams, new research suggests. domains as among the most prevalent in phishing attacks over the past year. As far back as 2018, Interisle found.US

Phishing 261

Phishing Telecommunications Malware Scams 261

Security Affairs

AUGUST 5, 2019

A crook involved in a spear phishing scheme and that was in Kenya is facing up to 20 years in the US federal prison for stealing thousands of dollars from US universities. Amil Hassan Raage, 48, pleaded guilty last week in a southern California court to fraudulently receiving almost $750,000 as part of a spear phishing scheme.

Phishing 98

Phishing Banking Advertising Accountability 98

SecureList

OCTOBER 20, 2021

Having been in the field for so long, we have witnessed some major changes in the cybercrime world’s modus operandi. This report shares our insights into the Russian-speaking cybercrime world and the changes in how it operates that have happened in the past five years.

Cybercrime 137

Cybercrime Banking Malware Ransomware 137

Security Affairs

APRIL 15, 2020

The report focuses on phishing kits – the driving force of the phishing industry, which is hard to detect but extremely valuable in terms of fight against phishing. The growing demand for phishing kits is also reflected in its price that skyrocketed last year by 149 percent and exceeded $300 per item.

Phishing 100

Phishing Marketing Advertising Cyber threats 100

Security Affairs

NOVEMBER 16, 2018

According to Group-IB’s report findings, Asia is one of the most actively attacked regions in the world, the company presented latest cybercrime trends. In 2017-2018 hackers’ interest in cryptocurrency exchanges ramped up. In 2018 the direct financial losses from these attacks amounted to almost $20 million. Attacks on Crypto.

Cybercrime 83

Cybercrime Hacking Banking Phishing 83

Security Affairs

MARCH 14, 2024

“The phishing campaign employed open redirect URLs from Google Ad technologies to distribute fake Microsoft software installers (.MSI) The attack chain analyzed by the ZDI starts with a phishing message using PDF attachment with a specially crafted link. MSI) installers. ” reads the analysis published by Trend Micro.

Phishing 104

Phishing Malware Software Internet 104

Krebs on Security

JULY 20, 2021

Levashov has been in federal custody since his extradition to the United States and guilty plea in 2018, and was facing up to 12 more years in prison. Severa created and then leased out to others some of the nastiest cybercrime engines in history — including the Storm worm , and the Waledac and Kelihos spam botnets. A native of St.

Antivirus 288

Antivirus Cybercrime Identity Theft Scams 288

SiteLock

AUGUST 27, 2021

This is the reality for many website owners, and now more than ever, they need to be on alert for cyberattacks in 2018. In Q3 2017, SiteLock discovered alarming cybercrime trends that will likely affect websites for months to come. Phishing Kits. How are cybercriminals taking advantage of website visitors? Defacements.

Malware 52

Malware Engineering Phishing Accountability 52

Security Affairs

APRIL 8, 2019

Bahrain, 08.04.2019 – Group-IB, an international company that specializes in preventing cyberattacks , and NGN International, a global system integrator, analyzed cybersecurity landscape in Gulf countries in 2018. According to Group-IB’s annual Hi-Tech Crime Trends 2018 report, on average, from June 2017 to August 2018, the details of 1.8

Artificial Intelligence 64

Artificial Intelligence Government Banking Advertising 64

Krebs on Security

AUGUST 19, 2020

The COVID-19 epidemic has brought a wave of email phishing attacks that try to trick work-at-home employees into giving away credentials needed to remotely access their employers’ networks. The employee phishing page bofaticket[.]com. Image: urlscan.io.

Phishing 354

Phishing VPN Social Engineering Media 354

CyberSecurity Insiders

APRIL 5, 2023

North Korea has established a hacking group named APT43 to fund its cybercrime activities, aimed at advancing Pyongyang’s geopolitical interests. Additionally, a new spying team named Archipelago, a subset of APT43, has emerged and is using phishing tactics to tar-get potential victims.

Hacking 105

Hacking Social Engineering Cryptocurrency Healthcare 105

Krebs on Security

SEPTEMBER 6, 2021

In May 2015, KrebsOnSecurity briefly profiled “ The Manipulaters ,” the name chosen by a prolific cybercrime group based in Pakistan that was very publicly selling spam tools and a range of services for crafting, hosting and deploying malicious email. One of several current Fudtools sites run by The Manipulaters.

Software 232

Software Phishing Cybercrime Accountability 232

Security Affairs

APRIL 8, 2022

A Ukrainian man was sentenced in the US to 5 years in prison for his criminal activity in the cybercrime group FIN7. for high-level hacking activity in the cybercrime group FIN7 (aka Carbanak Group and the Navigator Group). Iarmak was involved in FIN7 criminal activities from approximately November 2016 through November 2018.

Cybercrime 106

Cybercrime Hacking Software Phishing 106

The Last Watchdog

JUNE 9, 2022

And, let’s be honest , the deceptive writing phishing assaults and other cyber threats today employ are skilled enough to fool even the most trained, internet-savvy experts. According to the Federal Trade Commission (FTC), seniors lost $500 each on computer tech assistance scams in 2018. Ever present threats. Debt relief scams.

Identity Theft 274

Identity Theft Scams Insurance Internet 274

Security Affairs

SEPTEMBER 4, 2021

FIN7 cybercrime gang used weaponized Windows 11 Alpha-themed Word documents to drop malicious payloads, including a JavaScript backdoor. Anomali Threat Research experts have monitored recent spear-phishing attacks conducted by financially motivated threat actor FIN7. The attack chain began with a Microsoft Word document (.doc)

Cybercrime 117

Cybercrime Retail Phishing Hacking 117

Security Affairs

OCTOBER 23, 2018

The latest version of the Azorult was delivered through the RIG exploit kit as well as other sources, previous variants were mainly distributed via weaponized Office documents as attachment of phishing messages. Later it was involved in many malspam attacks, but only in July 2018, the authors released a substantially updated variant. .

Marketing 78

Marketing Cybercrime Cryptocurrency Advertising 78

Security Affairs

JUNE 24, 2020

The CryptoCore group, aks Crypto-gang, “Dangerous Password”, and “Leery Turtle” has been active since 2018. “While the group’s key infiltration vector to the exchange is usually through spear-phishing against the corporate network, the executives’ personal email accounts are the first to be targeted.”

Cryptocurrency 103

Cryptocurrency Phishing Accountability Passwords 103

Security Affairs

FEBRUARY 12, 2020

The FBI’s Internal Crime Complaint Center (IC3) released the FBI 2019 Internet Crime Report , a document that outlines cybercrime trends over the past year. The figure that most of all capture our attention is that victims of cybercrime activities lost $3.5 SecurityAffairs – IC3, cybercrime). Billion in 2019. million. .

Internet 111

Internet Internet Scams Cybercrime 111

Security Affairs

JANUARY 2, 2020

” Crooks set up websites that look like related to the official movie, the websites are designed to deliver the malware or for phishing purposes. 2018 2019 Change Attacks detected 257,580 285,103 +10% Number of unique files 16,395 11,499 -30% Users targeted 50,196 37,772 -25%. Pierluigi Paganini.

Phishing 81

Phishing Malware Advertising Media 81

Security Affairs

JANUARY 30, 2023

Sports fashion retail JD Sports discloses a data breach that explosed data of about 10M customers who placed orders between 2018 and 2020. UK sports fashion chain JD Sports disclosed a data breach that exposed customer data from orders placed between November 2018 and October 2020. The affected JD Sports group brands are JD, Size?,

Data breaches 91

Data breaches Retail Passwords Scams 91

SecureList

FEBRUARY 23, 2022

The research in this report is a continuation of our previous annual financial threat reports ( 2018 , 2019 and 2020 ), providing an overview of the latest trends and key events across the threat landscape. Phishing: In 2021, 8.2% of users were hit by phishing. of all phishing schemes in 2021, compared to the 11.1%

Banking 94

Banking Phishing Cryptocurrency Malware 94

SC Magazine

FEBRUARY 17, 2021

Charges against one of the three were first brought in 2018. Park was already charged in 2018 for the WannaCry attacks, and the indictment expands charges against him for other hacking campaigns. The Department of Justice has unsealed an indictment against three members of Lazarus Group. Mario Tama/Getty Images).

Hacking 103

Hacking Cryptocurrency Banking Malware 103

Security Affairs

OCTOBER 11, 2023

.” Air Europa’s customers are recommended to remain vigilant, threat actors can use the compromised information in spear-phishing attacks and other fraud schemes. In 2021 Air Europa had been fined €600,000 for a data breach that took place in 2018 and that affected 489,000 customers.

Data breaches 106

Data breaches Banking Phishing Hacking 106

The Last Watchdog

JUNE 21, 2020

RaaS rollout 2015 – 2018. The GandCrab RaaS that appeared in early 2018 was one of the last high-profile threats targeting individuals on a large scale. It vanished from the radar in June 2018, when the ransomware plague took another sharp turn. Targeting enterprises Late 2018 – present day.

Ransomware 244

Ransomware Hacking Encryption Penetration Testing 244

Security Affairs

OCTOBER 18, 2020

Researchers from FireEye’s Mandiant observed FIN11 hackers using spear-phishing messages distributing a malware downloader dubbed FRIENDSPEAK. ” The attack chain starts when the victims enable the macro embedded in an Excel spreadsheet that came with the phishing e-mails. . ” reads the analysis published by FireEye.

Ransomware 132

Ransomware Malware Telecommunications Advertising 132

Security Affairs

FEBRUARY 8, 2022

The Roaming Mantis SMS phishing campaign is now targeting Android and iPhone users in Europe with malicious apps and phishing pages. Roaming Mantis surfaced in March 2018 when hacked routers in Japan redirecting users to compromised websites. ” concludes Kaspersky.

Phishing 86

Phishing DNS Malware Hacking 86

Security Affairs

NOVEMBER 15, 2018

Of course, the CBR does not have anything to do with the phishing campaign – the hackers faked the sender’s address. According to Group-IB’s report published in September 2018, Silence gang members presumably were or are legally employed as pentesters and reverse engineers. SSL certificates were not used for DKIM verification.

Banking 99

Banking Computers and Electronics Phishing Cybercrime 99

Malwarebytes

APRIL 19, 2022

These days, financial cybercrimes often involve Bitcoin and other cryptocurrencies. Since 2018, one of the Lazarus Group’s tactics has been to disguse AppleJeus malware as cryptocurrency trading platforms for both Windows and Mac. Spearphishing campaigns.

Social Engineering 121

Social Engineering Cryptocurrency Computers and Electronics Engineering 121