Krebs on Security

NOVEMBER 9, 2024

One English-speaking cybercriminal who goes by the nicknames “ Pwnstar ” and “ Pwnipotent ” has been selling fake EDR services on both Russian-language and English cybercrime forums. Matt Donahue is the former FBI agent who founded Kodex in 2021. ” An ad from Pwnstar for fake EDR services.

Hacking 294

Hacking Accountability Government Social Engineering 294

Security Boulevard

DECEMBER 23, 2021

Cybercrime is here, it is dynamic and it is not going anywhere. The Anti-Phishing Working Group (APWG) hosted its 16th annual Electronic Crime Research symposium, APWG eCrime 2021 in early December. The post APWG’s eCrime 2021 Symposium Shows Cybercrime Evolving appeared first on Security Boulevard.

Cybercrime 141

Cybercrime Phishing Cybersecurity Social Engineering 141

Krebs on Security

APRIL 3, 2024

Roughly nine years ago, KrebsOnSecurity profiled a Pakistan-based cybercrime group called “ The Manipulaters ,” a sprawling web hosting network of phishing and spam delivery platforms. Manipulaters advertisement for “Office 365 Private Page with Antibot” phishing kit sold on the domain heartsender,com.

Phishing 299

Phishing Cybercrime Malware Advertising 299

Krebs on Security

AUGUST 17, 2023

You’ve probably never heard of “ 16Shop ,” but there’s a good chance someone using it has tried to phish you. A 16Shop phishing page spoofing Apple and targeting Japanese users. Image: Akamai.com. The INTERPOL statement says the platform sold hacking tools to compromise more than 70,000 users in 43 countries.

Phishing 242

Phishing Passwords Hacking Insurance 242

Security Affairs

MAY 13, 2025

A 45-year-old foreign man has been arrested in Moldova for allegedly participating in ransomware attacks on Dutch companies in 2021. He is internationally wanted for multiple cybercrime, including ransomware attacks, blackmail, and money laundering, targeting Dutch companies. million in damage. million euros.” million euros.”

Ransomware 108

Ransomware Cybercrime Malware Banking 108

Security Affairs

MAY 1, 2025

The FBI shared 42K phishing domains tied to LabHost, a PhaaS platform shut down in April 2024, to boost awareness and help identify compromises. The FBI shared a list of 42,000 domains registered from November 2021 to Apr 2024, linked to LabHost to raise awareness and aid in threat detection.

Phishing 75

Phishing Banking Threat Detection Authentication 75

Security Affairs

JANUARY 18, 2020

I’m preparing the slides for my next speech and I decided to create this post while searching for interesting cybercrime statistics in 2020. Cybercrime will cost as much as $6 trillion annually by 2021. The global expense for organizations to protect their systems from cybercrime attacks will continue to grow.

Cybercrime 144

Cybercrime Small Business Data breaches Mobile 144

Security Affairs

JULY 12, 2022

A large-scale phishing campaign used adversary-in-the-middle (AiTM) phishing sites to hit more than 10,000 organizations. In AiTM phishing, threat actors set up a proxy server between a target user and the website the user wishes to visit, which is the phishing site under the control of the attackers.

Phishing 144

Phishing Authentication Social Engineering Passwords 144

Security Affairs

FEBRUARY 3, 2025

Since 2021, the Crazy Evil gang has become a major cybercriminal group, using phishing, identity fraud, and malware to steal cryptocurrency. Active since 2021, the group amassed over 3,000 followers on its public Telegram CrazyEvilCorp channel. Crazy Evil has earned over $5 million through phishing scams since 2021.

Scams 85

Scams Media Cryptocurrency Cybercrime 85

Security Affairs

JUNE 13, 2021

The Anti-Phishing Working Group (APWG) revealed that the number of phishing websites peaked at record levels in the first quarter of 2021. The Anti-Phishing Working Group (APWG) has published its new Phishing Activity Trends Report related to the first quarter of 2021.

Phishing 126

Phishing Advertising Cryptocurrency Encryption 126

Krebs on Security

MAY 7, 2025

In November 2021, the USPTO accused Abtach of perpetrating “an egregious scheme to deceive and defraud applicants for federal trademark registrations by improperly altering official USPTO correspondence, overcharging application filing fees, misappropriating the USPTOs trademarks, and impersonating the USPTO.”

Scams 270

Scams Marketing Advertising Technology 270

SecureList

OCTOBER 20, 2021

Having been in the field for so long, we have witnessed some major changes in the cybercrime world’s modus operandi. This report shares our insights into the Russian-speaking cybercrime world and the changes in how it operates that have happened in the past five years.

Cybercrime 145

Cybercrime Banking Malware Ransomware 145

Security Affairs

JUNE 7, 2021

. “Over the past month, operators of one of the top Russian-language cybercrime forums have been running a “contest,” calling for the community to submit papers that examine how to target cryptocurrency-related technology.” ” reads a post published by Intel 471. ” Follow me on Twitter: @securityaffairs and Facebook.

Cryptocurrency 144

Cryptocurrency Cybercrime Hacking Technology 144

SecureList

FEBRUARY 23, 2022

The year 2021 was eventful in terms of digital threats for organizations and individuals, and financial institutions were no exception. share in 2020 to the second most common in 2021 with 12.2%. The mass change in cybercriminals’ objectives and methods seen in 2020 continued in 2021. Phishing: In 2021, 8.2%

Banking 141

Banking Phishing Cryptocurrency Malware 141

Security Affairs

MAY 27, 2022

The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors to access their networks. Crooks obtain the information by conducting spear-phishing and ransomware attacks, or other means. ” reads the alert published by the FBI. Pierluigi Paganini.

Cybercrime 145

Cybercrime Education Accountability Phishing 145

Krebs on Security

NOVEMBER 22, 2021

“According to this actor, he had originally intended to send his targets—all senior-level executives—phishing emails to compromise their accounts, but after that was unsuccessful, he pivoted to this ransomware pretext,” Abnormal’s Crane Hassold wrote. Source: FBI/IC3 2020 Internet Crime Report.

Scams 331

Scams Cybercrime Banking Identity Theft 331

SecureWorld News

MARCH 15, 2023

The FBI's Internet Crime Complaint Center (IC3) has released its 2022 Internet Crime Report , which reveals the trends and impacts of cybercrime in the United States. The report shows that phishing schemes were the most common type of cybercrime reported by victims in 2022, with 300,497 complaints. billion for BEC attacks.

Cybercrime 136

Cybercrime Scams Cryptocurrency Identity Theft 136

SecureList

MARCH 24, 2022

What are phishing kits? One of the most common tricks scammers use in phishing attacks is to create a fake official page of a famous brand. Even phishing page domain name can often look like the real web address of a certain brand, as cybercriminals include the name of the company or service they are posing as in the URL.

Phishing 143

Phishing Marketing Banking Technology 143

Security Boulevard

APRIL 20, 2021

As we head deeper into 2021, it’s beginning to feel like there’s a light at the end of the tunnel and we can all take a deep breath. Last year also saw record number cybercrime complaints, with the FBI […]. The post Ransomware 2021 has evolved. The post Ransomware 2021 has evolved. first appeared on Untangle.

Network Security 145

Network Security Ransomware Cybercrime Phishing 145

Security Affairs

NOVEMBER 11, 2023

The Royal Malaysian Police announced the seizure of the notorious BulletProftLink phishing-as-a-service (PhaaS) platform. The Royal Malaysian Police announced to have dismantled the notorious BulletProftLink phishing-as-a-service (PhaaS) platform. The operation was first documented on OSINT Fans by Gabor Szathmari in October 2020.

Phishing 143

Phishing Cybercrime Advertising Hacking 143

Security Affairs

JUNE 21, 2022

Experts identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. USA) has identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. 1 – Example of Phishing Page Delivered by Azure Front Door (AFD).

Phishing 145

Phishing Accountability Hacking Scams 145

SecureList

APRIL 5, 2023

Common users are not the only ones who have recognized the messaging app’s handy features — cybercrooks have already made it a branch of the dark web, their Telegram activity soaring since late 2021. ” Links to the channels are spread via YouTube, GitHub and phishing kits they make.

Phishing 144

Phishing Marketing Scams Accountability 144

Krebs on Security

SEPTEMBER 2, 2024

KrebsOnSecurity profiled OTP Agency in a February 2021 story about arrests tied to another phishing-related service based in the U.K. Someone claiming to represent OTP Agency then posted several comments on the piece, wherein they claimed the story was libelous and that they were a legitimate anti-fraud service.

Accountability 312

Accountability Banking Passwords Scams 312

Security Affairs

MAY 13, 2024

Experts reported that since April, the Phorpiex botnet sent millions of phishing emails to spread LockBit Black ransomware. In December 2021, experts at Check Point Research observed the resurgence of the Phorpiex botnet. Reference the provided resources for establishing DMARC authentication.

Phishing 133

Phishing Ransomware Security Awareness Authentication 133

Krebs on Security

JANUARY 19, 2023

In August 2021, T-Mobile acknowledged that hackers made off with the names, dates of birth, Social Security numbers and driver’s license/ID information on more than 40 million current, former or prospective customers who applied for credit with the company.

Mobile 339

Mobile Accountability Data breaches Identity Theft 339

eSecurity Planet

SEPTEMBER 3, 2021

Cybercriminals are using Salesforce’s mass email service to dupe people into handing over credit card numbers, credentials and other personal information in a novel phishing campaign that highlights the threats to corporate networks that can come from whitelisted email addresses. Therein lies a key issue raised by the phishing campaign.

Phishing 142

Phishing Architecture Education Marketing 142

SecureList

AUGUST 23, 2021

billion USD in 2021, which is slightly less than the total revenue in 2020 but still significantly above the pre-pandemic figures. billion to $120 billion of the revenue in 2021, which is more than half of the estimated gaming industry value. billion in the first half of 2021. billion in the first half of 2021.

Adware 140

Adware Mobile Malware Phishing 140

Security Affairs

JUNE 19, 2025

With over 16 billion login records exposed, cybercriminals now have unprecedented access to personal credentials that can be used for account takeover, identity theft, and highly targeted phishing. The datasets, briefly exposed via unsecured servers, now pose major risks, fueling phishing, ransomware, and account takeovers.

Data breaches 113

Data breaches Identity Theft Passwords Malware 113

Security Affairs

MAY 2, 2021

The Threat Report Portugal: Q1 2021 compiles data collected on the malicious campaigns that occurred from January to March, Q1, of 2021. Threat Report Portugal Q1 2021: Phishing and malware by numbers. The submissions were classified as either phishing or malware. Phishing and Malware Q1 2021.

Threat Reports 108

Threat Reports Phishing Data collection Malware 108

Webroot

FEBRUARY 22, 2022

According to the latest ISACA State of Security 2021 report , social engineering is the leading cause of compromises experienced by organizations. Findings from the Verizon 2021 Data Breach Investigations Report also point to social engineering as the most common data breach attack method. Oversharing personal information online.

Social Engineering 116

Social Engineering Engineering Cybercrime Hacking 116

Security Affairs

NOVEMBER 7, 2021

The phishing messages use mortgage payments as a lure, they have the subject “Re: Payoff Request.”. The phishing message was sent from a legitimate individual’s compromised email account. The phishing pages were hosted on the “greenleafproperties[.]co[.]uk” uk” domain, which was updated in April 2021. Pierluigi Paganini.

Phishing 141

Phishing Social Engineering Accountability Engineering 141

eSecurity Planet

APRIL 23, 2021

Since 2017, host Jack Rhysider has investigated some of the most noteworthy stories related to the darkside of the internet, specifically hacking, data breaches, and cybercrime. Through interviews and research, Ran connects the dots between the early days of cybercrime and today’s stories of data hacks and breaches.

Cybersecurity 144

Cybersecurity InfoSec Cybercrime Hacking 144

Herjavec Group

AUGUST 26, 2021

We can learn a lot from the cybercrime of the past…the history of cybercrime is a glimpse into what we can expect in the future. In the past 18 months, we’ve experienced the beginning of an era that has seen cybersecurity and cybercrime at the center of it all. Dateline Cybercrime . Robert Herjavec.

Cybercrime 135

Cybercrime Computers and Electronics Banking Hacking 135

Security Affairs

JUNE 17, 2021

UNC2465 cybercrime group that is affiliated with the Darkside ransomware gang has infected with malware the website of a CCTV camera vendor. “The intrusion that is detailed in this post began on May 18, 2021, which occurred days after the publicly reported shutdown of the overall DARKSIDE program ( Mandiant Advantage background ).

Cybercrime 112

Cybercrime Ransomware Antivirus Software 112

Security Affairs

AUGUST 20, 2022

TA558 cybercrime group is behind a malware campaign targeting hospitality, hotel, and travel organizations in Latin America. Researchers from Proofpoint are monitoring a malware campaign conducted by a cybercrime group, tracked as TA558, that is targeting hospitality, hotel, and travel organizations in Latin America.

Cybercrime 98

Cybercrime Malware Phishing Internet 98

SecureWorld News

MARCH 28, 2022

While it should come as no surprise that cybercrime broke pretty much every record in 2021, the actual numbers behind the crimes are quite revealing. Cybercrime in the last five years. The first section of the report provides an overview of what cybercrime has looked like in the last five years. Ransomware in 2021.

Internet 96

Internet Internet Cybercrime Ransomware 96

Security Affairs

NOVEMBER 12, 2021

Threat actors are increasingly using the HTML smuggling technique in phishing campaigns, Microsoft researchers warn. Microsoft experts warn that threat actors are increasingly using the HTML smuggling technique in phishing campaigns to stealthily deliver threats. — Microsoft Security Intelligence (@MsftSecIntel) July 23, 2021.

Phishing 131

Phishing Banking Passwords Firewall 131