Information and Web Fraud - Cyber Security Informer

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Krebs on Security

NOVEMBER 9, 2024

. “Cybercriminals are likely gaining access to compromised US and foreign government email addresses and using them to conduct fraudulent emergency data requests to US based companies, exposing the personal information of customers to further use for criminal purposes,” the FBI warned. Don’t be discouraged.

Hacking

Hacking Accountability Government Social Engineering

Booking.com Phishers May Leave You With Reservations

Krebs on Security

NOVEMBER 1, 2024

The missive bore the name of the hotel and referenced details from their reservation, claiming that booking.com’s anti-fraud system required additional information about the customer before the reservation could be finalized. ” The phony booking.com website generated by visiting the link in the text message.

Phishing

Phishing Accountability Artificial Intelligence Cybercrime

Chinese Innovations Spawn Wave of Toll Phishing Via SMS

Krebs on Security

JANUARY 16, 2025

The ultimate goal of these kits, he said, is to phish enough information from victims that their payment cards can be added to mobile wallets and used to buy goods at physical stores, online, or to launder money through shell companies.

Phishing

Phishing Scams Mobile Passwords

A Day in the Life of a Prolific Voice Phishing Crew

Krebs on Security

JANUARY 7, 2025

” The target then received a text message that referenced information about his account, stating that he was in a support call with Michael. . “I’ll go ahead and prompt you with the next step to close out this ticket. Please give me one moment.”

Phishing

Phishing Cryptocurrency Accountability Social Engineering

Hoax Email Blast Abused Poor Coding in FBI Website

Krebs on Security

NOVEMBER 13, 2021

According to an interview with the person who claimed responsibility for the hoax, the spam messages were sent by abusing insecure code in an FBI online portal designed to share information with state and local law enforcement authorities. The phony message sent late Thursday evening via the FBI’s email system. Image: Spamhaus.org.

Internet

Internet Internet Hacking Accountability

Pakistani Firm Shipped Fentanyl Analogs, Scams to US

Krebs on Security

MAY 7, 2025

” Riley’s well-documented lawsuit (not linked here because it features a great deal of personal information) includes screenshots of conversations with the ghostwriting team, which was constantly assigning her to new writers and editors, and ghosting her on scheduled conference calls about progress on the project.

Scams

Scams Marketing Advertising Technology

China-based SMS Phishing Triad Pivots to Banks

Krebs on Security

APRIL 10, 2025

Those who click the promoted link are brought to a website that spoofs the USPS or a local toll road operator and asks for payment card information. Postal Service (USPS). The site will then complain that the visitor’s bank needs to “verify” the transaction by sending a one-time code via SMS.

Banking

Banking Phishing Mobile Retail

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Krebs on Security

NOVEMBER 21, 2020

. “Separately, and unrelated to the outage, a routine audit of account activity identified potential unauthorized changes to a small number of customer domains and/or account information,” GoDaddy spokesperson Dan Race said. authenticate the phone call before sensitive information can be discussed.

Cryptocurrency

Cryptocurrency VPN Scams Social Engineering

SMS Phishers Harvested Phone Numbers, Shipment Data from UPS Tracking Tool

Krebs on Security

JUNE 22, 2023

The United Parcel Service (UPS) says fraudsters have been harvesting phone numbers and other information from its online shipment tracking tool in Canada to send highly targeted SMS phishing (a.k.a. “It seems likely to me that UPS is leaking information somehow about upcoming deliveries.” info , legodelivery[.]info

Phishing

Phishing Retail Mobile Scams

The Life Cycle of a Breached Database

Krebs on Security

JULY 29, 2021

But the reality is that in most cases by the time the victim organization discloses an incident publicly the information has already been harvested many times over by profit-seeking cybercriminals. When a website’s user database gets compromised, that information invariably turns up on hacker forums. customers this month.

Passwords

Passwords Password Management Phishing Scams

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Krebs on Security

DECEMBER 13, 2022

Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum. InfraGard , a program run by the U.S.

Hacking

Hacking Energy and Utilities Cybercrime Accountability

When Efforts to Contain a Data Breach Backfire

Krebs on Security

AUGUST 16, 2022

Last month, they sold customer information on 36 million customers of the Mexican phone company Telcel ; in March, they sold 33,000 images of Mexican IDs — with the front picture and a selfie of each citizen. “The set of information referred to is inaccurate and outdated, and does not put our users and customers at risk.”

Data breaches

Data breaches Banking Cybercrime Marketing

How Coinbase Phishers Steal One-Time Passwords

Krebs on Security

OCTOBER 13, 2021

In each case, the phishers manually would push a button that caused the phishing site to ask visitors for more information, such as the one-time password from their mobile app. Pressing the “Send Info” button prompted visitors to supply additional personal information, including their name, date of birth, and street address. .

Passwords

Passwords Phishing Accountability Mobile

‘Tis the Season for the Wayward Package Phish

Krebs on Security

NOVEMBER 4, 2021

Here’s a look at a fairly elaborate SMS-based phishing scam that spoofs FedEx in a bid to extract personal and financial information from unwary recipients. com — from a desktop web browser redirects the visitor to a harmless page with ads for car insurance quotes. com — stopped resolving.

Phishing

Phishing Scams Mobile DNS

Scam ‘Funeral Streaming’ Groups Thrive on Facebook

Krebs on Security

SEPTEMBER 18, 2024

Friends and family who follow the links for the streaming services are then asked to cough up their credit card information. Clicking to view the “live stream” of the funeral takes one to a newly registered website that requests credit card information. One of the many scam funeral group pages on Facebook. co or skysports[.]live.

Scams

Scams DNS Internet Internet

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Krebs on Security

JUNE 15, 2024

“He stands accused of hacking into corporate accounts and stealing critical information, which allegedly enabled the group to access multi-million-dollar funds,” Murcia Today wrote. LastPass said criminal hackers had stolen encrypted copies of some password vaults, as well as other personal information.

Hacking

Hacking Cybercrime Phishing Passwords

How to Tell a Job Offer from an ID Theft Trap

Krebs on Security

MAY 21, 2021

“The endgame was to offer a job based on successful completion of background check which obviously requires entering personal information,” Gwin said. “Even after the real Troy said they’d gotten these [LinkedIn] ads shut down, this guy was still emailing me asking for my HR information,” Siegel said.

Scams

Scams Accountability Advertising Web Fraud

Identity Thieves Bypassed Experian Security to View Credit Reports

Krebs on Security

JANUARY 9, 2023

But when I tried to get my report from Experian via annualcreditreport.com, Experian’s website said it didn’t have enough information to validate my identity. In response to information shared by KrebsOnSecurity, Senator Ron Wyden (D-Ore.) It wouldn’t even show me the four multiple-guess questions. ” Sen.

Identity Theft

Identity Theft Accountability Authentication Web Fraud

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

Krebs on Security

OCTOBER 8, 2020

There’s an old adage in information security: “Every company gets penetration tested, whether or not they pay someone for the pleasure.” To wit: “There is huge insider information on the companies which we target, including information if there are tape drives and clouds (for example, Datto that is built to last, etc.),

Cybercrime

Cybercrime Malware VPN Ransomware

Why is.US Being Used to Phish So Many of Us?

Krebs on Security

SEPTEMBER 1, 2023

is overseen by the National Telecommunications and Information Administration (NTIA), an executive branch agency of the U.S. Registration Information page that auto-populates the nexus attestation field with the response, “I am a citizen of the United States.” US phishing domains.US Department of Commerce. to obtain a.US

Phishing

Phishing Telecommunications Government DNS

How 1-Time Passcodes Became a Corporate Liability

Krebs on Security

AUGUST 30, 2022

The phishers behind this scheme used newly-registered domains that often included the name of the target company, and sent text messages urging employees to click on links to these domains to view information about a pending change in their work schedule. 2, and Aug. On that last date, Twilio disclosed that on Aug. In an Aug.

Mobile

Mobile Phishing Authentication Accountability

The Rise of One-Time Password Interception Bots

Krebs on Security

SEPTEMBER 29, 2021

Users claim that SMSRanger has an efficacy rate of about 80% if the victim answered the call and the full information (fullz) the user provided was accurate and updated.” I hope these OTP interception services make clear that you should never provide any information in response to an unsolicited phone call. org) for a checkup.

Passwords

Passwords Mobile Authentication Banking

Crime Shop Sells Hacked Logins to Other Crime Shops

Krebs on Security

JANUARY 21, 2022

All of the credentials being sold by Accountz provide access to services that in turn sell access to stolen information or hijacked property, as in the case of “bot shops” that resell access to infected computers. That’s probably because so few customers supply their real contact information when they sign up.

Hacking

Hacking Cybercrime Passwords Authentication

US Harbors Prolific Malicious Link Shortening Service

Krebs on Security

OCTOBER 31, 2023

is overseen by the National Telecommunications and Information Administration (NTIA), an executive branch agency of the U.S. .” Since then, they found that whoever is responsible for running the service has used.US for approximately 55 percent of the total domains created, with several dozen new malicious.US domains registered daily.US

Phishing

Phishing Telecommunications Malware Scams

Experian, You Have Some Explaining to Do

Krebs on Security

JULY 10, 2022

Research suggests identity thieves were able to hijack the accounts simply by signing up for new accounts at Experian using the victim’s personal information and a different email address. “We believe these are isolated incidents of fraud using stolen consumer information,” Experian’s statement reads.

Accountability

Accountability Passwords Authentication Password Management

Glut of Fake LinkedIn Profiles Pits HR Against the Bots

Krebs on Security

OCTOBER 5, 2022

Last week, KrebsOnSecurity examined a flood of inauthentic LinkedIn profiles all claiming Chief Information Security Officer (CISO) roles at various Fortune 500 companies, including Biogen , Chevron , ExxonMobil , and Hewlett Packard. “We’ll see 20-30 requests come in with the same type of information in the profiles.”

Accountability

Accountability Scams Artificial Intelligence Cryptocurrency

U.S. Secret Service: “Massive Fraud” Against State Unemployment Insurance Programs

Krebs on Security

MAY 16, 2020

” “It is assumed the fraud ring behind this possesses a substantial PII database to submit the volume of applications observed thus far,” the Secret Service warned. The alert follows news reports by media outlets in Washington and Rhode Island about millions of dollars in fraudulent unemployment claims in those states.

Insurance

Insurance Banking Identity Theft Accountability

Battle with Bots Prompts Mass Purge of Amazon, Apple Employee Accounts on LinkedIn

Krebs on Security

OCTOBER 20, 2022

In late September 2022, KrebsOnSecurity warned about the proliferation of fake LinkedIn profiles for Chief Information Security Officer (CISO) roles at some of the world’s largest corporations. . “That’s definitely the first huge drop that happened throughout the time we’ve collected the profiles,” she said.

Accountability

Accountability Cryptocurrency Scams CISO

UK Sets Up Fake Booter Sites To Muddy DDoS Market

Krebs on Security

MARCH 28, 2023

The United Kingdom’s National Crime Agency (NCA) has been busy setting up phony DDoS-for-hire websites that seek to collect information on users, remind them that launching DDoS attacks is illegal, and generally increase the level of paranoia for people looking to hire such services.

DDOS

DDOS Marketing Computers and Electronics Risk

Fake CISO Profiles on LinkedIn Target Fortune 500s

Krebs on Security

SEPTEMBER 30, 2022

Someone has recently created a large number of fake LinkedIn profiles for Chief Information Security Officer (CISO) roles at some of the world’s largest corporations. If you were confused at this point, you might ask Google who it thinks is the current Chief Information Security Officer of Chevron. of spam and scam.”

CISO

CISO Cybercrime Accountability Information Security

How $100M in Jobless Claims Went to Inmates

Krebs on Security

FEBRUARY 25, 2021

This post examines some of what that company is seeing in its efforts to stymie unemployment fraud. Personal information from the inmate IDs has been redacted. Bloomberg Law reports that in response to a flood of jobless claims that exploit the lack of information sharing among states, the Labor Dept. Image: ID.me.

Scams

Scams Insurance DDOS Authentication

Owners of 1-Time Passcode Theft Service Plead Guilty

Krebs on Security

SEPTEMBER 2, 2024

Picari was the owner, developer and main beneficiary of the service, and his personal information and ownership of OTP Agency was revealed in February 2020 in a “dox” posted to the now-defunct English-language cybercrime forum Raidforums. The NCA said it began investigating the service in June 2020. Just hang up, full stop.

Accountability

Accountability Banking Passwords Scams

Experian Glitch Exposing Credit Files Lasted 47 Days

Krebs on Security

JANUARY 25, 2023

When I tested Kushnir’s instructions on my own identity at Experian, I found I was able to see my report even though Experian’s website told me it didn’t have enough information to validate my identity. To make matters worse, a majority of the information in that credit report is not mine.

Cybercrime

Cybercrime Web Fraud Data breaches

E-Crime Rapper ‘Punchmade Dev’ Debuts Card Shop

Krebs on Security

JANUARY 17, 2024

The 24-year-old rapper told reporters he wasn’t instructing people how to conduct wire fraud, but instead informing his fans on how to avoid being victims of wire fraud. However, this is difficult to discern from listening to the song, which sounds very much like a step-by-step tutorial on how to commit wire fraud.

Cybercrime

Cybercrime Media Banking Accountability

Anti-Money Laundering Service AMLBot Cleans House

Krebs on Security

OCTOBER 15, 2022

org remains online and accepting requests, as does the service’s Tor-based domain, and it is unclear how those services are sourcing their information. “Information about the fraudsters was also sent to key market participants, and their transaction data was added to the tracking database to better combat money laundering.”

Cryptocurrency

Cryptocurrency Marketing Cybercrime Technology

Riding the State Unemployment Fraud ‘Wave’

Krebs on Security

MAY 23, 2020

Worse still, the source said, many states have dramatically pared back the amount of information required to successfully request an unemployment filing. citizens, mainly because the only information required to submit a claim was name, date of birth, address and Social Security number.

Insurance

Insurance Accountability Banking Government

The Fake Browser Update Scam Gets a Makeover

Krebs on Security

OCTOBER 18, 2023

The fake browser alerts are specific to the browser you’re using, so if you’re surfing the Web with Chrome, for example, you’ll get a Chrome update prompt. Those who are fooled into clicking the update button will have a malicious file dropped on their system that tries to install an information stealing trojan.

Scams

Scams Malware Cryptocurrency Hacking

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

The general manager of Escrow.com said he suspected the call was a scam, but decided to play along for about an hour — all the while recording the call and coaxing information out of the scammer. “He was literally reading off the tickets to the notes of the admin panel inside GoDaddy.”

Hacking

Hacking Social Engineering Phishing Scams

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

0ktapus used newly-registered domains that often included the name of the targeted company, and sent text messages urging employees to click on links to these domains to view information about a pending change in their work schedule. 0ktapus often leveraged information or access gained in one breach to perpetrate another.

Social Engineering

Social Engineering Mobile Passwords Cybercrime

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

Krebs on Security

SEPTEMBER 5, 2023

In the meantime, we encourage any security researchers to share any useful information they believe they may have with our Threat Intelligence team by contacting securitydisclosure@lastpass.com.” LastPass disclosed that criminal hackers had compromised encrypted copies of some password vaults, as well as other personal information.

Cryptocurrency

Cryptocurrency Passwords Encryption Accountability

This Windows PowerShell Phish Has Scary Potential

Krebs on Security

SEPTEMBER 19, 2024

Please contact us at [link] to get more information on how to fix this issue.” ” Visiting that link generates a web page that asks the visitor to “Verify You Are Human” by solving an unusual CAPTCHA. We have detected a security vulnerability in your repository.

Phishing

Phishing Scams Malware Passwords

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

Krebs on Security

FEBRUARY 8, 2021

Cybersecurity threat intelligence firm Intel 471 describes U-Admin as an information stealing framework that uses several plug-ins in one location to help users pilfer victim credentials more efficiently. A demonstration video showing the real-time web injection capabilities of the U-Admin phishing kit.

Phishing

Phishing Scams Banking Mobile

Sued by Meta, Freenom Halts Domain Registrations

Krebs on Security

MARCH 7, 2023

The lawsuit also seeks information about the identities of 20 different “John Does” — Freenom customers that Meta says have been particularly active in phishing attacks against Facebook , Instagram , and WhatsApp users.

Phishing

Phishing Media Internet Internet

Phishers Spoof USPS, 12 Other Natl’ Postal Services

Krebs on Security

OCTOBER 9, 2023

.” Below that message is a “Click update” button that takes the visitor to a page that asks for more information. After collecting your address information, the fake USPS site goes on to request additional personal and financial data. The remaining buttons on the phishing page all link to the real USPS.com website.

Phishing

Phishing Scams Passwords Web Fraud

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Booking.com Phishers May Leave You With Reservations

Trending Sources

Chinese Innovations Spawn Wave of Toll Phishing Via SMS

A Day in the Life of a Prolific Voice Phishing Crew

Hoax Email Blast Abused Poor Coding in FBI Website

Pakistani Firm Shipped Fentanyl Analogs, Scams to US

China-based SMS Phishing Triad Pivots to Banks

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

SMS Phishers Harvested Phone Numbers, Shipment Data from UPS Tracking Tool

The Life Cycle of a Breached Database

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

When Efforts to Contain a Data Breach Backfire

How Coinbase Phishers Steal One-Time Passwords

‘Tis the Season for the Wayward Package Phish

Scam ‘Funeral Streaming’ Groups Thrive on Facebook

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

How to Tell a Job Offer from an ID Theft Trap

Identity Thieves Bypassed Experian Security to View Credit Reports

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

Why is.US Being Used to Phish So Many of Us?

How 1-Time Passcodes Became a Corporate Liability

The Rise of One-Time Password Interception Bots

Crime Shop Sells Hacked Logins to Other Crime Shops

US Harbors Prolific Malicious Link Shortening Service

Experian, You Have Some Explaining to Do

Glut of Fake LinkedIn Profiles Pits HR Against the Bots

U.S. Secret Service: “Massive Fraud” Against State Unemployment Insurance Programs

Battle with Bots Prompts Mass Purge of Amazon, Apple Employee Accounts on LinkedIn

UK Sets Up Fake Booter Sites To Muddy DDoS Market

Fake CISO Profiles on LinkedIn Target Fortune 500s

How $100M in Jobless Claims Went to Inmates

Owners of 1-Time Passcode Theft Service Plead Guilty

Experian Glitch Exposing Credit Files Lasted 47 Days

E-Crime Rapper ‘Punchmade Dev’ Debuts Card Shop

Anti-Money Laundering Service AMLBot Cleans House

Riding the State Unemployment Fraud ‘Wave’

The Fake Browser Update Scam Gets a Makeover

When Low-Tech Hacks Cause High-Impact Breaches

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

This Windows PowerShell Phish Has Scary Potential

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

Sued by Meta, Freenom Halts Domain Registrations

Phishers Spoof USPS, 12 Other Natl’ Postal Services

Stay Connected