Scams, Social Engineering and Web Fraud

Scams

Social Engineering

Web Fraud

A Day in the Life of a Prolific Voice Phishing Crew

Krebs on Security

JANUARY 7, 2025

Before we get to the Apple scam in detail, we need to revisit Tony’s case. Each participant in the call has a specific role, including: -The Caller: The person speaking and trying to social engineer the target. The Owner: The phishing panel owner, who will frequently listen in on and participate in scam calls.

Phishing

Phishing Cryptocurrency Accountability Social Engineering

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Krebs on Security

NOVEMBER 21, 2020

The attacks were facilitated by scams targeting employees at GoDaddy , the world’s largest domain name registrar, KrebsOnSecurity has learned. In March, a voice phishing scam targeting GoDaddy support employees allowed attackers to assume control over at least a half-dozen domain names, including transaction brokering site escrow.com.

Cryptocurrency

Cryptocurrency VPN Scams Social Engineering

Join 28,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Trending Sources

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

GoDaddy described the incident at the time in general terms as a social engineering attack, but one of its customers affected by that March 2020 breach actually spoke to one of the hackers involved. One multifactor option — physical security keys — appears to be immune to these advanced scams.

Hacking

Hacking Social Engineering Phishing Scams

How Do You Fight a $12B Fraud Problem? One Scammer at a Time

Krebs on Security

OCTOBER 25, 2018

The fraudsters behind the often laughable Nigerian prince email scams have long since branched out into far more serious and lucrative forms of fraud, including account takeovers, phishing, dating scams, and malware deployment. The FBI says BEC scams netted thieves more than $12 billion between 2013 and 2018.

Scams

Scams Accountability Media Banking

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

2022 that an intrusion had exposed a “limited number” of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials. Sosa also was active in a particularly destructive group of accomplished criminal SIM-swappers known as “ Star Fraud.”

Social Engineering

Social Engineering Mobile Passwords Cybercrime

How Cybercriminals are Weathering COVID-19

Krebs on Security

APRIL 30, 2020

Most online retailers years ago stopped shipping to regions of the world most frequently associated with credit card fraud, including Eastern Europe, North Africa, and Russia. For example, reshipping scams have over the years become easier for both reshipping mule operators and the mules themselves.

Cybercrime

Cybercrime Computers and Electronics Marketing Scams

How $100M in Jobless Claims Went to Inmates

Krebs on Security

FEBRUARY 25, 2021

The amount of fraud we are fighting is truly staggering.” ” According to ID.me, a major driver of phony jobless claims comes from social engineering, where people have given away personal data in response to romance or sweepstakes scams, or after applying for what they thought was a legitimate work-from-home job.

Scams

Scams Insurance DDOS Authentication

How 1-Time Passcodes Became a Corporate Liability

Krebs on Security

AUGUST 30, 2022

On July 20, the attackers turned their sights on internet infrastructure giant Cloudflare.com , and the intercepted credentials show at least five employees fell for the scam (although only two employees also provided the crucial one-time MFA code). Image: Cloudflare.com. On that last date, Twilio disclosed that on Aug. ”

Mobile

Mobile Phishing Authentication Accountability

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Krebs on Security

FEBRUARY 28, 2023

First, they included an offer to use a mutually trusted “middleman” or escrow provider for the transaction (to protect either party from getting scammed). One of the groups that reliably posted “Tmo up!” ” messages to announce SIM-swap availability against T-Mobile customers also reliably posted “Tmo down!

Mobile

Mobile Phishing Authentication Advertising

How to Lose a Fortune with Just One Bad Click

Krebs on Security

DECEMBER 18, 2024

More importantly, Tony recognized the voice of “Daniel from Google” when it was featured in an interview by Junseth , a podcaster who covers cryptocurrency scams. “No one gets arrested,” Daniel enthused to Junseth in the May 7 podcast, which quickly went viral on social media.

Cryptocurrency

Cryptocurrency Accountability Authentication Phishing

Cyber Security Informer

A Day in the Life of a Prolific Voice Phishing Crew

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Trending Sources

When Low-Tech Hacks Cause High-Impact Breaches

How Do You Fight a $12B Fraud Problem? One Scammer at a Time

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

How Cybercriminals are Weathering COVID-19

How $100M in Jobless Claims Went to Inmates

How 1-Time Passcodes Became a Corporate Liability

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

How to Lose a Fortune with Just One Bad Click

Stay Connected