Remove 2024 Remove Cryptocurrency Remove Phishing
article thumbnail

A Day in the Life of a Prolific Voice Phishing Crew

Krebs on Security

Besieged by scammers seeking to phish user accounts over the telephone, Apple and Google frequently caution that they will never reach out unbidden to users this way. KrebsOnSecurity recently told the saga of a cryptocurrency investor named Tony who was robbed of more than $4.7 million in an elaborate voice phishing attack.

Phishing 352
article thumbnail

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Krebs on Security

A visual depiction of the attacks by the SMS phishing group known as Scattered Spider, and Oktapus. Some SMS phishing messages told employees their VPN credentials were expiring and needed to be changed; other phishing messages advised employees about changes to their upcoming work schedule. com and ouryahoo-okta[.]com.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

How to Lose a Fortune with Just One Bad Click

Krebs on Security

Adam Griffin is still in disbelief over how quickly he was robbed of nearly $500,000 in cryptocurrencies. Unfortunately for Griffin, years ago he used Google Photos to store an image of the secret seed phrase that was protecting his cryptocurrency wallet. I put my seed phrase into a phishing site, and that was it.”

article thumbnail

Happy 15th Anniversary, KrebsOnSecurity!

Krebs on Security

Maybe it’s indelicate to celebrate the birthday of a cybercrime blog that mostly publishes bad news, but happily many of 2024’s most engrossing security stories were about bad things happening to bad guys. In case you missed any of them, here’s a recap of 2024’s most-read stories.

Scams 258
article thumbnail

Alleged ‘Scattered Spider’ Member Extradited to U.S.

Krebs on Security

Buchanan was arrested in Spain last year on a warrant from the FBI, which wanted him in connection with a series of SMS-based phishing attacks in the summer of 2022 that led to intrusions at Twilio, LastPass, DoorDash, Mailchimp, and many other tech firms. A Scattered Spider/0Ktapus SMS phishing lure sent to Twilio employees in 2022.

article thumbnail

Mobile malware evolution in 2024

SecureList

The statistics for previous years may differ from earlier publications due to a data and methodology revision implemented in 2024. The year in figures According to Kaspersky Security Network, in 2024: A total of 33.3 The year’s trends In 2024, cybercriminals launched a monthly average of 2.8 A total of 1.1

Mobile 112
article thumbnail

Interpol: Operation HAECHI-V led to more than 5,500 suspects arrested

Security Affairs

Operation HAECHI V (July-Nov 2024) targeted cyber frauds like phishing, romance scams, sextortion, investment fraud, online gambling, BEC, and e-commerce fraud. Korean and Chinese authorities dismantled a voice phishing syndicate that caused $1.1B in losses to 1,900+ victims. The operation led to 27 arrests and 19 indictments.