Information, Internet and Web Fraud - Cyber Security Informer

Hoax Email Blast Abused Poor Coding in FBI Website

Krebs on Security

NOVEMBER 13, 2021

The Federal Bureau of Investigation (FBI) confirmed today that its fbi.gov domain name and Internet address were used to blast out thousands of fake emails about a cybercrime investigation. ” A review of the email’s message headers indicated it had indeed been sent by the FBI, and from the agency’s own Internet address.

Internet

Internet Internet Hacking Accountability

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. SocksEscort[.]com com , is what’s known as a “SOCKS Proxy” service.

Malware

Malware VPN Internet Internet

Fake Lawsuit Threat Exposes Privnote Phishing Sites

Krebs on Security

APRIL 4, 2024

Other Privnote phishing domains that also phoned home to the same Internet address as pirwnote[.]com com is currently selling security cameras made by the Chinese manufacturer Hikvision , via an Internet address based in Hong Kong. Searching DomainTools for domains that include both of these terms reveals pirwnote[.]com.

Phishing

Phishing Cryptocurrency DDOS Internet

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

SMS Phishers Harvested Phone Numbers, Shipment Data from UPS Tracking Tool

Krebs on Security

JUNE 22, 2023

The United Parcel Service (UPS) says fraudsters have been harvesting phone numbers and other information from its online shipment tracking tool in Canada to send highly targeted SMS phishing (a.k.a. “It seems likely to me that UPS is leaking information somehow about upcoming deliveries.” info , legodelivery[.]info

Phishing

Phishing Retail Mobile Scams

Karma Catches Up to Global Phishing Service 16Shop

Krebs on Security

AUGUST 17, 2023

In addition, 16Shop employed various tricks to help its users’ phishing pages stay off the radar of security firms, including a local “blacklist” of Internet addresses tied to security companies, and a feature that allowed users to block entire Internet address ranges from accessing phishing pages.

Phishing

Phishing Passwords Internet Internet

‘The Manipulaters’ Improve Phishing, Still Fail at Opsec

Krebs on Security

APRIL 3, 2024

The core Manipulaters product these days is a spam delivery service called HeartSender , whose homepage openly advertises phishing kits targeting users of various Internet companies, including Microsoft 365 , Yahoo , AOL , Intuit , iCloud and ID.me , to name a few. .” A number of questions, indeed.

Phishing

Phishing Cybercrime Malware Advertising

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Krebs on Security

NOVEMBER 21, 2020

NiceHash founder Matjaz Skorjanc said the unauthorized changes were made from an Internet address at GoDaddy, and that the attackers tried to use their access to its incoming NiceHash emails to perform password resets on various third-party services, including Slack and Github. .

Cryptocurrency

Cryptocurrency VPN Scams Social Engineering

The Life Cycle of a Breached Database

Krebs on Security

JULY 29, 2021

But the reality is that in most cases by the time the victim organization discloses an incident publicly the information has already been harvested many times over by profit-seeking cybercriminals. When a website’s user database gets compromised, that information invariably turns up on hacker forums. TARGETED PHISHING.

Passwords

Passwords Password Management Phishing Scams

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Krebs on Security

MARCH 14, 2023

.” The Justice Department says Singh and Ceraolo belong to a group of cybercriminals known to its members as “ ViLE ,” who specialize in obtaining personal information about third-party victims, which they then use to harass, threaten or extort the victims, a practice known as “doxing.”

Hacking

Hacking Government Media Accountability

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Krebs on Security

DECEMBER 13, 2022

Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum. InfraGard , a program run by the U.S. This is a developing story.

Hacking

Hacking Energy and Utilities Cybercrime Accountability

Giving a Face to the Malware Proxy Service ‘Faceless’

Krebs on Security

APRIL 18, 2023

Kilmer said Faceless has emerged as one of the underground’s most reliable malware-based proxy services, mainly because its proxy network has traditionally included a great many compromised “Internet of Things” devices — such as media sharing servers — that are seldom included on malware or spam block lists.

Malware

Malware Passwords Accountability Advertising

‘Tis the Season for the Wayward Package Phish

Krebs on Security

NOVEMBER 4, 2021

Here’s a look at a fairly elaborate SMS-based phishing scam that spoofs FedEx in a bid to extract personal and financial information from unwary recipients. com — from a desktop web browser redirects the visitor to a harmless page with ads for car insurance quotes. com — stopped resolving.

Phishing

Phishing Scams Mobile DNS

E-Crime Rapper ‘Punchmade Dev’ Debuts Card Shop

Krebs on Security

JANUARY 17, 2024

With memorable hits such as “Internet Swiping” and “Million Dollar Criminal” earning millions of views, Punchmade has leveraged his considerable following to peddle tutorials on how to commit financial crimes online. Do your research because the information must be right.” Among them is mainpage[.]me/punchmade,

Cybercrime

Cybercrime Media Banking Accountability

Hackers Gaining Power of Subpoena Via Fake “Emergency Data Requests”

Krebs on Security

MARCH 29, 2022

There is a terrifying and highly effective “method” that criminal hackers are now using to harvest sensitive customer data from Internet service providers, phone companies and social media firms. The document requested the Internet address history of Discord accounts tied to a specific phone number used by the target.

Accountability

Accountability Government Hacking Social Engineering

A Deep Dive Into the Residential Proxy Service ‘911’

Krebs on Security

JULY 18, 2022

For the past seven years, an online service known as 911 has sold access to hundreds of thousands of Microsoft Windows computers daily, allowing customers to route their Internet traffic through PCs in virtually any country or city around the globe — but predominantly in the United States. THE INTERNET NEVER FORGETS.

VPN

VPN Computers and Electronics Antivirus Software

The Great $50M African IP Address Heist

Krebs on Security

DECEMBER 11, 2019

A top executive at the nonprofit entity responsible for doling out chunks of Internet addresses to businesses and other organizations in Africa has resigned his post following accusations that he secretly operated several companies which sold tens of millions of dollars worth of the increasingly scarce resource to online marketers.

Internet

Internet Internet Marketing Government

Using Google Search to Find Software Can Be Risky

Krebs on Security

JANUARY 25, 2024

19, 2024) of more than 200 domains at the Internet address 93.190.143[.]252 19, 2024) of more than 200 domains at the Internet address 93.190.143[.]252 Hegel noted that the spike in malicious software-themed ads came not long after Microsoft started blocking by default Office macros in documents downloaded from the Internet.

Software

Software Advertising Malware Accountability

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Chaput said the spammers used more than 1,500 Internet addresses across 400 providers to register new accounts, which then followed popular accounts on Mastodon and sent private mentions to the followers of those accounts. that were created from different Internet addresses in Vienna, Austria.

Scams

Scams DDOS Cryptocurrency Accountability

New Ransom Payment Schemes Target Executives, Telemedicine

Krebs on Security

DECEMBER 8, 2022

The first centers on targeting healthcare organizations that offer consultations over the Internet and sending them booby-trapped medical records for the “patient.” Continuously educating and informing staff about the risks and methods used by cybercriminals to launch attacks and steal data. ”

Healthcare

Healthcare Backups Ransomware Insurance

Hoax Email Blast Abused Poor Coding in FBI Website

Security Boulevard

NOVEMBER 13, 2021

The Federal Bureau of Investigation (FBI) confirmed today that its fbi.gov domain name and Internet address were used to blast out thousands of fake emails about a cybercrime investigation.

Cybercrime

Cybercrime Internet Internet Web Fraud

No SOCKS, No Shoes, No Malware Proxy Services!

Krebs on Security

AUGUST 2, 2022

With the recent demise of several popular “proxy” services that let cybercriminals route their malicious traffic through hacked PCs, there is now something of a supply chain crisis gripping the underbelly of the Internet. A review of the Internet addresses historically used by Super-socks[.]biz Image: Spur.us.

Malware

Malware Cybercrime Internet Internet

Scammers Sent Uber to Take Elderly Lady to the Bank

Krebs on Security

AUGUST 4, 2022

So they sent her some information about where to wire the money, and asked her to go to the bank. And when an elderly victim does report a crime, they may be unable to supply detailed information to investigators.” billion to the FBI’s Internet Crime Complaint Center (IC3).

Banking

Banking Scams Accountability Passwords

Thread Hijacking: Phishes That Prey on Your Curiosity

Krebs on Security

MARCH 28, 2024

.” Sholtis said he clicked the attachment in one of the messages, which then launched a web page that looked exactly like a Microsoft Office 365 login page. An analysis of the webpage reveals it would check any submitted credentials at the real Microsoft website, and return an error if the user entered bogus account information.

Phishing

Phishing Scams Accountability Passwords

Sued by Meta, Freenom Halts Domain Registrations

Krebs on Security

MARCH 7, 2023

The lawsuit also seeks information about the identities of 20 different “John Does” — Freenom customers that Meta says have been particularly active in phishing attacks against Facebook , Instagram , and WhatsApp users.

Phishing

Phishing Media Internet Internet

The Link Between AWM Proxy & the Glupteba Botnet

Krebs on Security

JUNE 28, 2022

There is also ample evidence to suggest that Glupteba may have spawned Meris , a massive botnet of hacked Internet of Things (IoT) devices that surfaced in September 2021 and was responsible for some of the largest and most disruptive distributed denial-of-service (DDoS) attacks the Internet has ever seen. But on Dec. and starovikov[.]com.

Passwords

Passwords Malware Internet Internet

911 Proxy Service Implodes After Disclosing Breach

Krebs on Security

JULY 29, 2022

re is was one of the original “residential proxy” networks, which allow someone to rent a residential IP address to use as a relay for his/her Internet communications, providing anonymity and the advantage of being perceived as a residential user surfing the web.

Cybercrime

Cybercrime Software VPN Backups

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

0ktapus used newly-registered domains that often included the name of the targeted company, and sent text messages urging employees to click on links to these domains to view information about a pending change in their work schedule. 0ktapus often leveraged information or access gained in one breach to perpetrate another.

Social Engineering

Social Engineering Mobile Cybercrime Passwords

How to Tell a Job Offer from an ID Theft Trap

Krebs on Security

MAY 21, 2021

“The endgame was to offer a job based on successful completion of background check which obviously requires entering personal information,” Gwin said. “Even after the real Troy said they’d gotten these [LinkedIn] ads shut down, this guy was still emailing me asking for my HR information,” Siegel said.

Scams

Scams Accountability Advertising Engineering

Who’s Behind the ‘Web Listings’ Mail Scam?

Krebs on Security

MARCH 23, 2020

Cached versions of weblistingsinc.org at archive.org show logos similar to the one featured on the Web Listings mailer, and early versions of the site reference a number of “business partners” in India that also perform SEO services. A cached copy of Mark Scott’s blog Internet Madness from 2011 promotes Web Listings Inc.

Scams

Scams Marketing Internet Internet

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

The general manager of Escrow.com said he suspected the call was a scam, but decided to play along for about an hour — all the while recording the call and coaxing information out of the scammer. Thus, the second factor cannot be phished, either over the phone or Internet.

Hacking

Hacking Social Engineering Phishing Scams

How 1-Time Passcodes Became a Corporate Liability

Krebs on Security

AUGUST 30, 2022

The phishers behind this scheme used newly-registered domains that often included the name of the target company, and sent text messages urging employees to click on links to these domains to view information about a pending change in their work schedule. 2, and Aug. On that last date, Twilio disclosed that on Aug.

Mobile

Mobile Phishing Authentication Accountability

Experian, You Have Some Explaining to Do

Krebs on Security

JULY 10, 2022

Research suggests identity thieves were able to hijack the accounts simply by signing up for new accounts at Experian using the victim’s personal information and a different email address. “We believe these are isolated incidents of fraud using stolen consumer information,” Experian’s statement reads.

Accountability

Accountability Passwords Authentication Password Management

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

Krebs on Security

FEBRUARY 8, 2021

Cybersecurity threat intelligence firm Intel 471 describes U-Admin as an information stealing framework that uses several plug-ins in one location to help users pilfer victim credentials more efficiently. A demonstration video showing the real-time web injection capabilities of the U-Admin phishing kit.

Phishing

Phishing Scams Banking Mobile

How Phishers Are Slinking Their Links Into LinkedIn

Krebs on Security

FEBRUARY 3, 2022

“Plus, more employees have access to billing and invoice information, meaning that a spray-and-pray campaign can be effective,” Fuchs wrote. Linkedin’s parent company — Microsoft Corp — is by all accounts the most-phished brand on the Internet today.

Phishing

Phishing Marketing Scams Accountability

U.S. Secret Service: “Massive Fraud” Against State Unemployment Insurance Programs

Krebs on Security

MAY 16, 2020

” “It is assumed the fraud ring behind this possesses a substantial PII database to submit the volume of applications observed thus far,” the Secret Service warned. The alert follows news reports by media outlets in Washington and Rhode Island about millions of dollars in fraudulent unemployment claims in those states.

Insurance

Insurance Banking Identity Theft Accountability

Judge Orders U.S. Lawyer in Russian Botnet Case to Pay Google

Krebs on Security

DECEMBER 5, 2022

In December 2021, Google filed a civil lawsuit against two Russian men thought to be responsible for operating Glupteba , one of the Internet’s largest and oldest botnets.

Cybercrime

Cybercrime Malware Internet Internet

Bomb Threat, Sextortion Spammers Abused Weakness at GoDaddy.com

Krebs on Security

JANUARY 22, 2019

Experts at Cisco Talos and other security firms quickly drew parallels between the two mass spam campaigns, pointing to a significant overlap in Russia-based Internet addresses used to send the junk emails. domaincontrol.com and ns18.domaincontrol.com). domaincontrol.com).

DNS

DNS Internet Internet Computers and Electronics

Calendar Meeting Links Used to Spread Mac Malware

Krebs on Security

FEBRUARY 28, 2024

While there is still far more malware out there today targeting Microsoft Windows PCs, the prevalence of information-stealing trojans aimed at macOS users is growing at a steady clip. A recent report from Recorded Future finds the Lazarus Group has stolen approximately $3 billion in cryptocurrency over the past six years.

Malware

Malware Cryptocurrency Software Scams

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

Krebs on Security

SEPTEMBER 5, 2023

In the meantime, we encourage any security researchers to share any useful information they believe they may have with our Threat Intelligence team by contacting securitydisclosure@lastpass.com.” LastPass disclosed that criminal hackers had compromised encrypted copies of some password vaults, as well as other personal information.

Cryptocurrency

Cryptocurrency Passwords Encryption Accountability

Riding the State Unemployment Fraud ‘Wave’

Krebs on Security

MAY 23, 2020

Worse still, the source said, many states have dramatically pared back the amount of information required to successfully request an unemployment filing. citizens, mainly because the only information required to submit a claim was name, date of birth, address and Social Security number.

Insurance

Insurance Accountability Banking Government

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Krebs on Security

FEBRUARY 28, 2023

Other information in the announcements includes the price for a single SIM-swap request, and the handle of the person who takes the payment and information about the targeted subscriber. Thus, the second factor cannot be phished, either over the phone or Internet. ” or “ Tmo up!

Mobile

Mobile Phishing Authentication Advertising

Massive Losses Define Epidemic of ‘Pig Butchering’

Krebs on Security

JULY 21, 2022

REACTs’ West said while there are a large number of pig butchering victims reporting their victimization to the FBI, very few are receiving anything more than instructions about filing a complaint with the FBI’s Internet Crime Complaint Center (IC3), which keeps track of cybercrime losses and victims.

Scams

Scams Cryptocurrency Marketing Internet

It’s Way Too Easy to Get a.gov Domain Name

Krebs on Security

NOVEMBER 26, 2019

” Technically, what my source did was wire fraud (obtaining something of value via the Internet/telephone/fax through false pretenses); had he done it through the U.S. mail, he could be facing mail fraud charges if caught. Then you either mail or fax it in. After that, they send account creation links to all the contacts.”

Government

Government Internet Internet Web Fraud

Fighting Fake EDRs With ‘Credit Ratings’ for Police

Krebs on Security

APRIL 27, 2022

Donahue is co-founder of Kodex , a company formed in February 2021 that builds security portals designed to help tech companies “manage information requests from government agencies who contact them, and to securely transfer data & collaborate against abuses on their platform.” A sample Kodex dashboard. Image: Kodex.us.

Mobile

Mobile Government Media Technology

Hoax Email Blast Abused Poor Coding in FBI Website

Who and What is Behind the Malware Proxy Service SocksEscort?

Webinars

Trending Sources

Fake Lawsuit Threat Exposes Privnote Phishing Sites

Webinars

SMS Phishers Harvested Phone Numbers, Shipment Data from UPS Tracking Tool

Karma Catches Up to Global Phishing Service 16Shop

‘The Manipulaters’ Improve Phishing, Still Fail at Opsec

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

The Life Cycle of a Breached Database

Two U.S. Men Charged in 2022 Hacking of DEA Portal

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Giving a Face to the Malware Proxy Service ‘Faceless’

‘Tis the Season for the Wayward Package Phish

E-Crime Rapper ‘Punchmade Dev’ Debuts Card Shop

Hackers Gaining Power of Subpoena Via Fake “Emergency Data Requests”

A Deep Dive Into the Residential Proxy Service ‘911’

The Great $50M African IP Address Heist

Using Google Search to Find Software Can Be Risky

Interview With a Crypto Scam Investment Spammer

New Ransom Payment Schemes Target Executives, Telemedicine

Hoax Email Blast Abused Poor Coding in FBI Website

No SOCKS, No Shoes, No Malware Proxy Services!

Scammers Sent Uber to Take Elderly Lady to the Bank

Thread Hijacking: Phishes That Prey on Your Curiosity

Sued by Meta, Freenom Halts Domain Registrations

The Link Between AWM Proxy & the Glupteba Botnet

911 Proxy Service Implodes After Disclosing Breach

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

How to Tell a Job Offer from an ID Theft Trap

Who’s Behind the ‘Web Listings’ Mail Scam?

When Low-Tech Hacks Cause High-Impact Breaches

How 1-Time Passcodes Became a Corporate Liability

Experian, You Have Some Explaining to Do

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

How Phishers Are Slinking Their Links Into LinkedIn

U.S. Secret Service: “Massive Fraud” Against State Unemployment Insurance Programs

Judge Orders U.S. Lawyer in Russian Botnet Case to Pay Google

Bomb Threat, Sextortion Spammers Abused Weakness at GoDaddy.com

Calendar Meeting Links Used to Spread Mac Malware

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

Riding the State Unemployment Fraud ‘Wave’

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Massive Losses Define Epidemic of ‘Pig Butchering’

It’s Way Too Easy to Get a.gov Domain Name

Fighting Fake EDRs With ‘Credit Ratings’ for Police

Stay Connected