Krebs on Security

JANUARY 30, 2024

2022 that an intrusion had exposed a “limited number” of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials. Sosa also was active in a particularly destructive group of accomplished criminal SIM-swappers known as “ Star Fraud.”

Social Engineering 326

Social Engineering Mobile Cybercrime Passwords 326

Krebs on Security

FEBRUARY 28, 2023

First, they included an offer to use a mutually trusted “middleman” or escrow provider for the transaction (to protect either party from getting scammed). “Just because a targeted account takeover is low volume doesn’t mean it’s low risk. One of the groups that reliably posted “Tmo up!”

Mobile 315

Mobile Phishing Authentication Advertising 315

Krebs on Security

AUGUST 30, 2022

On July 20, the attackers turned their sights on internet infrastructure giant Cloudflare.com , and the intercepted credentials show at least five employees fell for the scam (although only two employees also provided the crucial one-time MFA code). Image: Cloudflare.com. On that last date, Twilio disclosed that on Aug. ”

Mobile 299

Mobile Phishing Authentication Accountability 299

Krebs on Security

APRIL 30, 2020

Most online retailers years ago stopped shipping to regions of the world most frequently associated with credit card fraud, including Eastern Europe, North Africa, and Russia. For example, reshipping scams have over the years become easier for both reshipping mule operators and the mules themselves.

Cybercrime 317

Cybercrime Computers and Electronics Marketing Scams 317