Krebs on Security

OCTOBER 18, 2023

In August 2023, security researcher Randy McEoin blogged about a scam he dubbed ClearFake , which uses hacked WordPress sites to serve visitors with a page that claims you need to update your browser before you can view the content. Previously, the group had stored its malicious update files on Cloudflare, Guard.io

Scams 337

Scams Malware Cryptocurrency Hacking 337

Krebs on Security

MARCH 23, 2020

political campaigns, cities and towns had paid a shady company called Web Listings Inc. The story concluded that this dubious service had been scamming people and companies for more than a decade, and promised a Part II to explore who was behind Web Listings. In December 2018, KrebsOnSecurity looked at how dozens of U.S.

Scams 315

Scams Marketing Internet Internet 315

Krebs on Security

SEPTEMBER 24, 2018

Most of these domains have remained parked or dormant since their creation earlier this month; however, several of them became active only in the past few days, directing visitors to donate money through private PayPal accounts without providing any information about who is running the site or what will be done with donated funds.

Scams 269

Scams Accountability Media Web Fraud 269

Krebs on Security

NOVEMBER 3, 2020

Two young men from the eastern United States have been hit with identity theft and conspiracy charges for allegedly stealing bitcoin and social media accounts by tricking employees at wireless phone companies into giving away credentials needed to remotely access and modify customer account information. Prosecutors say Jordan K.

Scams 356

Scams Wireless Identity Theft Mobile 356

Krebs on Security

NOVEMBER 1, 2024

The missive bore the name of the hotel and referenced details from their reservation, claiming that booking.com’s anti-fraud system required additional information about the customer before the reservation could be finalized. A scan of social media networks showed this is not an uncommon scam.

Phishing 276

Phishing Accountability Artificial Intelligence Cybercrime 276

Krebs on Security

MAY 21, 2021

One of the oldest scams around — the fake job interview that seeks only to harvest your personal and financial data — is on the rise, the FBI warns. Here’s the story of a recent LinkedIn impersonation scam that led to more than 100 people getting duped, and one almost-victim who decided the job offer was too-good-to-be-true.

Scams 364

Scams Accountability Advertising Web Fraud 364

Krebs on Security

JANUARY 7, 2025

Before we get to the Apple scam in detail, we need to revisit Tony’s case. The Owner: The phishing panel owner, who will frequently listen in on and participate in scam calls. ” The target then received a text message that referenced information about his account, stating that he was in a support call with Michael.

Phishing 338

Phishing Cryptocurrency Accountability Social Engineering 338

Krebs on Security

NOVEMBER 4, 2021

Here’s a look at a fairly elaborate SMS-based phishing scam that spoofs FedEx in a bid to extract personal and financial information from unwary recipients. com — from a desktop web browser redirects the visitor to a harmless page with ads for car insurance quotes. com — stopped resolving. com, g001bfedeex[.]com,

Phishing 337

Phishing Scams Mobile DNS 337

Krebs on Security

NOVEMBER 21, 2020

The attacks were facilitated by scams targeting employees at GoDaddy , the world’s largest domain name registrar, KrebsOnSecurity has learned. In March, a voice phishing scam targeting GoDaddy support employees allowed attackers to assume control over at least a half-dozen domain names, including transaction brokering site escrow.com.

Cryptocurrency 364

Cryptocurrency Scams VPN Social Engineering 364

Krebs on Security

JULY 29, 2021

But the reality is that in most cases by the time the victim organization discloses an incident publicly the information has already been harvested many times over by profit-seeking cybercriminals. When a website’s user database gets compromised, that information invariably turns up on hacker forums. customers this month.

Passwords 363

Passwords Password Management Phishing Scams 363

Krebs on Security

JULY 21, 2022

The term “pig butchering” refers to a time-tested, heavily scripted, and human-intensive process of using fake profiles on dating apps and social media to lure people into investing in elaborate scams. In a more visceral sense, pig butchering means fattening up a prey before the slaughter. “The scale of this is so massive.

Scams 330

Scams Cryptocurrency Marketing Internet 330

Krebs on Security

FEBRUARY 3, 2022

Urlscan also found this phishing scam from Jan. “Plus, more employees have access to billing and invoice information, meaning that a spray-and-pray campaign can be effective,” Fuchs wrote. Most phishing scams invoke a temporal element that warns of dire consequences should you fail to respond or act quickly.

Phishing 359

Phishing Marketing Scams Accountability 359

Krebs on Security

OCTOBER 13, 2021

Holden said each time a new victim submitted credentials at the Coinbase phishing site, the administrative panel would make a loud “ding” — presumably to alert whoever was at the keyboard on the other end of this phishing scam that they had a live one on the hook. Then you can call your bank or wherever else you need.

Passwords 363

Passwords Phishing Accountability Scams 363

Krebs on Security

APRIL 10, 2025

Those who click the promoted link are brought to a website that spoofs the USPS or a local toll road operator and asks for payment card information. Phishers using multiple virtualized Android devices to orchestrate and distribute RCS-based scam campaigns. Postal Service (USPS). Image: Prodaft.

Phishing 246

Phishing Banking Mobile Retail 246

Krebs on Security

SEPTEMBER 19, 2024

While it’s unlikely that many programmers fell for this scam, it’s notable because less targeted versions of it are likely to be far more successful against the average Windows user. Please contact us at [link] to get more information on how to fix this issue.”

Phishing 327

Phishing Scams Malware Passwords 327

Krebs on Security

FEBRUARY 26, 2023

The general manager of Escrow.com said he suspected the call was a scam, but decided to play along for about an hour — all the while recording the call and coaxing information out of the scammer. One multifactor option — physical security keys — appears to be immune to these advanced scams.

Hacking 332

Hacking Social Engineering Phishing Scams 332

Krebs on Security

OCTOBER 25, 2018

The fraudsters behind the often laughable Nigerian prince email scams have long since branched out into far more serious and lucrative forms of fraud, including account takeovers, phishing, dating scams, and malware deployment. The FBI says BEC scams netted thieves more than $12 billion between 2013 and 2018.

Scams 242

Scams Accountability Media Banking 242

Krebs on Security

JUNE 22, 2023

The United Parcel Service (UPS) says fraudsters have been harvesting phone numbers and other information from its online shipment tracking tool in Canada to send highly targeted SMS phishing (a.k.a. “It seems likely to me that UPS is leaking information somehow about upcoming deliveries.” info , legodelivery[.]info

Phishing 327

Phishing Retail Mobile Scams 327

Krebs on Security

FEBRUARY 8, 2021

” The operation was carried out in coordination with the FBI and authorities in Australia, which was particularly hard hit by phishing scams perpetrated by U-Admin customers. A demonstration video showing the real-time web injection capabilities of the U-Admin phishing kit. The U-Admin phishing panel interface. Image: fr3d.hk/blog.

Phishing 341

Phishing Scams Banking Mobile 341

Krebs on Security

OCTOBER 9, 2023

Recent weeks have seen a sizable uptick in the number of phishing scams targeting U.S. ” Below that message is a “Click update” button that takes the visitor to a page that asks for more information. The fake USPS phishing page. Postal Service (USPS) customers.

Phishing 329

Phishing Scams Passwords Web Fraud 329

Krebs on Security

MARCH 28, 2024

.” Sholtis said he clicked the attachment in one of the messages, which then launched a web page that looked exactly like a Microsoft Office 365 login page. An analysis of the webpage reveals it would check any submitted credentials at the real Microsoft website, and return an error if the user entered bogus account information.

Phishing 315

Phishing Scams Accountability Passwords 315

Krebs on Security

OCTOBER 5, 2022

Last week, KrebsOnSecurity examined a flood of inauthentic LinkedIn profiles all claiming Chief Information Security Officer (CISO) roles at various Fortune 500 companies, including Biogen , Chevron , ExxonMobil , and Hewlett Packard. “We’ll see 20-30 requests come in with the same type of information in the profiles.”

Accountability 316

Accountability Scams Artificial Intelligence Cryptocurrency 316

Krebs on Security

OCTOBER 31, 2023

The top-level domain for the United States — US — is home to thousands of newly-registered domains tied to a malicious link shortening service that facilitates malware and phishing scams, new research suggests. The findings come close on the heels of a report that identified.US domains registered daily.US Department of Commerce.

Phishing 337

Phishing Telecommunications Malware Scams 337

Krebs on Security

OCTOBER 20, 2022

In late September 2022, KrebsOnSecurity warned about the proliferation of fake LinkedIn profiles for Chief Information Security Officer (CISO) roles at some of the world’s largest corporations. . “That’s definitely the first huge drop that happened throughout the time we’ve collected the profiles,” she said.

Accountability 324

Accountability Cryptocurrency Scams CISO 324

Krebs on Security

AUGUST 4, 2023

The file included in this phishing scam uses what’s known as a “right-to-left override” or RLO character. The best advice to sidestep phishing scams is to avoid clicking on links that arrive unbidden in emails, text messages and other mediums.

Phishing 245

Phishing Scams Computers and Electronics Software 245

Krebs on Security

FEBRUARY 25, 2021

This post examines some of what that company is seeing in its efforts to stymie unemployment fraud. Personal information from the inmate IDs has been redacted. Bloomberg Law reports that in response to a flood of jobless claims that exploit the lack of information sharing among states, the Labor Dept. Image: ID.me.

Scams 336

Scams Insurance DDOS Authentication 336

Krebs on Security

AUGUST 16, 2022

Last month, they sold customer information on 36 million customers of the Mexican phone company Telcel ; in March, they sold 33,000 images of Mexican IDs — with the front picture and a selfie of each citizen. “The set of information referred to is inaccurate and outdated, and does not put our users and customers at risk.”

Data breaches 328

Data breaches Banking Cybercrime Marketing 328

Krebs on Security

MAY 16, 2020

” “It is assumed the fraud ring behind this possesses a substantial PII database to submit the volume of applications observed thus far,” the Secret Service warned. Internal Revenue Service (IRS), a perennial problem that costs the states and the U.S. Treasury hundreds of millions of dollars in revenue each year.

Insurance 363

Insurance Banking Identity Theft Accountability 363

Krebs on Security

AUGUST 30, 2022

The phishers behind this scheme used newly-registered domains that often included the name of the target company, and sent text messages urging employees to click on links to these domains to view information about a pending change in their work schedule. Image: Cloudflare.com. 2, and Aug. On that last date, Twilio disclosed that on Aug.

Mobile 342

Mobile Phishing Authentication Accountability 342

Krebs on Security

SEPTEMBER 2, 2024

Picari was the owner, developer and main beneficiary of the service, and his personal information and ownership of OTP Agency was revealed in February 2020 in a “dox” posted to the now-defunct English-language cybercrime forum Raidforums. The NCA said it began investigating the service in June 2020. Just hang up, full stop.

Accountability 312

Accountability Banking Passwords Scams 312

Krebs on Security

SEPTEMBER 1, 2023

Domain names ending in “ US ” — the top-level domain for the United States — are among the most prevalent in phishing scams, new research shows. is overseen by the National Telecommunications and Information Administration (NTIA), an executive branch agency of the U.S. This is noteworthy because.US to obtain a.US

Phishing 311

Phishing Telecommunications Government DNS 311

Krebs on Security

SEPTEMBER 30, 2022

Someone has recently created a large number of fake LinkedIn profiles for Chief Information Security Officer (CISO) roles at some of the world’s largest corporations. If you were confused at this point, you might ask Google who it thinks is the current Chief Information Security Officer of Chevron. of spam and scam.”

CISO 343

CISO Cybercrime Accountability Information Security 343

Krebs on Security

MAY 23, 2020

When a reliable method of scamming money out of people, companies or governments becomes widely known, underground forums and chat networks tend to light up with activity as more fraudsters pile on to claim their share. And that’s exactly what appears to be going on right now as multiple U.S.

Insurance 357

Insurance Accountability Banking Government 357

Krebs on Security

NOVEMBER 23, 2018

‘Tis the season when even those who know a thing or two about Internet scams tend to let down their guard in the face of an eye-popping discount or the stress of last-minute holiday shopping. Even people who shop mainly at big-name online stores can get scammed if they’re not wary of too-good-to-be-true offers.

Scams 279

Scams Wireless Phishing Banking 279

Krebs on Security

FEBRUARY 28, 2024

In a post to its Twitter/X account last month, Signum Capital warned that a fake profile pretending to be their employee Mr. Lee was trying to scam people on Telegram. The file that Doug ran is a simple Apple Script (file extension “ scpt”) that downloads and executes a malicious trojan made to run on macOS systems.

Malware 334

Malware Cryptocurrency Software Phishing 334

Krebs on Security

AUGUST 9, 2021

In late 2019, BriansClub changed its homepage to include doctored images of my Social Security and passport cards, credit report and mobile phone bill information. That was right after KrebsOnSecurity broke the news that someone had hacked BriansClub and siphoned information on 26 million stolen debit and credit accounts.

Phishing 362

Phishing Cybercrime Accountability Advertising 362

Krebs on Security

JANUARY 30, 2024

0ktapus used newly-registered domains that often included the name of the targeted company, and sent text messages urging employees to click on links to these domains to view information about a pending change in their work schedule. 0ktapus often leveraged information or access gained in one breach to perpetrate another.

Social Engineering 359

Social Engineering Mobile Cybercrime Passwords 359