Malicious Office 365 Apps Are the Ultimate Insiders

Credit to Author: BrianKrebs| Date: Wed, 05 May 2021 12:27:50 +0000

Phishers targeting Microsoft Office 365 users increasingly are turning to specialized links that take users to their organization’s own email login page. After a user logs in, the link prompts them to install a malicious but innocuously-named app that gives the attacker persistent, password-free access to any of the user’s emails and files, both of which are then plundered to launch malware and phishing scams against others.

Read more

How $100M in Jobless Claims Went to Inmates

Credit to Author: BrianKrebs| Date: Thu, 25 Feb 2021 22:26:07 +0000

The U.S. Labor Department’s inspector general said this week that roughly $100 million in fraudulent unemployment insurance claims were paid in 2020 to criminals who are already in jail. That’s a tiny share of the estimated tens of billions of dollars in jobless benefits states have given to identity thieves in the past year. To help reverse that trend, many states are now turning to a little-known private company called ID.me. This post examines some of what that company is seeing in its efforts to stymie unemployment fraud.

Read more

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

Credit to Author: BrianKrebs| Date: Tue, 09 Feb 2021 03:16:54 +0000

Cyber cops in Ukraine carried out an arrest and several raids last week in connection with the author of a U-Admin, a software package used to administer what’s being called “one of the world’s largest phishing services.” The operation was carried out in coordination with the FBI and authorities in Australia, which was particularly hard hit by phishing scams perpetrated by U-Admin customers.

Read more

Facebook, Instagram, TikTok and Twitter Target Resellers of Hacked Accounts

Credit to Author: BrianKrebs| Date: Thu, 04 Feb 2021 18:02:09 +0000

Facebook, Instagram, TikTok, and Twitter this week all took steps to crack down on users involved in trafficking hijacked user accounts across their platforms. The coordinated action seized hundreds of accounts the companies say have played a major role in facilitating the trade and often lucrative resale of compromised, highly sought-after usernames.

Read more

‘ValidCC,’ a Major Payment Card Bazaar and Looter of E-Commerce Sites, Shuttered

Credit to Author: BrianKrebs| Date: Tue, 02 Feb 2021 18:04:46 +0000

ValidCC, a dark web bazaar run by a cybercrime group that for more than six years hacked online merchants and sold stolen payment card data, abruptly closed up shop last week. The proprietors of the popular store said their servers were seized as part of a coordinated law enforcement operation designed to disconnect and confiscate its infrastructure.

Read more

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Credit to Author: BrianKrebs| Date: Sat, 21 Nov 2020 18:15:49 +0000

Fraudsters redirected email and web traffic destined for several cryptocurrency trading platforms over the past week. The attacks were facilitated by scams targeting employees at GoDaddy, the world’s largest domain name registrar, KrebsOnSecurity has learned.

Read more

Be Very Sparing in Allowing Site Notifications

Credit to Author: BrianKrebs| Date: Tue, 17 Nov 2020 14:13:29 +0000

An increasing number of websites are asking visitors to approve “notifications,” browser modifications that periodically display messages on the user’s mobile or desktop device. In many cases these notifications are benign, but several dodgy firms are paying site owners to install their notification scripts and then selling that communications pathway to scammers and online hucksters.

Read more

Two Charged in SIM Swapping, Vishing Scams

Credit to Author: BrianKrebs| Date: Tue, 03 Nov 2020 18:30:54 +0000

Two young men from the eastern United States have been hit with identity theft and conspiracy charges for allegedly stealing bitcoin and social media accounts by tricking employees at wireless phone companies into giving away credentials needed to remotely access and modify customer account information.

Read more