Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Cyber Fraud. Show all posts
User Security
Cyber Fraud phishing QR code Quishing User Security

Quishing On The Rise: Strategies to Avert QR Code Phishing

 

QR codes are already ubiquitous: from restaurant menus to public transportation schedules, everyone wants you to scan theirs. This normalisation of scanning random QR codes is being exploited, resulting in a new cybersecurity threat known as Quishing. 

What is Quishing? 

Quishing (QR code phishing) is the process of placing a malicious URL into a QR code. Rather than linking to a legitimate website, the code will load a page that attempts to steal information, infect your device with malware, or execute another malicious act.

It's a goofy name, but it poses a serious threat. While we're all aware that you shouldn't browse suspicious websites or download unfamiliar files, the nature of QR codes makes it impossible to tell what's on the other side. With a scan and a tap, you're whisked away to a website that may contain material you don't want to see, or routed to a malware download. 

It's also possible to be duped into scanning a QR code: many businesses build their QR codes using third-party services and URL shorteners, which means that the embedded links may not always redirect to their actual websites. This makes it challenging to determine whether a QR code has been tampered by someone carrying out a quishing assault.

Is quishing a real threat? 

Yes. It is already happening and has proven to be beneficial. QR codes for parking meters, restaurant payments and tip systems, and phoney advertisements are being tampered with all across the world to perpetrate quishing frauds, typically by simply sticking a sticker with a bogus QR over an already existing official code.

These trick codes then lead to false login pages and payment sites, where you can either pay the scammer directly or give them your information (which can be used to steal your money later or push further scams). 

Safety tips 

There are a few efficient strategies to safeguard yourself from quishing: 

  • Make use of your device's built-in QR code scanner. App shops' QR scanners have a bad reputation for security and privacy.
  • Avoid clicking on links that employ URL shorteners and make sure the destination a QR code is attempting to direct you to is genuine before clicking on the link. 
  • Avoid paying with QR codes whenever you can, especially if the payment link takes you to an unidentified address. 
  • Additionally, be aware that phoney websites often use names that sound similar to legitimate ones, so double-check your spelling.
Read more »
Phishing scam
AI scam Cyber Cyber Fraud Fraud Gmail Hack Google security Phishing scam

Gmail Confirms AI Hack: 2.5 Billion Users Warned of Phishing Scam

 

  
Gmail has issued a warning to its 2.5 billion users about a sophisticated AI-powered phishing attack. Fraudsters are using caller IDs that seem to originate from Google support, convincing users that their accounts have been compromised. Under the pretense of an account recovery process, they send an email with a recovery code that appears to come from a genuine Gmail address, Forbes reports.

Zach Latta, founder of Hack Club, noticed irregularities during an interaction with a so-called Google support agent. "She sounded like a real engineer, the connection was super clear, and she had an American accent," Latta told Forbes. Despite the convincing approach, the scam's goal is to deceive users into providing their login credentials, allowing cybercriminals to take control of their accounts.

Spencer Starkey, Vice President at SonicWall, emphasized the evolving nature of cyber threats: "Cybercriminals are constantly developing new tactics, techniques, and procedures to exploit vulnerabilities and bypass security controls, and companies must be able to quickly adapt and respond to these threats." He advised businesses to adopt a proactive cybersecurity approach, including regular security assessments and incident response planning.

Users Report Similar Fraud Attempts

According to the New York Post, Y Combinator founder Garry Tan shared his experience on X (formerly Twitter) after receiving phishing emails and phone calls.

"They claim to be checking that you are alive and that they should disregard a death certificate filed that claims a family member is recovering your account," Tan wrote, calling it an elaborate scheme to manipulate users into approving password recovery.

Microsoft solutions consultant Sam Mitrovic also encountered this scam months ago. Initially, he ignored the recovery notification and follow-up call, but when it happened again, he decided to answer.

"It's an American voice, very polite and professional. The number is Australian," Mitrovic recalled. He even verified the number on an official Google support page, making the deception more convincing. 

The caller alleged there was suspicious activity on his account and asked if he had logged in from Germany. When he denied it, the agent claimed someone had been accessing his account for a week and offered to help secure it. Mitrovic realized something was off when he spotted a suspicious email address in the follow-up message and stopped responding.

Forbes advises Gmail users to remain calm and immediately disconnect any call from so-called Google support, as Google does not contact users via phone. Instead, users should verify account activity themselves:
  • Use Google Search to check official security support pages.
  • Log into Gmail and navigate to the bottom right corner to review recent account activity.
  • Avoid sharing recovery codes with anyone over the phone.
With cyber threats evolving rapidly, vigilance is key to safeguarding online accounts.

Read more »
Fraud Calls
Bengaluru call scams Cyber Fraud Cyber Scam Financial Fraud Financial Scam Fraud Calls

Bengaluru Woman Loses ₹2 Lakh to Sophisticated IVR-Based Cyber Scam

 

Cyber fraud continues to evolve, with scammers using increasingly sophisticated techniques to deceive victims. In a recent case from Bengaluru, a woman lost ₹2 lakh after receiving a fraudulent automated call that mimicked her bank’s Interactive Voice Response (IVR) system. The incident underscores the growing risk of technology-driven scams that exploit human vulnerability in moments of urgency. 

The fraud occurred on January 20 when the woman received a call from a number that closely resembled that of a nationalized bank. The caller ID displayed “SBI,” making it appear as though the call was from her actual bank. The pre-recorded message on the IVR system informed her that ₹2 lakh was being transferred from her account and asked her to confirm or dispute the transaction by pressing a designated key. Startled by the alert, she followed the instructions and selected the option to deny the transfer, believing it would stop the transaction. 

However, moments after the call ended, she received a notification that ₹2 lakh had been debited from her account. Realizing she had been scammed, she rushed to her bank for assistance. The bank officials advised her to report the fraud immediately to the cybercrime helpline at 1930 and file a police complaint. Authorities registered a case under the Information Technology Act and IPC Section 318 for cheating. 

Cybercrime investigators believe this scam is more sophisticated than traditional IVR fraud. Typically, such scams involve tricking victims into providing sensitive banking details like PINs or OTPs. However, in this case, the woman did not explicitly share any credentials, making it unclear how the fraudsters managed to access her funds. 

A senior police officer suggested two possible explanations. First, the victim may have unknowingly provided critical information that enabled the scammers to complete the transaction. Second, cybercriminals may have developed a new technique capable of bypassing standard banking security measures. Investigators are now exploring whether this scam represents an emerging threat involving advanced IVR manipulation. This case serves as a stark reminder of the need for heightened awareness about cyber fraud. 

Experts warn the public to be wary of automated calls requesting banking actions, even if they appear legitimate. Banks generally do not ask customers to confirm transactions via phone calls. Customers are advised to verify any suspicious activity directly through their bank’s official app, website, or customer service helpline. 

If someone encounters a suspected scam, immediate action is crucial. Victims should contact their bank, report the fraud to cybercrime authorities, and avoid responding to similar calls in the future. By staying informed and cautious, individuals can better protect themselves from falling prey to such evolving cyber threats.
Read more »
Pune
Cyber Fraud Cyber Scammers GST Insurance Policy Pune

Pune Retired Banker Falls Victim to Insurance Fraud, Loses Rs 2.22 Crore

 

A 62-year-old retired bank manager from Pune became the victim of a massive cyber fraud, losing ₹2.22 crore over several months. Scammers posing as government officials tricked the individual into purchasing multiple insurance policies by promising high returns.  


How the Fraud Took Place

The scam began in late 2023 and continued for several months. The victim received calls from individuals claiming to be officials from reputed financial and government institutions, including the Ministry of Finance, the Insurance Regulatory and Development Authority of India (IRDAI), and the National Payments Corporation of India (NPCI).  

To appear trustworthy, the fraudsters used the names of well-known personalities and fake designations. They convinced the victim that these insurance policies would offer significant maturity benefits, leading them to invest large sums of money.  


Endless Requests for Additional Payments  

After the initial investment, the scammers demanded additional payments under various pretexts, including:  

  • Taxes such as GST and TDS  
  • Processing and transaction fees
  • Verification and No Objection Certificate (NOC) charges

Every time the victim transferred money, the fraudsters came up with new reasons to demand more, making it seem necessary to complete the investment process.  


Deception Tactics

To maintain the illusion, the criminals operated under at least 19 different identities. Later, they told the victim that previous payments had been diverted to fraudulent accounts and persuaded them to send even more money to recover the lost funds.  

By the time the fraud was uncovered, the victim had lost ₹2.22 crore in total.  


How to Avoid Falling for Similar Scams

Cases like this highlight the need for extra caution when dealing with financial offers. Here are some ways to stay safe:  

1. Verify the caller’s identity: If someone claims to be a government or financial official, check their details on official websites before engaging.  

2. Never share sensitive financial details: Avoid disclosing your bank account number, OTPs, or policy details over the phone or via messages.  

3. Be cautious of guaranteed high returns: Legitimate investments do not promise unrealistic profits. If an offer sounds too good to be true, it probably is.  

4. Confirm payment requests with official sources: Before paying any additional fees, directly contact the relevant institution using official contact details.  


Investigation Underway

Authorities are currently investigating the case to trace the culprits. With the rise in financial scams, it is crucial to remain cautious and skeptical of unsolicited investment opportunities. Being informed and vigilant can prevent such devastating losses.

Read more »
Tax Season
Cyber Fraud Identity Protection IRS PIN personal data safety secure tax filing Tax Fraud Tax Scams Tax Season

Protect Your Tax Return from Fraud: Here's What You Need to Know

 


Tax Season 2025: Protect Yourself from Fraud with an Identity Protection PIN

A new year marks the start of another tax season, bringing with it the usual challenges of navigating the complex US tax code and avoiding scams. One particularly concerning scam involves fraudsters filing a tax return in your name to claim a refund. Many victims only realize they've been targeted when they attempt to file their own return, uncovering a complicated issue that can take weeks or even months to resolve.

The risk of tax-related identity theft is elevated this year due to a series of high-profile data breaches in 2024. Personal information, including Social Security numbers, has become more accessible on the dark web, providing fraudsters with the tools they need to exploit unsuspecting taxpayers. As tax season progresses, this vulnerability becomes a significant concern for individuals and businesses alike.

How the IRS’s Identity Protection PIN Can Help

To combat this type of fraud, the IRS offers a proactive solution: the Identity Protection PIN (IP PIN). This six-digit PIN acts as a layer of authentication to ensure that only your legitimate tax return is accepted. If a return is filed without the correct IP PIN, it will be rejected, preventing unauthorized filings in your name.

Initially, the IP PIN program was limited to victims of identity theft or those flagged by the IRS as high-risk individuals. However, the program has now been expanded to all taxpayers who wish to voluntarily enroll. The process is straightforward and can be completed in three ways:

  • Online: Use the government’s ID.me service to verify your identity. This option typically takes 15–20 minutes.
  • By Mail: Submit a paper application to the IRS.
  • In-Person: Schedule an appointment at an IRS office for identity verification.

Once enrolled, your IP PIN is valid for one year and cannot be reused. Each year, you can opt to receive a new PIN, providing an added layer of security. This feature prevents fraudsters from exploiting a stolen PIN even after its use in a prior tax season.

Best Practices for Taxpayers

For most taxpayers, opting for an annually renewed IP PIN is the ideal choice. This ensures you have updated protection each year without the need to manage multiple PINs simultaneously. If you ever misplace your PIN, you can retrieve it by logging into your IRS account using your ID.me credentials. To streamline this process, consider using a password manager to securely store your account credentials, including a strong, unique password for your government account.

By adopting these best practices, you can reduce the stress of tax season and protect yourself against fraud. For more information, visit the IRS’s FAQ page on the Identity Protection PIN program. This simple yet effective system offers much-needed peace of mind during the often overwhelming task of filing your US tax return.

Read more »
Malicious Apps
Cyber Fraud FBI Financial Scam Malicious Apps

FBI Warning: Avoid Installing Malicious Apps to Safeguard Your Financial Data

 

FBI Warns Smartphone Users About Malicious Apps

Smartphone users are being urged to exercise caution when downloading apps as some may be designed to steal personal data and send it to fraudsters, leading to potential scams. This alert applies to both Android and iPhone users. Malicious apps often disguise themselves as legitimate but, once installed, request permissions that grant access to sensitive information, making users vulnerable to cybercrimes.

On January 18, the FBI issued a public warning, highlighting that these apps have already compromised numerous bank accounts. Despite ongoing efforts by Google and Apple to strengthen app regulations, scammers continue to exploit vulnerabilities. The FBI has labeled this threat as the "Phantom Hacker," underscoring the sophisticated techniques fraudsters use to infiltrate devices through deceptive applications.

Once malicious apps gain access to customer data, scammers often pose as bank officials, warning users of a fake security breach on their accounts. In the panic that follows, users may be coerced into transferring funds to a so-called "secure" account, falling prey to the scam. Additionally, fraudsters sometimes impersonate technical support representatives, tricking users into revealing even more personal information.

To protect yourself, always verify the authenticity of an app before downloading it. Research the developer thoroughly, read customer reviews, and scrutinize app ratings. For banking and financial apps, ensure you download only from official sources, such as scanning the QR code provided on your financial institution's website. Scammers frequently submit counterfeit apps to the Google Play Store and Apple App Store, which unsuspecting users might download, unknowingly exposing private data to hackers.

Cybersecurity experts emphasize the importance of vigilance when interacting with unfamiliar apps or unsolicited communications. Being aware of potential risks and taking proactive steps can help smartphone users avoid falling victim to these increasingly sophisticated scams.

Read more »
synthetic identity theft
credit freeze Cyber Fraud Frankenstein fraud Identity Protection Phishing Scams stolen Social Security numbers synthetic identity theft

Synthetic Identity Fraud: A Growing Concern for Vulnerable Individuals

 

Criminals creating identities by piecing together stolen data sounds like a plot from a horror film. Unfortunately, "Frankenstein fraud," a form of synthetic identity theft, is an alarming reality. This crime involves using a Social Security number (SSN) and merging it with other stolen or fabricated details like names, addresses, or birth dates to form a new identity.

Synthetic identity theft, often termed Frankenstein fraud, involves crafting entirely new identities by blending real and fictitious information. 

According to fraud expert Frank McKenna, this practice affects up to 15 million consumers in the U.S., many of whom remain unaware. Vulnerable groups, such as children, the elderly, and the homeless, are prime targets due to their limited credit activity.

This crime costs billions annually — FiVerity reports $20 billion in losses in 2020 alone. Criminals meticulously construct fake identities using stolen SSNs, often purchased on the dark web, obtained through data breaches, or extracted via phishing scams. These fabricated profiles initially face credit denials but eventually become recognized by credit bureaus. Over time, fraudsters build creditworthiness using these false identities, only to abandon them after maxing out loans and credit lines.

The aftermath of this crime can be devastating. Victims — often unaware of the fraud — may face financial liabilities and damaged credit. Fraudsters’ actions leave lenders and real SSN owners to bear the consequences.

Protect Yourself Against Synthetic Identity Fraud

1. Freeze Credit Reports
Implementing a credit freeze with major bureaus prevents unauthorized access to your reports, safeguarding against new credit accounts. Consider freezing children’s and elderly relatives' credit as well.

2. Monitor Credit Regularly
Use tools like Capital One's CreditWise or AnnualCreditReport.com to detect suspicious activity or data breaches.

3. Avoid Phishing Scams
Stay vigilant against fraudulent messages from entities claiming to represent banks or government agencies. Verify the source directly.

4. Secure SSN Documents
Shred unnecessary documents containing your SSN, and secure digital copies.

4. Check Social Security Statements
Regularly review Social Security statements to detect unauthorized use of your SSN.

Moreover, synthetic identity fraud is a complex and evolving threat, but staying informed and taking proactive steps can significantly reduce your risk. By safeguarding your information and monitoring your credit, you can help protect yourself and your loved ones from becoming victims of this alarming crime.
Read more »
User Privacy
Cyber Fraud India Online Scam TRAI User Privacy

TRAI Calling: Fraudsters Are Now Employing Novel Strategy to Target Mobile Users

 

As the government intensifies efforts to raise awareness about digital arrests and online financial fraud, fraudsters have shifted their strategies to stay ahead. A concerning trend has emerged where these individuals pose as representatives of the Telecom Regulatory Authority of India (TRAI). Exploiting the credibility associated with the regulatory body, they attempt to deceive unsuspecting users.

These fraudsters often initiate contact by mimicking official government alert messages that warn the public about scams. The tone and language of their communication are crafted to appear authoritative and urgent, persuading recipients to trust the information. In many cases, the messages aim to extract sensitive data, such as personal identification numbers, bank account details, or login credentials, under the guise of preventing fraud.

Such scams highlight the need for individuals to remain vigilant and verify the authenticity of any unsolicited messages or calls claiming to be from regulatory authorities. It is essential to cross-check the source of the communication, avoid sharing sensitive information over the phone or through unverified links, and report suspicious activities to the appropriate authorities.

By staying informed and adopting proactive measures, users can protect themselves from becoming victims of these evolving schemes, contributing to a safer digital environment for all.


Read more »
Telegram
Crypto scams Cyber Fraud Encryption malware scams phishing tactics Telegram

Report: Telegram Crypto Scammers Adopt More Sophisticated Tactics

 

Telegram, a popular communications app known for encrypted messaging and calls, has become a prime target for sophisticated malware scams, according to the Web3-focused Scam Sniffer account on X. Sharing data on the platform, Scam Sniffer revealed that scammers on Telegram are now deploying malware instead of traditional phishing tactics.

The app, often considered an alternative to WhatsApp and Signal, offers privacy through encryption, making it attractive for both legitimate users and scammers. Previously, cryptocurrency scams on Telegram relied heavily on phishing techniques involving spoofed web pages and social engineering to extract sensitive information or access to crypto wallets.

However, the latest scam wave employs deceptive tools like fake verification bots, scam trading groups, and so-called “exclusive alpha groups,” as noted by Scam Sniffer. Victims are tricked into installing malware disguised as verification tools. Once installed, the malware can access passwords, wallets, clipboard data, and even browser information, leaving victims highly vulnerable.

Scammers have shifted to malware schemes partly because users are now more aware of traditional phishing tactics. Scam Sniffer pointed out that these new approaches make it harder to trace the source of the scams. The rise in cryptocurrency scams has been dramatic, with data showing over 2000% growth in dedicated scam groups. Bitcoin's soaring value, surpassing $100,000, has made cryptocurrency users more frequent targets.

Telegram has actively banned accounts involved in these scams, but managing the volume of malicious actors remains challenging. The website “Web3 is Going Great,” which tracks Web3-related scams, reports $7.84 million in losses from scams and hacks so far this year.
Read more »
job Frauds
Bengaluru Courier Scam Cyber Fraud Fake Investment job Frauds

AI-Led Cyber Fraud on a Rise in Bengaluru, Rs 1,788 Crore Stolen During Major Scam

 



Bengaluru emerges as the leading tech-enabled city for scams: Cyber fraud has been on an upward spiral during the period 2021 through September 2024, reports the police while citing the cumulative loss to this city as an amount of Rs 2,270 crore during the period and six major types of scams where the loss involved nearly Rs 1,788 crore.


Important Fraud Categories

The figures point to considerable losses in the following fraud types: 

Investment Frauds: Unrealistic returns promised by fraudsters led to a loss of ₹1,187.2 crore. 

Job Frauds: Losses due to fake job offers stood at ₹601.23 crore. 

Courier Scams: Well developed courier-related schemes accounted for ₹165.57 crore. 

Card Scams: Stolen card details used for fraudulent transactions resulted in losses of ₹116 crore.

Phishing Attacks: Emails and messages designed to steal personal data caused ₹96.98 crore in damages.  

Loan App Frauds: Fraudulent lending platforms resulted in ₹32.25 crore in losses.  


Challenges in Recovery

Recovery of stolen funds is still a challenge for the investigators. Police have identified two major hurdles:

Delayed Reporting: Victims mostly delay reporting frauds, and thus miss the most crucial "golden hour," when funds can be frozen.  

Lag in Banks' Response: Banks used to take up to eight days to provide account details, which adversely affected recovery operations. This is now reduced to 4-5 days, post meetings with RBI, but there is more to be achieved.


AI in Cybercrime

AI has been a gambler for scamsters in Bengaluru. Advanced technologies are being made use of to devise highly believable frauds: 

  • Voice Cloning: AI produced voice replicas make the victim believe he is communicating with his trusted contact.  
  • Improved Courier Scams: AI assists scammers to fabricate more convincing courier fraud scenarios.  
  • Fake Investment Platforms: AI interfaces mimic authentic apps, to look incredibly real.  


Proposed Solutions

To counter these emergent threats, the authorities have stressed the requirement of public education and systemic reformation. The CEN wing has suggested that: 

1. There should be a campaign for citizen education about prevailing scams. 

2. There should be better coordination among banks, the police, and regulatory bodies so that the responses are faster. 

3. A specific cybercrime wing with special resources should be developed, as already announced by the government.


Although measures to improve response times and raise awareness have shown promise, experts stress that more robust systems are needed to tackle the growing paradigm of cybercriminals. With AI reshaping the way scams operate, staying informed and cautious is now more crucial than ever.



Read more »
Indian Cybercrimes
Cyber Fraud Cyber Security awareness cybercriminal arrests Fraud Indian cyber crimes Indian Cybercrimes

Rajasthan Police Arrest 30 in ₹30 Crore Cyber Fraud Under 'Operation Cyber Shield'

 


In a significant crackdown on cybercrime, Rajasthan Police arrested 30 individuals involved in cyber fraud on Saturday, January 11, 2025. The arrests were the result of coordinated raids conducted across 40 locations in five police station areas in Jaipur. The accused, linked to eight separate gangs, are suspected of fraudulent activities amounting to ₹30 crore. Additionally, two minors connected to these cybercrime operations were also detained. 

According to Deputy Commissioner of Police (Jaipur West), Amit Kumar, the arrested individuals were not only actively engaged in cyber fraud but were also training others in sophisticated techniques to deceive victims. The gangs employed various deceptive strategies, including impersonating monks and astrologers to exploit vulnerable individuals by offering rituals to solve personal problems. A notable suspect, a 25-year-old from the Tonk district, had reportedly received specialized cybercrime training in Sri Lanka. This international connection highlights the organized and transnational nature of these criminal operations, reflecting a growing trend in cyber-enabled economic crimes. 
 
‘Operation Cyber Shield’: A Targeted Response to Rising Cybercrime 

 Launched on January 2, 2025, the month-long ‘Operation Cyber Shield’ is a dedicated campaign aimed at combating the surge in cybercrime across Rajasthan. This initiative focuses on dismantling the infrastructure supporting organized cyber-enabled financial fraud, addressing public complaints, and raising cybersecurity awareness among citizens. Key achievements of the operation's initial phase include:
  • Blocked Bank Accounts: 135 bank accounts linked to fraudulent transactions were blocked.
  • Unified Payments Interfaces (UPIs): 64 UPIs were frozen to disrupt the flow of illicit funds.
  • ATM Seizures: 20 ATMs used in the scams were deactivated.
These proactive measures aim to cut off financial channels used by cybercriminals and prevent further victimization. 
 
Seized Items and Ongoing Investigations During the raids, authorities seized a significant amount of equipment used in fraudulent operations. The recovered items include:
  • Laptops and mobile phones for executing and managing scams.
  • ATM cards and WiFi routers to facilitate transactions and maintain anonymity.
  • CCTV cameras and HDMI cables potentially used for surveillance and monitoring.
  • Bank passbooks, cheque books, and passports indicating attempts at identity fraud and money laundering.
Six criminal cases have been registered under the Bhartiya Nyaya Sanhita and the Information Technology Act at Kardhani, Kalwar, Harmada, Karni Vihar, and Bindayaka police stations. These cases are currently under detailed investigation. 
 
The alarming rise in cybercrime across Rajasthan — especially in digital arrest scams, online betting frauds, and financial scams — has led authorities to prioritize immediate action. Many victims of these frauds are elderly individuals and women, who are often targeted due to their perceived vulnerability. To counter this, the Cyber Crime Branch has initiated “hotspot mapping” to identify and monitor regions with a high frequency of cybercriminal activity. This strategic approach aids in disrupting criminal networks and preventing future offenses. 

Beyond enforcement, ‘Operation Cyber Shield’ emphasizes public education on cybersecurity. The campaign aims to:
  • Raise Awareness: Inform citizens about common cyber fraud tactics to prevent victimization.
  • Address Complaints Promptly: Ensure that public grievances related to cybercrime are effectively resolved.
  • Prevent Cybercrime: Equip individuals with knowledge and tools to recognize and report suspicious activities.
By combining stringent law enforcement with widespread awareness efforts, Rajasthan Police seeks to curb the growing menace of cyber fraud and build a more secure digital environment for its citizens. 
  
The success of this operation underscores Rajasthan Police's commitment to dismantling cybercrime networks and protecting citizens from digital threats. ‘Operation Cyber Shield’ not only aims to bring offenders to justice but also empowers the public to stay vigilant against cybercriminal tactics. As the campaign progresses, authorities continue to urge citizens to report suspicious online activities and adopt safe digital practices. Through proactive measures and community involvement, Rajasthan moves closer to safeguarding its people from the ever-evolving challenges of cybercrime.
Read more »
Web3 Wallet
Crypto Scam Cyber Fraud ScamSniffer Transaction Simulation Web3 Wallet

New Crypto Threat: Transaction Simulation Spoofing Leads to $460,000 Ethereum Theft

 


Cybercriminals are employing a sophisticated technique called “transaction simulation spoofing” to steal cryptocurrency, with a recent attack resulting in the theft of 143.45 Ethereum (ETH), valued at nearly $460,000. This exploit, identified by blockchain security platform ScamSniffer, targets vulnerabilities within the transaction simulation features of modern Web3 wallets—tools designed to protect users from malicious and fraudulent transactions.
 
How the Attack Works

Transaction simulation is a security feature that allows users to preview the outcome of a blockchain transaction before approving and executing it. This function helps users verify transaction details, such as:
  • The amount of cryptocurrency being sent or received.
  • Applicable gas (transaction) fees.
  • Changes to on-chain data resulting from the transaction.
Attackers exploit this feature by directing victims to a fraudulent website disguised as a legitimate platform. On this site, users are prompted to interact with a seemingly harmless “Claim” function. The simulation preview misleadingly shows that the user will receive a small amount of ETH. However, due to the brief time gap between simulation and actual execution, attackers manipulate the on-chain contract state, altering the transaction’s behavior. When the user approves the transaction based on the simulation, they unknowingly authorize the transfer of their entire cryptocurrency balance to the attacker’s wallet. ScamSniffer reported a real-world example where a victim signed the deceptive transaction just 30 seconds after the contract state was modified, leading to the loss of 143.45 ETH.


“This new attack vector represents a significant evolution in phishing techniques,” stated ScamSniffer. “Instead of relying on basic deception, attackers are now exploiting trusted wallet features that users depend on for security. This advanced method makes detection much more difficult.”

Mitigation Strategies for Wallet Developers

To counteract such threats, ScamSniffer recommends several security improvements for Web3 wallets:
  • Limit Simulation Refresh Rates: Align refresh rates with blockchain block times to reduce the window for manipulation.
  • Mandatory Simulation Refresh: Force wallets to refresh simulation results before executing critical actions.
  • Expiration Warnings: Implement alerts that notify users when simulation results become outdated.

Precautions for Crypto Holders

For cryptocurrency users, this incident highlights the risks of fully trusting wallet transaction simulations. To enhance security, users should:
  • Exercise caution with “free claim” offers on unfamiliar websites.
  • Only interact with verified and trusted decentralized applications (dApps).
  • Regularly review wallet permissions and revoke access to suspicious platforms.
As phishing tactics grow more sophisticated, staying vigilant and adopting secure practices is crucial for protecting digital assets.
Read more »
URL obfuscation
Cyber Fraud fake YouTube links Microsoft 365 phishing password expiry scam Phishing Scams phishing tactics URL obfuscation

This Phishing Trend is Exploiting YouTube URLs Through O365 Expiry Themes

 


A recent surge in phishing campaigns has revealed attackers leveraging cleverly obfuscated URLs and Microsoft 365 password expiry warnings to trick users into surrendering their credentials. Here's a breakdown of the latest findings:

The phishing emails consistently use subject lines formatted as: “ACTION Required - [Client] Server SecurityID:[random string]”.

The email body prompts recipients to reconfirm their passwords due to expiry, with clickable buttons labeled “Keep [USER EMAIL] Access Active.”

Tactics Employed

- Fake YouTube Links: Attackers embed links starting with seemingly legitimate URLs (e.g., youtube.com), followed by obfuscated characters like %20.

- URI Obfuscation: By including the @ symbol in URLs, attackers redirect users to malicious domains (e.g., globaltouchmassage[.]net), disguising them as trustworthy.

Key Indicators

  • URLs with excessive %20 (HTML space encoding)
  • The use of an @ symbol to split the URL:
  • Content before the @ is treated as irrelevant.
  • Content after the @ is the actual domain.
  • Redirectors and phishing kits such as Tycoon 2FA, Mamba 2FA, and EvilProxy are commonly used.
Browsers interpret URLs with @ symbols by treating everything before it as user credentials, redirecting to the domain after the @.

This tactic leverages legitimate services like YouTube to create a false sense of trust, increasing the likelihood of users clicking without inspecting the URL

To combat these threats, organizations should take a multi-pronged approach. Start by educating users to inspect URLs for anomalies such as %20 and @ symbols, and to be cautious of emails that demand immediate action on accounts or passwords. On the technical front, implement URL filtering and blocklists to prevent access to known malicious domains, and use sandbox tools to analyze suspicious links safely. Lastly, encourage employees to report any suspicious emails to the IT or security team immediately to ensure swift action and monitoring.

As phishing tactics grow more sophisticated, attackers exploit trust in legitimate platforms. Remain vigilant, verify links, and educate your workforce to stay protected.
Read more »
Databreach
Crypto Wallet Cryptocurrency Breach Cyber Fraud Cyberattacks Cybersecurity Databreach

$494 Million Stolen in Cryptocurrency Wallet Breaches This Year

 


As a result of the churning threat landscape, new threats are always emerging while others disappear or fade into irrelevance. Wallet drainers trick their victims into signing malicious transactions in order to steal their assets. As the name implies, Wallet Drainer is a malicious malware that is used on phishing websites in order to steal crypto assets through the enticement of users to sign malicious transactions. It was estimated that such attacks would result in an average loss of about $494 million in 2024. 

As part of its web3 anti-scam platform, Scam Sniffer, which has been monitoring wallet drainer activity for some time, these insights are derived. Previously, the platform has flagged attacks that have affected up to 100,000 people at the same time, and these tools are phishing tools that are intended to swindle cryptocurrency from users' wallets through fake or compromised websites, thereby stealing money from the wallets of users. 

As a result of the thefts, 30 large-scale thefts involving more than $1 million were reported, with the largest single heist being worth $55.4 million. As a result of this, the number of victims increased by a whopping 6.7% compared to 2023, suggesting that victims held higher amounts on average. According to web3's anti-scam platform, Scam Sniffer, which has been tracking wallet drainer activity for some time now has reported attack waves that have affected up to 100,000 individuals at the same time. The large-scale theft incidents in 2024 were characterized by distinct phases of fraud, phishing, and other sophisticated methods for stealing digital assets. 

The purpose of wallet drainers is to trick users into connecting their wallets to suspicious websites or applications in order to steal digital assets. The first halff of the year (January-June) saw frequent, but smaller-scale incidents, resulting in individual losses that ranged from $1-8 million. In August and September, major losses accounted for 52% of the year's total large-scale losses, with $55.48 million and $32.51 million losses respectively during August and September. 

There was a significant reduction in both frequency and scale of losses during the final quarter, with individual losses typically ranging between $2-6 million, which indicated a significant improvement in market awareness of security threats. It was announced in the second quarter of this year that a drainer service known as Pink Drainer had halted operations, previously known for impersonating journalists in phishing attacks, used to compromise Discord and Twitter accounts in the name of cryptocurrency theft, has been seen to be a drainer service. This caused a decrease in phishing activity, but the scammers gradually picked up the pace in the third quarter, with the Inferno service taking the lead in August and September by causing $110 million in losses. 

The final quarter of the year was considered to be one of the quieter quarters of the year. The annual losses were only about 10.3% of the total losses recorded during 2024 as a whole. Acedrainer emerged at that time as a major player as well, claiming 20% of the drainer market, according to ScamSniffer. It was reported that a total of 90,000 victims had been identified in the second and third quarters when the losses combined ttotalled$257 million; an additional 30,000 victims had been observed in the fourth quarter, which resulted in $51 million in losses. 

There were more attacks in 2024 than at the beginning of the year, but in August and September, in particular, the two largest attacks of last year were observed, at $55.48 million and $32.51 million, respectively. According to this report, Q1 was the busiest time of the year for phishing website activity, resulting in a high rate of theft. The market adjustments made in the second half of the year, as well as the exit of major drainers such as Pink and Inferno, contributed to reduced activity levels in the second half of the year." Scam Sniffer notes. 

As far as tactics were concerned, scammers became more creative during 2024. A study by Scam Sniffer found a significant increase in the use of fake CAPTCHAs and Cloudflare pages, as well as IPFS deployments in order to evade detection. Attackers are also heavily reliant on specific signature types in order to evade detection. In 56.7% of thefts, the “Permit” signature is used to authorize token expenditure, whereas in 31.9%, the “setOwner” signature is used to change ownership rights or admin rights in smart contracts. 

It was also noted that Google Adwords and Twitter ads were used by attackers to lure victims to phishing websites. Attackers manipulated compromised accounts, bots, and fake token airdrops to reel people in through these channels. 

Defending Against Cryptocurrency Attacks 

Currently, cryptocurrency scams are on the rise, so users need to take proactive measures to protect their assets from being harmed, as the prevalence of these scams is on the rise. It is emphasized by experts that one should only interact with vetted websites to reduce exposure to fraudulent platforms. 

To prevent falling victim to phishing schemes, it is equally important that one verifies URLs meticulously before engaging in any transaction. Additionally, users are encouraged to carefully review the transaction approval prompts in order to verify that the details presented are accurate. The ability to simulate a transaction before proceeding increases the level of security by allowing individuals to identify potential risks before investing money. This is a key recommendation that should not be overlooked as well. 

In addition to these practices, it is also advisable to use the built-in wallet warnings for malicious activities. It is common for modern wallets to provide users with alerts that can help detect suspicious behaviour, allowing them to take action before it's too late. It is also possible to remove unauthorized or suspicious permissions from wallets by using token revocation tools. In addition, as cryptocurrency adoption grows globally, there will come a rising trend towards the sophistication of scams that will accompany it. 

Users must remain vigilant, and use the best practices and tools available to ensure that they navigate this evolving landscape safely and effectively in the future. In a constantly changing threat environment, it will be imperative to maintain a proactive approach to security in order to safeguard digital assets.
Read more »
User Security
Brushing Scam Cyber Fraud Fake Reviews Online fraud User Security

Security Experts Warn of Brushing Scam Involving Unsolicited Packages

 

Online shopping is something that we all love. It is time-efficient, convenient, and frequently results in the best offers and savings. However, since many people are busy with online shopping, con artists are also trying to find ways to trick consumers for their own benefit. You see, the majority of us base our decisions on whether or not to purchase anything from an online retailer on product reviews and ratings. 

According to reports, scammers are using popularity and review manipulation to create phoney sales in a new scheme known as the "Brushing Scam.” 

Modus operandi 

The brushing scam is a fraudulent online practice when con artists deliver fake products to victims and then write reviews online using their identities. Chinese e-commerce tactics known as "brushing" are where sellers fabricate orders and reviews to boost their product ratings.

In this fraudulent campaign, random e-commerce site consumers receive unsolicited deliveries from vendors. These parcels frequently include low-quality, inexpensive products like seeds, tiny devices, or costume jewellery. After the delivery is delivered, the con artists use the recipient's name to write five-star reviews on the product page, which increases the product's visibility and creates a false sense of popularity on websites like Amazon and AliExpress. 

Targeting unsuspecting users

This scam, according to the McAfee investigation, aims to manipulate sales data and give the impression that there is a demand for and quality of products on e-commerce platforms. 

This method is misleading to genuine customers, who are therefore influenced to buy products based on phoney reviews rather than real customer reviews. How dangerous can it be, though, if users are receiving free goods? Through this scam, con artists are taking advantage of your personal data, and if you don't take any safeguards, they may even steal your money. 

As previously stated, scammers increase the popularity of products by sending unwanted deliveries using the identities and addresses of naïve e-commerce users. And they can get this information through data breaches or illegal purchases of private data. Receiving such a package could mean that your personal information has been stolen, presenting serious concerns such as identity theft and other privacy crimes. 

Beside from identity theft and misleading reviews, ABC Action News reports that many unwanted parcels now include QR codes inviting recipients to scan them. Scammers send tempting deals such as, "Scan this QR code to leave a review and win a $500 gift card." Scanning these QR codes may lead to fraudulent websites that attempt to steal sensitive information or install malware on your device. The stolen personal information can subsequently be exploited for financial theft or phishing attempts.
Read more »
User Security
Clickjacking Cyber Fraud Fake Captcha Malicious Campaign User Security

New “Double-Clickjacking” Threat Revealed: Security Settings at Risk

 

Cybersecurity experts are raising alarms about a new twist on the classic clickjacking attack technique. Paulos Yibelo, a security engineer at Amazon, has uncovered a variant called “double-clickjacking,” capable of disabling security settings, deleting accounts, or even taking over existing ones. This novel approach reignites concerns over online safety, urging users to be cautious when interacting with websites.

Clickjacking is a malicious tactic where hackers manipulate user clicks on one website to trigger unintended actions on another. For instance, a user might think they are clicking a button to navigate a site but inadvertently perform an action, such as making a purchase, on an entirely different platform.

Double-clickjacking takes this concept further by introducing an additional click. This adaptation helps attackers bypass modern browser protections that no longer deliver cross-site cookies. According to Yibelo, this seemingly minor tweak “opens the door to new UI manipulation attacks that bypass all known clickjacking protections.”

In documented cases, hackers lure victims to phishing websites, often disguised with a standard CAPTCHA verification process. Instead of typing text or identifying objects in images, users are prompted to double-click a button to prove they are human.

Here’s where the attack takes place:

  • First Click: The user closes the top window, seemingly completing the CAPTCHA process.
  • Second Click: This click is redirected to a sensitive page, such as an OAuth authorization or account settings page. The victim unknowingly confirms permissions, disables security features, or performs other critical actions.

Yibelo explains that this subtle manipulation is effective against many popular websites, allowing attackers to gain OAuth and API authorizations. The attack can also facilitate one-click account modifications, including disabling security settings, deleting accounts, authorizing money transfers, and verifying sensitive transactions. Even browser extensions are not immune to this method.

The Implications for Online Security

The resurgence of clickjacking attacks, now enhanced by the double-click variant, poses significant risks to both individual and organizational security. By exploiting common website interfaces and leveraging seemingly harmless CAPTCHA verifications, attackers can easily gain unauthorized access to sensitive information and functionalities.

Yibelo’s findings serve as a stark reminder of the evolving nature of cybersecurity threats. Websites must remain vigilant, regularly updating their defenses to counter these new manipulation techniques.

How to Stay Safe

Cybersecurity professionals recommend the following precautions to minimize the risk of falling victim to double-clickjacking:

  • Verify Websites: Always ensure you are on a legitimate website before interacting with any CAPTCHA or button.
  • Update Software: Keep browsers and extensions up-to-date with the latest security patches to reduce vulnerabilities.
  • Use Anti-Phishing Tools: Enable browser settings or software designed to detect and block phishing sites.
  • Be Skeptical: Avoid double-clicking buttons on unfamiliar sites, especially if prompted during unexpected verifications.

As cyber threats continue to evolve, user awareness remains a critical line of defense. The discovery of double-clickjacking highlights the importance of staying informed and cautious while navigating the digital world. By adopting secure browsing habits and staying vigilant, individuals and organizations can protect themselves against this emerging attack vector.

Read more »
online games
Cookies Cyber Fraud Discord Email malware online games

Watch Out: Fake Game Invites on Discord Are Stealing Your Personal Data

 



There is a new online scam, where cyber criminals trick people into downloading harmful software under the pretext of beta testing a game. This campaign targets people on platforms such as Discord, email, and even text messages, aiming at stealing personal information and compromising accounts online. 


How does this work?

The scam starts by sending a harmless message. In this case, a user on Discord or elsewhere receives a direct message from a purported game developer claiming to have sent them a new game to play. The user is asked whether they would want to try the supposed game. In most cases, these messages come from compromised accounts, so the request seems all the more real.

If the victim consents, the attacker shares a download link and password to the target so that they can actually access and start downloading the game file. These links are usually Dropbox or even Discord's network because most malware authors upload their creations to an existing, popular platform. But what users download aren't games-these are referred to as information stealers.


What Do These Malware Applications Do?

Once installed, these programs, such as Nova Stealer, Ageo Stealer, or Hexon Stealer, begin extracting sensitive data. This may include: 

1. Saved browser passwords

2. Session cookies for services like Discord or Steam

3. Wallet information for cryptocurrencies

4. Credit card information

6. Two-factor authentication (2FA) backup codes

The Nova Stealer and Ageo Stealer are the new wave called Malware-as-a-Service (MaaS). This enables cybercriminals to rent these tools to conduct attacks. Nova Stealer even leverages a feature called a Discord webhook, allowing it to send information directly to hackers so they could know right away how much data had been stolen and not have to manually check.

Another tool that is used in these scams is the Hexon Stealer. It is a highly dangerous tool since it can gather a wide variety of personal information. Using such information, it hacks into Discord accounts and enables the attackers to send similar fake messages to the contacts of the victim, thereby further spreading the malware. 


Why Do Hackers Target Discord?

The main focus of these attacks is the Discord credentials. When hackers get access to a person's account, they can pretend to be that person, deceive their friends, and expand their network of victims. This cycle of exploitation of trust makes the scam so effective. 


How to Identify Fake Game Websites

Fake download pages are usually built using common web templates. Such sites appear legitimate but host malware. Among them are the following:  

  • dualcorps[.]fr
  • leyamor[.]com 
  • crystalsiege[.]com 
  • mazenugame[.]blogspot.com

These sites are hosted on platforms that are resistant to takedown requests, making it difficult for researchers to shut them down. If one site is removed, attackers can quickly set up a new one. 


How Can You Protect Yourself? 

To keep yourself safe, follow these simple guidelines:

1. Be cautious with unsolicited messages: If someone you don’t know—or even a known contact—sends a download link, verify its authenticity through another platform.  

2. Avoid downloading unknown files: Don’t download or install anything unless you’re certain it’s legitimate.  

3. Use updated security software: An active anti-malware program can block known threats.

4. Be watchful of phony websites: Be on the lookout for amateurism or copy-and-paste designs when viewing suspicious sites.


In the end, this scamming attack is meant to reap a financial reward; it may come in the form of stolen cryptocurrency, credit card information, or other sensitive details. Knowing how this attack works can help you safeguard your data from cybercrime attacks.

Stay informed and be careful—your online safety depends on it.

Read more »
User Security
Cyber Fraud Email scam Fraudulent Scheme Milwaukee User Security

Milwaukee Residents Warned of Parking Ticket Scam

 

A fraudulent text message claiming to notify residents about an overdue City of Milwaukee parking penalty has been flagged as a scam and should be deleted, city authorities announced earlier this week.

According to Ald. Lamont Westmoreland, the scam operates by sending recipients a text message stating that a parking ticket must be resolved to avoid late charges. The message urges recipients to click on a link.

Westmoreland warned that clicking the link could expose the user’s phone to malware or ransomware. He also advised anyone who has shared credit or debit card information through the scam to contact their financial institution immediately to ensure their accounts are secure.

The fraudulent text message includes the city’s logo and seal, along with a URL containing “milwaukee.com,” according to a screenshot shared by Westmoreland. These elements make the message appear legitimate, increasing the likelihood of deception.

City's Official Statement

The Department of Public Works clarified that the city does not issue parking penalties via text message. Official tickets are delivered either by registered mail or by being physically placed on the vehicle.

The department urged residents not to click on links or share personal information in response to such messages. Victims of the scam are encouraged to report the incident to the Milwaukee Police Department.

If you have questions about parking tickets, you can contact the city directly at 414-344-0840. Ald. Westmoreland expressed disappointment over the scam, stating: “It’s really sad that scammers are resorting to using what appears to be a legit city source to run a scam like this, but it is not surprising.”

Read more »
RBI report
bank frauds banking fraud statistics Cyber Fraud Digital Fraud digital lending financial risk Internet Fraud mule accounts private sector banks public sector banks RBI report

RBI Report Highlights Rising Fraud Incidents and Financial Impact

 

The Reserve Bank of India (RBI) has revealed a significant rise in bank fraud cases during the first half of the current fiscal year. According to the Report on Trend and Progress of Banking in India 2023-24, fraud cases from April to September reached 18,461, involving a staggering ₹21,367 crore. This reflects a sharp increase compared to 14,480 cases amounting to ₹2,623 crore during the same period last year.

The Reserve Bank of India (RBI) report reveals a significant 28% rise in fraud incidents and an eight-fold increase in the financial impact during 2023-24. These frauds pose critical challenges, including reputational, operational, and financial risks, alongside the erosion of customer trust in the banking system.

Trends in Internet and Card-Related Frauds

Internet and card-related frauds have emerged as the most prevalent, accounting for:

  • 44.7% of Total Fraud Amounts: The highest share of financial losses.
  • 85.3% of Reported Cases: A majority of the incidents in 2023-24.

Private sector banks were implicated in 67.1% of these cases, while public sector banks incurred the largest financial losses, especially in card and online fraud categories.

In response to the alarming increase in fraud, regulatory penalties for banks more than doubled in 2023-24, reaching ₹86.1 crore. Key contributors included:

  • Public and Private Sector Banks: Accounted for the majority of penalties.
  • Cooperative Banks: Witnessed a decline in regulatory penalties.

Addressing Fraud in Digital Lending

The RBI highlighted fraudulent schemes in the digital lending space, where perpetrators falsely claim associations with regulated entities. To combat this, the central bank is developing a public repository of verified digital lending apps.

“Many cases of digital fraud stem from social engineering attacks, but there is a growing trend of using mule accounts to facilitate these frauds,” the RBI noted in its report.

Enhancing Fraud Prevention Measures

The report underscored the need for banks to strengthen their fraud prevention mechanisms, particularly in:

  • Customer Onboarding: Enhancing verification processes to detect fraudulent accounts.
  • Transaction Monitoring: Improving systems to identify and prevent suspicious activities.

“This exposes banks not only to serious financial and operational risks but also to reputational risks. Banks, therefore, need to strengthen their customer onboarding and transaction monitoring systems to monitor unscrupulous activities,” the RBI emphasized.

Collaborative Efforts to Tackle Fraud

To curb systemic fraud, the RBI is collaborating with law enforcement agencies (LEAs) through:

  • Enhanced coordination and information sharing.
  • Improved transaction monitoring systems.
  • Best practices to control mule accounts and prevent digital fraud.

The RBI’s initiatives aim to fortify the financial system’s resilience against these evolving threats, ensuring greater security and trust in the banking sector.

Read more »
SharePoint
Credential Theft Cyber Fraud Cyber Threats Microsoft 365 login Microsoft visio Phishing Attack Phishing Campaigns SharePoint

New Two-Step Phishing Attack Exploits Microsoft Visio and SharePoint

 

A novel two-step phishing strategy is targeting Microsoft Visio files (.vsdx) and SharePoint, signaling a new trend in cyber deception, according to experts. Researchers at Perception Point have noted a significant rise in attacks leveraging these previously uncommon .vsdx files.

These files act as delivery tools, directing victims to phishing pages that replicate Microsoft 365 login portals, aiming to steal user credentials.

The two-step phishing attacks employ layered techniques to evade detection. Rather than delivering harmful content directly, these campaigns use trusted platforms like Microsoft SharePoint to host files that appear legitimate. Attackers embed URLs within Visio files, which redirect victims to malicious websites when clicked, bypassing traditional email security systems.

Microsoft Visio, a popular tool for professional diagram creation, has now become a phishing vector. Cybercriminals send emails with Visio files from compromised accounts, often mimicking urgent business communications such as proposals or purchase orders. This tactic encourages recipients to act quickly, increasing the likelihood of success.

Since the emails come from stolen accounts, they often pass authentication checks and evade recipient security filters. In some cases, attackers include .eml files within the emails, embedding additional malicious URLs linked to SharePoint-hosted files.

The Visio files typically contain a clickable button labeled "View Document." Victims are instructed to press the Ctrl key while clicking the button to access the malicious URL. This step, requiring manual interaction, bypasses automated security systems that cannot simulate such behaviors.

Perception Point advises organizations to strengthen their defenses against sophisticated phishing campaigns by adopting advanced threat detection solutions. Suggested measures include:

  • Dynamic URL analysis to identify harmful links.
  • Object detection models to flag suspicious files.
  • Enhanced authentication mechanisms to reduce the impact of compromised accounts.
Read more »
Subscribe to: Posts (Atom)