Infosecurity News
Windows Quick Assist Exploited in Ransomware Attacks
Microsoft warned Storm-1811 started vishing attacks in April to gain access to target devices
DarkReading
Scammers Fake DocuSign Templates to Blackmail & Steal From Companies
Cybercriminals are trafficking DocuSign assets that allow for easy extortion and business email compromise.
SecurityWeek
FCC Warns of 'Royal Tiger' Robocall Scammers
The FCC has issued a public notice on robocall scammer group ‘Royal Tiger’, the first designated threat actor.
.webp)
Cyber Security News
Royal Tiger Group With Spoofed Phone Numbers Stealing Credit Card Data: FCC
According to the FCC, the Royal Tiger Group and the people who work with it are a C-Communications Information Services Threat (C-CIST).
Latest Hacking News
Dell API Exploitation Led to Breach Affecting 49M Customers
Dell customers need to stay cautious as the vendors admit a data breach impacting their customers. What makes this breach notable is its root cause, which turns out to be a Dell API exploit by
.webp)
Cyber Security News
New Breed of Romance Scams Employs Fake Cryptocurrency Exchanges
Romance scam schemes involve intricate manipulations, including using fake cryptocurrency exchanges to defraud victims.
The Record
Southeast Asian scam syndicates stealing $64 billion annually, researchers find
In Cambodia, Laos and Myanmar, the groups are estimated to reap about $43.8 billion each year through scams — some 40 percent of the three nations’ combined formal GDP.
Ars Technica
Dell warns of “incident” that may have leaked customers’ personal info
Notification follows claim of compromised database with 49M Dell customers' data.
SecurityWeek
Criminal Use of AI Growing, But Lags Behind Defenders
Despite the current lack of large-scale criminal exploitation of gen-AI, researchers highlight indications that this may change.
Infosecurity News
Fake Online Stores Scam Over 850,000 Shoppers
Researchers discover 75,000+ domains hosting fraudulent e-commerce sites, in a campaign dubbed BogusBazaar
Infosecurity News
Six Austrians Arrested in Multi-Million Euro Crypto Scheme
Europol and Eurojust targeted the orchestrators of a cryptocurrency scam launched in December 2017
The Cyber Express
Police Arrest Six in Austria-based Crypto Scam; Two Jailed in UK in Other Case
A coordinated multi-nation law enforcement action has led to a takedown of an Austria-based crypto scam where half a dozen
CyberNews
Six arrested for crypto scam, over €750K seized
Six Austrian nationals have been found responsible for an online cryptocurrency scam that posed as a legitimate online trading platform.
HACKRead
Hackers Leak COVID-19 Data of 820K Dominicans, Including Vaccination Info
A massive data leak of 820,000 Dominican Republic individuals' PII on Breach Forums, including their COVID-19 vaccination status, has been identified by Resecurity.
The Cyber Express
Finland Warns of New Android Malware that Siphons Money from your Bank
Finland has warned of an ongoing Android malware campaign that targets banking details of its victims by enticing them to
Ars Technica
These dangerous scammers don’t even bother to hide their crimes
Cybercriminals openly run dozens of scams across social media and messaging apps.
CyberNews
Tech support scams top list of elder fraud, new FBI report
Cyber scams targeting seniors have risen 11% since 2022, costing those over 60 more than $3.4 billion in losses, a new FBI Elderly Fraud report states.
The Cyber Express
Operation Pandora Takes Down a Dozen Fraudulent Call Centers
A multi-national police operation cracked opened a massive fraudulent call center network run across Europe. A coordinated effort involving law
Bleeping Computer
Police shuts down 12 fraud call centres, arrests 21 suspects
Law enforcement shut down 12 phone fraud call centers in Albania, Bosnia and Herzegovina, Kosovo, and Lebanon, behind thousands of scam calls daily.
The Record
More than 100 arrested in Spain in $900,000 WhatsApp scheme
To trick their victims, the scammers posed as a family member — typically a son — in some distressing situation requiring urgent financial help, Spanish police said.
CyberNews
Romance scammers offer fake protection from sex offenders, FBI warns
Criminals are now offering “free” online verification service schemes to users on dating websites and apps.
The Record
FBI: Fraudsters using fake online dating verification apps to scam lovers
Cybercriminals are taking advantage of people’s fears about online dating by getting them to download fake “verification” apps that allow them to steal information and money.
CyberNews
Scammers bypassing Google ad checks to impersonate real brands
Some ads on top of the Google search results bar appear to be the real Facebook but lead to scams, users have found
The Record
Bogus post office texts deliver a ‘shocking’ amount of traffic to scam websites
Researchers at Akamai examined how much internet traffic actually arises from people clicking on links in fake U.S. Postal Service texts.
CyberNews
New report: 52% of Americans have faced political scams in past 12 months
As the US election season gathers speed, a survey reveals that more than half of Americans have experienced political scams – even though most are unsure how they work.
The Record
Bank fraud ‘call center’ gang busted in Ukraine, police say
Scammers would pose as bank officials and persuade people to give up account information over the phone — or even install remote access software on their computers — Czech and Ukrainian authorities said.
HACKRead
This Website is Selling Billions of Private Messages of Discord Users
The website, Spy.pet, is apparently an internet-scraping company, that has been collecting data from Discord since November 2023.
Infosecurity News
Fraudsters Exploit Telegram’s Popularity For Toncoin Scam
The scheme was uncovered by Kaspersky and has been operational since November 2023
CyberNews
Global lottery of memecoins swings between new asset class and scams
The emergence of memecoins as an asset class of their own and the scams that come with them
CyberNews
Cybercriminals targeting LastPass users
Users of the password manager are being targeted by a phishing campaign instructing them to reset their accounts on fraudulent sites.
CyberNews
Suspicious domains targeting Trump and Biden on the rise – interview
At least 11,974 suspicious domains targeting former President Donald Trump or President Joe Biden have been created since the beginning of last year.
The Cyber Express
“We Will be Attacked”: Cybersecurity Challenges Loom Over Paris Olympics 2024
As the countdown to the Paris Olympics 2024 begins, organizers are gearing up to confront potential cybersecurity threats and the
SC Magazine
Scammers offer cash to phone carrier staff to swap SIM cards
T-Mobile and Verizon workers report receiving text messages offering them up to $300 for each illegal SIM swap they complete.
Krebs on Security
Who Stole 3.6M Tax Records from South Carolina?
For nearly a dozen years, residents of South Carolina have been kept in the dark by state and federal investigators over who was responsible for hacking into the state's revenue department in 2012 and stealing tax and bank account information…
Infosecurity News
FBI Warns of Massive Toll Services Smishing Scam
The Feds have received thousands of complaints about phishing texts from fake road toll collection services
Infosecurity News
Police Swoop on €645m Cannabis Investment Fraud Gang
Nine arrests and millions of euros seized in bid to bust JuicyFields investment scammers
Bleeping Computer
FBI warns of massive wave of road toll SMS phishing attacks
On Friday, the Federal Bureau of Investigation warned of a massive ongoing wave of SMS phishing attacks targeting Americans with lures regarding unpaid road toll fees.
HACKRead
LastPass Dodges Deepfake Scam: CEO Impersonation Attempt Thwarted
Password management giant LastPass narrowly avoided a potential security breach after a company employee was targeted by a deepfake scam.
Bleeping Computer
Former AT&T customers get $6.3 million in data throttling refunds
The Federal Trade Commission (FTC) is sending out $6,300,000 in partial refunds to 267,000 former AT&T Wireless customers as part of a data throttling settlement in 2019.
The Cyber Express
AT&T Data Breach Fallout: Latest Figures Show Over 51 Million Customers Impacted
Earlier reported figures regarding a data breach at telecommunications giant AT&T have been dwarfed by the latest revelations. Initially confirming
CyberNews
Ramadan-themed scam targets Muslims worldwide
The scammers have used fake ads offering free mobile internet data to lure victims and steal their personal information in a Ramadan-related campaign.
Krebs on Security
Twitter’s Clumsy Pivot to X.com Is a Gift to Phishers
On April 9, Twitter/X began automatically modifying links that mention "twitter.com" to redirect to "x.com" instead. But over the past 48 hours, dozens of new domain names have been registered that demonstrate how this change could be used to craft…
The Hacker News
Google Sues App Developers Over Fake Crypto Investment App Scam
Google sues app developers for massive crypto scam. Scammers tricked 100,000+ users into downloading fake investment apps.
The Cyber Express
Canva Faces Scrutiny by Indian Authorities on Rising Cyber Fraud Activities
The Indian Cybercrime Coordination Centre (I4C), a unit under the Ministry of Home Affairs, has issued a notice to Canva,
Krebs on Security
Fake Lawsuit Threat Exposes Privnote Phishing Sites
A cybercrook who has been setting up websites that mimic the self-destructing message service Privnote.com accidentally exposed the breadth of their operations recently when they threatened to sue a software company. The disclosure revealed a profitable network of phishing sites…
Infosecurity News
Indian Authorities Rescue Hundreds Trafficked For Cybercrime
Hundreds of Indians forced into cybercrime by Cambodian gangs have been rescued
Infosecurity News
Impersonation Scams Net Fraudsters $1.1bn in a Year
FTC figures reveal a three-fold increase in losses from impersonation scams over the past three years
Bleeping Computer
India rescues 250 citizens enslaved by Cambodian cybercrime gang
The Indian government says it rescued and repatriated 250 citizens who sought jobs in Cambodia, only to be forced into conducting cybercrime once they arrived.
Bleeping Computer
FTC: Americans lost $1.1 billion to impersonation scams in 2023
Impersonation scams in the U.S. exceeded $1.1 billion in losses last year, according to statistics collected by the Federal Trade Commission (FTC), a figure that is three times higher than in 2020.
Security Affairs
Info stealer attacks target macOS users
Experts warn of info stealer malware, including Atomic Stealer, targeting Apple macOS users via malicious ads and rogue websites.
The Record
Losses linked to impersonation scams top $1 billion yearly, FTC says
A classic type of fraud — when a crook impersonates a business or a government agency — appears to be bigger than ever, according to federal statistics, and it’s now most likely to begin via text message or email instead of a phone call.
DarkReading
CISO Corner: Cyber-Pro Swindle; New Faces of Risk; Cyber Boosts Valuation
Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: Australia gets its cyber-groove back, and 2023's zero-day field day.
Cyber Security News
GoPlus's Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats
GoPlus Labs, the leading Web3 security infrastructure provider, has unveiled a groundbreaking report that highlights the growing, widespread use and potential of Web3 user security data to aid in risk management. The findings of the report reveal a clear and growing demand for more advanced security tools that can effectively safeguard digital assets, verify the […]
Latest Hacking News
GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats
GoPlus Labs, the leading Web3 security infrastructure provider, has unveiled a groundbreaking report that highlights the growing, widespread use and potential of Web3 user security data to aid in risk management. The findings of the
The Hacker News
Darcula Phishing Network Leveraging RCS and iMessage to Evade Detection
Beware of Darcula, a Phishing-as-a-Service platform targeting 100+ countries with over 20,000 fake domains.
.jpg)
Cyber Security News
Apple ID “push bombing” Attack Targeting Apple Users to Steal passwords
Apple users are falling prey to a phishing campaign designed to hijack their Apple IDs through what's known as a “push bombing”.
HACKRead
GoPlus Report: Blockchain Networks Using API Security Data to Mitigate Web3 Threats
GoPlus Labs unveils a groundbreaking report showcasing the widespread use and potential of Web3 user security data for risk management.
DarkReading
'Darcula' Phishing-as-a-Service Operation Bleeds Victims Worldwide
Pervasive and inexpensive phishing kit encompasses hundreds of templates targeting Kuwait Post, Etisalat, Jordan Post, Saudi Post. Australia Post, Singapore Post, and postal services in South Africa, Nigeria, Morocco, and more.
CyberNews
Apple users face barrage of MFA bombing attacks
Apple users are being targeted by MFA bombing attacks, also known as push notification spam. Bad actors might be exploiting a bug in Apple’s password reset feature.
HACKRead
AI Generated Fake Obituary Websites Target Grieving Users
Scammers are using AI generated fake obituariy websites that appear identical to real memorials, exploiting human emotions to steal personal data.
CyberNews
Minecraft players beware: 14GB of private data posted for free on illicit forum
A threat actor on BreachForums has posted a 14GB database containing Minecraft user and server data, including sensitive payment information.
The Cyber Express
‘IntelBroker’ Claims Access to Database Belonging to England and Wales Cricket Board (ECB)
A cybercriminal going by the name 'IntelBroker' has asserted responsibility for an alleged data breach targeting the European Central Bank
Krebs on Security
Recent ‘MFA Bombing’ Attacks Targeting Apple Users
Several Apple customers recently reported being targeted in elaborate phishing attacks that involve what appears to be a bug in Apple's password reset feature. In this scenario, a target's Apple devices are forced to display dozens of system-level prompts that…
Infosecurity News
Fake Ozempic Deals on the Rise as Experts Warn of Phishing Scams
Kaspersky's findings revealed phishing pages posing as vendors, enticing users with discounts
Bleeping Computer
Google's new AI search results promotes sites pushing malware, scams
Google's new AI-powered 'Search Generative Experience' algorithms recommend scam sites that redirect visitors to unwanted Chrome extensions, fake iPhone giveaways, browser spam subscriptions, and tech support scams.
Infosecurity News
Police Bust Multimillion-Dollar Holiday Fraud Gang
Law enforcers have arrested nine suspected members of a prolific cyber-fraud gang
DarkReading
Why AI Obituary Scams Are a Cyber-Risk for Businesses
Scammers now use AI to instantly whip up SEO-friendly bereavement scams, and it's never been easier to swindle mourners or use them to get to their employers.
Infosecurity News
Fake Obituary Sites Send Grievers to Porn and Scareware Pages
Secureworks is warning of fake obituary sites which expose visitors to fake AV scams
DarkReading
Tax Hackers Blitz Small Business With Phishing Emails
Armed with little more than an email address, scammers are trying to trick small businesses and the self employed into giving up Social Security numbers.
CyberNews
Crypto scamming intensifies as criminals capitalize on market rally
Crypto scams are on the increase as investment activity and prices rise
Bleeping Computer
Here's why Twitter sends you to a different site than what you clicked
Users of the social media platform X (Twitter) have often been left puzzled when they click on a post with an external link but arrive at an entirely unexpected website from the one displayed. A Twitter ad spotted below by a security researcher shows forbes.com as its destination but instead takes you to a Telegram account.
The Hacker News
Ukraine Arrests Trio for Hijacking Over 100 Million Email and Instagram Accounts
Ukraine Cyber Police have arrested 3 individuals linked to the hijacking of over 100 million email & Instagram accounts worldwide.
Bleeping Computer
FTC warns scammers are impersonating its employees to steal money
The U.S. Federal Trade Commission (FTC) warned today that scammers are impersonating its employees to steal thousands of dollars from Americans.
PCMag
Data Dump Allegedly Tied to 70 Million AT&T Customers Leaks Online
The 5GB archive contains user phone numbers, addresses, and Social Security numbers. But AT&T denies that the data came from its own systems.
The Hacker News
E-Root Marketplace Admin Sentenced to 42 Months for Selling 350K Stolen Credentials
Moldovan national gets 3+ years in US prison for running E-Root Marketplace, a massive platform selling stolen login details.
CyberNews
Scammers by force: electrocuted for missing quotas
Nearly 900 victims of human trafficking have been freed from a romance scam factory disguised as a gambling company in the Philippines. The UN warns that cyber fraud and tech slavery is booming in Southeast Asia.
Bleeping Computer
US moves to recover $2.3 million from "pig butchers" on Binance
The U.S. Department of Justice (DoJ) is recovering $2.3 million worth of cryptocurrency linked to a "pig butchering" fraud scheme that victimized at least 37 people across the United States.
.webp)
Cyber Security News
Hackers Abuse Venmo Payment Service to Steal Login Details
Venmo, a mobile payment service owned by PayPal, facilitates a convenient exchange of money for businesses to transact with customers.
CyberNews
FTC orders computer repair scammers to pony up $26M for fraud
The Federal Trade Commission (FTC) ordered two tech support firms to pay $26 million for scamming customers into buying computer repair services they did not need.
Infosecurity News
Investment Scams Grow, 13,000 Domains Detected in January 2024
Netcraft said the domains were found across 7000 IPs in January, a 25% increase from December 2023
CyberNews
Data leak at Spanish home rental service exposes three million customers
Escapada Rural, a local Spanish short-term rental service akin to Airbnb, left large amounts of private customer data exposed for half a year.
SecurityWeek
US Seizes $1.4 Million in Cryptocurrency From Tech Scammers
The US seized approximately $1.4 million worth of Tether tokens suspected of being fraud proceeds from tech scams.
SC Magazine
New online investment scams powered by bots to simulate fake experts
Security pros say the new scams use the latest chatbot technology.
The Record
Feds seize $1.4 million of tech support scam proceeds with the help of crypto firm
The cryptocurrency company Tether seized $1.4 million on behalf of U.S. law enforcement investigating a tech support scam targeting elderly citizens, the company announced Tuesday — as it attempts to burnish its reputation amid accusations that its USDT coin is the currency of choice for online fraudsters.
Infosecurity News
Three-Quarters of Cyber Incident Victims Are Small Businesses
Three-quarters of cyber-incidents Sophos responded to involved small businesses in 2023, with attackers’ main goal being data theft
Security Affairs
Insurance scams via QR codes: how to recognise and defend yourself
Threat actors can abuse QR codes to carry out sophisticated scams, as reported by the Italian Postal Police in its recent alert.
DarkReading
Sophisticated Vishing Campaigns Take World by Storm
One South Korean victim gave up $3 million to cybercriminals, thanks to convincing law-enforcement impersonation scams that combine both psychology and technology.
DarkReading
Typosquatting Wave Shows No Signs of Abating
A spate of recent typosquatting attacks shows the scourge of this type of attack is still very much with us, even after decades of cyber defender experience with it.
The Cyber Express
Sophisticated Fraud Rings Spread Pig Butchering Scams Across Asia
In recent years, the financial industry in India has been marred by the spread of pig butchering scams, a sophisticated
Bleeping Computer
Fake Leather wallet app on Apple App Store is a crypto drainer
The developers of the Leather cryptocurrency wallet are warning of a fake app on the Apple App Store, with users reporting it is a wallet drainer that stole their digital assets.
HACKRead
Dropbox Abused in New Phishing, Malspam Scam to Steal SaaS Logins
Darktrace is warning users about a new phishing and malspam campaign targeting customers of SaaS platforms by exploiting Dropbox emails.
.webp)
Cyber Security News
Beware of Fake Trading Apps on Google Play & App Store that Steal Your Money
Investigation unveiled a trend of fake trading apps on Google Play and the App Store, unsuspecting users out of their hard-earned money.
CyberNews
FBI: investment fraud tops list of costliest cybercrimes
Cybercrime in the US cost an estimated $12.5 billion last year – and that’s just the incidents that were reported to the FBI.
SecurityWeek
State AGs Send Letter to Meta Asking It to Take 'Immediate Action' on User Account Takeovers
A group of 40 state attorneys general have sent a letter to Meta expressing concern over Facebook and Instagram account takeovers.
PCMag
FBI: Cybercrime Jumped 22% in 2023, for $12.5 Billion in Losses
The most reported type of cybercrime involved investment scams, which led to $4.57 billion in stolen funds, according to the FBI. Estimates are likely conservative, though.
PCMag
State AGs Demand Answers on Surge in Facebook, Instagram Account Takeovers
The state attorneys general say they've seen a 'dramatic increase in user account takeovers and lockouts on Facebook and Instagram,' and are pushing Meta to take stronger action.
The Hacker News
How Cybercriminals are Exploiting India's UPI for Money Laundering Operations
A sophisticated Android app named XHelper is being used by criminals to manage money-laundering activities in India.
CyberNews
Apple explains how it will comply with EU laws and how bad they are
Prior to the release of iOS 17.4, Apple has published a whitepaper that explains what changes the company has rolled out to comply with the new EU Digital Markets Act.
PCMag
Scammers Target Helldivers 2 Buyers With Fake Games on Steam
Bogus versions of Helldivers 2 popped up on Steam, complete with info, screenshots, and logos ripped from the real game. One suspicious detail gave it away, though.
HACKRead
Android Money Transfer XHelper App Exposed as Money Laundering Network
The XHelper App, an APK found on third-party stores, has been exposed in a large-scale money laundering operation involving Chinese scammers.
Loading more articles....