SecureWorld News

JUNE 4, 2025

These breachesaffecting Cartier, Main Street Bank, and The North Faceunderscore the rising threat landscape facing luxury and everyday consumer brands. While no operational impact was reported, the bank terminated its relationship with the vendor. They prioritize a frictionless shopping experience over more secure authentication flows.

Retail 65

Retail Banking Financial Services Social Engineering 65

Security Affairs

MARCH 29, 2025

The new Android trojan Crocodilus exploits accessibility features to steal banking and crypto credentials, mainly targeting users in Spain and Turkey. ThreatFabric researchers discovered a new Android trojan called Crocodilus, which exploits accessibility features to steal banking and crypto credentials. ” ThreatFabric concludes.

Banking 67

Banking Mobile Identity Theft Malware 67

The Last Watchdog

JUNE 18, 2018

Bank patrons in their 20s and 30s, who grew up blanketed with digital screens, have little interest in visiting a brick-and-mortar branch, nor interacting with a flesh-and-blood teller. This truism is pushing banks into unchartered territory. So banks are all in. LaSalla: Back in the day it was hardware tokens for banks.

Banking 173

Banking Mobile Social Engineering Authentication 173

Jane Frankland

MAY 16, 2025

Fraudsters use AI, social engineering, and emotional manipulation to steal not just money, but also trust, time, and peace of mind. Here’s a breakdown of the most widespread and damaging scams today: Impersonation Scams (51% of fraud cases) where fraudsters pose as: Banks, HMRC, DVLA, or government agencies. Couriers (e.g.,

Scams 130

Scams Password Management Passwords Banking 130

Security Affairs

JUNE 4, 2024

Resecurity uncovered a cybercriminal group that is providing a sophisticated phishing kit, named V3B, to target banking customers in the EU. “Currently, it is estimated that hundreds of cybercriminals are using this kit to commit fraud, leaving victims with empty bank accounts. . ” reads the report published Resecurity.

Banking 128

Banking Phishing Social Engineering Authentication 128

Identity IQ

JUNE 20, 2023

What Are Social Engineering Scams? Thanks, Your CEO This common scenario is just one example of the many ways scammers may attempt to trick you through social engineering scams. Read on to learn how to recognize social engineering attacks, their consequences, and tactics to avoid falling for them.

Social Engineering 94

Social Engineering Scams Engineering Identity Theft 94

IT Security Guru

FEBRUARY 25, 2025

A prime example is multi-factor authentication (MFA), a security process that requires users to verify their identity in two or more ways, such as a password, a code sent to their phone, or a fingerprint. Other Ways Threat Actors Exploit Human Behaviour In addition to fatigue attacks, malefactors weaponise social engineering.

Social Engineering 118

Social Engineering Authentication Risk Accountability 118

Security Affairs

MAY 17, 2021

Bizarro is a new sophisticated Brazilian banking trojan that is targeting customers of tens of banks in Europe and South America. Researchers from Kaspersky have spotted a new sophisticated Brazilian banking trojan dubbed Bizarro that is targeting customers of tens of 70 banks in Europe and South America.

Banking 128

Banking Social Engineering Malware Antivirus 128

eSecurity Planet

NOVEMBER 6, 2024

This data reportedly includes everything from names and addresses to Social Security numbers and bank account details. The stolen data reportedly includes highly personal information — names, dates of birth, Social Security numbers, bank account details, and even records of residents’ interactions with city services.

Ransomware 113

Ransomware Authentication Identity Theft Penetration Testing 113

The Last Watchdog

APRIL 10, 2019

Outside of giants JP Morgan, Bank of America, Citigroup, Wells Fargo and U.S. firms are comprised of community banks and regional credit unions. These smaller institutions, much like the giants, are hustling to expand mobile banking services. Related: OneSpan’s rebranding launch. Key takeaways: Shifting risks.

Banking 147

Banking Mobile Accountability Artificial Intelligence 147

SecureList

MAY 17, 2021

Bizarro is yet another banking Trojan family originating from Brazil that is now found in other regions of the world. Attempts have now been made to steal credentials from customers of 70 banks from different European and South American countries. It may also use social engineering to convince victims to download a smartphone app.

Banking 145

Banking Social Engineering Malware Engineering 145

Krebs on Security

AUGUST 19, 2020

Allen said a typical voice phishing or “vishing” attack by this group involves at least two perpetrators: One who is social engineering the target over the phone, and another co-conspirator who takes any credentials entered at the phishing page and quickly uses them to log in to the target company’s VPN platform in real-time.

Phishing 363

Phishing VPN Social Engineering Media 363

SecureWorld News

MARCH 20, 2025

Attackers are mimicking tournament brackets, betting promotions, and registration formstricking users into handing over credentials or linking bank accounts to fraudulent sites. This intersection of sports, money, and digital activity makes for a perfect storm of social engineering attacks.

Scams 82

Scams Social Engineering Phishing Mobile 82

Security Boulevard

JANUARY 31, 2022

This “dangerous” and “advanced” banking malware was in the Google Play store. The post Banking Trojan in Google Play App Store—‘2FA Authenticator’ drops Vultur RAT appeared first on Security Boulevard. An Android app has been found to drop the Vultur remote access Trojan. How did that happen?

Banking 98

Banking Authentication Malware Social Engineering 98

Webroot

MARCH 5, 2021

Italy targeted by Ursnif banking Trojan. Over 100 banks in Italy have fallen victim to the Ursnif banking trojan, which has stolen thousands of login credentials since it was first discovered in 2007. The attack likely began as a malicious email using social engineering to trick users into clicking links.

Banking 111

Banking Social Engineering Engineering Backups 111

eSecurity Planet

SEPTEMBER 30, 2021

Underground services are cropping up that are designed to enable bad actors to intercept one-time passwords (OTPs), which are widely used in two-factor authentication programs whose purpose is to better protect customers’ online accounts. By using the services, cybercriminals can gain access to victims’ accounts to steal money.

Authentication 113

Authentication Social Engineering Phishing Banking 113

SecureWorld News

FEBRUARY 6, 2025

Grubhub confirmed that Marketplace customer passwords, merchant login credentials, full payment card numbers, and bank account details were not exposed. However, even seemingly limited breaches can have downstream effects, enabling phishing attacks and social engineering schemes. How did this happen?

Data breaches 93

Data breaches Accountability Social Engineering Risk 93

The Last Watchdog

OCTOBER 15, 2019

Related: The Internet of Things is just getting started The technology to get rid of passwords is readily available; advances in hardware token and biometric authenticators continue apace. Using social engineering, the scammer tells a story about losing a phone and needing help activating a new one.

Passwords 164

Passwords Authentication Data breaches Internet 164

Security Affairs

JULY 29, 2022

Therefore, strong authentication methods are needed. Therefore, strong authentication methods are needed to improve security without hindering user convenience. What is Strong Authentication? The IAM Security Boundary Strong authentication is a critical component of modern-day identity and access management.

Authentication 124

Authentication Passwords Data privacy Identity Theft 124

Webroot

MARCH 3, 2025

Common attacks to consumer protection Identity theft and fraud Some common types of identity theft and fraud include account takeover fraud , when criminals use stolen personal information such as account numbers, usernames, or passwords to hijack bank accounts, credit cards, and even email and social media accounts.

Consumer Protection 99

Consumer Protection Identity Theft Scams Social Engineering 99

SecureList

MARCH 25, 2025

Note that for mobile banking malware, we retrospectively revised the 2023 numbers to provide more accurate statistics. We also changed the methodology for PC banking malware by removing obsolete families that no longer use Trojan banker functionality, hence the sharp drop in numbers against 2023. of all mobile banker attacks.

Phishing 77

Phishing Banking Scams Mobile 77

eSecurity Planet

FEBRUARY 26, 2025

As businesses rely more on mobile devices for authentication and communication, these evolving threats are slipping past conventional security defenses, putting corporate networks at greater risk. Zimperium found that mishing activity peaked in August 2024, with over 1,000 daily attacks recorded. What is mishing?

Phishing 82

Phishing Mobile Social Engineering Data breaches 82

Krebs on Security

MAY 14, 2024

“CVE-2024-30051 is used to gain initial access into a target environment and requires the use of social engineering tactics via email, social media or instant messaging to convince a target to open a specially crafted document file,” Narang said. Emerging in 2007 as a banking trojan, QakBot (a.k.a.

Social Engineering 295

Social Engineering Backups Malware Banking 295

Krebs on Security

AUGUST 12, 2020

As KrebsOnSecurity observed back in 2018 , many people — particularly older folks — proudly declare they avoid using the Web to manage various accounts tied to their personal and financial data — including everything from utilities and mobile phones to retirement benefits and online banking services. YOUR FINANCIAL INSTITUTIONS.

Accountability 357

Accountability Mobile Banking Passwords 357

IT Security Guru

NOVEMBER 18, 2024

It’s interesting to note that many people will happily unlock their phone by just looking at it and have no problem tapping their bank card against a store’s point of sale terminal, but if the term password security is presented to them, they have a blank expression, or worse, shrink away. It doesn’t have to sell itself.

Passwords 101

Passwords Password Management Technology Authentication 101

Malwarebytes

MAY 8, 2025

Beside stealing usernames, passwords and circumventing two factor authentication, we identified malicious code capable of performing additional nefarious actions unbeknownst to the victim. After entering their credentials, victims are social engineered by the crooks to type a security code that was sent to their email address.

Phishing 98

Phishing Authentication Engineering Banking 98

Security Affairs

JULY 4, 2023

A Mexican threat actor that goes online with the moniker Neo_Net is behind an Android malware campaign targeting banks worldwide. Neo_Net’s eCrime campaign was reportedly targeting clients of banks globally, with a focus on Spanish and Chilean banks, from June 2021 to April 2023. ” Thill explained.

Banking 98

Banking Phishing Social Engineering Authentication 98

Malwarebytes

JUNE 9, 2025

Scammers are getting better at social engineering and are using Artificial Intelligence (AI) to sound more authentic and eliminate any spelling errors. Use strong, unique passwords and enable multi-factor authentication (MFA) wherever possible. Unfortunately, people getting scammed online is a frequent event.

Scams 67

Scams Banking Artificial Intelligence Accountability 67

The Last Watchdog

APRIL 14, 2022

The attacker then creates a look-alike domain and contacts each customer on the report explaining that all future payments should be sent to a new bank account. The attacker also has the rep’s email signature. Planned attacks. Today’s BEC attempts aren’t the easy-to-spot, typo-laden phishing campaigns of the past.

Phishing 247

Phishing Accountability Scams Authentication 247

eSecurity Planet

OCTOBER 5, 2021

Passwords are the most common authentication tool used by enterprises, yet they are notoriously insecure and easily hackable. At this point, multi-factor authentication (MFA) has permeated most applications, becoming a minimum safeguard against attacks. Jump to: What is multi-factor authentication? MFA can be hacked.

Authentication 104

Authentication Passwords Mobile Accountability 104

Approachable Cyber Threats

FEBRUARY 8, 2023

Banks are taking revolutionary approaches to digitize and streamline the customer experience - but these measures could come with a cost without strategic cybersecurity measures. The world is changing, and the banking industry is evolving too. The Industry Digital banking is transforming the way people access and manage their finances.

Banking 81

Banking Social Engineering Cyber threats Encryption 81

Malwarebytes

MARCH 19, 2024

For that reason, SIM swapping can be used to get around two-factor authentication (2FA) codes sent by SMS message. SIM swapping can be done in a number of ways, but perhaps the most common involves a social engineering attack on the victim’s carrier.

Social Engineering 139

Social Engineering Computers and Electronics Mobile Identity Theft 139

Spinone

NOVEMBER 12, 2020

What is social engineering? Social engineering is a manipulative technique used by criminals to elicit specific actions in their victims. Social engineering is seldom a stand-alone operation. money from a bank account) or use it for other social engineering types.

Social Engineering 52

Social Engineering Engineering Phishing Banking 52

The Last Watchdog

AUGUST 19, 2021

The attacker claims to have compromised an end-of-lifed GPRS system that was exposed to the internet and was able to pivot from it to the internal network, where they were able to launch a brute force authentication attack against internal systems. Most immediately is the ubiquity of 2-factor authentication.

Mobile 235

Mobile Data breaches Authentication Accountability 235

Security Affairs

APRIL 8, 2024

The Health Sector Cybersecurity Coordination Center (HC3) recently observed threat actors using sophisticated social engineering tactics to target IT help desks in the health sector. bank accounts.” The attackers aim at gaining initial access to target organizations. ” reads the HC3 sector alert.

Social Engineering 137

Social Engineering Healthcare Engineering Accountability 137

Identity IQ

JUNE 1, 2023

The Rise of AI Social Engineering Scams IdentityIQ In today’s digital age, social engineering scams have become an increasingly prevalent threat. Social engineering scams leverage psychological manipulation to deceive individuals and exploit the victims’ trust.

Social Engineering 52

Social Engineering Scams Engineering Identity Theft 52

Security Affairs

SEPTEMBER 3, 2024

Three men have pleaded guilty to operating OTP.Agency, an online service that allowed crooks to bypass Multi-Factor authentication (MFA). These OTPs, used in multi-factor authentication, allowed criminals to bypass security and access victims’ bank accounts to steal funds. million if they had opted for the elite package.”

Banking 121

Banking Social Engineering Accountability Authentication 121