Krebs on Security

NOVEMBER 21, 2024

The targeted SMS scams asked employees to click a link and log in at a website that mimicked their employer’s Okta authentication page. In January 2024, KrebsOnSecurity broke the news that Urban had been arrested in Florida in connection with multiple SIM-swapping attacks. police as part of an FBI investigation into the MGM hack.

Identity Theft 268

Identity Theft Phishing Cryptocurrency Accountability 268

Security Affairs

FEBRUARY 3, 2025

The Russian-speaking Crazy Evil group runs over 10 social media scams, tricking victims into installing StealC, AMOS, and Angel Drainer malware. Security experts identified six Crazy Evil’s subteams, called AVLAND, TYPED, DELAND, ZOOMLAND, DEFI, and KEVLAND, which are running targeted scams for specific victim profiles.

Scams 86

Scams Media Cryptocurrency Cybercrime 86

SecureWorld News

MARCH 18, 2025

In recent months, a sophisticated scam has emerged, targeting drivers across the United States with fraudulent text messages about unpaid road tolls. Smishing scams like these follow a predictable yet highly effective, nefarious behavioral blueprintleveraging urgency, impersonation, and fear to manipulate victims into compliance.

Scams 84

Scams Mobile Phishing Education 84

Security Affairs

NOVEMBER 30, 2024

SpyLoan apps exploit social engineering to gain sensitive user data and excessive permissions, leading to extortion, harassment, and financial loss. Some of the malicious apps were promoted through deceptive advertising on social media. Some apps were suspended by Google from Google Play while others were updated by the developers.

Social Engineering 131

Social Engineering Media Mobile Scams 131

Webroot

MARCH 3, 2025

This month, take advantage of all that NCPW offers, including access to free tools and information that can help you identify and prevent online scams, fraud, and identity theft. The growing risks to your data During the third quarter of 2024, data breaches exposed more than 422 million records worldwide.

Consumer Protection 99

Consumer Protection Identity Theft Scams Social Engineering 99

SecureList

DECEMBER 17, 2024

In late October 2024, a new scheme for distributing a certain Android banking Trojan called “Mamont” was uncovered. Both scams targeted individual users only. We reported the scam accounts and channels to Telegram, but the messaging service had done nothing to block them at the time of writing this.

Scams 96

Scams Malware Social Engineering Banking 96

Security Affairs

DECEMBER 10, 2024

This social engineering scheme has been amplified by targeted phishing, smishing, and vishing activities, with a noticeable increase around the winter holidays. The Ministry of Human Resources and Emiratisation (MoHRE) has announced that December 2 and 3, 2024, will be official paid holidays for all private sector employees in the UAE.

Social Engineering 112

Social Engineering Phishing Banking DNS 112

Security Affairs

NOVEMBER 21, 2024

Scattered Spider members are part of a broader cybercriminal community called “The Com,” where hackers brag about high-profile cyber thefts, typically initiated through social engineering tactics like phone, email, or SMS scams to gain access to corporate networks. In January 2024, U.S.

Cybercrime 111

Cybercrime Identity Theft Cryptocurrency Phishing 111

Security Affairs

NOVEMBER 30, 2024

SpyLoan apps exploit social engineering to gain sensitive user data and excessive permissions, leading to extortion, harassment, and financial loss. Some of the malicious apps were promoted through deceptive advertising on social media. Some apps were suspended by Google from Google Play while others were updated by the developers.

Social Engineering 98

Social Engineering Media Scams Advertising 98

Identity IQ

JANUARY 11, 2024

New AI Scams to Look Out For in 2024 IdentityIQ Artificial intelligence (AI) has quickly reshaped many aspects of everyday life. Here are three new AI scams to look out for in 2024 as well as some tips to help protect yourself and stay prepared for the explosive development of AI.

Scams 98

Scams Artificial Intelligence Identity Theft Phishing 98

eSecurity Planet

MAY 16, 2025

The stolen information was then used in social engineering scams that tricked users into giving away their crypto. Extra ID checks and scam-awareness prompts for suspicious accounts. Meanwhile, blockchain investigator ZachXBT estimated that social engineering scams cost Coinbase users $300M+ annually.

Social Engineering 70

Social Engineering Scams Accountability Engineering 70

BH Consulting

NOVEMBER 14, 2024

There was no doubting the one topic on almost everyone’s minds at IRISSCON 2024: AI. How AI assists financial fraud One area where AI can be effective in helping criminals is in creating scams using impersonation. The result, as ever, was presentations strong on realism and common sense, short on sales hype and scaremongering.

Artificial Intelligence 64

Artificial Intelligence Ransomware Social Engineering Cybersecurity 64

Troy Hunt

FEBRUARY 23, 2024

However, I don't fall for the scams because I look for the warning signs: a sense of urgency, fear of missing out, and strange URLs that look nothing like any parcel delivery service I know of. Urgency is a core tenet of social engineering as it encourages people to act without properly thinking it though. Parcel or phish?

Phishing 363

Phishing Scams Banking Social Engineering 363

Security Boulevard

JANUARY 20, 2025

Successful exploitation requires social engineering users into manipulating a specially crafted file. Under the cloak of UEFI Secure Boot: Introducing CVE-2024-7344 welivesecurity (ESET) CVE-2024-7344. Approximately 70% of observed malware cases in 2024 derived from browser-based malware.

Surveillance 97

Surveillance Malware Data breaches Phishing 97

eSecurity Planet

FEBRUARY 26, 2025

The research found a sharp rise in mobile phishing attacks, with cybercriminals moving away from traditional email scams in favor of SMS-based attacks. Zimperium found that mishing activity peaked in August 2024, with over 1,000 daily attacks recorded.

Phishing 86

Phishing Mobile Social Engineering Data breaches 86

The Last Watchdog

DECEMBER 18, 2024

To wrap up our 2024 year-end roundtable, we turn our attention to new technologies and trends that are emerging to help bridge the gaps. Amini Pedram Amini , Chief Scientist, Opswat The sophistication and abuse of AI are escalating as costs drop, driving a surge in ML-assisted scams and attacks on physical devices.

Risk 173

Risk Threat Detection Technology Phishing 173

IT Security Guru

DECEMBER 20, 2023

Thomas McCarthy, CEO of OSP Cyber Academy : AI will be weaponised by attackers and defenders “If 2023 was the year that tech companies revolutionised AI, 2024 will be the year attackers weaponise it. These scams will be highly convincing, down to the spelling, font, and tone of a legitimate brand, so internet users will fall victim at scale.

Cybersecurity 142

Cybersecurity Phishing Scams Cloud Migration 142

Krebs on Security

JANUARY 30, 2024

9, 2024, U.S. 2022 that an intrusion had exposed a “limited number” of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials. In mid-January 2024, several Leaked[.]cx technology companies during the summer of 2022. Twilio disclosed in Aug.

Social Engineering 359

Social Engineering Mobile Cybercrime Passwords 359

The Last Watchdog

APRIL 2, 2024

It’s a digital swindle as old as the internet itself, and yet, as the data tells us, the vast majority of security incidents are still rooted in the low-tech art of social engineering. Related: AI makes scam email look real Fresh evidence comes from Mimecast’s “The State of Email and Collaboration Security” 2024 report.

Social Engineering 211

Social Engineering Technology Accountability Engineering 211

Malwarebytes

DECEMBER 28, 2023

In 2023, the public primarily confronted two varieties of online scams: the technical and the topical. Technical scams abuse legitimate aspects of modern internet infrastructure to lead users to illegitimate or compromised sites. Topical scams, on the other hand, are simpler. We know these scams all too well.

Scams 116

Scams Accountability Social Engineering Small Business 116

Digital Shadows

NOVEMBER 26, 2024

Key Points Phishing incidents rose during the reporting period (August 1 to October 31, 2024), accounting for 46% of all customer incidents. Top Techniques: A Closer Look Phishing Techniques: The Evergreen Threat in Cybersecurity Initial access methods were the most common MITRE ATT&CK techniques between May and July 2024.

Cyber Attacks 59

Cyber Attacks Phishing Ransomware Cyber Insurance 59

Digital Shadows

JANUARY 27, 2025

Key Findings 2024 was the year cyber threats got quicker. Our research reveals 2024 saw a 22% increase in attack speed compared to 2023, with the fastest incident achieving lateral movement in just 27 minutes. Among the 2024 hands-on-keyboard incidents we analyzed, 50% of them used valid or exposed credentials for initial access.

Scams 76

Scams Ransomware Accountability Social Engineering 76

Thales Cloud Protection & Licensing

NOVEMBER 26, 2024

Protecting Retailers Against Cyber Risks on Black Friday and Cyber Monday josh.pearson@t… Tue, 11/26/2024 - 08:01 As Black Friday and Cyber Monday loom, the stakes for retailers extend far beyond enticing deals and record sales. With retail sales during 2024 set to grow to between $5.23 trillion and $5.28 trillion and $5.28

Retail 71

Retail Cyber Risk Risk DDOS 71

Security Boulevard

FEBRUARY 5, 2024

The post Top 2024 Scams: The top predicted scams for this year appeared first on Click Armor. The post Top 2024 Scams: The top predicted scams for this year appeared first on Security Boulevard.

Scams 59

Scams Social Engineering CISO Engineering 59

Security Affairs

APRIL 7, 2025

Scattered Spider members are part of a broader cybercriminal community called The Com, where hackers brag about high-profile cyber thefts, typically initiated through social engineering tactics like phone, email, or SMS scams to gain access to corporate networks. In January 2024, U.S.

Cybercrime 67

Cybercrime Identity Theft Social Engineering Hacking 67

Security Boulevard

JANUARY 2, 2024

This past year set a profound stage, from the advent of stringent cyber regulations to the convergence of generative AI, social engineering, and ransomware. Let's delve into the rewind of 2023, exploring five influential trends and threats that molded the cyberthreat landscape and are poised to resonate throughout enterprises in 2024.

CISO 104

CISO Social Engineering Architecture Ransomware 104

IT Security Guru

JUNE 11, 2024

This article will delve into how AI can be manipulated by cyber attackers for scams, particularly ones that affect businesses. NCSC, 2024) Below are some of AI assisted cyber-attacks you should be aware of. What is AI Voice Scamming? Online] Available at: [link] NCSC, 2024. Online] Available at: [link] [Accessed 2024].

Cyber Attacks 138

Cyber Attacks Scams Artificial Intelligence Social Engineering 138

SecureList

JANUARY 30, 2025

Introduction Since mid-2024, we’ve observed a malicious Android campaign leveraging wedding invitations as a lure to social-engineer victims into installing a malicious Android app (APK), which we have named “Tria Stealer” after unique strings found in campaign samples.

Accountability 100

Accountability Malware Banking Phishing 100

Security Affairs

FEBRUARY 9, 2025

What are the risks? US Justice Department says cybercrime forum allegedly affected 17 million Americans Cybercrime is increasingly complex.

Spyware 62

Spyware Cybercrime Scams Social Engineering 62

Tech Republic Security

APRIL 25, 2025

Mandiant, which was acquired by Google Cloud in 2022, paints a picture of global cyber threats from last year in order to help readers be better prepared this year.

Cyber threats 83

Cyber threats Social Engineering Scams Engineering 83

Digital Shadows

OCTOBER 23, 2024

Key Points In October 2024, ReliaQuest responded to an intrusion affecting a manufacturing sector customer. The attacker gained initial access to two employee accounts by carrying out social engineering attacks on the organization’s help desk twice. Editor’s note: James Xiang and Hayden Evans contributed to this blog.

Social Engineering 122

Social Engineering Engineering Accountability Backups 122

Security Affairs

JUNE 17, 2024

He was not immediately… — vx-underground (@vxunderground) June 15, 2024 According to the Spanish police, the man once controlled Bitcoins worth $27 million. . In January 2024, U.S. The individual arrested as a 22-year-old male from the United Kingdom. ” states KrebsOnSecurity.

Cybercrime 130

Cybercrime Hacking Social Engineering Cryptocurrency 130

Security Affairs

JULY 22, 2024

Read more about the arrest here: [link] pic.twitter.com/AshG1Om0ts — FBI (@FBI) July 19, 2024 The 17-year-old boy was arrested in connection with the global cyber online crime group, Scattered Spider , that has been targeting large organisations with ransomware and gaining access to computer networks. In January 2024, U.S.

Cybercrime 135

Cybercrime Social Engineering Hacking Scams 135

Security Affairs

SEPTEMBER 8, 2024

Quishing, an insidious threat to electric car owners Google fixed actively exploited Android flaw CVE-2024-32896 Discontinued D-Link DIR-846 routers are affected by code execution flaws. Replace them!

Data breaches 124

Data breaches Artificial Intelligence Social Engineering Hacking 124

Security Affairs

JANUARY 12, 2025

CISA adds Oracle WebLogic Server and Mitel MiCollab flaws to its Known Exploited Vulnerabilities catalog Threat actors breached the Argentinas airport security police (PSA) payroll Moxa router flaws pose serious risks to industrial environmets US adds Tencent to the list of companies supporting Chinese military Eagerbee backdoor targets govt entities (..)

Data breaches 62

Data breaches Phishing Social Engineering Engineering 62

Hacker's King

OCTOBER 2, 2024

In this article, we will explore how scams on Instagram or Social media are increasingly being carried out using deepfake videos. As synthetic media technologies evolve, cybercriminals are leveraging deepfakes to create highly realistic but fake videos, manipulating users and orchestrating sophisticated social engineering attacks.

Media 52

Media Scams Social Engineering Engineering 52

Malwarebytes

MAY 8, 2025

After entering their credentials, victims are social engineered by the crooks to type a security code that was sent to their email address. The earliest use we could find goes back to July 2024, but it appears to have flown under the radar. Pusher WebSockets Worker.js library kel.js / otp.js / auth.js/jquery.js

Phishing 104

Phishing Authentication Engineering Banking 104