A week in security (November 23 – November 29)

Credit to Author: Malwarebytes Labs| Date: Mon, 30 Nov 2020 10:44:12 +0000

A roundup of cybersecurity news from November 23 – 29, including Zoom, Spotify, and the IoT Cybersecurity Bill.

Categories: A week in security

Tags:

(Read more…)

The post A week in security (November 23 – November 29) appeared first on Malwarebytes Labs.

Read more

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Credit to Author: BrianKrebs| Date: Sat, 21 Nov 2020 18:15:49 +0000

Fraudsters redirected email and web traffic destined for several cryptocurrency trading platforms over the past week. The attacks were facilitated by scams targeting employees at GoDaddy, the world’s largest domain name registrar, KrebsOnSecurity has learned.

Read more

Two Charged in SIM Swapping, Vishing Scams

Credit to Author: BrianKrebs| Date: Tue, 03 Nov 2020 18:30:54 +0000

Two young men from the eastern United States have been hit with identity theft and conspiracy charges for allegedly stealing bitcoin and social media accounts by tricking employees at wireless phone companies into giving away credentials needed to remotely access and modify customer account information.

Read more

FBI, CISA Echo Warnings on ‘Vishing’ Threat

Credit to Author: BrianKrebs| Date: Fri, 21 Aug 2020 20:34:18 +0000

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) on Thursday issued a joint alert to warn about the growing threat from voice phishing or “vishing” attacks targeting companies. The advisory came less than 24 hours after KrebsOnSecurity published an in-depth look at a crime group offering a service that people can hire to steal VPN credentials and other sensitive data from employees working remotely during the Coronavirus pandemic.

Read more

Voice Phishers Targeting Corporate VPNs

Credit to Author: BrianKrebs| Date: Wed, 19 Aug 2020 13:55:46 +0000

The COVID-19 epidemic has brought a wave of email phishing attacks that try to trick work-at-home employees into giving away credentials needed to remotely access their employers’ networks. But one increasingly brazen group of crooks is taking your standard phishing attack to the next level, marketing a voice phishing service that uses a combination of one-on-one phone calls and custom phishing sites to steal VPN credentials from employees.

Read more

A week in security (January 21 – 27)

Credit to Author: Malwarebytes Labs| Date: Mon, 28 Jan 2019 18:00:14 +0000

A roundup of last week’s security news from January 21 to 27, including Modlishka, Crytekk, PUPs, and the State of Malware report.

Categories:

Tags:

(Read more…)

The post A week in security (January 21 – 27) appeared first on Malwarebytes Labs.

Read more

Something else is phishy: How to detect phishing attempts on mobile

Credit to Author: Jovi Umawing| Date: Mon, 10 Dec 2018 15:00:56 +0000

Phishing is more problematic on smartphones than on desktops. Not only that, approaches to handling phishing attacks on mobile are quite different because their techniques are also different. So, how can users sniff out a mobile phish? Let us count the ways.

Categories:

Tags:

(Read more…)

The post Something else is phishy: How to detect phishing attempts on mobile appeared first on Malwarebytes Labs.

Read more

Voice Phishing Scams Are Getting More Clever

Credit to Author: BrianKrebs| Date: Mon, 01 Oct 2018 14:02:27 +0000

Most of us have been trained to be wary of clicking on links and attachments that arrive in emails unexpected, but it’s easy to forget scam artists are constantly dreaming up innovations that put a new shine on old-fashioned telephone-based phishing scams. Think you’re too smart to fall for one? Think again: Even technology experts are getting taken in by some of the more recent schemes (or very nearly).

Read more