Krebs on Security

JANUARY 30, 2024

authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. The missives asked users to click a link and log in at a phishing page that mimicked their employer’s Okta authentication page. 9, 2024, U.S. Twilio disclosed in Aug.

Social Engineering 315

Social Engineering Mobile Cybercrime Passwords 315

SC Magazine

MAY 12, 2021

Researchers found 167 counterfeit Android and iOS apps that attackers used to steal money from victims who believed they installed a financial trading, banking or cryptocurrency app. Carson said companies need better cyber hygiene via educating employees on ways to detect these scams. Photo by Justin Sullivan/Getty Images).

Scams 62

Scams Cryptocurrency Social Engineering Banking 62

The Last Watchdog

APRIL 14, 2022

The email specifies that the HR manager should include the codes associated with each card, which the scammer behind the scenes then sells online for cash or cryptocurrency. We would never expect someone we know and work with to scam us, much less defraud our organization. Scenario 3.

Phishing 247

Phishing Accountability Scams Social Engineering 247

Malwarebytes

MARCH 1, 2024

Cybercriminals are targeting Mac users interested in cryptocurrency opportunities with fake calendar invites. Scammers, impersonating cryptocurrency investors, are active on Telegram channels to get interested people to attend a meeting about a future partnership. Topics are cryptocurrency investment opportunities.

Cryptocurrency 104

Cryptocurrency Malware Authentication Banking 104

Krebs on Security

AUGUST 30, 2022

The missives asked users to click a link and log in at a phishing page that mimicked their employer’s Okta authentication page. Those who submitted credentials were then prompted to provide the one-time password needed for multi-factor authentication. Image: Cloudflare.com. On that last date, Twilio disclosed that on Aug.

Mobile 287

Mobile Phishing Authentication Accountability 287

Security Affairs

MAY 18, 2022

Microsoft researchers warn of the rising threat of cryware targeting non-custodial cryptocurrency wallets, also known as hot wallets. Microsoft warns of the rise of cryware, malicious software used to steal info an dfunds from non-custodial cryptocurrency wallets, also known as hot wallets. Ransomware. Password and info stealers.

Cryptocurrency 98

Cryptocurrency Social Engineering Malware Cybercrime 98

SecureWorld News

AUGUST 2, 2021

Robinhood is an increasingly popular trading app where you can buy and sell stocks, as well as cryptocurrency. Phishing attempts come via email where scammers use different social engineering tactics to pose as a reputable sender like the IRS, your bank or brokerage firm.

Phishing 89

Phishing Social Engineering Scams Identity Theft 89

Appknox

JUNE 23, 2022

Apple iOS users often fall prey to mobile scams; around 30.1% Thus, these Australian attacks significantly contribute to the rising trend in socially engineered attacks. Social media-based scams are increasing as the average Australian uses their smartphone to connect unilaterally with multiple social networking services.

Social Engineering 92

Social Engineering Mobile Scams Engineering 92

Security Boulevard

FEBRUARY 12, 2021

This allowed them to access many apps and ask for password resets, which often confirm the request is intended for the correct user by sending a "Two Factor Authentication" request in the form of an SMS message. How do Phone Company Insiders enable these scams? The Community wasn't a place online, just the name of their group.

Cryptocurrency 119

Cryptocurrency Accountability Scams Social Engineering 119

Krebs on Security

AUGUST 19, 2020

Allen said a typical voice phishing or “vishing” attack by this group involves at least two perpetrators: One who is social engineering the target over the phone, and another co-conspirator who takes any credentials entered at the phishing page and quickly uses them to log in to the target company’s VPN platform in real-time.

Phishing 356

Phishing VPN Social Engineering Media 356

eSecurity Planet

SEPTEMBER 14, 2022

As a matter of fact, the most-reported crime in the 2021 Internet Crime Report report was phishing , a social engineering scam wherein the victim receives a deceptive message from someone in an attempt to get the victim to reveal personal information or account credentials or to trick them into downloading malware.

Social Engineering 120

Social Engineering Energy and Utilities Phishing Scams 120

Security Affairs

OCTOBER 20, 2021

Once hijacked the channel, attackers either sell it to the highest bidder or employ it in cryptocurrency scam scheme. The hackers used fake collaboration opportunities (i.e. a demo for anti-virus software, VPN, music players, photo editing or online games) to hijack the channel of YouTube creators.

Accountability 132

Accountability Malware Phishing Social Engineering 132

Security Affairs

JANUARY 23, 2022

The FBI announcement includes tips to protect people from such kind of attacks; feds recommend checking the URL obtained by scanning a QR code to make sure it is the intended site and looks authentic. Threat actors could use a malicious domain name that is similar to the intended URL but with typos or a misplaced letter. Pierluigi Paganini.

Cryptocurrency 102

Cryptocurrency Social Engineering Malware Scams 102

Security Affairs

JANUARY 3, 2024

Resecurity has uncovered a cybercriminal faction known as “ GXC Team “, who specializes in crafting tools for online banking theft, ecommerce deception, and internet scams. These methods are commonly employed in wire fraud and well-known bogus invoice scams. billion on organizations.

Artificial Intelligence 122

Artificial Intelligence Banking Scams Cybercrime 122

SecureWorld News

NOVEMBER 11, 2021

BEC or Email Account Compromise (EAC) was known as the $26 billion scam in 2019. The basics of the BEC scam are explained in a July 2021 SecureWorld article that interviewed Stephen Dougherty of the U.S. Understanding BEC scams. BEC is a sophisticated scam with multiple victims. Secret Service.

Scams 77

Scams Social Engineering Accountability Ransomware 77

Identity IQ

FEBRUARY 8, 2024

Transactions on the dark web are typically conducted using cryptocurrencies such as Bitcoin to maintain anonymity. Transactions on the dark web are often carried out with Bitcoin or other cryptocurrencies, which are unregulated and difficult to trace back to the user. Turn on multifactor authentication for all online accounts.

Identity Theft 98

Identity Theft Cryptocurrency Government Engineering 98

SecureList

FEBRUARY 16, 2023

Thus, during the World Cup a brand-new scam appeared: it offered users to win a newly released iPhone 14 for predicting match outcomes. These sites referenced public figures and humanitarian groups, offering to accept cash in cryptocurrency, something that should have raised a red flag in itself.

Phishing 91

Phishing Scams Accountability Energy and Utilities 91

Krebs on Security

APRIL 6, 2022

“They would just keep jamming a few individuals to get [remote] access, read some onboarding documents, enroll a new 2FA [two-factor authentication method] and exfiltrate code or secrets, like a smash-and-grab,” the CXO said. The flash scam netted the perpetrators more than $100,000 in the ensuing hours.

Social Engineering 240

Social Engineering Phishing Engineering Accountability 240

Krebs on Security

DECEMBER 29, 2022

You just knew 2022 was going to be The Year of Crypto Grift when two of the world’s most popular antivirus makers — Norton and Avira — kicked things off by installing cryptocurrency mining programs on customer computers. The now-defunct and always phony cryptocurrency trading platform xtb-market[.]com,

Cryptocurrency 229

Cryptocurrency Cybercrime Computers and Electronics Scams 229

SecureList

SEPTEMBER 6, 2022

Additionally, we looked at the phishing activity around gaming, specifically that related to cybersports tournaments, bookmakers, gaming marketplaces, and gaming platforms, and found numerous examples of scams that target gamers and esports fans. Protect your accounts with two-factor authentication whenever possible. Key findings.

Mobile 96

Mobile Passwords Software Accountability 96

Spinone

NOVEMBER 1, 2019

Authenticator – a method of how a user can prove his/her identity to a system. Group Authenticator – used to allow access to specific data or functions that may be shared by all members of a particular group. Crypojacking – when a hacker unauthorisedly uses someone’s computing power to mine cryptocurrency.

Passwords 40

Passwords Social Engineering Malware Encryption 40

Security Through Education

DECEMBER 5, 2023

The pandemic also saw a surge in employment scams, bad actors posing as companies offering remote work, only to run off with sensitive information from hopeful applicants. Spotting Scams Like This: Be cautious of unsolicited emails and verify the sender’s legitimacy. Verify their authenticity and legitimacy.

Scams 52

Scams Identity Theft Media Social Engineering 52

SecureList

AUGUST 23, 2021

Most threats uncovered on PC and mobile devices were adware, but dangerous malware was also present: from stealers to bankers, often leading to the loss of not just credentials but money, including cryptocurrency. This finely designed tournament page is nothing more than a scam that capitalizes on well-known and trusted brands.

Adware 112

Adware Mobile Phishing Malware 112

SecureWorld News

OCTOBER 15, 2020

It was the summer cyberattack that had social media buzzing. A group of teenagers used social engineering to breach Twitter's network and take over the accounts of a whole bunch of A-listers. As a teenager, he discovered that social engineering was a trick that worked. "I You could lose your data.'.

Social Engineering 99

Social Engineering Media Scams Financial Services 99

CyberSecurity Insiders

JANUARY 31, 2021

Cybercriminals often leverage social engineering tactics like phishing and spear-phishing to propagate sophisticated malware. From mining cryptocurrency to launching DDoS attacks against networks, there are countless ways in which malware can access and utilize victim’s computers and data.

Malware 107

Malware Computers and Electronics Adware Spyware 107

Spinone

MAY 8, 2020

Other low-level scams have emerged using SPAM emails claiming to have a cure for the Coronavirus or asking for money or financial information for imparting the so-called medical advice. The ransomware then demands a sum of money in the form of untraceable cryptocurrency to unlock the data to regain access. Related: What Is Ransomware?

Cyber Attacks 78

Cyber Attacks Phishing Backups Ransomware 78

SecureList

MARCH 7, 2024

Some of the scam sites discovered promised to reimburse a certain sum to the customers of a major international telecommunications company. Alongside the usual get-rich-doing-nothing and paid survey scams, we encountered a few less conventional scenarios. Scam sites also used cryptocurrency as bait.

Phishing 95

Phishing Scams Cryptocurrency Accountability 95

Krebs on Security

JULY 16, 2020

Twitter was thrown into chaos on Wednesday after accounts for some of the world’s most recognizable public figures, executives and celebrities starting tweeting out links to bitcoin scams. If PlugWalkJoe was in fact pivotal to this Twitter compromise, it’s perhaps fitting that he was identified in part via social engineering.

Hacking 364

Hacking Accountability Mobile Social Engineering 364

Malwarebytes

MAY 21, 2023

ChatGPT can step in to offer insights on identifying the latest scams, avoiding social engineering pitfalls, and setting stronger passwords in concise, conversational text that may be more effective than a lecture or slide presentation.

Cybersecurity 77

Cybersecurity Artificial Intelligence Social Engineering Engineering 77