Security Affairs

NOVEMBER 30, 2024

SpyLoan apps exploit social engineering to gain sensitive user data and excessive permissions, leading to extortion, harassment, and financial loss. Some of the malicious apps were promoted through deceptive advertising on social media. Some apps were suspended by Google from Google Play while others were updated by the developers.

Social Engineering 131

Social Engineering Media Mobile Scams 131

Security Affairs

MARCH 29, 2025

Notifications & Social Engineering: Posts fake push notifications to trick users. “The emergence of the Crocodilus mobile banking Trojan marks a significant escalation in the sophistication and threat level posed by modern malware. ” ThreatFabric concludes.

Banking 69

Banking Mobile Identity Theft Malware 69

SecureWorld News

MARCH 20, 2025

Phishing plays straight out of the cybercrime playbook "March Madness brings heightened cybersecurity risks this year, especially with the expansion of sports gambling beyond traditional office pools creating new attack vectors for credential harvesting and financial fraud," warns J.

Scams 82

Scams Social Engineering Mobile Phishing 82

Security Affairs

APRIL 21, 2025

The malware is delivered via social engineering, attackers attempt to trick victims into tapping cards on infected phones. Calls enable social engineering in a Telephone-Oriented Attack Delivery (TOAD) scenario. Analysis of the SuperCard X campaign in Italy revealed custom malware builds tailored for regional use.

Malware 108

Malware Social Engineering Banking Engineering 108

Krebs on Security

AUGUST 19, 2020

Allen said a typical voice phishing or “vishing” attack by this group involves at least two perpetrators: One who is social engineering the target over the phone, and another co-conspirator who takes any credentials entered at the phishing page and quickly uses them to log in to the target company’s VPN platform in real-time.

Phishing 363

Phishing VPN Social Engineering Media 363

Security Boulevard

AUGUST 23, 2021

The post AI-Fueled Deep Fakes Signal New Era of Cybercrime appeared first on Security Boulevard. Events like the 2020 U.S. elections or COVID-19 vaccinations highlight how political opponents and rogue nations actively practice disinformation campaigns to undermine confidence in governments and science, sowing.

Cybercrime 145

Cybercrime Government Social Engineering Engineering 145

Security Affairs

AUGUST 23, 2024

Cybercriminals use progressive web applications (PWA) to impersonate banking apps and steal credentials from mobile users. ESET researchers detailed a phishing campaign against mobile users that uses Progressive Web Applications (PWAs).

Phishing 134

Phishing Mobile Banking Social Engineering 134

Security Affairs

APRIL 23, 2022

Telecommunication giant T-Mobile confirmed the LAPSUS$ extortion group gained access to its networks in March. Telecom company T-Mobile on Friday revealed that LAPSUS$ extortion gang gained access to its networks. ” LAPSUS$ leader White/Lapsus Jobs looking up the Department of Defense in T-Mobile’s internal Atlas system.

Mobile 102

Mobile VPN Social Engineering Telecommunications 102

Malwarebytes

JUNE 8, 2021

Tampering with web sessions depending on mobile carrier is pretty smart. A Latvian woman has been charged for their alleged role in a transnational cybercrime organisation. Money mules and spear phishing are thrown into the mix alongside social engineering and international theft of money, personal, and confidential information.

Cybercrime 129

Cybercrime Malware Banking Phishing 129

CyberSecurity Insiders

MARCH 16, 2023

But after the spread of the Covid-19 pandemic, the focus of hackers has shifted more towards the smart phones with more phishing and social engineering attacks recorded in a 2nd quarter of 2022. trillion by 2025, and among the guestimate, half of the amount is expected to be made through phishing targeting mobiles and tablets.

Cybercrime 94

Cybercrime Social Engineering Mobile Spyware 94

SecureWorld News

JUNE 29, 2023

In today's interconnected world, mobile devices have become an integral part of our lives, enabling seamless communication, productivity, and access to sensitive information. However, as reliance on mobile technology grows, so does the risk of cyber threats targeting these devices.

Mobile 98

Mobile IoT Social Engineering Phishing 98

Security Affairs

DECEMBER 10, 2024

This social engineering scheme has been amplified by targeted phishing, smishing, and vishing activities, with a noticeable increase around the winter holidays. Once the credit card details were entered, cybercriminals used them for much higher charges at the controlled merchants registered on money mules.A

Social Engineering 112

Social Engineering Phishing Banking DNS 112

SecureWorld News

MARCH 18, 2025

The rise of these sophisticated road toll scams is catching many people off guard, highlighting the evolving nature of cybercrime. Technological defenses: Utilizing mobile security solutions that can detect and block potential phishing attempts adds an additional layer of protection.

Scams 84

Scams Mobile Phishing Education 84

Krebs on Security

NOVEMBER 6, 2018

that has been tracking down individuals engaged in unauthorized “SIM swaps” — a complex form of mobile phone fraud that is often used to steal large amounts of cryptocurrencies and other items of value from victims. In early July 2018, Ferri was traveling in Europe when he discovered his T-Mobile phone no longer had service.

Mobile 275

Mobile Cryptocurrency Accountability Passwords 275

SecureWorld News

AUGUST 4, 2022

Most recently, a former T-Mobile retail store owner was convicted for stealing employee credentials to illegally access internal computer systems and unlock and unblock cellphones. which was a T-Mobile store, in Los Angeles in January 2017. The former store owner used various phishing techniques to steal T-Mobile employee credentials.

Mobile 98

Mobile Identity Theft Social Engineering Retail 98

SecureList

MARCH 25, 2025

Note that for mobile banking malware, we retrospectively revised the 2023 numbers to provide more accurate statistics. Mobile malware Nearly 248,000 users encountered mobile banking malware in 2024 almost 3.6 of all mobile banker attacks. In 2024, the number of users who encountered mobile banking Trojans grew 3.6

Phishing 77

Phishing Banking Scams Mobile 77

Security Affairs

DECEMBER 1, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cybercrime 73

Cybercrime Firewall Social Engineering Ransomware 73

Malwarebytes

APRIL 24, 2025

Then you’re like millions of other users now at risk from a new form of cybercrime – malware that can read your credit or debit card and hand its data over to an attacker. They can then focus on finding and targeting victims with social engineering attacks, which Cleafy says they’ve been doing in Italy.

Malware 99

Malware Banking Software Social Engineering 99

The Last Watchdog

APRIL 28, 2020

That, of course, presents the perfect environment for cybercrime that pivots off social engineering. Social engineering invariably is the first step in cyber attacks ranging from phishing and ransomware to business email compromise ( BEC ) scams and advanced persistent threat ( APT ) hacks.

Social Engineering 174

Social Engineering Cyber Attacks Scams Ransomware 174

Security Boulevard

DECEMBER 14, 2021

Phishing scams continue to top the list of cybercrimes. Unfortunately, it’s likely 2022 will continue this trend as these types of social engineering attacks become more sophisticated. The statistics are alarming. Phishing attacks account for more than 80% of reported security incidents.

Scams 126

Scams Phishing Social Engineering Cybercrime 126

Krebs on Security

AUGUST 5, 2019

The second is through an unauthorized SIM swap , a form of fraud in which scammers bribe or trick employees at mobile phone stores into seizing control of the target’s phone number and diverting all texts and phone calls to the attacker’s mobile device.

Banking 279

Banking Passwords Risk Accountability 279

Security Affairs

JULY 22, 2024

for suspected involvement in the Scattered Spider cybercrime syndicate. arrested a 17-year-old teenager from Walsall who is suspected to be a member of the Scattered Spider cybercrime group (also known as UNC3944 , 0ktapus ). Law enforcement arrested a 17-year-old boy from Walsall, U.K., Law enforcement in the U.K.

Cybercrime 135

Cybercrime Social Engineering Hacking Scams 135

Krebs on Security

DECEMBER 29, 2022

Here’s a look at some of the more notable cybercrime stories from the past year, as covered by KrebsOnSecurity and elsewhere. 24, Russia invades Ukraine, and fault lines quickly begin to appear in the cybercrime underground. I will also continue to post on LinkedIn about new stories in 2023.

Cryptocurrency 309

Cryptocurrency Cybercrime Computers and Electronics Scams 309

Security Boulevard

JANUARY 28, 2022

Long story short it's an OTR and OpenPGP-based communication protocol that actually has a lot of new improvements in terms of privacy and security including interoperability between multiple IM clients and mobile applications courtesy of different vendors. Basic OTR Protocol Overview in the context of the global growing cybercrime trend.

Encryption 105

Encryption Cybercrime Social Engineering Mobile 105

SecureWorld News

JUNE 17, 2024

Ezra Graziano, Director of Federal Accounts at Zimperium, emphasized the urgency for defense against such evolving social engineering tactics. This includes educating staff on impersonation scam signs, verifying caller identities, reporting suspicious calls, and integrating mobile threat defense solutions.

Social Engineering 113

Social Engineering Scams Artificial Intelligence Engineering 113

Krebs on Security

JULY 22, 2020

My July 15 story observed there were strong indications that the people involved in the Twitter hack have connections to SIM swapping , an increasingly rampant form of crime that involves bribing, hacking or coercing employees at mobile phone and social media companies into providing access to a target’s account.

Hacking 348

Hacking Accountability Scams Media 348

Security Affairs

NOVEMBER 15, 2021

The malware has been active at least since late October 2021, it targeting the mobile users of banks in Italy, the UK, and the US. The trojan allows to hijack users’ mobile devices and steal funds from online banking and cryptocurrency accounts. The name comes after one of the domains used for its command and control servers.

Banking 144

Banking Mobile Social Engineering Malware 144

Security Affairs

JUNE 17, 2024

A joint law enforcement operation led to the arrest of a key member of the cybercrime group known as Scattered Spider. Spanish police arrested a 22-year-old British national who is suspected of being a key member of the cybercrime group known as Scattered Spider (also known as UNC3944 , 0ktapus ). ” reported the Murcia Today.

Cybercrime 130

Cybercrime Hacking Social Engineering Cryptocurrency 130

Security Affairs

SEPTEMBER 3, 2023

ransomware builder used by multiple threat actors Cisco fixes 3 high-severity DoS flaws in NX-OS and FXOS software Cybercrime Unpacking the MOVEit Breach: Statistics and Analysis Cl0p Ups The Ante With Massive MOVEit Transfer Supply-Chain Exploit FBI, Partners Dismantle Qakbot Infrastructure in Multinational Cyber Takedown U.S.

Social Engineering 127

Social Engineering Data breaches Spyware Surveillance 127

Security Affairs

SEPTEMBER 24, 2024

“However, as we said previously, we can expect threat actors behind Octo2 to not limit their activity and continue targeting users of mobile banking all over the world.” “The emergence of this Octo2 variant represents a significant evolution in mobile malware, particularly in the context of banking security.

Banking 128

Banking Mobile Malware Social Engineering 128

Security Affairs

DECEMBER 17, 2023

CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6 CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6

Data breaches 126

Data breaches Cybercrime Firewall Ransomware 126

Krebs on Security

FEBRUARY 25, 2021

requires applicants to supply a great deal more information than previously requested by the states, such as images of their driver’s license or other government-issued ID, copies of utility or insurance bills, and details about their mobile phone service. in cybercrime forums, Telegram channels throughout 2020. protections.

Scams 336

Scams Insurance DDOS Authentication 336

SecureWorld News

MARCH 22, 2021

The FBI notes that the Internet Crime Complaint Center (IC3) has been key to its mission to track cybercrimes. The IC3 "provides the public with a trustworthy source for information on cyber criminal activity," and also is a useful tool for victims to report a cybercrime. The IC3 received 19,369 reports of BEC/EAC scams in 2020. "In

Cybercrime 67

Cybercrime Scams Banking Accountability 67

Krebs on Security

OCTOBER 25, 2018

According to the most recent statistics from the FBI ‘s Internet Crime Complaint Center , the most costly form of cybercrime stems from a complex type of fraud known as the “ B usiness E mail C ompromise” or BEC scam. Deleted Facebook Cybercrime Groups Had 300,000 Members. BK: And where are they coming from?

Scams 242

Scams Accountability Media Banking 242

Digital Shadows

OCTOBER 23, 2024

The attacker gained initial access to two employee accounts by carrying out social engineering attacks on the organization’s help desk twice. Leveraging its English proficiency, the collective uses social engineering for initial access. Within six hours, the attacker began encrypting the organization’s systems.

Social Engineering 122

Social Engineering Engineering Accountability Backups 122

Security Affairs

OCTOBER 30, 2021

INTERPOL published the African Cyberthreat Assessment Report 2021, a report that analyzes evolution of cybercrime in Africa. A new report published by INTERPOL, titled the African Cyberthreat Assessment Report 2021 , sheds the light on cybercrime in Africa.

Cybercrime 90

Cybercrime Scams DDOS Banking 90

Webroot

APRIL 22, 2025

Here are some of the most likely targets for access to consumer data: Healthcare organizations : Healthcare companies are a prime target for cybercrime due to the large amounts of sensitive data they store, which includes personal information and medical records. This makes it accessible to a worldwide network of criminals.

Data breaches 72

Data breaches Identity Theft Passwords eCommerce 72