Advertising and Authentication - Cyber Security Informer

Facebook Is Using Your Two-Factor Authentication Phone Number to Target Advertising

Schneier on Security

OCTOBER 2, 2018

From Kashmir Hill : Facebook is not content to use the contact information you willingly put into your Facebook profile for advertising. So users who want their accounts to be more secure are forced to make a privacy trade-off and allow advertisers to more easily find them on the social network.

Advertising

Advertising Authentication Accountability Adware

The great Google Ads heist: criminals ransack advertiser accounts via fake Google ads

Malwarebytes

JANUARY 15, 2025

Fuel for other malware and scam campaigns Indicators of Compromise Overview Online criminals are targeting individuals and businesses that advertise via Google Ads by phishing them for their credentials ironically via fraudulent Google ads. This earned Google a whopping $175 billion in search-based ad revenues in 2023.

Advertising

Advertising Accountability Phishing Scams

Why SMS two-factor authentication codes aren't safe and what to use instead

Zero Day

JUNE 17, 2025

Those codes are supposed to serve as two-factor authentication to confirm our identity and prevent scammers from accessing our accounts through a password alone. The packets contained SMS messages with two-factor authentication codes that were received by individual users. Here's how it happened and why it's a problem.

Authentication

Authentication Password Management Small Business Passwords

Microsoft Authenticator will soon ditch passwords for passkeys - here's what to do

Zero Day

JUNE 30, 2025

PT ZDNET Those of you who use Microsoft Authenticator as a password manager will have to find another option, and soon. PT ZDNET Those of you who use Microsoft Authenticator as a password manager will have to find another option, and soon. Beginning in July, you'll no longer be able to autofill passwords with Authenticator.

Authentication

Authentication Passwords Password Management Artificial Intelligence

FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang

Krebs on Security

JANUARY 31, 2025

. “The Saim Raza-run websites operated as marketplaces that advertised and facilitated the sale of tools such as phishing kits, scam pages and email extractors often used to build and maintain fraud operations,” the DOJ explained. “Presumably, these buyers also include Dutch nationals.

Phishing

Phishing Cybercrime Advertising Malware

Fake bank ads on Instagram scam victims out of money

Malwarebytes

JUNE 18, 2025

Recommendations to stay safe As cyberthreats and financial scams become more sophisticated, it is increasingly difficult for individuals to determine if a request coming via social media, email, text, phone call or even video call is authentic. Authentic banks will never request such details through social media or ads.

Banking

Banking Scams Advertising Media

Experts Flag Security, Privacy Risks in DeepSeek AI App

Krebs on Security

FEBRUARY 6, 2025

The device information shared, combined with the user’s Internet address and data gathered from mobile advertising companies , could be used to deanonymize users of the DeepSeek iOS app, NowSecure warned. Full disclosure: Wiz is currently an advertiser on this website.] This story will be updated with any substantive replies.

Risk

Risk Artificial Intelligence Mobile Encryption

Booking.com Phishers May Leave You With Reservations

Krebs on Security

NOVEMBER 1, 2024

Booking.com said it now requires 2FA , which forces partners to provide a one-time passcode from a mobile authentication app (Pulse) in addition to a username and password. .” The phony booking.com website generated by visiting the link in the text message. SecureWorks said these attacks had been going on since at least March 2023.

Phishing

Phishing Accountability Artificial Intelligence Cybercrime

FTC fines Twitter $150M for using 2FA info for targeted advertising

Bleeping Computer

MAY 25, 2022

The Federal Trade Commission has fined Twitter $150 million for using phone numbers and email addresses collected to enable two-factor authentication for targeted advertising. [.].

Advertising

Advertising Authentication Technology

Threat actor impersonates Google via fake ad for Authenticator

Malwarebytes

JULY 30, 2024

If you were trying to download the popular Google Authenticator (a multi-factor authentication program) via a Google search in the past few days, you may have inadvertently installed malware on your computer. Fake site leads to signed payload hosted on Github The fraudulent site chromeweb-authenticators[.]com

Authentication

Authentication Computers and Electronics Social Engineering Malware

Turn on MFA Before Crooks Do It For You

Krebs on Security

JUNE 19, 2020

Hundreds of popular websites now offer some form of multi-factor authentication (MFA), which can help users safeguard access to accounts when their password is breached or stolen. When the two of them sat down to reset his password, the screen displayed a notice saying there was a new Gmail address tied to his Xbox account.

Authentication

Authentication Accountability Passwords Mobile

No, I Won't Link to Your Spammy Article

Troy Hunt

APRIL 6, 2020

Keep reading the definition until you understand then proceed: Spamming is the use of messaging systems to send an unsolicited message, especially advertising Alrighty, so it's an unsolicited message (I certainly didn't ask for it) and it's intended to advertise your work.

Advertising

Advertising Internet Internet VPN

Malicious Office 365 Apps Are the Ultimate Insiders

Krebs on Security

MAY 5, 2021

After logging in, the user might see a prompt that looks something like this: These malicious apps allow attackers to bypass multi-factor authentication, because they are approved by the user after that user has already logged in. A cybercriminal service advertising the sale of access to hacked Office365 accounts. Image: Proofpoint.

Accountability

Accountability Advertising Passwords Phishing

Security Analysis of Threema

Schneier on Security

JANUARY 19, 2023

As one example, we present a cross-protocol attack which breaks authentication in Threema and which exploits the lack of proper key separation between different sub-protocols. Threema developers advertise it as a more secure alternative to Meta’s WhatsApp messenger.

Encryption

Encryption Authentication Advertising Government

Critical RCE in MCP Inspector Exposes AI Devs to Web-Based Exploits (CVE-2025-49596)

Penetration Testing

JUNE 30, 2025

based proxy to bridge the UI to back-end servers Unfortunately, this seemingly harmless tool was running wide open—without authentication, encryption, or access controls by default. “ The MCP Inspector tool runs by default… with a default setup that does not include sufficient security measures like authentication or encryption,” Oligo notes.

Penetration Testing

Penetration Testing Authentication Advertising Cybersecurity

Phishing-as-a-Service Rockstar 2FA continues to be prevalent

Security Affairs

NOVEMBER 29, 2024

Phishing tool Rockstar 2FA targets Microsoft 365 credentials, it uses adversary-in-the-middle (AitM) attacks to bypass multi-factor authentication. Rockstar 2FA targets Microsoft 365 accounts and bypasses multi-factor authentication with adversary-in-the-middle (AitM) attacks. .” ” reads the report published by Trustwave.

Phishing

Phishing Accountability Authentication Advertising

Easy SMS Hijacking

Schneier on Security

MARCH 19, 2021

A wide ecosystem of these companies exist , each advertising their own ability to run text messaging for other businesses. Too many networks use SMS as an authentication mechanism. For businesses, sending text messages to hundreds, thousands, or perhaps millions of customers can be a laborious task.

Authentication

Authentication Accountability Advertising Mobile

A Day in the Life of a Prolific Voice Phishing Crew

Krebs on Security

JANUARY 7, 2025

Lookout researchers discovered multiple voice phishing groups were using a new phishing kit that closely mimicked the single sign-on pages for Okta and other authentication providers. One “autodoxer” service advertised on Telegram that promotes a range of voice phishing tools and services. “ Annie.”

Phishing

Phishing Cryptocurrency Accountability Social Engineering

The Rise of One-Time Password Interception Bots

Krebs on Security

SEPTEMBER 29, 2021

In February, KrebsOnSecurity wrote about a novel cybercrime service that helped attackers intercept the one-time passwords (OTPs) that many websites require as a second authentication factor in addition to passwords. agency — advertised a web-based bot designed to trick targets into giving up OTP tokens. Image: Intel 471.

Passwords

Passwords Authentication Banking Mobile

Election season raises fears for nearly a third of people who worry their vote could be leaked

Malwarebytes

OCTOBER 15, 2024

Unlike any other season in America, election season might bring the highest volume of advertisements sent directly to people’s homes, phones, and email accounts—and the accuracy and speed at which they come can feel invasive. The reasons could be obvious. Instead, it may point to how people interpret “cyber interference.

Scams

Scams Identity Theft Cybercrime Accountability

4.7 million customers’ data accidentally leaked to Google by Blue Shield of California

Malwarebytes

APRIL 24, 2025

The tech giant may have used this data for targeted advertising, according to Blue Shield, which is one of the largest health insurers in the US. In this case, a simple misconfiguration shared data with an entitythat already knows so much about usthat then used the information for targeted advertising.

Insurance

Insurance Data breaches Passwords Phishing

FBI Arrests Alleged Owner of Deer.io, a Top Broker of Stolen Accounts

Krebs on Security

MARCH 10, 2020

was originally advertised on the public Russian-language hacking forum Antichat by a venerated user in that community who goes by the alias “ Isis.” ” A Google Translate version of that advertisement is here (PDF). Isis’ profile on antichat. ru — wasn’t working at the time.

Accountability

Accountability Advertising Hacking Cybercrime

Google: Security Keys Neutralized Employee Phishing

Krebs on Security

JULY 23, 2018

Security Keys are inexpensive USB-based devices that offer an alternative approach to two-factor authentication (2FA), which requires the user to log in to a Web site using something they know (the password) and something they have (e.g., “Users might be asked to authenticate using their security key for many different apps/reasons. .

Phishing

Phishing Authentication Mobile Passwords

Europol warns about counterfeit goods and the criminals behind them

Malwarebytes

OCTOBER 28, 2024

So, there is another critical role in advertising counterfeit goods, which are influencers. And some of the larger webstores use “Authenticity Guarantee” badges on their listings. Review advertisements on social media, influencer channels, and chat platforms with a little bit of extra caution.

Cybercrime

Cybercrime Advertising Media Risk

Phishing-as-a-Service Rockstar 2FA continues to be prevalent

Security Affairs

NOVEMBER 29, 2024

Phishing tool Rockstar 2FA targets Microsoft 365 credentials, it uses adversary-in-the-middle (AitM) attacks to bypass multi-factor authentication. Rockstar 2FA targets Microsoft 365 accounts and bypasses multi-factor authentication with adversary-in-the-middle (AitM) attacks. .” ” reads the report published by Trustwave.

Phishing

Phishing Accountability Authentication Advertising

Cyber criminals impersonate payroll, HR and benefits platforms to steal information and funds

Malwarebytes

MAY 8, 2025

Beside stealing usernames, passwords and circumventing two factor authentication, we identified malicious code capable of performing additional nefarious actions unbeknownst to the victim. In that same report, the FBI advises consumers to check the URL to make sure the site is authentic before clicking on an advertisement.

Phishing

Phishing Authentication Engineering Banking

‘Land Lordz’ Service Powers Airbnb Scams

Krebs on Security

APRIL 14, 2019

Scammers who make a living swindling Airbnb.com customers have a powerful new tool at their disposal: A software-as-a-service offering called “ Land Lordz ,” which helps automate the creation and management of fake Airbnb Web sites and the sending of messages to advertise the fraudulent listings.

Scams

Scams Advertising Accountability Phishing

U.S. Secret Service Warns ID Thieves are Abusing USPS’s Mail Scanning Service

Krebs on Security

NOVEMBER 7, 2018

The final step in validating residents involves answering four so-called “knowledge-based authentication” or KBA questions. Yet, one reader received a curious response by emailing the customer service address advertised by USPS’s Informed Delivery service — informeddelivery@custhelp.com.

Identity Theft

Identity Theft Accountability Advertising Banking

USPS Site Exposed Data on 60 Million Users

Krebs on Security

NOVEMBER 21, 2018

The problem stemmed from an authentication weakness in a USPS Web component known as an “application program interface,” or API — basically, a set of tools defining how various parts of an online application such as databases and Web pages should interact with one another.

Accountability

Accountability Authentication Identity Theft Advertising

Split-Second Phantom Images Fool Autopilots

Schneier on Security

OCTOBER 19, 2020

We demonstrate how attackers can apply split-second phantom attacks remotely by embedding phantom road signs into an advertisement presented on a digital billboard which causes Tesla’s autopilot to suddenly stop the car in the middle of a road and Mobileye 630 to issue false notifications.

Advertising

Advertising Authentication Internet Internet

FBI Seizes Bot Shop ‘Genesis Market’ Amid Arrests Targeting Operators, Suppliers

Krebs on Security

APRIL 4, 2023

When Genesis customers purchase a bot, they’re purchasing the ability to have all of the victim’s authentication cookies loaded into their browser, so that online accounts belonging to that victim can be accessed without the need of a password, and in some cases without multi-factor authentication. Image: KrebsOnSecurity.

Marketing

Marketing Cybercrime Passwords Banking

Ad Network Sizmek Probes Account Breach

Krebs on Security

MARCH 13, 2019

Online advertising firm Sizmek Inc. [ NASDAQ: SZMK ] says it is investigating a security incident in which a hacker was reselling access to a user account with the ability to modify ads and analytics for a number of big-name advertisers. Pappachen asked KrebsOnSecurity what else could have prevented this. ” PASSWORD SPRAYING.

Accountability

Accountability Passwords Advertising Cybercrime

North Korea-linked APT37 exploited IE zero-day in a recent attack

Security Affairs

OCTOBER 19, 2024

“This attack requires an authenticated client to click a link in order for an unauthenticated attacker to initiate remote code execution.” ” APT37 compromised the online advertising agency behind the Toast ad program to carry out a supply chain attack. .

Internet

Internet Internet Engineering Malware

23andMe bankruptcy: How to delete your data and stay safe from the 2023 breach

Malwarebytes

MARCH 25, 2025

That has worried some experts who have pointed out that a new owner could, for instance, hand over customer data to insurance companies to hike up monthly premiums, or to data brokers to power increasingly invasive, targeted advertising. Enable two-factor authentication (2FA). Under Settings , scroll to the section titled 23andMe data.

Passwords

Passwords Data breaches Accountability Phishing

Judging Facebook's Privacy Shift

Schneier on Security

MARCH 13, 2019

Increased transparency over advertiser and app accesses to user data. The company could be more transparent about what data it shares with advertisers and others and how it allows advertisers to select users they show ads to. For example, it could allow users to turn off individually targeted news and advertising.

Surveillance

Surveillance Advertising Encryption Engineering

For 2nd Time in 3 Years, Mobile Spyware Maker mSpy Leaks Millions of Sensitive Records

Krebs on Security

SEPTEMBER 4, 2018

The database required no authentication. In addition, the database included the Apple iCloud username and authentication token of mobile devices running mSpy, and what appear to be references to iCloud backup files. Akbar was charged with selling and advertising wiretapping equipment. In September 2014, U.S.

Spyware

Spyware Mobile Advertising Software

You should probably delete any sensitive screenshots you have in your phone right now. Here's why

Zero Day

JUNE 26, 2025

Don't save screenshots of sensitive information, such as IDs, passports, crypto wallets, seed phrases, passwords, and two-factor authentication backup codes. Privacy Policy | | Cookie Settings | Advertise | Terms of Use Either delete this data or move the screenshots to a password-protected folder. All rights reserved.

Password Management

Password Management Small Business Passwords Artificial Intelligence

WAGO Device Manager Vulnerabilities Expose Critical Industrial Infrastructure to Remote Exploits

Penetration Testing

JUNE 17, 2025

By crafting malicious scripts hosted on attacker-controlled domains, threat actors could silently exfiltrate system data without triggering standard authentication safeguards. It contains an endpoint that allows an unauthenticated remote attacker to read files from the system’s file structure, ” the advisory warns.

Firmware

Firmware Penetration Testing Manufacturing Advertising

The Unsexy Threat to Election Security

Krebs on Security

JULY 25, 2019

In the wake of the 2016 attack, San Mateo County instituted two-factor authentication for its email accounts — requiring each user to log in with a password and a one-time code sent via text message to their mobile device. Public confidence is at stake, even if the vote itself is secure.”

Media

Media Accountability Mobile Authentication

GUEST ESSAY: Successful tactics threat actors leverage to probe, compromise vulnerable networks

The Last Watchdog

FEBRUARY 7, 2022

Standard things, like login endpoints, are easy to find since requesting any resource that needs authentication is going to redirect to the login page. Often these endpoints not only accept authentication credentials, but also help the unauthenticated by showing the data that needs to be collected. Login Endpoints. GraphQL pages.

Authentication

Authentication Advertising Engineering Internet

Facebook, Instagram, TikTok and Twitter Target Resellers of Hacked Accounts

Krebs on Security

FEBRUARY 4, 2021

Facebook said it targeted a number of accounts tied to key sellers on OGUsers, as well as those who advertise the ability to broker stolen account sales. Any accounts that you value should be secured with a unique and strong password, as well the most robust form of multi-factor authentication available. THE MIDDLEMEN. WHAT YOU CAN DO.

Accountability

Accountability Hacking Media Mobile

Application and AI roundup - May

Adam Shostack

JANUARY 2, 2025

Google plans to add end-to-end encryption to Authenticator is a bit of a jaw-dropper. Image by Midjourney: an AI reading a book, while being hacked cinematic, dramatic, professional photography, studio lighting, studio background, advertising photography, intricate details, hyper-detailed, ultra realistic, 8K UHD --ar 8:3 --v 5

Passwords

Passwords Encryption Risk Advertising

Voice Phishers Targeting Corporate VPNs

Krebs on Security

AUGUST 19, 2020

Time is of the essence in these attacks because many companies that rely on VPNs for remote employee access also require employees to supply some type of multi-factor authentication in addition to a username and password — such as a one-time numeric code generated by a mobile app or text message.

Phishing

Phishing VPN Social Engineering Accountability

‘Snatch’ Ransom Group Exposes Visitor IP Addresses

Krebs on Security

SEPTEMBER 27, 2023

About half of the domains appear to be older websites advertising female escort services in major cities around the United States (e.g. DomainTools says there are more than 1,300 current and former domain names registered to Mihail Kolesnikov between 2013 and July 2023. the now-defunct pittsburghcitygirls[.]com). top , www-microsofteams[.]top

Ransomware

Ransomware Internet Internet Phishing

Facebook Is Using Your Two-Factor Authentication Phone Number to Target Advertising

The great Google Ads heist: criminals ransack advertiser accounts via fake Google ads

Trending Sources

Why SMS two-factor authentication codes aren't safe and what to use instead

Microsoft Authenticator will soon ditch passwords for passkeys - here's what to do

FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang

Fake bank ads on Instagram scam victims out of money

Experts Flag Security, Privacy Risks in DeepSeek AI App

Booking.com Phishers May Leave You With Reservations

FTC fines Twitter $150M for using 2FA info for targeted advertising

Threat actor impersonates Google via fake ad for Authenticator

Turn on MFA Before Crooks Do It For You

No, I Won't Link to Your Spammy Article

Malicious Office 365 Apps Are the Ultimate Insiders

Security Analysis of Threema

Critical RCE in MCP Inspector Exposes AI Devs to Web-Based Exploits (CVE-2025-49596)

Phishing-as-a-Service Rockstar 2FA continues to be prevalent

Easy SMS Hijacking

A Day in the Life of a Prolific Voice Phishing Crew

The Rise of One-Time Password Interception Bots

Election season raises fears for nearly a third of people who worry their vote could be leaked

4.7 million customers’ data accidentally leaked to Google by Blue Shield of California

FBI Arrests Alleged Owner of Deer.io, a Top Broker of Stolen Accounts

Google: Security Keys Neutralized Employee Phishing

Europol warns about counterfeit goods and the criminals behind them

Phishing-as-a-Service Rockstar 2FA continues to be prevalent

Cyber criminals impersonate payroll, HR and benefits platforms to steal information and funds

‘Land Lordz’ Service Powers Airbnb Scams

U.S. Secret Service Warns ID Thieves are Abusing USPS’s Mail Scanning Service

USPS Site Exposed Data on 60 Million Users

Split-Second Phantom Images Fool Autopilots

FBI Seizes Bot Shop ‘Genesis Market’ Amid Arrests Targeting Operators, Suppliers

Ad Network Sizmek Probes Account Breach

North Korea-linked APT37 exploited IE zero-day in a recent attack

23andMe bankruptcy: How to delete your data and stay safe from the 2023 breach

Judging Facebook's Privacy Shift

For 2nd Time in 3 Years, Mobile Spyware Maker mSpy Leaks Millions of Sensitive Records

You should probably delete any sensitive screenshots you have in your phone right now. Here's why

WAGO Device Manager Vulnerabilities Expose Critical Industrial Infrastructure to Remote Exploits

The Unsexy Threat to Election Security

GUEST ESSAY: Successful tactics threat actors leverage to probe, compromise vulnerable networks

Facebook, Instagram, TikTok and Twitter Target Resellers of Hacked Accounts

Application and AI roundup - May

Voice Phishers Targeting Corporate VPNs

‘Snatch’ Ransom Group Exposes Visitor IP Addresses

Stay Connected