Government, Phishing and Web Fraud - Cyber Security Informer

Chinese Innovations Spawn Wave of Toll Phishing Via SMS

Krebs on Security

JANUARY 16, 2025

Researchers say the surge in SMS spam coincides with new features added to a popular commercial phishing kit sold in China that makes it simple to set up convincing lures spoofing toll road operators in multiple U.S. Reports of similar SMS phishing attacks against customers of other U.S. This is by no means a comprehensive list.

Phishing

Phishing Scams Mobile Authentication

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Krebs on Security

NOVEMBER 9, 2024

The Federal Bureau of Investigation (FBI) is urging police departments and governments worldwide to beef up security around their email systems, citing a recent increase in cybercriminal services that use hacked police email accounts to send unauthorized subpoenas and customer data requests to U.S.-based based technology companies.

Hacking

Hacking Accountability Government Social Engineering

Why is.US Being Used to Phish So Many of Us?

Krebs on Security

SEPTEMBER 1, 2023

Domain names ending in “ US ” — the top-level domain for the United States — are among the most prevalent in phishing scams, new research shows. government, which is frequently the target of phishing domains ending in.US. US phishing domains.US government overall, nor to the US public.”

Phishing

Phishing Telecommunications Government DNS

Pakistani Firm Shipped Fentanyl Analogs, Scams to US

Krebs on Security

MAY 7, 2025

People who purchased fake certifications were subsequently blackmailed by Axact employees posing as government officials , who would demand additional payments under threats of prosecution or imprisonment for having bought fraudulent unauthorized academic degrees. Mr. Bilwani did not respond to requests for comment.

Scams

Scams Marketing Advertising Technology

Phishers Spoof USPS, 12 Other Natl’ Postal Services

Krebs on Security

OCTOBER 9, 2023

The fake USPS phishing page. Recent weeks have seen a sizable uptick in the number of phishing scams targeting U.S. Here’s a look at an extensive SMS phishing operation that tries to steal personal and financial data by spoofing the USPS, as well as postal services in at least a dozen other countries. com usps.trckspost[.]com

Phishing

Phishing Scams Passwords Government

US Harbors Prolific Malicious Link Shortening Service

Krebs on Security

OCTOBER 31, 2023

The top-level domain for the United States — US — is home to thousands of newly-registered domains tied to a malicious link shortening service that facilitates malware and phishing scams, new research suggests. domains as among the most prevalent in phishing attacks over the past year. US phishing domains.

Phishing

Phishing Telecommunications Malware Scams

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

The government says Urban went by the aliases “ Sosa ” and “ King Bob ,” among others. ” Group-IB dubbed the gang by a different name — 0ktapus — which was a nod to how the criminal group phished employees for credentials. On July 28 and again on Aug. According to an Aug.

Social Engineering

Social Engineering Cybercrime Mobile Identity Theft

It’s Way Too Easy to Get a.gov Domain Name

Krebs on Security

NOVEMBER 26, 2019

federal government domain names, or else assume there are at least more stringent verification requirements involved in obtaining a.gov domain versus a commercial one ending in.com or.org. WHO WANTS TO BE A GOVERNMENT? “Back in the day, everyone not in the federal government was supposed to register in the.us

Government

Government Internet Internet Web Fraud

Don’t Let Your Domain Name Become a “Sitting Duck”

Krebs on Security

JULY 31, 2024

. “Hijacked domains have been used directly in phishing attacks and scams, as well as large spam systems,” reads the Infoblox report, which refers to lame domains as “ Sitting Ducks.” Other attacks have used hijacked domains in targeted phishing attacks by creating lookalike subdomains.

DNS

DNS Phishing Internet Internet

Actions Target Russian Govt. Botnet, Hydra Dark Market

Krebs on Security

APRIL 7, 2022

Federal Bureau of Investigation (FBI) says it has disrupted a giant botnet built and operated by a Russian government intelligence unit known for launching destructive cyberattacks against energy infrastructure in the United States and Ukraine. Separately, law enforcement agencies in the U.S. energy facilities. . ” HYDRA.

Marketing

Marketing Energy and Utilities Malware Ransomware

Why is.US Being Used to Phish So Many of Us?

Security Boulevard

SEPTEMBER 1, 2023

US” — the top-level domain for the United States — are among the most prevalent in phishing scams, new research shows. government, which is frequently the target of phishing domains ending in.US. Being Used to Phish So Many of Us? Domain names ending in “.US” This is noteworthy because.US is overseen by the U.S.

Phishing

Phishing Scams Government Telecommunications

Bomb Threat, Sextortion Spammers Abused Weakness at GoDaddy.com

Krebs on Security

JANUARY 22, 2019

In an interview with KrebsOnSecurity, Bryant said the domain hijacking technique can be a powerful tool in the hands of spammers and scammers, who can use domains associated with these companies not only to get their missives past junk and malware filters, but also to make phishing and malware lures far more believable and effective.

DNS

DNS Internet Internet Computers and Electronics

SSNDOB marketplace shut down by global law enforcement operation

Malwarebytes

JUNE 8, 2022

You run the risk of being targeted for spear phishing, or having your personal information used for fraudulent applications. One breach taking your login from a gaming forum can quickly become something that exposes Government service logins or bank accounts. The threat of stolen PII. Tips for locking down after an SSN breach.

DDOS

DDOS Cryptocurrency Data breaches Scams

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

Krebs on Security

SEPTEMBER 30, 2024

A California man accused of failing to pay taxes on tens of millions of dollars allegedly earned from cybercrime also paid local police officers hundreds of thousands of dollars to help him extort, intimidate and silence rivals and former business partners, the government alleges. The government says Iza kept R.C.’s

Cryptocurrency

Cryptocurrency Government Internet Internet

Sipping from the Coronavirus Domain Firehose

Krebs on Security

APRIL 16, 2020

Security experts are poring over thousands of new Coronavirus-themed domain names registered each day, but this often manual effort struggles to keep pace with the flood of domains invoking the virus to promote malware and phishing sites, as well as non-existent healthcare products and charities. government may well soon get more involved.

Cyber threats

Cyber threats Phishing Data collection Government

The Dark Nexus Between Harm Groups and ‘The Com’

Krebs on Security

SEPTEMBER 13, 2024

In a SIM-swapping attack , the fraudsters will phish or purchase credentials for mobile phone company employees, and use those credentials to redirect a target’s mobile calls and text messages to a device the attackers control. .” ” Beige members were implicated in two stories published here in 2020. DOMESTIC TERRORISM?

Cybercrime

Cybercrime Accountability Mobile Hacking

Meet the World’s Biggest ‘Bulletproof’ Hoster

Krebs on Security

JULY 16, 2019

For at least the past decade, a computer crook variously known as “ Yalishanda ,” “ Downlow ” and “ Stas_vl ” has run one of the most popular “bulletproof” Web hosting services catering to a vast array of phishing sites, cybercrime forums and malware download servers.

Cybercrime

Cybercrime Phishing Banking Malware

Cyber Security Informer

Chinese Innovations Spawn Wave of Toll Phishing Via SMS

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Trending Sources

Why is.US Being Used to Phish So Many of Us?

Pakistani Firm Shipped Fentanyl Analogs, Scams to US

Phishers Spoof USPS, 12 Other Natl’ Postal Services

US Harbors Prolific Malicious Link Shortening Service

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

It’s Way Too Easy to Get a.gov Domain Name

Don’t Let Your Domain Name Become a “Sitting Duck”

Actions Target Russian Govt. Botnet, Hydra Dark Market

Why is.US Being Used to Phish So Many of Us?

Bomb Threat, Sextortion Spammers Abused Weakness at GoDaddy.com

SSNDOB marketplace shut down by global law enforcement operation

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

Sipping from the Coronavirus Domain Firehose

The Dark Nexus Between Harm Groups and ‘The Com’

Meet the World’s Biggest ‘Bulletproof’ Hoster

Stay Connected