Krebs on Security

JANUARY 30, 2024

Multiple trusted sources told KrebsOnSecurity that Sosa/King Bob was a core member of a hacking group behind the 2022 breach at Twilio , a company that provides services for making and receiving text messages and phone calls. As it happens, Plex announced its own data breach one day before LastPass disclosed its initial August intrusion.

Social Engineering 318

Social Engineering Mobile Cybercrime Passwords 318

Krebs on Security

AUGUST 30, 2022

On July 20, the attackers turned their sights on internet infrastructure giant Cloudflare.com , and the intercepted credentials show at least five employees fell for the scam (although only two employees also provided the crucial one-time MFA code). Image: Cloudflare.com. On that last date, Twilio disclosed that on Aug. ”

Mobile 291

Mobile Phishing Authentication Accountability 291

Krebs on Security

FEBRUARY 28, 2023

First, they included an offer to use a mutually trusted “middleman” or escrow provider for the transaction (to protect either party from getting scammed). One of the groups that reliably posted “Tmo up!” ” messages to announce SIM-swap availability against T-Mobile customers also reliably posted “Tmo down!

Mobile 312

Mobile Phishing Authentication Advertising 312

Krebs on Security

FEBRUARY 25, 2021

The amount of fraud we are fighting is truly staggering.” ” According to ID.me, a major driver of phony jobless claims comes from social engineering, where people have given away personal data in response to romance or sweepstakes scams, or after applying for what they thought was a legitimate work-from-home job.

Scams 313

Scams Insurance DDOS Authentication 313