article thumbnail

Scary Fraud Ensues When ID Theft & Usury Collide

Krebs on Security

” According to the Native American Financial Services Association (NAFSA), a trade group in Washington, D.C. According to Buckley LLP , a financial services law firm based in Washington, D.C., As this is an ongoing criminal investigation, we can make no additional comment at this time.”

article thumbnail

Would You Have Fallen for This Phone Scam?

Krebs on Security

. “After a brief reprieve in Week 4 (April 6-12), Week 5 (April 13-19) saw call volume across Next Caller’s clients in the telecom and financial services sectors spike 40% above previous highs,” the company found.

Scams 354
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Krebs on Security

“InfraGard connects critical infrastructure owners, operators, and stakeholders with the FBI to provide education, networking, and information-sharing on security threats and risks,” the FBI’s InfraGard fact sheet reads.

Hacking 358
article thumbnail

Recycle Your Phone, Sure, But Maybe Not Your Number

Krebs on Security

New research shows how fraudsters can abuse wireless provider websites to identify available, recycled mobile numbers that allow password resets at a range of email providers and financial services online.

Mobile 336
article thumbnail

New Anti Anti-Money Laundering Services for Crooks

Krebs on Security

“To date, this type of analysis has been used primarily by regulated financial service providers.” . “It is also significant because it makes blockchain analytics available to the public for the first time,” Robinson wrote. ” That may not be entirely true.

article thumbnail

Disneyland Malware Team: It’s a Puny World After All

Krebs on Security

financial services firm Ameriprise uses the domain ameriprise.com; the Disneyland Team’s domain for Ameriprise customers is [link] [brackets added to defang the domain], which displays in the browser URL bar as ? For example, one domain the gang has used since March 2022 is ushank[.]com com — which was created to phish U.S.

Malware 253
article thumbnail

The Rise of One-Time Password Interception Bots

Krebs on Security

. “Over the past few months, we’ve seen actors provide access to services that call victims, appear as a legitimate call from a specific bank and deceive victims into typing an OTP or other verification code into a mobile phone in order to capture and deliver the codes to the operator.

Passwords 308