Web Fraud - Cyber Security Informer

Researchers: Weak Security Defaults Enabled Squarespace Domains Hijacks

Krebs on Security

JULY 15, 2024

At least a dozen organizations with domain names at domain registrar Squarespace saw their websites hijacked last week. Squarespace bought all assets of Google Domains a year ago, but many customers still haven’t set up their new accounts.

Accountability

Accountability Cryptocurrency Passwords DNS

The Stark Truth Behind the Resurgence of Russia’s Fin7

Krebs on Security

JULY 10, 2024

The Russia-based cybercrime group dubbed “ Fin7 ,” known for phishing and malware attacks that have cost victim organizations an estimated $3 billion in losses since 2013, was declared dead last year by U.S. authorities.

Phishing

Phishing Cybercrime Malware Software

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Krebs on Security

JUNE 15, 2024

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider , a cybercrime group suspected of hacking into Twilio , LastPass , DoorDash , Mailchimp , and nearly 130 other organizations over the past two years.

Hacking

Hacking Phishing Cybercrime Passwords

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. 9, 2024, U.S. technology companies during the summer of 2022.

Social Engineering

Social Engineering Mobile Cybercrime Passwords

Mozilla Drops Onerep After CEO Admits to Running People-Search Networks

Krebs on Security

MARCH 22, 2024

The nonprofit organization that supports the Firefox web browser said today it is winding down its new partnership with Onerep , an identity protection service recently bundled with Firefox that offers to remove users from hundreds of people-search sites.

Media

Media Government Data breaches Marketing

Calendar Meeting Links Used to Spread Mac Malware

Krebs on Security

FEBRUARY 28, 2024

Malicious hackers are targeting people in the cryptocurrency space in attacks that start with a link added to the target’s calendar at Calendly , a popular application for scheduling appointments and meetings. The attackers impersonate established cryptocurrency investors and ask to schedule a video conference call.

Malware

Malware Cryptocurrency Software Scams

Why Your VPN May Not Be As Secure As It Claims

Krebs on Security

MAY 6, 2024

Virtual private networking (VPN) companies market their services as a way to prevent anyone from snooping on your Internet usage.

VPN

VPN Wireless Internet Internet

Using Google Search to Find Software Can Be Risky

Krebs on Security

JANUARY 25, 2024

Google continues to struggle with cybercriminals running malicious ads on its search platform to trick people into downloading booby-trapped copies of popular free software applications.

Software

Software Advertising Malware Accountability

Tech CEO Sentenced to 5 Years in IP Address Scheme

Krebs on Security

OCTOBER 17, 2023

based technology company Micfo LLC , has been sentenced to five years in prison for wire fraud. Amir Golestan , the 40-year-old CEO of the Charleston, S.C. Canada, and parts of the Caribbean.

Internet

Internet Internet VPN Marketing

‘The Manipulaters’ Improve Phishing, Still Fail at Opsec

Krebs on Security

APRIL 3, 2024

Roughly nine years ago, KrebsOnSecurity profiled a Pakistan-based cybercrime group called “ The Manipulaters ,” a sprawling web hosting network of phishing and spam delivery platforms.

Phishing

Phishing Cybercrime Malware Advertising

Fake Lawsuit Threat Exposes Privnote Phishing Sites

Krebs on Security

APRIL 4, 2024

A cybercrook who has been setting up websites that mimic the self-destructing message service privnote.com accidentally exposed the breadth of their operations recently when they threatened to sue a software company.

Phishing

Phishing Cryptocurrency DDOS Internet

The Fake Browser Update Scam Gets a Makeover

Krebs on Security

OCTOBER 18, 2023

One of the oldest malware tricks in the book — hacked websites claiming visitors need to update their Web browser before they can view any content — has roared back to life in the past few months.

Scams

Scams Malware Cryptocurrency Hacking

Russian Reshipping Service ‘SWAT USA Drop’ Exposed

Krebs on Security

NOVEMBER 2, 2023

The login page for the criminal reshipping service SWAT USA Drop. One of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure.

Cybercrime

Cybercrime Marketing Scams Retail

Phishers Spoof USPS, 12 Other Natl’ Postal Services

Krebs on Security

OCTOBER 9, 2023

The fake USPS phishing page. Recent weeks have seen a sizable uptick in the number of phishing scams targeting U.S. Postal Service (USPS) customers. Here’s a look at an extensive SMS phishing operation that tries to steal personal and financial data by spoofing the USPS, as well as postal services in at least a dozen other countries.

Phishing

Phishing Scams Passwords Web Fraud

US Harbors Prolific Malicious Link Shortening Service

Krebs on Security

OCTOBER 31, 2023

The top-level domain for the United States — US — is home to thousands of newly-registered domains tied to a malicious link shortening service that facilitates malware and phishing scams, new research suggests. The findings come close on the heels of a report that identified.US

Phishing

Phishing Telecommunications Malware Scams

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Krebs on Security

DECEMBER 13, 2022

InfraGard , a program run by the U.S. Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum.

Hacking

Hacking Energy and Utilities Cybercrime Accountability

Identity Thieves Bypassed Experian Security to View Credit Reports

Krebs on Security

JANUARY 9, 2023

Identity thieves have been exploiting a glaring security weakness in the website of Experian , one of the big three consumer credit reporting bureaus. Normally, Experian requires that those seeking a copy of their credit report successfully answer several multiple choice questions about their financial history.

Identity Theft

Identity Theft Accountability Authentication Web Fraud

Discord Admins Hacked by Malicious Bookmarks

Krebs on Security

MAY 30, 2023

A number of Discord communities focused on cryptocurrency have been hacked this past month after their administrators were tricked into running malicious Javascript code disguised as a Web browser bookmark.

Hacking

Hacking Accountability Scams Cryptocurrency

SMS Phishers Harvested Phone Numbers, Shipment Data from UPS Tracking Tool

Krebs on Security

JUNE 22, 2023

The United Parcel Service (UPS) says fraudsters have been harvesting phone numbers and other information from its online shipment tracking tool in Canada to send highly targeted SMS phishing (a.k.a. “smishing”) messages that spoofed UPS and other top brands.

Phishing

Phishing Retail Mobile Scams

Who’s Behind the SWAT USA Reshipping Service?

Krebs on Security

NOVEMBER 6, 2023

Last week, KrebsOnSecurity broke the news that one of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure.

Passwords

Passwords Cybercrime Accountability Hacking

Experian Glitch Exposing Credit Files Lasted 47 Days

Krebs on Security

JANUARY 25, 2023

23, 2022, KrebsOnSecurity alerted big-three consumer credit reporting bureau Experian that identity thieves had worked out how to bypass its security and access any consumer’s full credit report — armed with nothing more than a person’s name, address, date of birth, and Social Security number.

Cybercrime

Cybercrime Web Fraud Data breaches

Why is.US Being Used to Phish So Many of Us?

Krebs on Security

SEPTEMBER 1, 2023

Domain names ending in “ US ” — the top-level domain for the United States — are among the most prevalent in phishing scams, new research shows. This is noteworthy because.US is overseen by the U.S. government, which is frequently the target of phishing domains ending in.US.

Phishing

Phishing Telecommunications Government DNS

Fake CISO Profiles on LinkedIn Target Fortune 500s

Krebs on Security

SEPTEMBER 30, 2022

Someone has recently created a large number of fake LinkedIn profiles for Chief Information Security Officer (CISO) roles at some of the world’s largest corporations. It’s not clear who’s behind this network of fake CISOs or what their intentions may be.

CISO

CISO Cybercrime Accountability Cryptocurrency

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

Web hosting giant GoDaddy made headlines this month when it disclosed that a multi-year breach allowed intruders to steal company source code, siphon customer and employee login credentials, and foist malware on customer websites.

Hacking

Hacking Social Engineering Phishing Scams

PayPal Phishing Scam Uses Invoices Sent Via PayPal

Krebs on Security

AUGUST 18, 2022

Scammers are using invoices sent through PayPal.com to trick recipients into calling a number to dispute a pending charge. The missives — which come from Paypal.com and include a link at Paypal.com that displays an invoice for the supposed transaction — state that the user’s account is about to be charged hundreds of dollars.

Scams

Scams Phishing Accountability Software

UK Sets Up Fake Booter Sites To Muddy DDoS Market

Krebs on Security

MARCH 28, 2023

The United Kingdom’s National Crime Agency (NCA) has been busy setting up phony DDoS-for-hire websites that seek to collect information on users, remind them that launching DDoS attacks is illegal, and generally increase the level of paranoia for people looking to hire such services.

DDOS

DDOS Marketing Computers and Electronics Risk

Hoax Email Blast Abused Poor Coding in FBI Website

Krebs on Security

NOVEMBER 13, 2021

The Federal Bureau of Investigation (FBI) confirmed today that its fbi.gov domain name and Internet address were used to blast out thousands of fake emails about a cybercrime investigation.

Internet

Internet Internet Hacking Accountability

A Deep Dive Into the Residential Proxy Service ‘911’

Krebs on Security

JULY 18, 2022

The 911 service as it exists today. For the past seven years, an online service known as 911 has sold access to hundreds of thousands of Microsoft Windows computers daily, allowing customers to route their Internet traffic through PCs in virtually any country or city around the globe — but predominantly in the United States.

VPN

VPN Computers and Electronics Antivirus Software

Experian, You Have Some Explaining to Do

Krebs on Security

JULY 10, 2022

Twice in the past month KrebsOnSecurity has heard from readers who’ve had their accounts at big-three credit bureau Experian hacked and updated with a new email address that wasn’t theirs. In both cases the readers used password managers to select strong, unique passwords for their Experian accounts.

Accountability

Accountability Passwords Authentication Password Management

How 1-Time Passcodes Became a Corporate Liability

Krebs on Security

AUGUST 30, 2022

Phishers are enjoying remarkable success using text messages to steal remote access credentials and one-time passcodes from employees at some of the world’s largest technology companies and customer support firms.

Mobile

Mobile Phishing Authentication Accountability

Disneyland Malware Team: It’s a Puny World After All

Krebs on Security

NOVEMBER 16, 2022

A financial cybercrime group calling itself the Disneyland Team has been making liberal use of visually confusing phishing domains that spoof popular bank brands using Punycode , an Internet standard that allows web browsers to render domain names with non-Latin alphabets like Cyrillic.

Malware

Malware Banking Phishing DDOS

Why Malware Crypting Services Deserve More Scrutiny

Krebs on Security

JUNE 21, 2023

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products.

Malware

Malware Antivirus Cybercrime Hacking

New Ransom Payment Schemes Target Executives, Telemedicine

Krebs on Security

DECEMBER 8, 2022

Ransomware groups are constantly devising new methods for infecting victims and convincing them to pay up, but a couple of strategies tested recently seem especially devious. The first centers on targeting healthcare organizations that offer consultations over the Internet and sending them booby-trapped medical records for the “patient.”

Healthcare

Healthcare Backups Ransomware Insurance

Giving a Face to the Malware Proxy Service ‘Faceless’

Krebs on Security

APRIL 18, 2023

For the past seven years, a malware-based proxy service known as “ Faceless ” has sold anonymity to countless cybercriminals. For less than a dollar per day, Faceless customers can route their malicious traffic through tens of thousands of compromised systems advertised on the service.

Malware

Malware Passwords Accountability Advertising

Sued by Meta, Freenom Halts Domain Registrations

Krebs on Security

MARCH 7, 2023

The domain name registrar Freenom , whose free domain names have long been a draw for spammers and phishers, has stopped allowing new domain name registrations.

Phishing

Phishing Media Internet Internet

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms.

Scams

Scams DDOS Cryptocurrency Accountability

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks.

Malware

Malware VPN Internet Internet

Glut of Fake LinkedIn Profiles Pits HR Against the Bots

Krebs on Security

OCTOBER 5, 2022

A recent proliferation of phony executive profiles on LinkedIn is creating something of an identity crisis for the business networking site, and for companies that rely on it to hire and screen prospective employees.

Accountability

Accountability Scams Artificial Intelligence Cryptocurrency

How Malicious Android Apps Slip Into Disguise

Krebs on Security

AUGUST 3, 2023

Researchers say mobile malware purveyors have been abusing a bug in the Google Android platform that lets them sneak malicious code into mobile apps and evade security scanning tools. Google says it has updated its app malware detection mechanisms in response to the new research.

Mobile

Mobile Malware Banking Cybercrime

Scammers Sent Uber to Take Elderly Lady to the Bank

Krebs on Security

AUGUST 4, 2022

Email scammers sent an Uber to the home of an 80-year-old woman who responded to a well-timed email scam, in a bid to make sure she went to the bank and wired money to the fraudsters.

Banking

Banking Scams Accountability Passwords

Teach a Man to Phish and He’s Set for Life

Krebs on Security

AUGUST 4, 2023

One frustrating aspect of email phishing is the frequency with which scammers fall back on tried-and-true methods that really have no business working these days.

Phishing

Phishing Scams Computers and Electronics Software

Karma Catches Up to Global Phishing Service 16Shop

Krebs on Security

AUGUST 17, 2023

You’ve probably never heard of “ 16Shop ,” but there’s a good chance someone using it has tried to phish you. A 16Shop phishing page spoofing Apple and targeting Japanese users. Image: Akamai.com.

Phishing

Phishing Passwords Internet Internet

Phishing Sites Targeting Scammers and Thieves

Krebs on Security

AUGUST 9, 2021

I was preparing to knock off work for the week on a recent Friday evening when a curious and annoying email came in via the contact form on this site: “Hello I go by the username Nuclear27 on your site Briansclub[.]com “I made a deposit to my wallet on the site but nothing has shown up yet and I would like to know why.”

Phishing

Phishing Cybercrime Accountability Advertising

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Krebs on Security

MARCH 14, 2023

men have been charged with hacking into a U.S. Drug Enforcement Agency (DEA) online portal that taps into 16 different federal law enforcement databases.

Hacking

Hacking Government Media Accountability

Researchers: Weak Security Defaults Enabled Squarespace Domains Hijacks

The Stark Truth Behind the Resurgence of Russia’s Fin7

Trending Sources

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Mozilla Drops Onerep After CEO Admits to Running People-Search Networks

Calendar Meeting Links Used to Spread Mac Malware

Why Your VPN May Not Be As Secure As It Claims

Using Google Search to Find Software Can Be Risky

Tech CEO Sentenced to 5 Years in IP Address Scheme

‘The Manipulaters’ Improve Phishing, Still Fail at Opsec

Fake Lawsuit Threat Exposes Privnote Phishing Sites

The Fake Browser Update Scam Gets a Makeover

Russian Reshipping Service ‘SWAT USA Drop’ Exposed

Phishers Spoof USPS, 12 Other Natl’ Postal Services

US Harbors Prolific Malicious Link Shortening Service

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Identity Thieves Bypassed Experian Security to View Credit Reports

Discord Admins Hacked by Malicious Bookmarks

SMS Phishers Harvested Phone Numbers, Shipment Data from UPS Tracking Tool

Who’s Behind the SWAT USA Reshipping Service?

Experian Glitch Exposing Credit Files Lasted 47 Days

Why is.US Being Used to Phish So Many of Us?

Fake CISO Profiles on LinkedIn Target Fortune 500s

When Low-Tech Hacks Cause High-Impact Breaches

PayPal Phishing Scam Uses Invoices Sent Via PayPal

UK Sets Up Fake Booter Sites To Muddy DDoS Market

Hoax Email Blast Abused Poor Coding in FBI Website

A Deep Dive Into the Residential Proxy Service ‘911’

Experian, You Have Some Explaining to Do

How 1-Time Passcodes Became a Corporate Liability

Disneyland Malware Team: It’s a Puny World After All

Why Malware Crypting Services Deserve More Scrutiny

New Ransom Payment Schemes Target Executives, Telemedicine

Giving a Face to the Malware Proxy Service ‘Faceless’

Sued by Meta, Freenom Halts Domain Registrations

Interview With a Crypto Scam Investment Spammer

Who and What is Behind the Malware Proxy Service SocksEscort?

Glut of Fake LinkedIn Profiles Pits HR Against the Bots

How Malicious Android Apps Slip Into Disguise

Scammers Sent Uber to Take Elderly Lady to the Bank

Teach a Man to Phish and He’s Set for Life

Karma Catches Up to Global Phishing Service 16Shop

Phishing Sites Targeting Scammers and Thieves

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Stay Connected