Remove 2019 Remove Accountability Remove Web Fraud
article thumbnail

Two Charged in SIM Swapping, Vishing Scams

Krebs on Security

Two young men from the eastern United States have been hit with identity theft and conspiracy charges for allegedly stealing bitcoin and social media accounts by tricking employees at wireless phone companies into giving away credentials needed to remotely access and modify customer account information. Prosecutors say Jordan K.

Scams 358
article thumbnail

Pakistani Firm Shipped Fentanyl Analogs, Scams to US

Krebs on Security

” Dozens of top Axact employees were arrested, jailed, held for months, tried and sentenced to seven years for various fraud violations. But a 2019 research brief on Axact’s diploma mills found none of those convicted had started their prison sentence, and that several had fled Pakistan and never returned.

Scams 279
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Don’t Let Your Domain Name Become a “Sitting Duck”

Krebs on Security

The reason lame domains are problematic is that a number of Web hosting and DNS providers allow users to claim control over a domain without accessing the true owner’s account at their DNS provider or registrar. “We do shut down abusive accounts when we find them,” Job said. Image: Infoblox.

DNS 331
article thumbnail

Owners of 1-Time Passcode Theft Service Plead Guilty

Krebs on Security

Launched in November 2019, OTP Agency was a service for intercepting one-time passcodes needed to log in to various websites. Someone claiming to represent OTP Agency then posted several comments on the piece, wherein they claimed the story was libelous and that they were a legitimate anti-fraud service. A statement published Aug.

article thumbnail

Does Your Domain Have a Registry Lock?

Krebs on Security

On December 23, 2019, unknown attackers began contacting customer support people at OpenProvider , a popular domain name registrar based in The Netherlands. “But a registrar should not act on instructions coming from a random email address or other account that is not even connected to the domain in question.”

DNS 340
article thumbnail

Phishing Sites Targeting Scammers and Thieves

Krebs on Security

In late 2019, BriansClub changed its homepage to include doctored images of my Social Security and passport cards, credit report and mobile phone bill information. That was right after KrebsOnSecurity broke the news that someone had hacked BriansClub and siphoned information on 26 million stolen debit and credit accounts. Like Mitch.

Phishing 363
article thumbnail

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Krebs on Security

And in May of this year, GoDaddy disclosed that 28,000 of its customers’ web hosting accounts were compromised following a security incident in Oct. 2019 that wasn’t discovered until April 2020. This latest campaign appears to have begun on or around Nov. ” In the early morning hours of Nov. PST on Nov.