article thumbnail

China-based SMS Phishing Triad Pivots to Banks

Krebs on Security

SilentPush found the Smishing Triad now spoofs recognizable brands in a variety of industry verticals across at least 121 countries and a vast number of industries, including the postal, logistics, telecommunications, transportation, finance, retail and public sectors.

Phishing 245
article thumbnail

SMS Phishers Harvested Phone Numbers, Shipment Data from UPS Tracking Tool

Krebs on Security

.” As early as April 2022, KrebsOnSecurity began receiving tips from Canadian readers who were puzzling over why they’d just received one of these SMS phishing messages that referenced information from a recent order they’d legitimately placed at an online retailer. “It was more or less the same day.

Phishing 326
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

Krebs on Security

retailers, including Saks Fifth Avenue, Lord and Taylor , Bebe Stores , Hilton Hotels , Jason’s Deli , Whole Foods , Chipotle , Wawa , Sonic Drive-In , the Hy-Vee supermarket chain , Buca Di Beppo , and Dickey’s BBQ. Joker’s sold cards stolen in a steady drip of breaches at U.S. A screenshot of a website reviewing PM2BTC.

article thumbnail

The Life Cycle of a Breached Database

Krebs on Security

Earlier this month, customers of the soccer jersey retailer classicfootballshirts.co.uk But the more insidious threat with hacked databases comes not from password re-use but from targeted phishing activity in the early days of a breach, when relatively few ne’er-do-wells have got their hands on a hot new hacked database.

Passwords 363
article thumbnail

911 Proxy Service Implodes After Disclosing Breach

Krebs on Security

In the meantime, 911’s absence may coincide with a measurable (if only short-lived) reprieve in unwanted traffic to top Internet destinations, including banks, retailers and cryptocurrency platforms, as many former customers of the proxy service scramble to make alternative arrangements.

article thumbnail

How Cybercriminals are Weathering COVID-19

Krebs on Security

One of the more common and perennial cybercriminal schemes is “reshipping fraud,” wherein crooks buy pricey consumer goods online using stolen credit card data and then enlist others to help them collect or resell the merchandise.

article thumbnail

Giving a Face to the Malware Proxy Service ‘Faceless’

Krebs on Security

.” In addition to selling access to hacked computers and bank accounts, both MrMurza and AccessApproved ran side hustles on the crime forums selling clothing from popular retailers that refused to ship directly to Russia. ” Russian corporate records indicate this entity was liquidated in 2021.

Malware 303