Krebs on Security

JULY 3, 2023

Here’s a look at the most recent incarnation of this scam — DomainNetworks — and some clues about who may be behind it. The Better Business Bureau listing for DomainNetworks gives it an “F” rating, and includes more than 100 reviews by people angry at receiving one of these scams via snail mail.

Scams 297

Scams Business Services Accountability Marketing 297

Krebs on Security

OCTOBER 18, 2023

In August 2023, security researcher Randy McEoin blogged about a scam he dubbed ClearFake , which uses hacked WordPress sites to serve visitors with a page that claims you need to update your browser before you can view the content. Previously, the group had stored its malicious update files on Cloudflare, Guard.io

Scams 337

Scams Malware Cryptocurrency Hacking 337

The Last Watchdog

AUGUST 21, 2023

Related: The rise of ‘SMS toll fraud’ The Bank of America scam serves as a prime example of how criminals exploit this technique. Victims of the Bank of America scam have shared their experiences, shedding light on the deceptive tactics employed by these fraudsters.

Scams 189

Scams Banking Accountability Authentication 189

Security Affairs

JUNE 9, 2025

“The funds were initially restrained in connection with an April 2023 indictment against Sim Hyon Sop (Sim), a North Korean Foreign Trade Bank (FTB) representative who was allegedly conspiring with the IT workers. accounts to hide their origins. His operations were raided in August 2023. sanctions placed on North Korea.”

Scams 99

Scams Identity Theft Cryptocurrency Accountability 99

Malwarebytes

DECEMBER 28, 2023

In 2023, the public primarily confronted two varieties of online scams: the technical and the topical. Technical scams abuse legitimate aspects of modern internet infrastructure to lead users to illegitimate or compromised sites. Topical scams, on the other hand, are simpler. OBN Brandon’s trick is almost always the same.

Scams 117

Scams Accountability Social Engineering Small Business 117

Krebs on Security

NOVEMBER 14, 2024

In December 2023, KrebsOnSecurity revealed the real-life identity of Rescator , the nickname used by a Russian cybercriminal who sold more than 100 million payment cards stolen from Target and Home Depot between 2013 and 2014. Mr. Shefel did not respond to requests for comment in advance of that December 2023 profile.

Retail 275

Retail Advertising Cryptocurrency Cybercrime 275

The Last Watchdog

DECEMBER 16, 2024

Gen AI threats and quantum computing exposures must be accounted for. Deepfake scams will escalate, with threat actors using AI to create convincing impersonations of executives, risking personal and corporate brands. Attacks targeting identities rose 71% last year, with valid accounts as the top entry point.

Cyber threats 264

Cyber threats CISO IoT Phishing 264

Malwarebytes

MAY 1, 2025

Phishing In phishing scams, cybercriminals trick people and businesses into handing over sensitive information like credit card numbers or login details for vital online accounts. Lured in by similar color schemes, company logos, and familiar layouts, victims log in to their account by entering their username and password.

Small Business 93

Small Business Cybersecurity Passwords Scams 93

Security Affairs

NOVEMBER 21, 2024

Scattered Spider members are part of a broader cybercriminal community called “The Com,” where hackers brag about high-profile cyber thefts, typically initiated through social engineering tactics like phone, email, or SMS scams to gain access to corporate networks. ” reads the press release published by DoJ. In January 2024, U.S.

Cybercrime 113

Cybercrime Identity Theft Cryptocurrency Phishing 113

Troy Hunt

SEPTEMBER 10, 2023

After recording this video, someone also pointed out that the data is already being abused in a pretty traceable fashion: @troyhunt not sure if this is particularly useful but I just received this scam attempt.

Data breaches 308

Data breaches Scams Accountability 308

Malwarebytes

SEPTEMBER 25, 2024

Romance scams continue to plague users, but their costs have risen to staggering heights, according to a Malwarebytes survey carried out last month via our weekly newsletter. However, with the return to in-person gatherings, our survey results show romance scams have hardly petered out. They conduct research, and follow a playbook.

Scams 144

Scams Media Cryptocurrency Internet 144

SecureList

MARCH 25, 2025

Note that for mobile banking malware, we retrospectively revised the 2023 numbers to provide more accurate statistics. We also changed the methodology for PC banking malware by removing obsolete families that no longer use Trojan banker functionality, hence the sharp drop in numbers against 2023. million in 2023.

Phishing 77

Phishing Banking Scams Mobile 77

SecureList

MAY 6, 2024

A significant share of scam, phishing and malware attacks is about money. With trillions of dollars of digital payments made every year, it is no wonder that attackers target electronic wallets, online shopping accounts and other financial assets, inventing new techniques and reusing good old ones. million detections compared to 5.04

Phishing 134

Phishing Banking Mobile Scams 134

Security Affairs

NOVEMBER 25, 2024

Thai authorities uncovered call center gangs using fake “02” numbers to deceive citizens into scams and fraudulent investments, generating over 700 million calls. Thai cyber police uncovered three companies using SIP Trunk technology to operate fake “02” numbers, generating 730 million scam calls.

Mobile 127

Mobile Scams Technology Telecommunications 127

Malwarebytes

DECEMBER 4, 2024

billion in 2023. Here’s what to look out for: Pig butchering scams. We have discussed the workings of pig butchering scams several times. Once the conversation starts, the scammer will slowly move to the subject of interesting “investments” with the goal of cleaning out your accounts. Advance fee scams.

Scams 122

Scams Cryptocurrency Accountability Password Management 122

Krebs on Security

MARCH 28, 2024

They happen when someone you know has their email account compromised, and you are suddenly dropped into an existing conversation between the sender and someone else. An analysis of the webpage reveals it would check any submitted credentials at the real Microsoft website, and return an error if the user entered bogus account information.

Phishing 316

Phishing Scams Accountability Passwords 316

SecureList

NOVEMBER 28, 2022

Although the main types of threats (phishing, scams, malware, etc.) Below, we present a number of key ideas about what the consumer-oriented threat landscape will look like in 2023, and describe how users could be lured into cybertraps with fake content and third-party apps. 2023 promises a wealth of new releases.

Education 137

Education Phishing Scams Social Engineering 137

Krebs on Security

APRIL 10, 2025

The moniker “Smishing Triad” comes from Resecurity , which was among the first to report in August 2023 on the emergence of three distinct mobile phishing groups based in China that appeared to share some infrastructure and innovative phishing techniques. Image: Ford Merrill. Image: Prodaft.

Phishing 247

Phishing Banking Mobile Retail 247

Krebs on Security

OCTOBER 31, 2023

The top-level domain for the United States — US — is home to thousands of newly-registered domains tied to a malicious link shortening service that facilitates malware and phishing scams, new research suggests. For example, when it was registered through NameSilo in July 2023, the domain 1ox[.]us US phishing domains.

Phishing 337

Phishing Telecommunications Malware Scams 337

The Hacker News

MAY 29, 2024

million through business email compromise (BEC) schemes and romance scams. Malachi Mullings, 31, of Sandy Springs, Georgia pleaded guilty to the money laundering offenses in January 2023. According to court documents, Mullings is said to have opened 20 bank accounts in the name of

Scams 124

Scams Banking Accountability 124

SecureList

MAY 27, 2024

Ways to deceive message board users There are two main types of message board scams. This type of fraud is known as scam 1.0 or a buyer scam , because the attacker poses as the seller to deceive the buyer. This is known as scam 2.0 or a seller scam , because the attacker deceives the seller posing as the buyer.

Scams 129

Scams Phishing Accountability Banking 129

Krebs on Security

JANUARY 25, 2024

And by most accounts, the threat from bad ads leading to backdoored software has subsided significantly compared to a year ago. ” In February 2023, Hegel co-authored a report on this same network, which Sentinel One has dubbed MalVirt (a play on “malvertising”). million advertiser accounts.

Software 327

Software Advertising Malware Accountability 327

Thales Cloud Protection & Licensing

OCTOBER 2, 2023

Cybersecurity Awareness Month 2023 – What it is and why we should be aware madhav Tue, 10/03/2023 - 05:33 The inception of Cybersecurity Awareness Month in 2004 came at a critical juncture in our technological history. emphasized collective action and individual accountability. Protect IT."

Cybersecurity 148

Cybersecurity Cyber threats Authentication Phishing 148

SecureList

JULY 5, 2023

A typical phishing scam aimed at a hot wallet user works as follows: hackers send email messages addressed as coming from a well-known crypto exchange and requesting the user to confirm a transaction or verify their wallet again. Connection to the WebSocket address Next, the user is offered to enter the address of their XRP account.

Scams 131

Scams Phishing Cryptocurrency Social Engineering 131

SecureList

MARCH 3, 2025

Adware, the most common mobile threat, accounted for 35% of total detections. In August 2024, researchers at ESET described a new NFC banking scam discovered in the Czech Republic. This was below the 2023 figure, but the difference was smaller than the year before. Verdict %* 2023 %* 2024 Difference in p.p. A total of 1.1

Mobile 116

Mobile Malware Adware Banking 116

SecureList

NOVEMBER 6, 2023

The Newzoo report for 2023 reveals that two in five — more than three billion — across the globe are gamers, which is 6.3 In this report, we provide our insights into the gaming-related threat landscape in 2023. Introduction and trends The gaming industry continues growing. percent more than last year.

Mobile 139

Mobile Phishing Accountability Scams 139

SecureList

FEBRUARY 26, 2024

The data for years preceding 2023 may differ from that published previously, as the calculation methodology was refined, and the data was retrospectively revised in 2023. The year in figures According to Kaspersky Security Network, in 2023: Our solutions blocked almost 33.8 million malware, adware, and riskware attacks.

Mobile 137

Mobile Malware Adware Banking 137

Security Affairs

JANUARY 11, 2024

The X account of cybersecurity firm Mandiant was likely hacked through a brute-force password attack, the company revealed. Last week, threat actors hacked the X account of cybersecurity firm Mandiant and used it to impersonate the Phantom crypto platform and share a cryptocurrency scam. Sorry, change password please.”

Accountability 139

Accountability Hacking Cryptocurrency Cybersecurity 139

Malwarebytes

OCTOBER 11, 2023

In other news, both LockBit and the Akira ransomware gang, the latter of which has tallied 125 victims since we first began tracking them in April 2023, were confirmed last month to be exploiting a specific zero-day flaw ( CVE-2023-20269 ) in Cisco VPN appliances. In September, they had a staggering 53 victims.

Ransomware 140

Ransomware Social Engineering Backups Engineering 140

SecureWorld News

MAY 14, 2025

billion in reported losses, a 33% increase from 2023, underscoring the escalating threat landscape faced by individuals and organizations alike. This demographic was frequently targeted by tech support scams, romance scams, and crypto investment frauds. The report highlights a staggering $16.6 billion in losses.

Cybercrime 71

Cybercrime Scams Internet Internet 71

Zero Day

JUNE 6, 2025

Collectively, they could easily put affected customers at risk for account takeovers and identity theft. Affecting "nearly all AT&T cellular customers," the company said at the time that the data included phone numbers and certain phone call data stemming from May 1, 2022, to October 31, 2022, and on January 2, 2023.

Password Management 128

Password Management Passwords Artificial Intelligence Software 128

Krebs on Security

FEBRUARY 28, 2024

The profile also linked to Mr. Lee’s Twitter/X account , which features the same profile image. Doug then messaged the Mr. Lee account on Telegram, who said there was some kind of technology issue with the video platform, and that their IT people suggested using a different meeting link. ” Image: SlowMist.

Malware 334

Malware Cryptocurrency Software Phishing 334

SecureList

JUNE 26, 2023

In this report, we have analyzed the key threats to small and medium-sized companies in 2022 and 2023, and provided advice on how to stay safe. Malware attacks Between January 1 and May 18, 2023, 2,392 SMB employees encountered malware or unwanted software disguised as business applications, with 2,478 unique files distributed this way.

Cybercrime 123

Cybercrime Phishing Banking Malware 123

Malwarebytes

FEBRUARY 4, 2025

And yet, if artificial intelligence achieves what is called an agentic model in 2025, novel and boundless attacks could be within reach, as AI tools take on the roles of agents that independently discover vulnerabilities, steal logins, and pry into accounts. Importantly, the attack methods here are not new. But sometimes the AI pushes back.

Artificial Intelligence 144

Artificial Intelligence Small Business Malware Technology 144

Malwarebytes

SEPTEMBER 13, 2023

They can do this becasue alongside the password vaults that were stolen, criminals also made off with customers' email addresses, as well as " basic customer account information", company names, end-user names, billing addresses, telephone numbers, and IP addresses. For us, data security is paramount.

Phishing 144

Phishing Accountability Passwords Password Management 144

Krebs on Security

AUGUST 4, 2023

The file included in this phishing scam uses what’s known as a “right-to-left override” or RLO character. The best advice to sidestep phishing scams is to avoid clicking on links that arrive unbidden in emails, text messages and other mediums.

Phishing 245

Phishing Scams Computers and Electronics Software 245

Security Affairs

FEBRUARY 2, 2025

Cybercriminals used the seized domains to run BEC scams, stealing credentials and redirecting payments. Those payments would instead be redirected to a financial account the perpetrators controlled, resulting in significant losses to victims.” The cybercrime group also offered training to its customers on how to use the tools.

Cybercrime 112

Cybercrime Advertising Phishing Hacking 112