Tag: scam
-
N. Korean ‘FlexibleFerret’ Malware Hits macOS with Fake Zoom, Job Scams
N. Korean ‘FlexibleFerret’ malware targets macOS with fake Zoom apps, job scams, and bug report comments, deceiving users… First seen on hackread.com Jump to article: hackread.com/north-korea-flexibleferret-malware-macos-fake-zoom-job-scams/
-
Woman nabbed by Thai police on alleged link to $182 million romance scam
Tags: scamThailand’s Central Investigation Bureau said it apprehended a 52-year-old woman accused of laundering $182.8 million in romance scam funds at the behest of her Nigerian boyfriend. First seen on therecord.media Jump to article: therecord.media/arrest-thai-police-woman-romance-scam
-
High-profile X Accounts Targeted in Phishing Campaign
Hackers hijack high-profile X accounts with phishing scams to steal credentials and promote fraudulent cryptocurrency schemes First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/x-accounts-targeted-phishing/
-
Crazy Evil gang runs over 10 highly specialized social media scams
The Russian-speaking Crazy Evil group runs over 10 social media scams, tricking victims into installing StealC, AMOS, and Angel Drainer malware. Since 2021, the Crazy Evil gang has become a major cybercriminal group, using phishing, identity fraud, and malware to steal cryptocurrency. Security experts identified six Crazy Evil’s subteams, called AVLAND, TYPED, DELAND, ZOOMLAND, DEFI,…
-
New Phishing Attack Hijacks High-Profile X Accounts to Promote Scam Sites
A new wave of phishing attacks has been identified, targeting high-profile accounts on the social media platform X (formerly Twitter). This campaign, analyzed by SentinelLABS, aims to hijack accounts belonging to prominent individuals and organizations, including U.S. political figures, international journalists, employees of X, and cryptocurrency entities. The compromised accounts are then exploited to promote…
-
Devil-Traff: Emerging Malicious SMS Platform Powering Phishing Attacks
In the ever-evolving landscape of cybercrime, bulk SMS platforms like Devil-Traff have emerged as powerful tools for phishing campaigns, exploiting trust and compromising security on a massive scale. Employees in organizations today face an increasing volume of communications emails, instant messages, and ticket updates, providing fertile ground for phishing scams to blend seamlessly into routine…
-
Crazy Evil Gang Targets Crypto with StealC, AMOS, and Angel Drainer Malware
A Russian-speaking cybercrime gang known as Crazy Evil has been linked to over 10 active social media scams that leverage a wide range of tailored lures to deceive victims and trick them into installing malware such as StealC, Atomic macOS Stealer (aka AMOS), and Angel Drainer.”Specializing in identity fraud, cryptocurrency theft, and information-stealing malware, Crazy…
-
Week in review: Apple 0-day used to target iPhones, DeepSeek’s popularity exploited by scammers
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Apple zero-day vulnerability exploited to target iPhone users … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/02/week-in-review-apple-0-day-used-to-target-iphones-deepseeks-popularity-exploited-by-scammers/
-
Devil-Traff: A New Bulk SMS Platform Driving Phishing Campaigns
Employees in most organizations receive countless communications daily”, emails, Slack messages, or ticket updates, for example. Hidden among these routine interactions are phishing scams designed to exploit trust and compromise security. Imagine an employee receiving a text that appears to be from their bank: “Suspicious activity detected on your account. Click here to secure your…
-
DeepSeek’s popularity exploited by malware peddlers, scammers
As US-based AI companies struggle with the news that the recently released Chinese-made open source DeepSeek-R1 reasoning model performs as well as theirs for a fraction of … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/01/29/deepseek-popularity-exploited-malware-scams/
-
Scareware-Blocker: Microsoft geht gegen Support-Scammer vor
Betrüger schüchtern Anwender seit jeher mit falschen Malware-Warnungen ein. Microsoft will dem per Machine Learning ein Ende bereiten. First seen on golem.de Jump to article: www.golem.de/news/microsoft-edge-scareware-blocker-soll-vor-support-scam-schuetzen-2501-192844.html
-
Hidden text salting in scam emails ramps up
First seen on scworld.com Jump to article: www.scworld.com/brief/hidden-text-salting-in-scam-emails-ramps-up
-
New USPS text scam uses unique method to hide malicious PDF links
First seen on scworld.com Jump to article: www.scworld.com/news/new-usps-text-scam-uses-unique-method-to-hide-malicious-pdf-links
-
Microsoft tests Edge Scareware Blocker to block tech support scams
Microsoft has started testing a new “scareware blocker” feature for the Edge web browser on Windows PCs, which uses machine learning (ML) to detect tech support scams. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-tests-edge-scareware-blocker-to-block-tech-support-scams/
-
New Phishing Scam Targets Amazon Prime Membership to Steal Credit Card Data
A recent investigation has uncovered a sophisticated phishing campaign leveraging malicious PDF files to redirect unsuspecting users to fake Amazon-branded phishing websites. Researchers from Unit 42 reported that this campaign utilizes PDFs containing embedded links as an initial lure to compromise users and steal sensitive information such as login credentials and credit card details. Attack…
-
What Makes This “Data Privacy Day” Different?
Tags: access, ai, attack, breach, business, cloud, data, data-breach, finance, identity, infrastructure, malware, monitoring, phishing, privacy, ransomware, risk, scam, threat, tool, training, vulnerabilityAs we celebrate Data Privacy Day, Bernard Montel, Tenable’s EMEA Technical Director and Security Strategist, wants to remind us that we live in a digital world and that we need to protect it. With data breaches a daily occurrence, and AI changing the playing field, he urges everyone to “do better.” Launched in April 2006…
-
U.S. Shuts Down Another N. Korean IT Worker Scam, Indicting 5
The DOJ, which has move aggressively over the past year to find and shut down North Korea’s numerous IT worker scams, indicts two U.S. citizens and three others for running a six-year operation the stole more than $866,000 from 10 U.S. companies that thought they were hiring legitimate IT pros. First seen on securityboulevard.com Jump…
-
In Gaming Item Scams and How to Avoid Them?
The popularity of the TF2 gaming and trading scene attracts scammers with phishing, fake trades, and malicious tools…. First seen on hackread.com Jump to article: hackread.com/in-gaming-item-scams-and-how-to-avoid-them/
-
Privacy Roundup: Week 4 of Year 2025
Tags: access, ai, apt, attack, backup, botnet, breach, cctv, cve, cybersecurity, data, data-breach, detection, email, exploit, firmware, flaw, google, group, identity, infrastructure, korea, lazarus, leak, login, malicious, malware, north-korea, phishing, phone, privacy, regulation, remote-code-execution, risk, router, scam, service, software, startup, technology, threat, tool, update, virus, vulnerability, windowsThis is a news item roundup of privacy or privacy-related news items for 19 JAN 2025 – 25 JAN 2025. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional “security” content mixed-in here due to the close relationship between online privacy and cybersecurity – many things may overlap;…
-
Hackers Use Malicious PDFs, pose as USPS in Mobile Phishing Scam
A large-scale phishing campaign is using PDF files and hidden malicious links, as well as posing at the U.S. Postal Service, in phishing campaign targeting mobile device users in hope that victims will divulge credentials and personal information, Zimperium researchers say. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/01/hackers-use-malicious-pdfs-pose-as-usps-in-mobile-phishing-scam/
-
Royal Mail SMS Phishing Scam Targets Victims with Fake Delivery Fee Requests
Beware of a convincing Royal Mail SMS phishing scam asking for personal details and payment for re-delivery. Learn… First seen on hackread.com Jump to article: hackread.com/royal-mail-sms-phishing-scam-fake-delivery-fee-requests/
-
Scammers Are Creating Fake News Videos to Blackmail Victims
Tags: scam“Yahoo Boy” scammers are impersonating CNN and other news organizations to create videos that pressure victims into making blackmail payments. First seen on wired.com Jump to article: www.wired.com/story/scammers-are-creating-fake-news-videos-to-blackmail-victims/
-
DOJ indicts 5 individuals in North Korea IT worker scam
An unsealed indictment revealed threat actors working for North Korea tricked at least 64 U.S. businesses into hiring fake IT workers for financial and propriety data gains. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366618500/DOJ-indicts-5-individuals-in-North-Korea-IT-worker-scam
-
DOJ indicts two Americans for running laptop farm used in North Korea IT worker scam
The Justice Department indicted five people for their role in a scheme that allowed North Koreans to gain employment with at least 64 U.S. companies and earn hundreds of thousands of dollars for Pyongyang’s government. ]]> First seen on therecord.media Jump to article: therecord.media/doj-indicts-americans-for-running-laptop-farm-north-korea-scheme
-
Breach Roundup: Researchers Find Flaws in Palo Alto Firewalls
Also: US Prosecutors Charge Suspected North Korean IT Worker Collaborators. This week, researchers spied Palo Alto firewall flaws, a North Korean IT worker conspiracy, ChatGPT as DDoS vector. Chinese hackers targeted a VPN maker, a fake PyPi package and a Russian threat actor shifted tactics. BreachForums admin faces prison and scammers used the release of…
-
Meet GhostGPT: The Malicious AI Chatbot Fueling Cybercrime and Scams
Abnormal Security uncovers GhostGPT, an uncensored AI chatbot built for cybercrime. Learn how it boosts cybercriminals’ abilities, makes… First seen on hackread.com Jump to article: hackread.com/ghostgpt-malicious-ai-chatbot-fuel-cybercrime-scams/
-
Bookmakers Ramp Up Efforts to Combat Arbitrage Betting Fraud
Arbitrage betting fraud rises, forcing bookmakers to adopt stricter measures against automated scams First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/bookmakers-efforts-combat/
-
GhostGPT: Uncensored Chatbot Used by Cyber Criminals for Malware Creation, Scams
Researchers from Abnormal Security discovered an advert for the chatbot on a cybercrime forum and tested its capabilities by asking it to create a DocuSign phishing email. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/what-is-ghostgpt/
-
What Makes Bulletproof Hosting Providers a Growing Danger in Australia
The Australian Cyber Security Centre has issued a warning about Bulletproof Hosting Providers (BPH), which play a central role in enabling cybercrime. These providers offer infrastructure that helps cybercriminals carry out attacks such as ransomware campaigns, data theft, and phishing scams, all while remaining largely undetectable. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/acsc-targets-bulletproof-hosting-providers/