Information and Web Fraud - Cyber Security Informer

SMS Phishers Harvested Phone Numbers, Shipment Data from UPS Tracking Tool

Krebs on Security

JUNE 22, 2023

The United Parcel Service (UPS) says fraudsters have been harvesting phone numbers and other information from its online shipment tracking tool in Canada to send highly targeted SMS phishing (a.k.a. “It seems likely to me that UPS is leaking information somehow about upcoming deliveries.” info , legodelivery[.]info

Phishing

Phishing Retail Mobile Scams

Hoax Email Blast Abused Poor Coding in FBI Website

Krebs on Security

NOVEMBER 13, 2021

According to an interview with the person who claimed responsibility for the hoax, the spam messages were sent by abusing insecure code in an FBI online portal designed to share information with state and local law enforcement authorities. The phony message sent late Thursday evening via the FBI’s email system. Image: Spamhaus.org.

Internet

Internet Internet Hacking Accountability

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Krebs on Security

MARCH 14, 2023

.” The Justice Department says Singh and Ceraolo belong to a group of cybercriminals known to its members as “ ViLE ,” who specialize in obtaining personal information about third-party victims, which they then use to harass, threaten or extort the victims, a practice known as “doxing.”

Hacking

Hacking Government Media Accountability

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Krebs on Security

DECEMBER 13, 2022

Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum. InfraGard , a program run by the U.S.

Hacking

Hacking Energy and Utilities Cybercrime Accountability

Mozilla Drops Onerep After CEO Admits to Running People-Search Networks

Krebs on Security

MARCH 22, 2024

Shelest maintained that Nuwber has “zero cross-over or information-sharing with Onerep,” and said any other old domains that may be found and associated with his name are no longer being operated by him. Data brokers also can enrich consumer records with additional information, by adding social media data and known associates.

Media

Media Government Data breaches Marketing

Why is.US Being Used to Phish So Many of Us?

Krebs on Security

SEPTEMBER 1, 2023

is overseen by the National Telecommunications and Information Administration (NTIA), an executive branch agency of the U.S. Registration Information page that auto-populates the nexus attestation field with the response, “I am a citizen of the United States.” US phishing domains.US Department of Commerce. to obtain a.US

Phishing

Phishing Telecommunications Government DNS

US Harbors Prolific Malicious Link Shortening Service

Krebs on Security

OCTOBER 31, 2023

is overseen by the National Telecommunications and Information Administration (NTIA), an executive branch agency of the U.S. .” Since then, they found that whoever is responsible for running the service has used.US for approximately 55 percent of the total domains created, with several dozen new malicious.US domains registered daily.US

Phishing

Phishing Telecommunications Malware Scams

Identity Thieves Bypassed Experian Security to View Credit Reports

Krebs on Security

JANUARY 9, 2023

But when I tried to get my report from Experian via annualcreditreport.com, Experian’s website said it didn’t have enough information to validate my identity. In response to information shared by KrebsOnSecurity, Senator Ron Wyden (D-Ore.) It wouldn’t even show me the four multiple-guess questions. ” Sen.

Identity Theft

Identity Theft Accountability Authentication Web Fraud

When Efforts to Contain a Data Breach Backfire

Krebs on Security

AUGUST 16, 2022

Last month, they sold customer information on 36 million customers of the Mexican phone company Telcel ; in March, they sold 33,000 images of Mexican IDs — with the front picture and a selfie of each citizen. “The set of information referred to is inaccurate and outdated, and does not put our users and customers at risk.”

Data breaches

Data breaches Banking Cybercrime Marketing

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

0ktapus used newly-registered domains that often included the name of the targeted company, and sent text messages urging employees to click on links to these domains to view information about a pending change in their work schedule. 0ktapus often leveraged information or access gained in one breach to perpetrate another.

Social Engineering

Social Engineering Mobile Cybercrime Passwords

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Krebs on Security

NOVEMBER 21, 2020

. “Separately, and unrelated to the outage, a routine audit of account activity identified potential unauthorized changes to a small number of customer domains and/or account information,” GoDaddy spokesperson Dan Race said. authenticate the phone call before sensitive information can be discussed.

Cryptocurrency

Cryptocurrency VPN Scams Social Engineering

‘Tis the Season for the Wayward Package Phish

Krebs on Security

NOVEMBER 4, 2021

Here’s a look at a fairly elaborate SMS-based phishing scam that spoofs FedEx in a bid to extract personal and financial information from unwary recipients. com — from a desktop web browser redirects the visitor to a harmless page with ads for car insurance quotes. com — stopped resolving.

Phishing

Phishing Scams Mobile DNS

Russian Reshipping Service ‘SWAT USA Drop’ Exposed

Krebs on Security

NOVEMBER 2, 2023

The contact information for Kareem , a young man from Maryland, was listed as an active drop. Anyone can sign up at this website as a potential reshipping mule, although doing so requires applicants to share a great deal of personal and financial information, as well as copies of an ID or passport matching the supplied name.

Cybercrime

Cybercrime Marketing Scams Retail

Fake Emergency Search Warrants Draw Scrutiny from Capitol Hill

Krebs on Security

MARCH 31, 2022

Senate’s most tech-savvy lawmakers said he was troubled by the report and is now asking technology companies and federal agencies for information about the frequency of such schemes. “Information we can get: emails, IPs, phone numbers, photos. Have gotten information only on Snapchat, Twitter and IG so far.”

Government

Government Accountability Education Media

The Fake Browser Update Scam Gets a Makeover

Krebs on Security

OCTOBER 18, 2023

The fake browser alerts are specific to the browser you’re using, so if you’re surfing the Web with Chrome, for example, you’ll get a Chrome update prompt. Those who are fooled into clicking the update button will have a malicious file dropped on their system that tries to install an information stealing trojan.

Scams

Scams Malware Cryptocurrency Hacking

UK Sets Up Fake Booter Sites To Muddy DDoS Market

Krebs on Security

MARCH 28, 2023

The United Kingdom’s National Crime Agency (NCA) has been busy setting up phony DDoS-for-hire websites that seek to collect information on users, remind them that launching DDoS attacks is illegal, and generally increase the level of paranoia for people looking to hire such services.

DDOS

DDOS Marketing Computers and Electronics Risk

Glut of Fake LinkedIn Profiles Pits HR Against the Bots

Krebs on Security

OCTOBER 5, 2022

Last week, KrebsOnSecurity examined a flood of inauthentic LinkedIn profiles all claiming Chief Information Security Officer (CISO) roles at various Fortune 500 companies, including Biogen , Chevron , ExxonMobil , and Hewlett Packard. “We’ll see 20-30 requests come in with the same type of information in the profiles.”

Accountability

Accountability Scams Artificial Intelligence Cryptocurrency

How Coinbase Phishers Steal One-Time Passwords

Krebs on Security

OCTOBER 13, 2021

In each case, the phishers manually would push a button that caused the phishing site to ask visitors for more information, such as the one-time password from their mobile app. Pressing the “Send Info” button prompted visitors to supply additional personal information, including their name, date of birth, and street address. .

Passwords

Passwords Phishing Accountability Mobile

How 1-Time Passcodes Became a Corporate Liability

Krebs on Security

AUGUST 30, 2022

The phishers behind this scheme used newly-registered domains that often included the name of the target company, and sent text messages urging employees to click on links to these domains to view information about a pending change in their work schedule. 2, and Aug. On that last date, Twilio disclosed that on Aug. In an Aug.

Mobile

Mobile Phishing Authentication Accountability

Experian, You Have Some Explaining to Do

Krebs on Security

JULY 10, 2022

Research suggests identity thieves were able to hijack the accounts simply by signing up for new accounts at Experian using the victim’s personal information and a different email address. “We believe these are isolated incidents of fraud using stolen consumer information,” Experian’s statement reads.

Accountability

Accountability Passwords Authentication Password Management

Battle with Bots Prompts Mass Purge of Amazon, Apple Employee Accounts on LinkedIn

Krebs on Security

OCTOBER 20, 2022

In late September 2022, KrebsOnSecurity warned about the proliferation of fake LinkedIn profiles for Chief Information Security Officer (CISO) roles at some of the world’s largest corporations. . “That’s definitely the first huge drop that happened throughout the time we’ve collected the profiles,” she said.

Accountability

Accountability Cryptocurrency Scams CISO

How to Tell a Job Offer from an ID Theft Trap

Krebs on Security

MAY 21, 2021

“The endgame was to offer a job based on successful completion of background check which obviously requires entering personal information,” Gwin said. “Even after the real Troy said they’d gotten these [LinkedIn] ads shut down, this guy was still emailing me asking for my HR information,” Siegel said.

Scams

Scams Accountability Advertising Engineering

‘The Manipulaters’ Improve Phishing, Still Fail at Opsec

Krebs on Security

APRIL 3, 2024

However, DomainTools also found the hosted version of HeartSender service leaks an extraordinary amount of user information that probably is not intended to be publicly accessible. “FIR” in this case stands for “First Information Report,” which is the initial complaint in the criminal justice system of Pakistan.

Phishing

Phishing Cybercrime Malware Advertising

Karma Catches Up to Global Phishing Service 16Shop

Krebs on Security

AUGUST 17, 2023

Constella Intelligence , a data breach and threat actor research platform, now allows users to cross-reference popular cybercrime websites and denizens of these forums with inadvertent malware infections by information-stealing trojans. Mr. Rizky did not respond to requests for comment.

Phishing

Phishing Passwords Internet Internet

Fake CISO Profiles on LinkedIn Target Fortune 500s

Krebs on Security

SEPTEMBER 30, 2022

Someone has recently created a large number of fake LinkedIn profiles for Chief Information Security Officer (CISO) roles at some of the world’s largest corporations. If you were confused at this point, you might ask Google who it thinks is the current Chief Information Security Officer of Chevron. of spam and scam.”

CISO

CISO Cybercrime Accountability Cryptocurrency

Scary Fraud Ensues When ID Theft & Usury Collide

Krebs on Security

JANUARY 25, 2022

Jim told MSF and others who called or emailed that identity thieves had applied for the funds using his name and information; that he would never take out a payday loan; and would they please remove his information from their database? Jim says MSF assured him it would, and the loan was never issued. A portion of the Jan.

Financial Services

Financial Services Banking Accountability Identity Theft

Phishers Spoof USPS, 12 Other Natl’ Postal Services

Krebs on Security

OCTOBER 9, 2023

.” Below that message is a “Click update” button that takes the visitor to a page that asks for more information. After collecting your address information, the fake USPS site goes on to request additional personal and financial data. The remaining buttons on the phishing page all link to the real USPS.com website.

Phishing

Phishing Scams Passwords Web Fraud

The Rise of One-Time Password Interception Bots

Krebs on Security

SEPTEMBER 29, 2021

Users claim that SMSRanger has an efficacy rate of about 80% if the victim answered the call and the full information (fullz) the user provided was accurate and updated.” I hope these OTP interception services make clear that you should never provide any information in response to an unsolicited phone call. org) for a checkup.

Passwords

Passwords Mobile Authentication Banking

Experian Glitch Exposing Credit Files Lasted 47 Days

Krebs on Security

JANUARY 25, 2023

When I tested Kushnir’s instructions on my own identity at Experian, I found I was able to see my report even though Experian’s website told me it didn’t have enough information to validate my identity. To make matters worse, a majority of the information in that credit report is not mine.

Cybercrime

Cybercrime Web Fraud Data breaches

Crime Shop Sells Hacked Logins to Other Crime Shops

Krebs on Security

JANUARY 21, 2022

All of the credentials being sold by Accountz provide access to services that in turn sell access to stolen information or hijacked property, as in the case of “bot shops” that resell access to infected computers. That’s probably because so few customers supply their real contact information when they sign up.

Hacking

Hacking Cybercrime Authentication Passwords

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

The general manager of Escrow.com said he suspected the call was a scam, but decided to play along for about an hour — all the while recording the call and coaxing information out of the scammer. “He was literally reading off the tickets to the notes of the admin panel inside GoDaddy.”

Hacking

Hacking Social Engineering Phishing Scams

Scammers Sent Uber to Take Elderly Lady to the Bank

Krebs on Security

AUGUST 4, 2022

So they sent her some information about where to wire the money, and asked her to go to the bank. And when an elderly victim does report a crime, they may be unable to supply detailed information to investigators.” “They told her they were sending an Uber to pick her up and that it was on its way,” Hardaway said.

Banking

Banking Scams Accountability Passwords

Anti-Money Laundering Service AMLBot Cleans House

Krebs on Security

OCTOBER 15, 2022

org remains online and accepting requests, as does the service’s Tor-based domain, and it is unclear how those services are sourcing their information. “Information about the fraudsters was also sent to key market participants, and their transaction data was added to the tracking database to better combat money laundering.”

Cryptocurrency

Cryptocurrency Marketing Cybercrime Technology

Sued by Meta, Freenom Halts Domain Registrations

Krebs on Security

MARCH 7, 2023

The lawsuit also seeks information about the identities of 20 different “John Does” — Freenom customers that Meta says have been particularly active in phishing attacks against Facebook , Instagram , and WhatsApp users.

Phishing

Phishing Media Internet Internet

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

The SOCKS (or SOCKS5) protocol allows Internet users to channel their Web traffic through a proxy server, which then passes the information on to the intended destination. The contact information on Crismaru’s LinkedIn page says his company websites include myiptest[.]com, SocksEscort[.]com com, sscompany[.]net,

Malware

Malware VPN Internet Internet

Fake Lawsuit Threat Exposes Privnote Phishing Sites

Krebs on Security

APRIL 4, 2024

In August 2019, a slew of websites and social media channels dubbed “HKLEAKS” began doxing the identities and personal information of pro-democracy activists in Hong Kong. A review of the passive DNS records tied to this address shows that apart from subdomains dedicated to tornote[.]io,

Phishing

Phishing Cryptocurrency DDOS Internet

U.S. Secret Service: “Massive Fraud” Against State Unemployment Insurance Programs

Krebs on Security

MAY 16, 2020

” “It is assumed the fraud ring behind this possesses a substantial PII database to submit the volume of applications observed thus far,” the Secret Service warned. The alert follows news reports by media outlets in Washington and Rhode Island about millions of dollars in fraudulent unemployment claims in those states.

Insurance

Insurance Banking Identity Theft Accountability

New Ransom Payment Schemes Target Executives, Telemedicine

Krebs on Security

DECEMBER 8, 2022

Venus indicated it recently had success with a method that involves carefully editing one or more email inbox files at a victim firm — to insert messages discussing plans to trade large volumes of the company’s stock based on non-public information. “One of my clients did it, I don’t know how.

Healthcare

Healthcare Backups Ransomware Insurance

Calendar Meeting Links Used to Spread Mac Malware

Krebs on Security

FEBRUARY 28, 2024

While there is still far more malware out there today targeting Microsoft Windows PCs, the prevalence of information-stealing trojans aimed at macOS users is growing at a steady clip. A recent report from Recorded Future finds the Lazarus Group has stolen approximately $3 billion in cryptocurrency over the past six years.

Malware

Malware Cryptocurrency Software Scams

Using Google Search to Find Software Can Be Risky

Krebs on Security

JANUARY 25, 2024

Some of the domains at this Netherlands host appear to be little more than software review websites that steal content from established information sources in the IT world, including Gartner , PCWorld , Slashdot and TechRadar. A review at DomainTools.com show this domain is the newest (registered Jan. com , filezillasoft[.]com

Software

Software Advertising Malware Accountability

Hoax Email Blast Abused Poor Coding in FBI Website

Security Boulevard

NOVEMBER 13, 2021

According to an interview with the person who claimed responsibility for the hoax, the spam messages were sent by abusing insecure code in an FBI online portal designed to share information with state and local law enforcement authorities. The post Hoax Email Blast Abused Poor Coding in FBI Website appeared first on Security Boulevard.

Cybercrime

Cybercrime Internet Internet Web Fraud

RaidForums Gets Raided, Alleged Admin Arrested

Krebs on Security

APRIL 12, 2022

.” “RaidForums also sold ‘credits’ that provided members access to privileged areas of the website and enabled members to ‘unlock’ and download stolen financial information, means of identification, and data from compromised databases, among other items,” the DOJ said in a written statement.

Identity Theft

Identity Theft Government Mobile Data breaches

Apple AirTag Bug Enables ‘Good Samaritan’ Attack

Krebs on Security

SEPTEMBER 28, 2021

This information pops up without asking the finder to log in or provide any personal information. When scanned, an AirTag in Lost Mode will present a short message asking the finder to call the owner at at their specified phone number. But your average Good Samaritan might not know this.

Mobile

Mobile Phishing Malware Software

Phishing Sites Targeting Scammers and Thieves

Krebs on Security

AUGUST 9, 2021

In late 2019, BriansClub changed its homepage to include doctored images of my Social Security and passport cards, credit report and mobile phone bill information. That was right after KrebsOnSecurity broke the news that someone had hacked BriansClub and siphoned information on 26 million stolen debit and credit accounts.

Phishing

Phishing Cybercrime Accountability Advertising

SMS Phishers Harvested Phone Numbers, Shipment Data from UPS Tracking Tool

Hoax Email Blast Abused Poor Coding in FBI Website

Webinars

Trending Sources

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Webinars

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Mozilla Drops Onerep After CEO Admits to Running People-Search Networks

Why is.US Being Used to Phish So Many of Us?

US Harbors Prolific Malicious Link Shortening Service

Identity Thieves Bypassed Experian Security to View Credit Reports

When Efforts to Contain a Data Breach Backfire

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

‘Tis the Season for the Wayward Package Phish

Russian Reshipping Service ‘SWAT USA Drop’ Exposed

Fake Emergency Search Warrants Draw Scrutiny from Capitol Hill

The Fake Browser Update Scam Gets a Makeover

UK Sets Up Fake Booter Sites To Muddy DDoS Market

Glut of Fake LinkedIn Profiles Pits HR Against the Bots

How Coinbase Phishers Steal One-Time Passwords

How 1-Time Passcodes Became a Corporate Liability

Experian, You Have Some Explaining to Do

Battle with Bots Prompts Mass Purge of Amazon, Apple Employee Accounts on LinkedIn

How to Tell a Job Offer from an ID Theft Trap

‘The Manipulaters’ Improve Phishing, Still Fail at Opsec

Karma Catches Up to Global Phishing Service 16Shop

Fake CISO Profiles on LinkedIn Target Fortune 500s

Scary Fraud Ensues When ID Theft & Usury Collide

Phishers Spoof USPS, 12 Other Natl’ Postal Services

The Rise of One-Time Password Interception Bots

Experian Glitch Exposing Credit Files Lasted 47 Days

Crime Shop Sells Hacked Logins to Other Crime Shops

When Low-Tech Hacks Cause High-Impact Breaches

Scammers Sent Uber to Take Elderly Lady to the Bank

Anti-Money Laundering Service AMLBot Cleans House

Sued by Meta, Freenom Halts Domain Registrations

Who and What is Behind the Malware Proxy Service SocksEscort?

Fake Lawsuit Threat Exposes Privnote Phishing Sites

U.S. Secret Service: “Massive Fraud” Against State Unemployment Insurance Programs

New Ransom Payment Schemes Target Executives, Telemedicine

Calendar Meeting Links Used to Spread Mac Malware

Using Google Search to Find Software Can Be Risky

Hoax Email Blast Abused Poor Coding in FBI Website

RaidForums Gets Raided, Alleged Admin Arrested

Apple AirTag Bug Enables ‘Good Samaritan’ Attack

Phishing Sites Targeting Scammers and Thieves

Stay Connected