Krebs on Security

NOVEMBER 1, 2024

” “That said, the phishing attacks stem from partners’ machines being compromised with malware, which has enabled them to also gain access to the partners’ accounts and to send the messages that your reader has flagged,” they continued. A scan of social media networks showed this is not an uncommon scam.

Phishing 276

Phishing Accountability Artificial Intelligence Cybercrime 276

Joseph Steinberg

NOVEMBER 30, 2021

While evildoers perpetrate charity-related scams throughout the year, they know that the holiday spirit in general, and the concentrated focus on charity on Giving Tuesday specifically, both improve their odds of success. Here are 9 ways to protect against charity-related scams: 1. Confirm that a charity is real.

Scams 363

Scams Artificial Intelligence Media Cryptocurrency 363

Krebs on Security

AUGUST 28, 2020

Email service provider Sendgrid is grappling with an unusually large number of customer accounts whose passwords have been cracked, sold to spammers, and abused for sending phishing and email malware attacks. “And I just am not seeing anything this egregious in terms of viruses and spams from the other email service providers.”

Accountability 361

Accountability Hacking Authentication Marketing 361

SecureWorld News

DECEMBER 4, 2024

Brands, particularly major retailers like those analyzed, invest significantly in protecting themselves and their customers from scams and cyberattacks, and often step up those measures for the holiday period. This makes it easier to spot and shut down fake accounts and copycat websites.

Retail 116

Retail Scams Phishing Cyber threats 116

Krebs on Security

JANUARY 7, 2025

Besieged by scammers seeking to phish user accounts over the telephone, Apple and Google frequently caution that they will never reach out unbidden to users this way. The phishers also abused legitimate Google services to send Tony an email from google.com, and to send a Google account recovery prompt to all of his signed-in devices.

Phishing 338

Phishing Cryptocurrency Accountability Social Engineering 338

eSecurity Planet

MAY 11, 2025

Technical support consultant using programming to upgrade artificial intelligence simulation model As AI tools boom in popularity, cyberthieves are exploiting the excitement with fake AI video editing platforms that lure users into downloading malware. One post alone racked up over 62,000 views, showing how wide the scam has spread.

Malware 103

Malware Scams Media Artificial Intelligence 103

Krebs on Security

OCTOBER 18, 2023

One of the oldest malware tricks in the book — hacked websites claiming visitors need to update their Web browser before they can view any content — has roared back to life in the past few months. “The team is committed to ongoing monitoring of addresses that are involved in spreading malware scripts on the BSC. .

Scams 337

Scams Malware Cryptocurrency Hacking 337

Malwarebytes

MAY 28, 2025

Cybercriminals are taking advantage of the publics interest in Artificial Intelligence (AI) and delivering malware via text-to-video tools. ” To avoid detection, the group constantly rotates the domain used in the ads and creates new ads every day, while using both compromised and newly created accounts.

Malware 108

Malware Scams Artificial Intelligence Media 108

Malwarebytes

MARCH 17, 2025

Instead of converting files, the tools actually load malware onto victims computers. The FBI warned specifically about that malware leading to ransomware attacks, but we’ve also seen similar sites that install browser hijackers, adware, and potentially unwanted programs (PUPs). This is the actual malware. Imageconvertors[.]com

Malware 135

Malware Adware Education Phishing 135

Krebs on Security

JANUARY 31, 2025

The FBI and authorities in The Netherlands this week seized dozens of servers and domains for a hugely popular spam and malware dissemination service operating out of Pakistan. “Those payments would instead be redirected to a financial account the perpetrators controlled, resulting in significant losses to victims,” the DOJ wrote.

Phishing 272

Phishing Cybercrime Advertising Malware 272

Malwarebytes

NOVEMBER 18, 2024

Accounting software QuickBooks , by Intuit, is a popular target for India-based scammers, only rivaled for top spot by the classic Microsoft tech support scams. This is always dangerous and you should be extremely cautious if you’ve already let someone access your computer.

Scams 139

Scams Antivirus Software Passwords 139

Malwarebytes

MARCH 31, 2025

Were forever investigating new scams here at Malwarebytes, and so we get how hard it is to know whator whoto trust online. Theres the scam that takes advantage of grieving people and tricks them into paying for a funeral live stream. Theres the fake CAPTCHA that hijacks clipboards and tricks users into installing malware.

Scams 137

Scams Passwords Accountability Password Management 137

Malwarebytes

JANUARY 3, 2025

The archives are offered for download on various locations like Dropbox, Catbox, and often on the Discord content delivery network (CDN), by using compromised accounts which add extra credibility. One of the main interests for the stealers seem to be Discord credentials which can be used to expand the network of compromised accounts.

Scams 139

Scams Identity Theft Cryptocurrency Accountability 139

SecureList

MARCH 3, 2025

million attacks involving malware, adware or unwanted mobile software were prevented. Adware, the most common mobile threat, accounted for 35% of total detections. million malware, adware or unwanted software attacks targeting mobile devices. The SpyNote RAT was occasionally used as the malware dropper and NFC activator.

Mobile 115

Mobile Malware Adware Banking 115

Webroot

MAY 9, 2025

Little do you know, clicking that link could open the door for scammers to steal your identity, empty your bank account, or even plant malicious software (malware) on your device. Text scams, also known as smishing (SMS + phishing ), are on the rise. Task scams Task scams are fake job opportunities.

Scams 72

Scams Mobile Banking VPN 72

Krebs on Security

FEBRUARY 28, 2024

But clicking the meeting link provided by the scammers prompts the user to run a script that quietly installs malware on macOS systems. The profile also linked to Mr. Lee’s Twitter/X account , which features the same profile image. Sure, Doug said, here’s my Calendly profile, book a time and we’ll do it then.

Malware 334

Malware Cryptocurrency Software Phishing 334

Security Affairs

FEBRUARY 3, 2025

The Russian-speaking Crazy Evil group runs over 10 social media scams, tricking victims into installing StealC, AMOS, and Angel Drainer malware. Since 2021, the Crazy Evil gang has become a major cybercriminal group, using phishing, identity fraud, and malware to steal cryptocurrency. Victim losses range from $0.10

Scams 84

Scams Media Cryptocurrency Cybercrime 84

Krebs on Security

MAY 18, 2020

Almost daily now there is news about flaws in commercial software that lead to computers getting hacked and seeded with malware. Here’s a look at one long-lived malware vulnerability testing service that is used and run by some of the Dark Web’s top cybercriminals. RedBear’s profile on the Russian-language xss[.]is

Malware 360

Malware Cybercrime Ransomware Marketing 360

Google Security

MAY 8, 2025

Posted by Jasika Bawa, Andy Lim, and Xinghui Lu, Google Chrome Security Tech support scams are an increasingly prevalent form of cybercrime, characterized by deceptive tactics aimed at extorting money or gaining unauthorized access to sensitive data. Chrome has always worked with Google Safe Browsing to help keep you safe online.

Scams 92

Scams Cybercrime Accountability Malware 92

Krebs on Security

SEPTEMBER 24, 2018

If you’re thinking of donating money to help victims of Hurricane Florence , please do your research on the charitable entity before giving: A slew of new domains apparently related to Hurricane Florence relief efforts are now accepting donations on behalf of victims without much accountability for how the money will be spent.

Scams 269

Scams Accountability Media Web Fraud 269

Adam Levin

NOVEMBER 23, 2020

of all reports to the BBB Scam Tracker “were online purchase scams, up from 24.3% of those consumers lost money due to those scams, up from 71.2% A BBB survey conducted in August found that the majority of these scammed consumers made purchases for which they never received products. Keep a close eye on your accounts.

Scams 239

Scams Banking Retail Consumer Protection 239

Adam Levin

NOVEMBER 17, 2020

Here are 50 ways to avoid getting scammed on Black Friday — and beyond. Credit cards offer markedly better fraud protections than debit cards , which connect directly to your bank account. Virtual credit cards similarly allow online shoppers to mask their financial accounts. Vary login credentials across accounts.

Scams 243

Scams Retail Banking Passwords 243

Malwarebytes

JUNE 19, 2025

Take the 184 million logins for social media accounts we reported about recently. These malware variants silently extract credentials stored in browsers, email clients, messaging apps, and even crypto wallets, and send the data to cybercriminals. Enable two-factor authentication (2FA) for every account you can.

Identity Theft 134

Identity Theft Passwords Phishing Accountability 134

Krebs on Security

AUGUST 2, 2022

Compounding the problem, several remaining malware-based proxy services have chosen to block new registrations to avoid swamping their networks with a sudden influx of customers. com , a malware-based proxy network that has been in existence since at least 2010. Last week, a seven-year-old proxy service called 911[.]re

Malware 324

Malware Cybercrime Internet Internet 324

Troy Hunt

JULY 31, 2024

TL;DR — Tens of millions of credentials obtained from info stealer logs populated by malware were posted to Telegram channels last month and used to shake down companies for bug bounties under the misrepresentation the data originated from their service. How many attempted scams do you get each day? Of the total count, 89.7%

Scams 362

Scams Passwords Malware Accountability 362

Security Affairs

JUNE 11, 2025

Between January and April 2025, INTERPOL led Operation Secure, a global effort that took down over 20,000 malicious IPs and domains linked to information-stealing malware. After the operation, the authorities alerted over 216,000 victims to help them quickly secure their accounts and prevent further unauthorized access.

Cybercrime 111

Cybercrime Data collection Scams Cyber threats 111

Security Affairs

OCTOBER 20, 2021

A Cookie Theft malware was employed in phishing attacks against YouTube creators, Google’s Threat Analysis Group (TAG) warns. Financially motivated threat actors are using Cookie Theft malware in phishing attacks against YouTube creators since late 2019. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Accountability 144

Accountability Malware Phishing Social Engineering 144

Security Affairs

JUNE 9, 2025

OpenAI banned ChatGPT accounts tied to Russian and Chinese hackers using the tool for malware, social media abuse, and U.S. OpenAI banned ChatGPT accounts that were used by Russian-speaking threat actors and two Chinese nation-state actors. We banned the OpenAI accounts used by this adversary.”

Accountability 73

Accountability Social Engineering Media Penetration Testing 73

SecureWorld News

FEBRUARY 14, 2025

Be wary of romance scams "People can be vulnerable on February 14th," said Dave Machin , Partner at The Berkeley Partnership. "If But Machin warns: "Clicking on a seemingly innocent link within an e-card can lead to downloading malware or being redirected to a phishing website designed to capture personal or company details."

Scams 73

Scams Cybercrime Phishing Social Engineering 73

Graham Cluley

MAY 28, 2025

How come Cambodia has become the world's hotspot for scam call centres? And can a WhatsApp image really drain your bank account with a single download, or is it just a load of hacker hokum? Why is a cute Star Wars fan website now redirecting to the CIA?

Scams 83

Scams Malware Banking Accountability 83

Krebs on Security

FEBRUARY 3, 2022

The trouble is, there’s little to stop criminals from leveraging newly registered or hacked LinkedIn business accounts to create their own ad campaigns using Slinks. Urlscan also found this phishing scam from Jan. Here’s the very first Slink created: [link] which redirects to the homepage for LinkedIn Marketing Solutions.

Phishing 359

Phishing Marketing Scams Accountability 359

Webroot

APRIL 11, 2025

Thats why each year, the IRS releases its list of Dirty Dozen Tax Scams. Common tax scams to watch out for in 2025 IRS Impersonation: The most common type of tax fraud starts with a phone call, text or email. Its easy to avoid these scams by remembering this important tip – the first time the IRS contacts you, it will be by U.S.

Scams 62

Scams Identity Theft Backups Phishing 62

Krebs on Security

MAY 5, 2021

After a user logs in, the link prompts them to install a malicious but innocuously-named app that gives the attacker persistent, password-free access to any of the user’s emails and files, both of which are then plundered to launch malware and phishing scams against others. Image: Proofpoint.

Accountability 350

Accountability Advertising Passwords Phishing 350

Malwarebytes

APRIL 8, 2025

Brand impersonation: from Google ad to phishing page Accounting and tax preparation software has traditionally been a common lure for scammers, particularly those related to online support operating out of large call centres in India and surrounding areas. Malicious QuickBooks domains quicckboocks-accounting[.]com

Phishing 76

Phishing Scams Accountability Authentication 76

SecureList

DECEMBER 17, 2024

The attackers would then send what appeared to be the photo itself but was actually a malware installer. In reality, this was malware with no parcel-tracking functionality whatsoever. Both scams targeted individual users only. Our security products detect the malware spreading via this scam as Trojan-Banker.AndroidOS.Mamont.

Scams 96

Scams Malware Social Engineering Banking 96

The Last Watchdog

DECEMBER 16, 2024

Gen AI threats and quantum computing exposures must be accounted for. Deepfake scams will escalate, with threat actors using AI to create convincing impersonations of executives, risking personal and corporate brands. Attacks targeting identities rose 71% last year, with valid accounts as the top entry point.

Cyber threats 264

Cyber threats CISO IoT Phishing 264

Krebs on Security

OCTOBER 25, 2018

The fraudsters behind the often laughable Nigerian prince email scams have long since branched out into far more serious and lucrative forms of fraud, including account takeovers, phishing, dating scams, and malware deployment. The FBI says BEC scams netted thieves more than $12 billion between 2013 and 2018.

Scams 242

Scams Accountability Media Banking 242