Fraud Prevention

Fraud Prevention Page 1

Fake Voicemails Vishing MS Office365 Credentials Harvesting

Fake voicemails used for MS Office 365 credentials harvesting

A newly discovered phishing campaign has been compromising US entities such as the military, manufacturing, healthcare, pharmaceutical and security software sectors to harvest Microsoft Office 365 credentials. The cybercriminal operation is currently active, and its operators use fake voicemail notifications to bait targets into accessing a malicious HTML attachment. Based on reports, the recently discovered...
Continue Reading
Iranian Hackers Spearphishing Cyberattacks Israel Impersonation Social Engineering

Iranian hackers used spearphishing attacks to target Israel

An alleged group of Iranian hackers has been operating a spearphishing campaign that includes masquerading known government officials. Based on reports, the Iran-sponsored threat group posed as a former United States ambassador to target think tank officials. The malicious threat actors could obtain initial access to one of its two targeted email boxes through phishing...
Continue Reading
Dark Web Billions Compromised Data User Credentials Fraud Prevention Marketplace

The dark web is seen loaded with billions of breached user credentials

New studies show that the dark web is still filled with compromised victims’ data, reaching over 24 billion worth of usernames and passwords. These findings demonstrate a 65% uptick within two years, mostly due to users creating account passwords that hackers could easily crack. For instance, one in every 200 compromised passwords comprises the number...
Continue Reading
ALPHV Ransomware Hacking Group Search Website Stolen Data Breach

ALPHV ransomware group developed a search website for stolen data

The ALPHV ransomware group (also known as BlackCat) has devised a new method of threatening its targets. The group cleverly designed websites that let its victims’ employees and customers review if hackers stole their data during an attack. Most of the time, some threat groups will use the stolen data for double-extortion tactics, in which...
Continue Reading
Hackers Ransom Notes Ransomware Victims Dark Web Threat Group Industrial Spy SATT Sud-Est France

Hackers now post ransom notes publicly to urge victims to cooperate

Ransomware gangs may have been upgrading their extortion tactics after starting to hack corporate websites to post their ransom notes for the public to see, adding more pressure for their victims to pay up. Industrial Spy, a ransomware threat group, was the first that has been identified using this new extortion tactic. Initially, the threat...
Continue Reading
US College Networks Academia Stolen Credentials Cybercriminals

US college networks offered stolen credentials by cybercriminals

The Federal Bureau of Investigation (FBI) published an advisory about cybercriminals that offer access credentials for higher academic institutions based in the US. The actors sell these credentials for thousands of dollars and are all available on hacking forums and dark web marketplaces. The critical data offered by the actors contained virtual private networks (VPNs)...
Continue Reading
iOS Find My Hackers Malware Mobile Devices Apple Bluetooth

iOS ‘Find My’ allows hackers to run malware on switched off devices

Apple’s ‘Find My’ feature was found with a critical flaw that allows hackers to tamper with the firmware and inject malware through a Bluetooth chip capable of being launched even if an iPhone device is turned off. The new malicious intent of hackers abused the capability of wireless chips linked with Bluetooth, NFC, and ultra-wideband...
Continue Reading
Hackers DNS Abuse Vanity Links Spoofing Brands Phishing Domain Names

Hackers abuse vanity links to spoof brands and victimise people

Many companies utilise vanity links mostly for their brands’ marketing purposes. However, researchers warned that threat actors had established ways to perform phishing attacks using this tool. Security experts explained that the issue regarding vanity links abuse begins when a cloud service would allow a vanity subdomain of a company but would not verify it...
Continue Reading
Phishing Operator California Online Scam US DoD Fraud Prevention DNS Intelligence

A phishing operator from California scammed the US DoD with $23.5M

A California resident phishing operator named Sercan Oyuntur has been indicted by the US Department of Justice (DoJ) for its malicious campaigns causing the US Department of Defense (DoD) to lose over $23.5 million in damages. The money swindled from the US DoD was meant for funding a jet fuel supplier. However, the phishing operator...
Continue Reading
AI-generated Images Online Scam Fraud Prevention Cyberattack campaigns Social Engineering

AI-generated images exploited for new scam campaigns

Scammers are becoming more advanced as technology progresses after security researchers discovered that AI-generated images are being used to conduct fraudulent activities. Based on a report, one victim received a suspicious email from an alleged attorney in a Boston law firm. After examining the email’s sender, it turned out that they are non-existent, and the...
Continue Reading
1 2 3 25