Accountability, Retail and Web Fraud - Cyber Security Informer

China-based SMS Phishing Triad Pivots to Banks

Krebs on Security

APRIL 10, 2025

Thus, the missives bypass the mobile phone networks entirely and enjoy near 100 percent delivery rate (at least until Apple and Google suspend the spammy accounts). And in the United States, authorities in California and Tennessee arrested Chinese nationals accused of using NFC apps to fraudulently purchase gift cards from retailers.

Banking

Banking Phishing Mobile Retail

Giving a Face to the Malware Proxy Service ‘Faceless’

Krebs on Security

APRIL 18, 2023

Flashpoint said MrMurza appears to be extensively involved in botnet activity and “drops” — fraudulent bank accounts created using stolen identity data that are often used in money laundering and cash-out schemes. was used for an account “Hackerok” at the accounting service klerk.ru

Malware

Malware Passwords Accountability Advertising

SMS Phishers Harvested Phone Numbers, Shipment Data from UPS Tracking Tool

Krebs on Security

JUNE 22, 2023

.” As early as April 2022, KrebsOnSecurity began receiving tips from Canadian readers who were puzzling over why they’d just received one of these SMS phishing messages that referenced information from a recent order they’d legitimately placed at an online retailer. “It was more or less the same day.

Phishing

Phishing Retail Mobile Scams

The Life Cycle of a Breached Database

Krebs on Security

JULY 29, 2021

Earlier this month, customers of the soccer jersey retailer classicfootballshirts.co.uk The messages addressed customers by name and referenced past order numbers and payment amounts tied to each account. From there, the attackers can reset the password for any online account that allows password resets via SMS.

Passwords

Passwords Password Management Phishing Scams

How Cybercriminals are Weathering COVID-19

Krebs on Security

APRIL 30, 2020

One of the more common and perennial cybercriminal schemes is “reshipping fraud,” wherein crooks buy pricey consumer goods online using stolen credit card data and then enlist others to help them collect or resell the merchandise. A screen shot from a user account at “Snowden,” a long-running reshipping mule service.

Cybercrime

Cybercrime Computers and Electronics Marketing Scams

911 Proxy Service Implodes After Disclosing Breach

Krebs on Security

JULY 29, 2022

.” According to 911, the service was hacked in early July, and it was discovered that someone manipulated the balances of a large number of user accounts. 911 said the intruders abused an application programming interface (API) that handles the topping up of accounts when users make financial deposits with the service.

Cybercrime

Cybercrime Backups Software VPN

Busting SIM Swappers and SIM Swap Myths

Krebs on Security

NOVEMBER 6, 2018

that has been tracking down individuals engaged in unauthorized “SIM swaps” — a complex form of mobile phone fraud that is often used to steal large amounts of cryptocurrencies and other items of value from victims. OG accounts typically can be resold for thousands of dollars. ” FAKE IDs AND PHONY NOTES.

Mobile

Mobile Cryptocurrency Accountability Passwords

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

Krebs on Security

SEPTEMBER 26, 2024

retailers, including Saks Fifth Avenue, Lord and Taylor , Bebe Stores , Hilton Hotels , Jason’s Deli , Whole Foods , Chipotle , Wawa , Sonic Drive-In , the Hy-Vee supermarket chain , Buca Di Beppo , and Dickey’s BBQ. Joker’s sold cards stolen in a steady drip of breaches at U.S. A screenshot of a website reviewing PM2BTC.

Cryptocurrency

Cryptocurrency Cybercrime Retail Government

How Phished Data Turns into Apple & Google Wallets

Krebs on Security

FEBRUARY 18, 2025

Merrill has been studying the evolution of several China-based smishing gangs, and found that most of them feature helpful and informative video tutorials in their sales accounts on Telegram. Another important innovation is the use of mass-created Apple and Google user accounts through which these phishers send their spam messages.

Phishing

Phishing Mobile Scams Banking

Russian Reshipping Service ‘SWAT USA Drop’ Exposed

Krebs on Security

NOVEMBER 2, 2023

Among the most common ways that thieves extract cash from stolen credit card accounts is through purchasing pricey consumer goods online and reselling them on the black market. Kareem said he was instructed to create an account at a website called portal-ctsi[.]com

Cybercrime

Cybercrime Marketing Scams Retail

“BriansClub” Hack Rescues 26M Stolen Cards

Krebs on Security

OCTOBER 15, 2019

The data stolen from BriansClub encompasses more than 26 million credit and debit card records taken from hacked online and brick-and-mortar retailers over the past four years, including almost eight million records uploaded to the shop in 2019 alone.

Hacking

Hacking Cybercrime Marketing Banking

Infrastructure Laundering: Blending in with the Cloud

Krebs on Security

JANUARY 30, 2025

In October 2024, the security firm Silent Push published a lengthy analysis of how Amazon AWS and Microsoft Azure were providing services to Funnull, a two-year-old Chinese content delivery network that hosts a wide variety of fake trading apps, pig butchering scams , gambling websites, and retail phishing pages.

Accountability

Accountability Scams Passwords Data collection

Cyber Security Informer

China-based SMS Phishing Triad Pivots to Banks

Giving a Face to the Malware Proxy Service ‘Faceless’

Trending Sources

SMS Phishers Harvested Phone Numbers, Shipment Data from UPS Tracking Tool

The Life Cycle of a Breached Database

How Cybercriminals are Weathering COVID-19

911 Proxy Service Implodes After Disclosing Breach

Busting SIM Swappers and SIM Swap Myths

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

How Phished Data Turns into Apple & Google Wallets

Russian Reshipping Service ‘SWAT USA Drop’ Exposed

“BriansClub” Hack Rescues 26M Stolen Cards

Infrastructure Laundering: Blending in with the Cloud

Stay Connected