Krebs on Security

NOVEMBER 3, 2020

On at least two occasions in the past few years, the OGusers forum was hacked and its user database — including private messages between forum members — were posted online. Bryan allegedly used the nickname “Champagne” on OGusers. In a private message dated Nov.

Scams 356

Scams Wireless Identity Theft Mobile 356

Krebs on Security

JANUARY 7, 2025

Before we get to the Apple scam in detail, we need to revisit Tony’s case. The Owner: The phishing panel owner, who will frequently listen in on and participate in scam calls. The phishing domain used to steal roughly $4.7 million in cryptocurrencies from Tony was verify-trezor[.]io.

Phishing 338

Phishing Cryptocurrency Accountability Social Engineering 338

Krebs on Security

JULY 29, 2021

Our continued reliance on passwords for authentication has contributed to one toxic data spill or hack after another. And as the phishing examples above demonstrate, many of today’s phishing scams use elements from hacked databases to make their lures more convincing. Urgency should be a giant red flag. Take a deep breath.

Passwords 363

Passwords Password Management Phishing Scams 363

Krebs on Security

FEBRUARY 3, 2022

The trouble is, there’s little to stop criminals from leveraging newly registered or hacked LinkedIn business accounts to create their own ad campaigns using Slinks. Urlscan also found this phishing scam from Jan. Here’s the very first Slink created: [link] which redirects to the homepage for LinkedIn Marketing Solutions.

Phishing 359

Phishing Marketing Scams Accountability 359

Krebs on Security

FEBRUARY 28, 2024

In a post to its Twitter/X account last month, Signum Capital warned that a fake profile pretending to be their employee Mr. Lee was trying to scam people on Telegram. Those domains indicate this North Korean hacking group is hiding behind a number of phony crypto firms, like the six-month-old website for Cryptowave Capital (cryptowave[.]capital).

Malware 334

Malware Cryptocurrency Software Phishing 334

Krebs on Security

MAY 18, 2020

Almost daily now there is news about flaws in commercial software that lead to computers getting hacked and seeded with malware. But the reality is most malicious software also has its share of security holes that open the door for security researchers or ne’er-do-wells to liberate or else seize control over already-hacked systems.

Malware 360

Malware Cybercrime Ransomware Marketing 360

Krebs on Security

SEPTEMBER 2, 2021

Some of the most successful and lucrative online scams employ a “low-and-slow” approach — avoiding detection or interference from researchers and law enforcement agencies by stealing small bits of cash from many people over an extended period.

Accountability 349

Accountability Authentication Passwords Hacking 349

Krebs on Security

NOVEMBER 23, 2018

‘Tis the season when even those who know a thing or two about Internet scams tend to let down their guard in the face of an eye-popping discount or the stress of last-minute holiday shopping. Even people who shop mainly at big-name online stores can get scammed if they’re not wary of too-good-to-be-true offers.

Scams 279

Scams Wireless Phishing Banking 279

Krebs on Security

MAY 5, 2021

After a user logs in, the link prompts them to install a malicious but innocuously-named app that gives the attacker persistent, password-free access to any of the user’s emails and files, both of which are then plundered to launch malware and phishing scams against others. Image: Proofpoint.

Accountability 350

Accountability Passwords Advertising Phishing 350

Krebs on Security

AUGUST 16, 2022

This identity has been highly active on Breached and its predecessor RaidForums for more than two years, mostly selling databases from hacked Mexican entities. ” asked Ohad Zaidenberg , founder of CTI League , a volunteer emergency response community that emerged in 2020 to help fight COVID-19 related scams. “Who does it?

Data breaches 328

Data breaches Banking Cybercrime Marketing 328

Krebs on Security

APRIL 30, 2020

Most online retailers years ago stopped shipping to regions of the world most frequently associated with credit card fraud, including Eastern Europe, North Africa, and Russia. For example, reshipping scams have over the years become easier for both reshipping mule operators and the mules themselves.

Cybercrime 359

Cybercrime Computers and Electronics Marketing Scams 359

Krebs on Security

JANUARY 30, 2024

authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. Sources close to the investigation tell KrebsOnSecurity the accused was a key member of a criminal hacking group blamed for a string of cyber intrusions at major U.S.

Social Engineering 359

Social Engineering Mobile Cybercrime Passwords 359

Krebs on Security

AUGUST 9, 2021

That was right after KrebsOnSecurity broke the news that someone had hacked BriansClub and siphoned information on 26 million stolen debit and credit accounts. The hacked BriansClub database had an estimated collective street value of $566 million , and that data was subsequently shared with thousands of financial institutions.

Phishing 362

Phishing Cybercrime Accountability Advertising 362

Krebs on Security

AUGUST 17, 2023

The international police organization INTERPOL said last week it had shuttered the notorious 16Shop, a popular phishing-as-a-service platform launched in 2017 that made it simple for even complete novices to conduct complex and convincing phishing scams.

Phishing 242

Phishing Passwords Hacking Internet 242

Krebs on Security

MARCH 22, 2022

According to Russian prosecutors, the scam went like this: Consumers would receive an SMS with links to sites that falsely claimed a number of well-known companies were sponsoring drawings and lotteries for people who enrolled or agreed to answer surveys. A Google-translated snippet of the hacked ChronoPay Confluence installation.

Banking 243

Banking Marketing DDOS Risk 243

Krebs on Security

AUGUST 2, 2022

With the recent demise of several popular “proxy” services that let cybercriminals route their malicious traffic through hacked PCs, there is now something of a supply chain crisis gripping the underbelly of the Internet. Image: Spur.us. The disruption at 911[.]re

Malware 324

Malware Cybercrime Internet Internet 324

Krebs on Security

JANUARY 25, 2024

” Almost a month later, another FreeCAD user reported getting stung by the same scam. The apparent owner of that photography website did not respond to requests for comment, but it’s also likely his Google advertising account was hacked and used to run these malicious ads. They paid Google for sponsored posts.”

Software 327

Software Advertising Malware Accountability 327

Krebs on Security

JULY 18, 2022

net available at the Wayback Machine shows that in 2016 this domain was used for the “ ExE Bucks ” affiliate program, a pay-per-install business which catered to people already running large collections of hacked computers or compromised websites. A cached copy of flashupdate[.]net

VPN 358

VPN Computers and Electronics Antivirus Software 358

Krebs on Security

FEBRUARY 24, 2023

Last year, researchers at Minerva Labs spotted the botnet being used to blast out sextortion scams. “I had an account that was simply hacked from me shortly after and I never bothered about it because it wasn’t mine in the first place,” he explained.

Accountability 307

Accountability Advertising Marketing Malware 307

Krebs on Security

JULY 25, 2023

Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service called SocksEscort , which rents hacked residential and small business devices to cybercriminals looking to hide their true location online. Image: Lumen’s Black Lotus Labs. Usually, these users have no idea their systems are compromised.

Malware 244

Malware VPN Internet Internet 244

Krebs on Security

JANUARY 22, 2019

Large-scale spam campaigns often are conducted using newly-registered or hacked email addresses, and/or throwaway domains. Guilmette told KrebsOnSecurity he initially considered the possibility that GoDaddy had been hacked, or that thousands of the registrar’s customers perhaps had their GoDaddy usernames and passwords stolen.

DNS 276

DNS Internet Internet Computers and Electronics 276

Krebs on Security

APRIL 11, 2022

Online scams that try to separate the unwary from their cryptocurrency are a dime a dozen, but a great many seemingly disparate crypto scam websites tend to rely on the same dodgy infrastructure providers to remain online in the face of massive fraud and abuse complaints from their erstwhile customers. ” Ark-x2[.]org

Scams 245

Scams Cryptocurrency Media Hacking 245

Krebs on Security

MAY 22, 2023

Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. ” One of the crypto investment scam messages promoted in the spam campaigns on Mastodon this month. “On Twitter, more spam and crypto scam.”

Scams 310

Scams DDOS Cryptocurrency Accountability 310

Krebs on Security

MARCH 17, 2020

But KrebsOnSecurity received copious amounts of information about this scam from Milwaukee, Wisc. ” Americans shouldn’t feel left out of the scam: Hold Security founder Alex Holden says his analysts also intercepted a nearly identical set of scam templates targeting job seekers in the United States.

Banking 363

Banking Scams Accountability Healthcare 363

Krebs on Security

NOVEMBER 2, 2023

One of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure. Most reshipping scams promise employees a monthly salary and even cash bonuses. The login page for the criminal reshipping service SWAT USA Drop.

Cybercrime 334

Cybercrime Marketing Scams Retail 334

Krebs on Security

FEBRUARY 28, 2023

First, they included an offer to use a mutually trusted “middleman” or escrow provider for the transaction (to protect either party from getting scammed). One of the groups that reliably posted “Tmo up!” ” messages to announce SIM-swap availability against T-Mobile customers also reliably posted “Tmo down!

Mobile 340

Mobile Phishing Authentication Advertising 340

Krebs on Security

JANUARY 30, 2025

In October 2024, the security firm Silent Push published a lengthy analysis of how Amazon AWS and Microsoft Azure were providing services to Funnull, a two-year-old Chinese content delivery network that hosts a wide variety of fake trading apps, pig butchering scams , gambling websites, and retail phishing pages.

Accountability 255

Accountability Scams Passwords Data collection 255