Krebs on Security

DECEMBER 29, 2024

Maybe it’s indelicate to celebrate the birthday of a cybercrime blog that mostly publishes bad news, but happily many of 2024’s most engrossing security stories were about bad things happening to bad guys. Image: Shutterstock, Dreamansions. KrebsOnSecurity.com turns 15 years old today!

Scams 241

Scams Cybercrime Cryptocurrency Social Engineering 241

Security Affairs

AUGUST 18, 2024

New cybercrime group Mad Liberator is targeting AnyDesk users and runs a fake Microsoft Windows update screen to conceal data exfiltrating. Mad Liberator employs social engineering techniques to gain access to the victim’s environment, specifically targeting organizations using remote access tools like Anydesk.

Social Engineering 145

Social Engineering Engineering Ransomware Cybercrime 145

CSO Magazine

JUNE 24, 2022

Social engineering is involved in the vast majority of cyberattacks, but a new report from Proofpoint has revealed five common social engineering assumptions that are not only wrong but are repeatedly subverted by malicious actors in their attacks.

Social Engineering 128

Social Engineering Engineering Cybercrime 128

Tech Republic Security

MARCH 23, 2022

Using social engineering rather than traditional ransomware tactics, the Lapsus$ group has already hit multiple organizations, says Microsoft. The post Microsoft warns of destructive attacks by Lapsus$ cybercrime group appeared first on TechRepublic.

Cybercrime 176

Cybercrime Social Engineering Engineering Ransomware 176

Krebs on Security

OCTOBER 18, 2024

USDoD was known to use the hacker handles “ Equation Corp ” and “ NetSec ,” and according to the cyber intelligence platform Intel 471 NetSec posted a thread on the now-defunct cybercrime community RaidForums on Feb. national infrastructure.

Social Engineering 278

Social Engineering Passwords Cybercrime Mobile 278

eSecurity Planet

JUNE 20, 2025

Social engineering: A key tactic Aflac’s preliminary findings indicate that the unauthorized party used “ social engineering tactics ” to gain access to their network. This common cybercrime method often involves tricking individuals into revealing sensitive information or granting access.

Social Engineering 95

Social Engineering Cybersecurity Insurance Cybercrime 95

Security Affairs

APRIL 7, 2025

A 20-year-old man linked to the Scattered Spider cybercrime group has pleaded guilty to charges filed in Florida and California. ” Source News4Jax The charges relate to his alleged role in the Scattered Spider cybercrime group (also known as UNC3944 , 0ktapus ). .” ” reported News4Jax. In January 2024, U.S.

Cybercrime 68

Cybercrime Identity Theft Social Engineering Hacking 68

Joseph Steinberg

OCTOBER 24, 2022

An online cybersecurity event with 2,500 people already logged in had to be cancelled after suspected cybercriminals launched a social engineering attack in the event’s chat window.

Cybersecurity 363

Cybersecurity Social Engineering Artificial Intelligence Insurance 363

The Hacker News

JUNE 23, 2023

A threat actor known as Muddled Libra is targeting the business process outsourcing (BPO) industry with persistent attacks that leverage advanced social engineering ploys to gain initial access.

Social Engineering 105

Social Engineering Engineering Cybercrime Phishing 105

SecureWorld News

NOVEMBER 8, 2023

Social engineering attacks have long been a threat to businesses worldwide, statistically comprising roughly 98% of cyberattacks worldwide. Given the much more psychologically focused and methodical ways that social engineering attacks can be conducted, it makes spotting them hard to do.

Social Engineering 113

Social Engineering Engineering Cyber Attacks Artificial Intelligence 113

Krebs on Security

AUGUST 19, 2021

According to the latest figures (PDF) released by the FBI Internet Crime Complaint Center (IC3), the reported losses from BEC scams continue to dwarf other cybercrime loss categories, increasing to $1.86 billion in 2020. Image: FBI. Companies pay us the foreclosure for the decryption of files and prevention of data leak.”

Ransomware 363

Ransomware Social Engineering Cybercrime Scams 363

SecureWorld News

APRIL 22, 2025

A sophisticated cybercrime campaign, dubbed Elusive Comet , has been uncovered, in which North Korean threat actors are exploiting Zoom's remote control feature to infiltrate the systems of cryptocurrency professionals.

Cryptocurrency 90

Cryptocurrency Social Engineering Cybercrime Engineering 90

Krebs on Security

NOVEMBER 21, 2024

That Joeleoli moniker registered on the cybercrime forum OGusers in 2018 with the email address joelebruh@gmail.com , which also was used to register accounts at several websites for a Joel Evans from North Carolina. Click to enlarge.

Identity Theft 268

Identity Theft Phishing Cryptocurrency Accountability 268

Tech Republic Security

FEBRUARY 3, 2021

The surge gives further credence to the idea that cybercrime is less about tech know-how and more about social engineering, according to its fraud report.

Social Engineering 201

Social Engineering Accountability Cybercrime Engineering 201

Security Affairs

MAY 24, 2025

law firms for 2 years using callback phishing and social engineering extortion tactics. law firms using phishing and social engineering. FBI warns Silent Ransom Group has targeted U.S. The FBI warns that the Silent Ransom Group, active since 2022 and also known as Luna Moth, has targeted U.S.

Social Engineering 115

Social Engineering Antivirus Phishing Authentication 115

The Hacker News

NOVEMBER 21, 2024

Five alleged members of the infamous Scattered Spider cybercrime crew have been indicted in the U.S.

Cybercrime 123

Cybercrime Social Engineering Engineering Accountability 123

Security Boulevard

JANUARY 17, 2022

As per an article by The Hindu, 50,035 cases of cybercrime were reported in 2020, 11.8% of cybercrimes were of fraud. The post Cybercrime: Rising Concern to Cyber World appeared first on Kratikal Blogs. The post Cybercrime: Rising Concern to Cyber World appeared first on Kratikal Blogs. more than in 2019 while 60.2%

Cybercrime 145

Cybercrime Social Engineering Engineering Cybersecurity 145

Krebs on Security

DECEMBER 29, 2020

In almost every category — from epic breaches and ransomware to cybercrime justice and increasingly aggressive phishing and social engineering scams — 2020 was a year that truly went to eleven. But it was hardly a dull one for computer security news junkies.

Scams 330

Scams Social Engineering Cybercrime Advertising 330

Malwarebytes

JUNE 18, 2025

Social engineering and extortion Scams are so difficult to analyze because they vary both in their delivery method and their method of deceit. A message that tries to trick a person into clicking a package tracking link is a simple act of social engineering—relying on false urgency or faked identity to fool a victim.

Scams 103

Scams Social Engineering Media Engineering 103

Security Boulevard

DECEMBER 23, 2021

Cybercrime is here, it is dynamic and it is not going anywhere. The three-day event saw 12 peer-reviewed papers on cybercrime and ecrime presented and discussed from both academia and the cybersecurity sectors. The post APWG’s eCrime 2021 Symposium Shows Cybercrime Evolving appeared first on Security Boulevard.

Cybercrime 141

Cybercrime Phishing Cybersecurity Social Engineering 141

Penetration Testing

MAY 12, 2025

Sophos X-Ops has uncovered a cunning cybercrime campaign using fake CAPTCHA pages to trick users into running PowerShell The post CAPTCHA Trap: Fake Verification Unleashes Lumma Stealer on Unsuspecting Users appeared first on Daily CyberSecurity.

Cybercrime 115

Cybercrime Cybersecurity Social Engineering Engineering 115

Malwarebytes

DECEMBER 19, 2024

Social engineering is a core part of these schemes and the tricks we see are sometimes very clever. Overlap with other campaigns As mentioned previously, this type of social engineering attack is getting more and more popular. Interestingly, the same domain ( topsportracing[.]com

Social Engineering 101

Social Engineering Engineering Malware Antivirus 101

Krebs on Security

JANUARY 30, 2024

2022 that an intrusion had exposed a “limited number” of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials. “Brickings” are among the “violence-as-a-service” offerings broadly available on many cybercrime channels.

Social Engineering 359

Social Engineering Mobile Cybercrime Passwords 359

SecureWorld News

FEBRUARY 15, 2024

The hackers rely heavily on social engineering tactics to distribute the malware. Uncovered by cybersecurity firm Group-IB , GoldPickaxe exists in both Android and iOS versions and was developed by a suspected Chinese hacking group called "GoldFactory."

Social Engineering 104

Social Engineering Mobile Authentication Engineering 104

Security Affairs

MAY 17, 2025

Google warns that the cybercrime group Scattered Spider behind UK retailer attacks is now targeting U.S. The financially motivated group UNC3944 (also known as Scattered Spider , 0ktapus ) is known for social engineering and extortion. They exploit help desks and outsourced IT via social engineering for high-impact attacks.

Retail 68

Retail Social Engineering Cybercrime Financial Services 68

Security Affairs

APRIL 21, 2025

The malware is delivered via social engineering, attackers attempt to trick victims into tapping cards on infected phones. Calls enable social engineering in a Telephone-Oriented Attack Delivery (TOAD) scenario. Analysis of the SuperCard X campaign in Italy revealed custom malware builds tailored for regional use.

Malware 109

Malware Social Engineering Banking Engineering 109

Security Affairs

FEBRUARY 3, 2025

” Crazy Evil is referred as a traffer team, which is a group of social engineering specialists tasked with redirecting legitimate traffic to malicious landing pages. The cybercrime gang focused on targeting the Web3 and decentralized finance industry. These factors make it a persistent cyber threat.

Scams 86

Scams Media Cryptocurrency Cybercrime 86

The Hacker News

NOVEMBER 16, 2023

Scattered Spider threat actors typically engage in data theft for extortion using multiple social engineering techniques and have recently leveraged BlackCat/ALPHV ransomware alongside their

Social Engineering 139

Social Engineering Cybercrime Cybersecurity Phishing 139

SecureWorld News

FEBRUARY 13, 2025

Evolution of social engineering Social engineering exploits human psychology to manipulate individuals into revealing sensitive information or taking harmful actions. Deepfakes are revolutionizing social engineering attacks, making them more deceptive and harder to detect.

Social Engineering 86

Social Engineering Authentication Identity Theft Engineering 86

Krebs on Security

JUNE 15, 2024

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider , a cybercrime group suspected of hacking into Twilio , LastPass , DoorDash , Mailchimp , and nearly 130 other organizations over the past two years. man arrested was a SIM-swapper who went by the alias “ Tyler.”

Hacking 344

Hacking Cybercrime Phishing Passwords 344

Security Boulevard

AUGUST 23, 2021

The post AI-Fueled Deep Fakes Signal New Era of Cybercrime appeared first on Security Boulevard. Events like the 2020 U.S. elections or COVID-19 vaccinations highlight how political opponents and rogue nations actively practice disinformation campaigns to undermine confidence in governments and science, sowing.

Cybercrime 145

Cybercrime Government Social Engineering Engineering 145

Krebs on Security

APRIL 30, 2020

In a report published today, the company said since late March 2020 it has observed several crooks complaining about COVID-19 interfering with the daily activities of their various money mules (people hired to help launder the proceeds of cybercrime). ” Alex Holden , founder and CTO of Hold Security , agreed. .

Cybercrime 359

Cybercrime Computers and Electronics Marketing Scams 359

Security Affairs

DECEMBER 25, 2024

TraderTraitor activity is often characterized by targeted social engineering directed at multiple employees of the same company simultaneously.” The FBI will continue to expose and combat the DPRKs use of illicit activitiesincluding cybercrime and virtual currency theftto generate revenue for the regime. BTC ($308M).

Cryptocurrency 125

Cryptocurrency Social Engineering Hacking Cybercrime 125

Krebs on Security

FEBRUARY 17, 2021

The Justice Department says those indicted were members of a DPRK-sponsored cybercrime group variously identified by the security community as the Lazarus Group and Advanced Persistent Threat 38 (APT 38). billion from banks and other victims worldwide.

Cryptocurrency 344

Cryptocurrency Financial Services Banking Government 344

The Hacker News

JULY 16, 2024

The infamous cybercrime group known as Scattered Spider has incorporated ransomware strains such as RansomHub and Qilin into its arsenal, Microsoft has revealed.

Cyber Attacks 133

Cyber Attacks Social Engineering Ransomware Cybercrime 133

Webroot

MARCH 3, 2025

March is a time for leprechauns and four-leaf clovers, and as luck would have it, its also a time to learn how to protect your private data from cybercrime. Social engineering attacks Social engineering attacks occur when someone uses a fake persona to gain your trust.

Consumer Protection 99

Consumer Protection Identity Theft Scams Social Engineering 99

SecureWorld News

DECEMBER 17, 2024

Researchers at Datadog Security Labs have uncovered a year-long, large-scale cybercrime campaign by a threat actor tracked as MUT-1244. This operation, which blends social engineering and technical exploitation, has resulted in the theft of more than 390,000 WordPress credentials.

Phishing 109

Phishing Threat Detection Social Engineering Cybercrime 109