Internet, Mobile and Web Fraud - Cyber Security Informer

Chinese Innovations Spawn Wave of Toll Phishing Via SMS

Krebs on Security

JANUARY 16, 2025

Those who fall for the scam are asked to provide payment card data, and eventually will be asked to supply a one-time password sent via SMS or a mobile authentication app. Notably, none of the phishing pages will even load unless the website detects that the visitor is coming from a mobile device.

Phishing

Phishing Scams Mobile Passwords

China-based SMS Phishing Triad Pivots to Banks

Krebs on Security

APRIL 10, 2025

China-based purveyors of SMS phishing kits are enjoying remarkable success converting phished payment card data into mobile wallets from Apple and Google. If the visitor supplies that one-time code, their payment card is then added to a new mobile wallet on an Apple or Google device that is physically controlled by the phishers.

Phishing

Phishing Banking Mobile Retail

Sudanese Brothers Arrested in ‘AnonSudan’ Takedown

Krebs on Security

OCTOBER 17, 2024

Prosecutors say Anonymous Sudan offered a “Limited Internet Shutdown Package,” which would enable customers to shut down internet service providers in specified countries for $500 (USD) an hour. An indictment in the Central District of California notes the duo even swamped the websites of the FBI and the Department of State.

DDOS

DDOS Government Internet Internet

Booking.com Phishers May Leave You With Reservations

Krebs on Security

NOVEMBER 1, 2024

According to the market share website statista.com , booking.com is by far the Internet’s busiest travel service, with nearly 550 million visits in September. Booking.com said it now requires 2FA , which forces partners to provide a one-time passcode from a mobile authentication app (Pulse) in addition to a username and password.

Phishing

Phishing Accountability Artificial Intelligence Cybercrime

‘Tis the Season for the Wayward Package Phish

Krebs on Security

NOVEMBER 4, 2021

Louis Morton , a security professional based in Fort Worth, Texas, forwarded an SMS phishing or “smishing” message sent to his wife’s mobile device that indicated a package couldn’t be delivered. com — from a desktop web browser redirects the visitor to a harmless page with ads for car insurance quotes. .”

Phishing

Phishing Scams Mobile DNS

How 1-Time Passcodes Became a Corporate Liability

Krebs on Security

AUGUST 30, 2022

A recent spate of SMS phishing attacks from one cybercriminal group has spawned a flurry of breach disclosures from affected companies, which are all struggling to combat the same lingering security threat: The ability of scammers to interact directly with employees through their mobile devices. In an Aug.

Mobile

Mobile Phishing Authentication Accountability

Busting SIM Swappers and SIM Swap Myths

Krebs on Security

NOVEMBER 6, 2018

that has been tracking down individuals engaged in unauthorized “SIM swaps” — a complex form of mobile phone fraud that is often used to steal large amounts of cryptocurrencies and other items of value from victims. That’s just too risky for the attackers, he said.

Mobile

Mobile Cryptocurrency Accountability Passwords

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

Krebs on Security

FEBRUARY 8, 2021

Brad Marden , superintendent of cybercrime operations for the Australian Federal Police (AFP), said their investigation into who was behind U-Admin began in late 2018, after Australian citizens began getting deluged with phishing attacks via mobile text messages that leveraged the software.

Phishing

Phishing Scams Banking Mobile

Be Very Sparing in Allowing Site Notifications

Krebs on Security

NOVEMBER 17, 2020

An increasing number of websites are asking visitors to approve “notifications,” browser modifications that periodically display messages on the user’s mobile or desktop device. The company’s site currently is ranked by Alexa.com as among the top 2,000 sites in terms of Internet traffic globally.

Antivirus

Antivirus Advertising Internet Internet

Local Networks Go Global When Domain Names Collide

Krebs on Security

AUGUST 23, 2024

At issue is a well-known security and privacy threat called “ namespace collision ,” a situation where domain names intended to be used exclusively on an internal company network end up overlapping with domains that can resolve normally on the open Internet. SSL/TLS certs). and schema.ad. Image: Defcon.org.

DNS

DNS Internet Internet Authentication

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

In each attack, the victims saw their email and financial accounts compromised after suffering an unauthorized SIM-swap, wherein attackers transferred each victim’s mobile phone number to a new device that they controlled. Prosecutors say Noah Michael Urban of Palm Coast, Fla.,

Social Engineering

Social Engineering Mobile Passwords Cybercrime

Scam ‘Funeral Streaming’ Groups Thrive on Facebook

Krebs on Security

SEPTEMBER 18, 2024

The page listed the correct time and date of the funeral service, which it claimed could be streamed over the Internet by following a link that led to a page requesting credit card information. xyz is currently hosted at a Bangladeshi web hosting provider named cloudswebserver[.]com The Internet address of livestreamnow[.]xyz

Scams

Scams DNS Internet Internet

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. SocksEscort[.]com com , is what’s known as a “SOCKS Proxy” service. com, sscompany[.]net, net, and hideipvpn[.]com.

Malware

Malware VPN Internet Internet

SMS Phishers Harvested Phone Numbers, Shipment Data from UPS Tracking Tool

Krebs on Security

JUNE 22, 2023

” Pivoting on the domain in the smishing message sent to Dylan shows the phishing domain shared an Internet host in Russia [91.215.85-166] The site would only load in a mobile browser. 166] with nearly two dozen other smishing related domains, including upsdelivery[.]info info , legodelivery[.]info info , adidascanadaltd[.]com

Phishing

Phishing Retail Mobile Scams

PayPal Phishing Scam Uses Invoices Sent Via PayPal

Krebs on Security

AUGUST 18, 2022

Also, the email headers in the phishing message (PDF) show that it passed all email validation checks as being sent by PayPal, and that it was sent through an Internet address assigned to PayPal. Both the email and the invoice state that “there is evidence that your PayPal account has been accessed unlawfully.”

Scams

Scams Phishing Accountability Software

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Krebs on Security

DECEMBER 13, 2022

USDoD told KrebsOnSecurity their phony application was submitted in November in the CEO’s name, and that the application included a contact email address that they controlled — but also the CEO’s real mobile phone number. “I wasn’t expected to be approve[d].” This is a developing story.

Hacking

Hacking Energy and Utilities Cybercrime Accountability

How Do You Fight a $12B Fraud Problem? One Scammer at a Time

Krebs on Security

OCTOBER 25, 2018

According to the most recent statistics from the FBI ‘s Internet Crime Complaint Center , the most costly form of cybercrime stems from a complex type of fraud known as the “ B usiness E mail C ompromise” or BEC scam. This post examines the work of a large, private group of volunteers dedicated to doing just that.

Scams

Scams Accountability Media Banking

Disneyland Malware Team: It’s a Puny World After All

Krebs on Security

NOVEMBER 16, 2022

A financial cybercrime group calling itself the Disneyland Team has been making liberal use of visually confusing phishing domains that spoof popular bank brands using Punycode , an Internet standard that allows web browsers to render domain names with non-Latin alphabets like Cyrillic.

Malware

Malware Banking Phishing DDOS

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

Many companies now require employees to supply a one-time password — such as one sent via SMS or produced by a mobile authenticator app — in addition to their username and password when logging in to company assets online. Thus, the second factor cannot be phished, either over the phone or Internet.

Hacking

Hacking Social Engineering Phishing Scams

Massive Losses Define Epidemic of ‘Pig Butchering’

Krebs on Security

JULY 21, 2022

REACTs’ West said while there are a large number of pig butchering victims reporting their victimization to the FBI, very few are receiving anything more than instructions about filing a complaint with the FBI’s Internet Crime Complaint Center (IC3), which keeps track of cybercrime losses and victims.

Scams

Scams Cryptocurrency Marketing Internet

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

Krebs on Security

SEPTEMBER 5, 2023

Importantly, none appeared to have suffered the sorts of attacks that typically preface a high-dollar crypto heist, such as the compromise of one’s email and/or mobile phone accounts. The Internet is swimming with con artists masquerading as legitimate cryptocurrency recovery experts. “They truly all are reasonably secure.

Cryptocurrency

Cryptocurrency Passwords Encryption Accountability

How Phished Data Turns into Apple & Google Wallets

Krebs on Security

FEBRUARY 18, 2025

But a flurry of innovation from cybercrime groups in China is breathing new life into the carding industry, by turning phished card data into mobile wallets that can be used online and at main street stores. And they are not traditional SMS phishing or “ smishing ” messages, as they bypass the mobile networks entirely.

Phishing

Phishing Mobile Scams Banking

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Krebs on Security

FEBRUARY 28, 2023

Image: Shutterstock.com Three different cybercriminal groups claimed access to internal networks at communications giant T-Mobile in more than 100 separate incidents throughout 2022, new data suggests. Each advertises their claimed access to T-Mobile systems in a similar way. ” or “ Tmo up!

Mobile

Mobile Phishing Authentication Advertising

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Chaput said the spammers used more than 1,500 Internet addresses across 400 providers to register new accounts, which then followed popular accounts on Mastodon and sent private mentions to the followers of those accounts. has been associated with accounts at the mobile app site aptoide.com (user: CoolappsforAndroid) and vimeworld.ru

Scams

Scams DDOS Cryptocurrency Accountability

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

Krebs on Security

SEPTEMBER 30, 2024

’s mobile number to a list of those associated with an unrelated firearms investigation. In June 2016, Islam was sentenced to a year in prison for an impressive array of crimes, including stalking people online and posting their personal data on the Internet. which shows an LASD deputy unlawfully added E.Z.’s

Cryptocurrency

Cryptocurrency Government Internet Internet

The Dark Nexus Between Harm Groups and ‘The Com’

Krebs on Security

SEPTEMBER 13, 2024

People affiliated with harm groups like 764 will often recruit new members by lurking on gaming platforms, social media sites and mobile applications that are popular with young people, including Discord , Minecraft , Roblox , Steam , Telegram , and Twitch. million customers. Pompompurin had been a nemesis to the FBI for several years.

Cybercrime

Cybercrime Accountability Mobile Hacking

Fighting Fake EDRs With ‘Credit Ratings’ for Police

Krebs on Security

APRIL 27, 2022

But each can see if a law enforcement entity or individual tied to one of their own requests has ever submitted a request to a different Kodex client, and then drill down further into other data about the submitter, such as Internet address(es) used, and the age of the requestor’s email address. Image: T-Mobile.

Mobile

Mobile Government Media Technology

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Krebs on Security

MARCH 14, 2023

That story showed that the previous owner of the Doxbin also was part of a teenage hacking group that specialized in offering fake EDRs as a service on the dark web. That story showed that the previous owner of the Doxbin also was part of a teenage hacking group that specialized in offering fake EDRs as a service on the dark web.

Hacking

Hacking Government Media Accountability

Why Malware Crypting Services Deserve More Scrutiny

Krebs on Security

JUNE 21, 2023

Those records indicate the user Kerens registered on Verified in March 2009 from an Internet address in Novosibirsk, a city in the southern Siberian region of Russia. Most of the two-dozen domains registered to pepyak@gmail.com shared a server at one point with a small number of other domains, including mobile-soft[.]su

Malware

Malware Antivirus Cybercrime Hacking

Sipping from the Coronavirus Domain Firehose

Krebs on Security

APRIL 16, 2020

Subdomains can not only make phishing domains appear more legitimate , but they also tend to lengthen the domain so that key parts of it get pushed off the URL bar in mobile browsers. Schwartzman said more domain registrars should follow the example of Los Angeles-based Namecheap Inc.

Cyber threats

Cyber threats Phishing Data collection Government

Violence-as-a-Service: Brickings, Firebombings & Shootings for Hire

Krebs on Security

SEPTEMBER 4, 2022

But these more “hands-on” and first person attacks are becoming increasingly common within certain cybercriminal communities, particularly those engaged in SIM swapping , a crime in which identity thieves hijack a target’s mobile phone number and use that to wrest control over the victim’s various online accounts and identities.

Government

Government Accountability Cryptocurrency Web Fraud

A Single Cloud Compromise Can Feed an Army of AI Sex Bots

Krebs on Security

OCTOBER 3, 2024

” Chub offers free registration, via its website or a mobile app. To carry out this research, security researchers ignored fundamental security best practices and publicly shared an access key on the internet to observe what would happen.” Some of the AI chat bot characters offered by Chub. No customers were put at risk.

Accountability

Accountability Artificial Intelligence Web Fraud Cryptocurrency

How to Lose a Fortune with Just One Bad Click

Krebs on Security

DECEMBER 18, 2024

A scammer called using a real Google phone number to warn his Gmail account was being hacked, sent email security alerts directly from google.com, and ultimately seized control over the account by convincing him to click “yes” to a Google prompt on his mobile device.

Cryptocurrency

Cryptocurrency Accountability Authentication Phishing

Cyber Security Informer

Chinese Innovations Spawn Wave of Toll Phishing Via SMS

China-based SMS Phishing Triad Pivots to Banks

Trending Sources

Sudanese Brothers Arrested in ‘AnonSudan’ Takedown

Booking.com Phishers May Leave You With Reservations

‘Tis the Season for the Wayward Package Phish

How 1-Time Passcodes Became a Corporate Liability

Busting SIM Swappers and SIM Swap Myths

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

Be Very Sparing in Allowing Site Notifications

Local Networks Go Global When Domain Names Collide

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Scam ‘Funeral Streaming’ Groups Thrive on Facebook

Who and What is Behind the Malware Proxy Service SocksEscort?

SMS Phishers Harvested Phone Numbers, Shipment Data from UPS Tracking Tool

PayPal Phishing Scam Uses Invoices Sent Via PayPal

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

How Do You Fight a $12B Fraud Problem? One Scammer at a Time

Disneyland Malware Team: It’s a Puny World After All

When Low-Tech Hacks Cause High-Impact Breaches

Massive Losses Define Epidemic of ‘Pig Butchering’

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

How Phished Data Turns into Apple & Google Wallets

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Interview With a Crypto Scam Investment Spammer

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

The Dark Nexus Between Harm Groups and ‘The Com’

Fighting Fake EDRs With ‘Credit Ratings’ for Police

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Why Malware Crypting Services Deserve More Scrutiny

Sipping from the Coronavirus Domain Firehose

Violence-as-a-Service: Brickings, Firebombings & Shootings for Hire

A Single Cloud Compromise Can Feed an Army of AI Sex Bots

How to Lose a Fortune with Just One Bad Click

Stay Connected