The Internet is Held Together With Spit & Baling Wire

Credit to Author: BrianKrebs| Date: Fri, 26 Nov 2021 19:03:53 +0000

Imagine being able to disconnect or redirect Internet traffic destined for some of the world’s largest companies — just by spoofing an email. This is the nature of a threat vector recently removed by a Fortune 500 firm that operates one of the world’s largest Internet backbones.

Read more

The ‘Zelle Fraud’ Scam: How it Works, How to Fight Back

Credit to Author: BrianKrebs| Date: Fri, 19 Nov 2021 21:36:30 +0000

One of the more common ways cybercriminals cash out access to bank accounts involves draining the victim’s funds via Zelle, a “peer-to-peer” (P2P) payment service used by many financial institutions that allows customers to quickly send cash to friends and family. Naturally, a great deal of phishing schemes that precede these bank account takeovers begin with a spoofed text message from the target’s bank warning about a suspicious Zelle transfer. What follows is a deep dive into how this increasingly clever Zelle fraud scam typically works, and what victims can do about it.

Read more

Hoax Email Blast Abused Poor Coding in FBI Website

Credit to Author: BrianKrebs| Date: Sat, 13 Nov 2021 22:46:53 +0000

The Federal Bureau of Investigation (FBI) confirmed today that its fbi.gov domain name and Internet address were used to blast out thousands of fake emails about a cybercrime investigation. According to an interview with the person who claimed responsibility for the hoax, the spam messages were sent by abusing insecure code in an FBI online portal designed to share information with state and local law enforcement authorities.

Read more

SMS About Bank Fraud as a Pretext for Voice Phishing

Credit to Author: BrianKrebs| Date: Wed, 10 Nov 2021 21:12:03 +0000

Most of us have probably heard the term “smishing” — which is a portmanteau for traditional phishing scams sent through SMS text messages. Smishing messages usually include a link to a site that spoofs a popular bank and tries to siphon personal information. But increasingly, phishers are turning to a hybrid form of smishing — blasting out linkless text messages about suspicious bank transfers as a pretext for immediately calling and scamming anyone who responds via text.

Read more

‘Tis the Season for the Wayward Package Phish

Credit to Author: BrianKrebs| Date: Thu, 04 Nov 2021 16:49:59 +0000

The holiday shopping season always means big business for phishers, who tend to find increased success this time of year with a time-honored lure about a wayward package that needs redelivery. Here’s a look at a fairly elaborate SMS-based phishing scam that spoofs FedEx in a bid to extract personal and financial information from unwary recipients.

Read more

The ‘Groove’ Ransomware Gang Was a Hoax

Credit to Author: BrianKrebs| Date: Tue, 02 Nov 2021 15:34:14 +0000

A number of publications in September warned about the emergence of “Groove,” a new ransomware group that called on competing extortion gangs to unite in attacking U.S. government interests online. It now appears that Groove was all a big hoax designed to toy with security firms and journalists.

Read more

Zales.com Leaked Customer Data, Just Like Sister Firms Jared, Kay Jewelers Did in 2018

Credit to Author: BrianKrebs| Date: Thu, 28 Oct 2021 18:54:30 +0000

In December 2018, bling vendor Signet Jewelers fixed a weakness in their Kay Jewelers and Jared websites that exposed the order information for all of their online customers. This week, Signet subsidiary Zales.com updated its website to remediate a nearly identical customer data exposure.

Read more

FBI Raids Chinese Point-of-Sale Giant PAX Technology

Credit to Author: BrianKrebs| Date: Tue, 26 Oct 2021 17:30:20 +0000

U.S. federal investigators today raided the U.S. offices of PAX Technology, a Chinese provider of point-of-sale devices used by millions of businesses and retailers globally. KrebsOnSecurity has learned the raid is tied to reports that PAX’s systems may have been involved in cyberattacks on U.S. and E.U. organizations.

Read more