Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Cyber Scams. Show all posts
latest news
cyber attack Cyber Attacks Cyber campaign Cyber Scams Fake Updates latest news

New FakeUpdate Cyber Campaign Spreads Updated WarmCookie Backdoor in France

A new wave of cyberattacks is targeting users in France, exploiting fake browser and software update prompts to spread an updated version of the WarmCookie backdoor. The campaign, dubbed “FakeUpdate,” has been linked to the SocGolish threat group, known for using compromised or fake websites to display deceptive update messages for popular applications like Google Chrome, Mozilla Firefox, Microsoft Edge, and Java. 

When users fall for these fake update alerts and click on them, malicious software is installed on their systems instead of a legitimate update. This payload includes tools like info-stealers, remote access trojans (RATs), cryptocurrency drainers, and ransomware. According to researchers from Gen Threat Labs, the WarmCookie backdoor being distributed in this campaign is more advanced than its previous versions. 

Initially discovered by cybersecurity firm eSentire in 2023, WarmCookie is designed to steal data, capture screenshots, run arbitrary commands, and drop additional malicious files. In this latest campaign, it has been updated with new features, such as the ability to run DLLs from a system’s temporary folder and execute PowerShell and EXE files. The infection chain begins when users click on fake update prompts that closely mimic legitimate update notifications. 

Once clicked, a JavaScript file triggers the download of the WarmCookie installer, which bypasses security checks and installs the backdoor. The malware can evade detection through anti-virtual machine (anti-VM) checks, ensuring it’s not being monitored by security analysts before sending system data to its command and control (C2) server. 

While the attackers are primarily using compromised websites to distribute these fake updates, researchers also identified malicious domains designed to look like official update sites, such as “edgeupdate[.]com” and “mozilaupgrade[.]com.” Experts warn that legitimate browsers, including Chrome, Edge, and Firefox, update automatically and do not require users to manually download update files. 

Any pop-up asking users to do so should be viewed with suspicion and avoided.
Read more »
security threat
Cyber Attacks Cyber Scams CyberCrime CyberThreat Digital Detention Fraud security threat

Cybercriminals Impersonate Law Enforcement in New 'Digital Detention' Scam

 


As part of a collaboration between the Indian Cyber Coordination Centre (I4C) and Microsoft, an anti-cyber fraud agency has banned more than 1,000 Skype accounts that are believed to have been used to intimidate, blackmail, extort and digitally arrest citizens by cybercriminals posing as police officers, the Central Bureau of Investigation (CBI), the Narcotics Department, the RBI, or Enforcement Directorate. During the past few years, the Indian digital industry has grown at a rapid pace. 

It is increasingly necessary to rely on the Internet for everything from shopping and banking to travel and UPI. It is also important to note that because of this dependence on the digital space, threats such as scams are also present. The number of online scams has increased since a few months ago. Cybercriminals continue to find new ways to exploit technology to steal money from unsuspecting victims. It has been reported that a scam dubbed the 'Digital Arrest Scam' has been spreading rapidly over the past few days. 

Fraudsters are doing an increasingly good job of masquerading as law enforcement officers to trick unsuspecting victims with chillingly simple but extremely effective techniques. They pose as police officers or officers from the CBI or ED and launch online interrogations over platforms such as WhatsApp or Skype, where victims can be monitored over the camera while the fraudsters pose as officers from these agencies. 

As a result, the victims of these crimes are isolated, and forbidden from contacting anyone of importance, and the perpetrators threaten them in an attempt to extract money from them. As a result of "interrogation" a victim could be held in custody for anything from a few hours to a few days, and they would be told that they are locked up in a virtual prison. There was this new report about a 40-year-old doctor who was victimized by a scam called Digital Arrest Scam. 

The victim, a doctor in Noida, lost Rs 59.54 lakh as a result of cybercriminals. Fraudsters who posed as telecom officials called the victim on the phone and informed her that her name was associated with a case of money laundering and they wanted to expose her. After that, the phone was transferred to a supposed police officer from Mumbai's Tilak Nagar Police Station, who was later arrested. 

According to the "officer" the police informed the victim that an investigation had been opened into her sharing of pornographic videos, and an arrest warrant had been issued for her. Furthermore, the criminals claim that she had been implicated in a money laundering case involving Jet Airways founder Naresh Goyal and that the National Security Act of 1947 had been invoked against her to obtain her arrest. 

It was during this period that the victim was placed under digital arrest while the scammers asked for her details to steal money from her bank account between the 15th and 16th of July. As a first step in their scam strategy, scammers usually cast a wide net, calling individuals and claiming that drugs have been found inside their courier packages or that their personal information is being used to hide money. They are then subjected to a high-pressure interview process while being threatened with legal action or even arrest to obtain the details of the crime. 

An incident in which fraudsters informed the victim that his mobile number was discovered during an investigation of the criminal case against a former minister in the NCP, led to him believing that he had been targeted. Cybercriminals have developed elaborate setups that resemble police stations to enhance their credibility. These setups usually include men wearing uniforms and logos that appear to be officially licensed. 

In a disturbing case of cybercrime, scammers used a fake profile picture of a policeman on WhatsApp to deceive a businessman. The criminals accused the businessman of being involved in human trafficking, leveraging his fear and trust in authority to manipulate him. They sent him a fabricated arrest warrant and a seizure order via an online link, further escalating the pressure on the victim. In a brazen move, one of the scammers even impersonated a Supreme Court judge during a phone call with the businessman.

Through these deceptive tactics, the fraudsters convinced the businessman that he needed to undergo a "fund legalization process" and deposit his money into an account purportedly held by the Reserve Bank of India (RBI). The scam, which unfolded over a gruelling period of seven to eight hours, resulted in a significant financial loss of Rs 1.3 crore for the victim.

Despite the severity of such incidents, victims often find themselves without adequate support. While the government has publicized a cybercrime helpline number, 1930, it merely directs complainants to file their cases on the website www.cybercrime.gov.in. Even after a complaint is lodged, the responsibility to follow up and ensure action is taken largely falls on the victim.

This case highlights the broader issue of law enforcement agencies not playing a proactive role in assisting citizens who fall prey to online fraudsters. The lack of timely intervention and investigation into cybercrimes exacerbates the distress faced by victims. As cybercrime rates continue to rise, there is a pressing need for law enforcement to enhance their responsiveness and take on a more active role in protecting citizens from such sophisticated digital threats.

Read more »
Smishing Exposed
Cyber Attacks Cyber Scams CyberCrime CyberThreat Smishing Exposed

Smishing Exposed How to Recognize Report and Prevent Text Message Scams

 


In cybersecurity, SMS phishing is intercepting a user's text message through a mobile device. Phishing refers to a scam whereby victims are tricked into providing sensitive information to an attacker disguised as someone they trust. To carry out SMS phishing, malware or fraudulent websites can assist attackers. Several mobile platforms support text messaging, as well as non-SMS channels and mobile apps that use data for texting. 

A cyberattack occurred earlier this year, in which hackers stole the personal information, including health information, of more than 13 million Australians, making it one of the country's biggest cyberattacks. This may not seem like much, but keeping your phone's operating system up-to-date protects it from getting infected with malware by preventing it from becoming infected in the future. It is important to keep calm if this message seems to have an urgent feel to it. 

Users should be wary of receiving urgent messages from unknown numbers and approach them calmly so they recognize it is probably not a person looking out for their best interest. An answer given by a two-digit number is most likely to be from a scammer whose real phone number is disguised through email to text services that scammers use to conceal their real numbers: It is unlikely that a credible business, or their friends and family, would be using such a service to contact their customers.

The best way to protect your account is to use two-factor or multi-factor authorization whenever it is possible to do so. In this way, users can have their data secure from unwanted prying eyes, which increases their security. Providing a password via a text message is never a good idea. Entering the password or account recovery code directly into the official app or website that is supposed to be used for entering the password or account recovery code can help users.  

There has been a theft of customer data from MediSecure over the past couple of weeks, according to the company's announcement on Thursday, with an unknown number of such records being uploaded to the dark web. After being alerted to the breach on April 13 by suspicious ransomware being discovered on a server containing sensitive personal health data, the company publically confirmed the breach in May, almost a month after it was first discovered. 

To ensure that the information is kept safe, one of the best methods is to contact the company that is supposed to be the sender of the text. This is especially useful if the user has a bank account. If that's the case, they should contact their bank directly to get this information. A bill or statement can normally contain a direct phone number to call so that a human representative can be contacted if any questions or concerns arise. 

Please do not click on any links that may be mentioned in the text, and do not respond to any of the questions as well. Certainly! Here's a formal and expanded version of the information provided: Phishing, a form of cyberattack through SMS, relies on deceptive tactics and technological manipulation to exploit victims' trust and gather sensitive information. 

This method mirrors traditional email phishing but leverages the immediacy and personal nature of text messaging to lower recipients' defences. The approach begins with the attacker sending text messages, often personalized with the recipient's name and location, to create a sense of familiarity and legitimacy. These messages typically contain links to malicious websites or apps designed to extract private information or install malware on the victim's smartphone. 

To enhance credibility, attackers may use spoofing techniques to conceal their identity by displaying false sender information or utilizing email-text services to obfuscate their phone numbers. This masking helps them appear as legitimate entities such as banks, government agencies, or well-known organizations, thereby increasing the likelihood that recipients will comply with their requests. Social engineering plays a pivotal role in smishing attacks by exploiting human psychology and emotions. 

Attackers craft messages that evoke urgency, fear, or curiosity, prompting recipients to act hastily without due skepticism. By manipulating these emotions, attackers override critical thinking and persuade victims to divulge sensitive information or click on malicious links. The success of a smishing attack hinges on the recipient's response to the initial bait message. Once a victim interacts with the malicious link or provides personal details, attackers proceed to exploit this information for financial gain or identity theft purposes. 

Common objectives include unauthorized access to bank accounts, fraudulent credit card applications, or the unauthorized disclosure of sensitive corporate data. Mitigating the risk of smishing involves maintaining awareness of common tactics used by attackers and adopting security best practices. These include avoiding clicking on links from unknown or suspicious sources, verifying the authenticity of messages through official channels, and refraining from disclosing sensitive information via text messages. 

Furthermore, enabling two-factor authentication (2FA) wherever possible adds a layer of security by requiring a secondary form of verification before accessing accounts or services. By remaining vigilant and informed about the tactics employed by smishing attackers, individuals and organizations can better protect themselves against these increasingly sophisticated cyber threats.
Read more »
WhatsApp
Banking Data Cyber Attacks Cyber Scams E-Commerce fake Hacking WhatsApp Malaysia Malware Attack Payment Gateway WhatsApp

The Fake E-Shop Scam Campaign Sweeping Southeast Asia, seizing users banking details

 

In recent years, cybercriminals have been increasingly employing sophisticated tactics to target individuals and organizations across the globe. One such alarming trend is the proliferation of fake e-shop scam campaigns, particularly prevalent in Southeast Asia. 

These campaigns, characterized by their deceptive methods and malicious intent, pose significant threats to cybersecurity and personal privacy. The emergence of the fake e-shop scam campaign targeting Southeast Asia dates back to 2021, with a notable surge in activity observed by cybersecurity researchers in September 2022. 

Initially concentrated in Malaysia, the campaign swiftly expanded its operations to other countries in the region, including Vietnam and Myanmar. This expansion underscores the growing sophistication and reach of cybercriminal networks operating in Southeast Asia. At the heart of these malicious campaigns are phishing websites designed to deceive unsuspecting users. 

These websites often masquerade as legitimate e-commerce platforms or payment gateways, luring victims into providing sensitive information such as login credentials and banking details. Once users are enticed to visit these fraudulent sites, they are exposed to various forms of malware, including malicious Android applications packaged as APK files. 

The modus operandi of the attackers involves social engineering tactics, with cybercriminals leveraging popular communication platforms like WhatsApp to initiate contact with potential victims. By impersonating cleaning services or other seemingly innocuous entities on social media, the perpetrators exploit users' trust and curiosity, leading them to engage in conversations that ultimately result in malware infection. 

The malware deployed in these fake e-shop scam campaigns is multifaceted and constantly evolving to evade detection and maximize its impact. Initially focused on stealing login credentials for Malaysian banks, including prominent institutions like Hong Leong, CIMB, and Maybank, the malware has since incorporated additional functionalities. These include the ability to take screenshots, exploit accessibility services, and even facilitate screen sharing, granting the attackers unprecedented control over infected devices. 

Furthermore, the attackers have demonstrated a keen understanding of the linguistic and cultural nuances of their target regions. In Vietnam, for example, the campaign specifically targeted customers of HD Bank, employing phishing websites tailored to mimic the bank's online portal and language. Similarly, in Myanmar, the attackers utilized Burmese language phishing pages to enhance the credibility of their schemes among local users. 

The implications of these fake e-shop scam campaigns extend beyond financial losses and reputational damage. They represent a direct assault on user privacy and cybersecurity, with far-reaching consequences for individuals and businesses alike. The theft of sensitive personal and financial information can lead to identity theft, unauthorized transactions, and even ransomware attacks, resulting in significant financial and emotional distress for victims. 

In response to these evolving threats, cybersecurity experts emphasize the importance of proactive measures to safeguard against malicious activities. This includes exercising caution when interacting with unfamiliar websites or online advertisements, regularly updating antivirus software, and staying informed about emerging cybersecurity threats. 

Ultimately, combating the scourge of fake e-shop scam campaigns requires collective action and collaboration among stakeholders across the cybersecurity ecosystem. By raising awareness, implementing robust security measures, and fostering a culture of cyber resilience, we can mitigate the risks posed by these insidious threats and protect the integrity of our digital infrastructure.
Read more »
Three Brotherhood Alliance
China Cyber Scams Cyber Security Myanmar Online Scams Pig Butchering rebel groups Three Brotherhood Alliance

Myanmar Rebels Take Authority of ‘Pig Butchering’ Scam City Laukkaing


Well known for being a hub for online scams near the border with China, Laukkaing is presently under the authority of a coalition of rebel groups in Myanmar.

On Thursday, the Three Brotherhood Alliance, which had conducted a surprise attack in Shan state, on the country's northern border, in late October, took over the city from the military administration of Myanmar. The rebel organization claims that the military has given up control over the Kokang region, which is about the size of Lebanon.

Since the beginning of the campaign, the coalition has indicated its plans to deal with the organized scams that have emerged under the watch of militias loyal to the ruling junta. 

“To eradicate telecommunications fraud, fraud dens and their protective umbrellas across the country, including the China-Myanmar border areas, our three coalition forces decided to jointly carry out this military operation,” the coalition stated upon the launch of the offensive.

The rebel groups' emphasis on the flourishing scam sector is probably an attempt to win over China, which has grown weary of seeing its citizens targeted into the compounds to conduct scams, or worse, targeted by so-called 'pig butchering scams.'

Over last weekend, junta leader Senior Gen. Min Aung Hlaing met with Chinese Vice Foreign Minister Sun Weidong in Naypyidaw to discuss border security and organized crime.

“The two sides will jointly maintain peace and stability on the China-Myanmar border, cooperate to combat cross-border criminal activities such as telecommunications fraud, and jointly promote regional peace, tranquillity, development and prosperity,” stated the Chinese Foreign Ministry in the meeting.

As per a state media outlet China Daily, Wang Xiaohong, Minister of Public Security also attended a virtual meeting with Myanmar’s Home Affairs Minister, Lt. Gen. Yar Pyae, where they both agreed to strengthen law enforcement to protect security and stability in border areas, especially by stepping up efforts to deal with online and telecom fraud.

According to a UN report from August 2023, around 120,000 individuals were coerced into scamming operations in Myanmar. In most cases, pig butchering scams entail a con artist establishing a rapport with a victim via social media, dating services, or messaging apps.

On January 5, Chinese state media reported that 41,000 individuals implicated in telecom fraud in Myanmar were turned over to Chinese police in the previous year. The number of people that were taken into custody who were trafficked is unknown.

Observers have cautioned that despite the crackdown in northern Myanmar, activities might easily move to criminal areas elsewhere in the nation, particularly near the borders with Thailand and Laos.  

Read more »
imposter frauds
AI Scams AI technology Artificial Intelligence Cyber Fraud Cyber Scams Deepfakes imposter frauds

How can You Protect Yourself From the Increasing AI Scams?


Recent years have witnessed a revolution in terms of innovative technology, especially in the field of Artificial Intelligence. However, these technological advancement has also opened new portals for cybercrime activities. 

The latest tactic used by threat actors has been deepfakes, where a cybercriminal may exploit the audio and visual media for their use in conducting extortions and other frauds. In some cases, fraudsters have used AI-generated voices to impersonate someone close to the targeted victim, making it impossible to realize they are being defrauded.  

According to ABC13, the most recent instance of this included an 82-year-old Texan called Jerry who fell victim to a scam by a criminal posing as a sergeant with the San Antonio Police Department. The con artist informed the victim that his son-in-law had been placed under arrest and that Jerry would need to provide $9,500 in bond to be released. Furthermore, Jerry was duped into paying an extra $7,500 to finish the entire process. The victim, who lives in an elderly living home, is thinking about getting a job to make up for the money they lost, but the criminals are still at large.  

The aforementioned case is however not the first time where AI has been used for fraud. According to Reuters, a Chinese man was defrauded of more than half a million dollars earlier this year after a cybercriminal fooled him into transferring the money by posing as his friend using an AI face-swapping tool.   

Cybercriminals often go with similar tactics, like sending morphed media of a person close to the victim in an attempt to coerce money under the guise of an emergency. Although impostor frauds are not new, here is a contemporary take on them. The FTC reported in February 2023 that around $2.6 billion was lost by American residents in 2022 as a result of this type of scam. However, the introduction of generative AI has significantly increased the stakes.  

How can You Protect Yourself from AI Scammers? 

A solution besides ignoring calls or texts from suspicious numbers could be – establishing a unique codeword with loved ones. This way, one can distinguish if the person on the other end is actually them. To verify if they really are in a difficult circumstance, one can also attempt to get in touch with them directly. Experts also advise hanging up and giving the individual a call directly, or at least double-checking the information before answering.  

Unfortunately, scammers employ a variety of AI-based attacks in addition to voice cloning. Deepfaked content extortion is a related domain. Recently, there have been multiple attempts by nefarious actors to use graphic pictures generated by artificial intelligence to blackmail people. Numerous examples where deepfakes destroyed the lives of numerous youngsters have been revealed in a report by The Washington Post. In such a case, it is advisable to get in touch with law enforcement right away rather than handling things on one's own.     

Read more »
Phishing messages
Cyber Criminals Cyber Scams Cyber Security CyberCrime cybercrime gang Phishing messages

Cybercriminals Target Facebook Users with Malicious 'Look Who Died' Messages

'Look Who Died' Facebook Scam

In recent times, Facebook scams and fraud have been on the rise, with scammers finding new ways to exploit the platform for their malicious activities. The latest attention-grabbing scam to hit Facebook is the "Look who died" scam, which targets users seeking information about the death of a friend or celebrity. This article will delve into the details of the scam and provide expert advice on how to protect yourself from falling victim.

The 'Look Who Died' Scam: A Threat to Personal Data Security

The 'Look who died' scam operates by sending Facebook users messages with enticing subject lines like "Look who died." Curiosity prompts users to click on the link, expecting to find news or information related to the mentioned death. However, instead of being redirected to a legitimate news article, users unknowingly download a malware virus onto their computers or devices.

The Exploitative Tactics of Scammers on Facebook

As more people join Facebook and engage with its features, scammers are finding new ways to deceive and defraud users. Carey van Vlaanderen, a digital security expert and CEO of ESET Southern Africa, highlights the use of impersonation, fake promotions, and malware spread as some of the tactics scammers employ. Unfortunately, falling victim to these scams can result in financial loss and identity theft.

Identifying and Protecting Yourself from Facebook Scams

Van Vlaanderen emphasizes the need for caution and vigilance when using Facebook. She advises users to be wary of unusual requests or sensitive information being asked for, as these could be warning signs of a potential scam. To verify the authenticity of a message from a Facebook friend, Van Vlaanderen suggests checking for any sudden profile changes or strange posts that may indicate a compromised account.

The Wider Impact of Cybercrime and the Need for Protection

The rise in cybercrime is not limited to Facebook scams but extends to various forms of online attacks. According to experts from the Council for Scientific and Industrial Research (CSIR), cyber-attacks cost the country billions of rands annually. The digitalization era has seen an increase in cybercrime, posing risks to government institutions, large corporations, and small and medium-sized businesses. Financial and data loss, identity theft, and cyber extortion are significant concerns for individuals and organizations alike.

Urgent Action Required: Protecting Against Cybersecurity Breaches

Recent cybersecurity breaches, such as the one that affected the provincial legislature, highlight the urgency of addressing cyber threats. The lack of transparency surrounding such attacks and their implications raises concerns about preparedness and response strategies. ANC chief whip Pat Lekker has called for a debate on the cyberattack, emphasizing the need for open dialogue and effective measures to combat cybercrime.

Shifting Privacy Paradigm and Building Trust

Erhard Brand, a research and development lead at IT authentication company Entersekt, points out that digital privacy concerns are changing how companies handle personal and biometric data. Empowering individuals with control over their privacy fosters an environment of trust. As technology advances, it becomes crucial for companies to prioritize data security and privacy protection.

The 'Look who died' scam on Facebook serves as a reminder of the ever-present threat of online scams and fraud. To protect yourself from falling victim to such scams, exercise caution, be vigilant for warning signs, and adopt best practices for online security. As the cybercrime landscape evolves, individuals, businesses, and governments must work together to combat cyber threats, ensuring a safer digital environment for all.

Read more »
Darktrace
ChatGPT Cyber Scams Cyber Security Cyberattacks cybercriminals Darktrace

ChatGPT Scams Up Since Darktrace Released It

 


Since the release of ChatGPT, Darktrace, a British cybersecurity firm, has warned that since the release of this application, criminals have been using an increase in the use of artificial intelligence to create sophisticated scams that con employees and compromise systems at businesses all over the world. 

As the Cambridge-based firm reported, operating profits had dropped 92% in the half-year to December. Furthermore, he said that artificial intelligence had made it easier for "hacktivists" to target businesses with ransomware attacks. 

Since ChatGPT was launched last November, the company has seen an increase in the number of convincing and complex scams by hackers. It said it was experiencing an increased number of attacks. 

While Darktrace has observed a steady increase in email-based attacks over the last few months since the release of ChatGPT, those attacks that use false links to trick victims into clicking them have declined as a result of ChatGPT's presence. As the complexity of the English language increased, in addition to the volume of the text, punctuation, and sentence length, other factors also increased. 

The results of this study indicate that cybercriminals might not just redirect their focus to creating more sophisticated social engineering scams. Instead, they are also likely to exploit victims' trust. 

Darktrace, on the other hand, told us that the phenomenon had not yet been accompanied by the emergence of a new wave of cybercriminals. Instead, it has been merely an adjustment in tactics. 

In spite of the fact that ChatGPT has not significantly lowered entry barriers for threat actors, it believes it has assisted adversaries with developing more targeted, personalized, and ultimately, successful attacks by enabling adversaries to create more sophisticated phishing emails. 

Aside from reporting its quarterly results, Darktrace also noted that in the last three months of last year, the number of companies signing up for its security products had shown a "noticeable" decline. 

In addition, Poppy Gustafsson and Cathy Graham, both of which are the chief financial officers for the company, have all received share awards in accordance with the vesting terms of their share awards, which has forced them to reduce their forecasts of free cash flow for this year as a result of the tax bill. 

A company with a market capitalisation of £1.9 billion, much slower than the heady heights of almost £7 billion it achieved after flotation months ago, has announced that in the six months to the end of December, its customer base has risen by a quarter from 6,573 to 8,178. 

In an interview with The Wall Street Journal, Darktrace, whose stock has been under continuous attack by short-sellers who doubt that the company can deliver what it promises in the cybersecurity arena dominated by the US, said it is not concerned by the recent slump in new orders.
Read more »
Scammers
Cyber Attacks Cyber Scams CyberCrime Email Phishing Scammers

Air Fryers are Offered by Scammers as a 'Free' Kitchen Gadget

 


The deputy chief executive officer of Sainsbury's and Argos has warned shoppers to be vigilant against an air fryer scam targeting them at the moment. 

Taking part in an online survey is the only way to receive a free Ninja Air Fryer, which is the subject of the air fryer scam. To receive the free item, they will need to enter their credit card details as well as their shipping address. 

There is a convincing scam out there, as reported by secure card payment provider Dojo, in which fraudsters pose as Argos to entice you into making a payment. 

Due to the ongoing cost of living crisis, many people are still keen to buy air fryers, mostly at the cheapest possible price, to get the most bang for their buck. Unfortunately, the scam came at an unfortunate time. You can reduce your energy bills and cooking time by using this handy kitchen gadget.

There is a phishing email going around now that claims to offer a free Ninja Air Fryer, but Dojo is warning people to be wary of it. To qualify for the free item, users must complete an online survey and submit their card payment details along with the survey to receive it. In many ways, this is quite similar to the scam that has been going around with Curry's Smeg kettle in recent weeks, 

A link to the survey is provided on the Argos UK website, which appears to be an official Argos survey page. There are, however, several red flags that consumers should be aware of when it comes to online shopping. It is important to note that the website address and email address are not from Argos or its parent company, Sainsbury's. 

As far as the currency is concerned, it is the dollar. The payment offers will disappear after a certain time, which adds to the pressure on victims by adding another dimension to the scam. It is also intended to encourage anyone who has not completed the survey to fill it out and input their personal information. 

A concept known as a survey scam is a form of communication through email, text messages, and social media that mostly looks legitimate and tries to entice consumers to enter a survey to get free stuff. Usually, once fraudsters gain access to the consumer's credit card details, they will use those details to make lavish online purchases or empty the victim's bank account with the money they stole. 

According to Dojo's chief security officer Naveed Islam, one of the most common warning signs of a scam is to entice consumers with free items that seem too good to be true, thereby enticing them to become victims. As is visible in the Argos scam, these offers are usually time-limited to pressure victims into entering their bank details without any double-checking as to whether the transaction is legitimate, which is what many people do when they are scammed by these offers. 

The recent Currys scam, which has now spread to other retailers like Argos, has made consumers aware that they must remain vigilant about any offers they are presented with via their inboxes or social media accounts. If you are a victim of a scam, you should contact your bank immediately so that your credit card and account be suspended. Once that has taken place, your bank or building society's scam unit will provide you with specialized support.   
Read more »
phishing
CAFC Cyber Fraud Cyber Scams Cyberattack Cybersecurity OPP phishing

Warnings About Scams, Tips for Avoiding Them

 


There have been several frauds and scams that have been presented on various platforms daily and the Ontario Provincial Police (OPP) and the Canadian Anti-Fraud Centre (CAFC) continue to promote awareness to reduce the incidents of community members being victimized by fraud and scams. 

A total of 90,377 fraud reports were received by the Canadian Anti-Fraud Centre (CAFC) in 2022, with losses reported totalling over $530 million as a result of fraud. As of February 2010, over 19,400 victims belonged to the identity theft and fraud category. Over 19,400 victims were victims of identity theft and fraud, while over 4,251 victims found themselves victims of investment fraud. 

Phishing: Recognizing the Signs

To steal your passwords, account details, or Social Security numbers, scammers use emails or text messages to intercept your information. It is possible that if they gain access to this information, they will be able to access your email, your bank, and other accounts. The scammers may also sell your information to other scammers to steal more money from you. The phishing attacks we see here are launched every day by scammers, and many of them succeed - which is why they are so common. 

Here are some common tactics used by scammers in emails or text messages that are phishing email and text messages and are often updated to keep up with the latest news or trends: 

Emails and texts that are phishing sell you a story to get you to click on a link. You can also open an attachment or click on one of their links. You can receive an unexpected email or text message from a company or source that appears to be a well-known or trusted company. Banks, credit card companies, utility companies, or other organizations can serve as reference points. 

What You Can do to Protect Yourself?

  • To protect your accounts, it is imperative to create strong passwords. 
  • The most effective way to ensure that someone cannot access your account without your permission is to set up multi-factor authentication. 
  • If you have any social network accounts linked to yours, make sure that your privacy settings are updated. 
  • If you plan to use one of the payment methods, you should familiarize yourself with their terms of service and how they work. Ensure that you have a policy that protects you from fraud. 
  • You should not accept money from a third party, nor should you send any money to them. A criminal offense is money laundering, and being involved in money laundering is a felony. 
  • It is imperative not to react automatically when something happens. You may want to spend five minutes asking more questions and listening to your instincts before making a decision. 
  • It is imperative to ask someone you trust if you feel something is amiss or does not seem right. 
  • You should stay up-to-date with the latest frauds and share what you know with others to help protect them. It is possible to cover the entire population of Canada with a chain of 25 people telling two people. 
  • If you have an issue with your call display, do not rely on it because it can be easily manipulated by someone else. 
  • If you are requested to provide information about personal or financial matters, please do not do so. 
  • An email or text message that you receive from an unknown sender may have an attachment or a link that you should not open. 
The Canadian Anti-Fraud Centre makes it easy to report incidents involving cybercrime and fraud, as well as file them online through their online reporting system or by calling them at 1-888-495-8501 if you suspect you have been the victim of either. Even though you have suffered fraud or cybercrime if you wish to report such crimes to the CAFC you must. This is regardless of whether you are a victim or not.
Read more »
RedZei
Chinese Students Cyber campaign Cyber Scams Cyber Security Fraudsters RedZei

RedZei Group Targets Chinese Students in U.K.

 


Chinese students studying in the UK have been one of the most common targets of scammers. RedZei (aka RedThief) Group, a Chinese-speaking scammer group that operates online and is becoming more common these days, bypasses all the precautions that users and service providers have taken to prevent scams.  

This is how it works

Chinese students were fooled into paying millions of dollars to avoid deportation as part of a visa scam, according to a report in The Guardian.  According to researchers, this incident is likely to be the result of the RedZei campaign that began in August of last year. 

Redzepi fraudsters carefully selected their victims by researching them, they also sought out a potential victim who was wealthy enough to be a profitable target. Fraudsters would use new pay-as-you-go U.K. phone numbers for each wave of the attack to bypass the phone number-based blocking on each wave. There are several mobile carriers used by the attackers, such as Telia, Three, EE, O2, and Tesco Mobile, with which they move between SIM cards.  


The Use of Voicemail and Other Tricks

As part of the operation, a UK phone number would be used to contact each targeted student once or twice every month. An unusual automated voicemail is left if these calls are not answered. 

Students are being steered into revealing their personal information by voicemails. These voicemails impersonate China Mobile, the Bank of China, and the Chinese embassy to social engineer them into doing so. In addition, there are also voicemail messages that are posed as voicemails from Chinese government officials. 

These include the Chinese Ministry of Industry and Information Technology, the Chinese Embassy in the United Kingdom, and the Chinese Communications Administration. Additionally, courier services such as DHL and Royal Mail can be used to distribute such messages. Aside from these themes, RedZei has also adopted other themes, such as abnormally high NHS number usage and DHL international delivery of parcels. 

Keep yourself as safe as possible

It appears that RedZei started this tremendously profitable campaign in August 2019. The scam was an attempt to deceive Chinese international students by duping them into transferring enormous amounts of money. This was so that they could avoid deportation to save their lives.

If any scam of this nature is suspected by students, they are advised to report it to the university as soon as possible. This will enable them to stay vigilant against such frauds. Moreover, universities can also share information regarding scams that target international students and keep them posted on the same.
Read more »
Metaparasites.
Cyber Fraud Cyber Scams Cybersecurity Dark Web Metaparasites.

Dark Web Metaparasites & Scammers: A Quick Look

 


In many cases, cybercriminals are seen as parasites, always looking for victims of all sizes and stripes and preying on them. 

The trend has resulted in an array of bottom-feeding "metaparasites" flocking to the Dark Web marketplace, seeking to take advantage of their own set of victims. 

A common side effect of this phenomenon is that it provides researchers with a rich vein of threat intelligence, including contact details and locations of cybercriminals. This intelligence can help them identify threats. 

Matt Wixey, the Sophos senior threat researcher, spoke at Black Hat Europe 2022 about the ecosystem of metaparasites. In his talk titled, "Scammers Who Scam Scammers, Hackers Who Hack Hackers," he explained how this contributes to the proliferation of scams and phishing scams. 

According to the research Wixey and his fellow researcher, Angela Gunn, conducted, the underground economy is riddled with a large variety of fraudsters. Every year these fraudsters collect millions of dollars from fellow cybercriminals who collaborate with them. 

A study conducted by The Dark Web Research team (Russian-speaking Exploit and XSS forums as well as English-speaking Breach forums) reveals that there have been thousands of successful scam attempts in the past 12 months. 

According to the report, scammers have cheated users by about $2.5 million over the past year. The amount can vary from as little as $2 up to low six-figure money. The amount per scam varies, depending on the type of scam. 

Even though tactics vary, a common and effortless tactic is called "rip and run." There are two versions of the term "rip." First, a buyer receives goods, such as an exploit, sensitive data, valid credentials, credit card numbers, etc. In the second version, a seller receives the payment but never delivers what he promised. There is also the phrase "run." This refers to how the scammer has disappeared from the marketplace and has refused to answer any questions that they have received. 
It depends on the dine-and-dash concept on the Dark Web. 

In addition to the vast number of scammers hawking fake goods out there, those scammers can also be found hawking fake accounts - often nonexistent crypto accounts, macro builders that create nothing malicious, fake data, or databases that have previously been leaked or are available online. Depending on the situation, they can get pretty creative, according to Wixey. 

"Our research led us to find a service that claimed it could bind an. EXE script to a PDF so that when a victim taps on the PDF to open it, the. EXE would run silently in the background while the PDF would load," Wixey further explained. 

The scammer sent the buyer a document with the PDF icon, but it did not contain a PDF, nor did it contain an. EXE. He just sent them a document appearing as a PDF. They hoped that buyers would not know what they were asking for or how to check it. 

A scam is also common when a seller publicized that the goods they are selling are of a certain quantity but the quality of the goods might not live up to what has been advertised, like credit card data that claims to work 30% of the time when only 10% of these cards are working. The databases might be real, but they are being marketed as "exclusive" while the seller is reselling them to, a multitude of parties to make a profit. 

The fraudsters may often work in conjunction in some cases, and they may be involved for a longer period, Wixey said. According to Wixey, the fact that most sites are exclusive makes it possible for them to create "a degree of intrinsic trust" that they can play off of." 

There are a variety of ways one can use this technique. First, one builds rapport with a target and suggests they can help; then the victim will say that they know someone else who can do the job much better, who is an expert in this field.  

Most often, they direct the victim to a fake forum that is operated and monitored by another person. This forum often asks for a deposit or registration fee, which is then paid by the victim. Both scammers then simply disappear. 

What forum moderators are doing to fight back

Wixey noted that the activity has a detrimental impact on the use of Dark Web forums - acting as an "effective tax on criminal marketplaces, which makes them more expensive and more dangerous for everyone, as well as more unsafe for the criminal community." Despite this, ironically, many markets are implementing security measures to curb the tide of fraud in the market. 

Putting protections on forums can be difficult due to the following factors. Firstly, there is no recourse to law enforcement or regulatory authorities. Secondly, it is a semi-anonymous culture, which makes it challenging to track down perpetrators. To combat fraud, anti-fraud controls have been implemented to track activity and issue warnings to prevent fraud. 

A popular industry-standard practice of some sites is to provide a plug-in that checks a URL to check if it links to a verified cybercrime forum, as opposed to a fake site where users are defrauded through a bogus "joining fee." Other sites offer a "blacklist" of known scammers and their tools and user names. Users can also file a scam report with many of the companies that have a dedicated arbitration process in place. 

According to Wixey, "If you have been scammed by another person of a forum, you should go to one of these arbitration rooms and create a forum thread and provide some information about what you have been scammed by." As much information as possible is required, such as a username, contact information for the scammer, proof of a purchase or wallet transfer, screenshots, as well as chat logs, and screenshots, as well as any additional details of the scam. 

"A moderator will review and respond to the report, requesting more information if necessary to complete the process. Later, they will tag the accused person and give them somewhere between 12 and 72 hours to respond to the complaint, depending on what forum it is on," Wixey explained. 

There may be cases where the accused makes restitution, but that is not very common. What is more common is that the scammer disputes the report, claiming that the report was wrong and there was a misunderstanding about the terms of the sale. 

The use of a guarantee is another security option available to forum users. This is because it shows that this resource has been verified by the site and acts as an escrow account. Until the goods or services involved in the exchange are confirmed as legitimate, the money destined for trading is parked there. 

Despite this, it is common for fraudsters to impersonate the guarantees themselves.
Read more »
Group IB
crime through technology Cyber Attacks Cyber Scams Fraudulent Group IB

57% of All Digital Crimes in 2021 Were Scams Says Group IB

 

Group-IB, headquartered in Dubai, U.A.E.,  a prominent name in the world of cybersecurity –has recently shared its analysis of the most widespread cyber threat in the world 'scams'.

As per the analysis, 57% of all cyber scams are financially motivated cybercrime. Phishing attacks accounted for 18% of cybercrimes, while malware infections and reputational attacks were 25%. As the scam industry is becoming more advanced, it now involves more and more parties divided into hierarchical groups. 

“A strong trend that we observed in 2021 was no-frills scammers merging into groups controlled by highly technically skilled villains,” says Antony Dolgalev, Deputy Head of Digital Risk Protection at Group-IB. 

At present, such groups have increased by 390, which is 3.5 times more than the last year, when the record of active groups was close to 110. Alongside, the brand-impersonating scam has also jumped high. 

The Group-IB analysts reported an increase of 150% in the Middle East and African region. This number is marginally high in comparison with the APAC region where such crimes are reported at 83% and in Europe, it is 89%. 

Due to SaaS (Scam-as-a-Service), in 2021 the number of cybercriminals in one scam gang increased 10 times compared to 2020, now climbing upto 100. 

“Group-IB’s AI-based platform identified somewhere between 75 and 110 scam groups last year, and the average number of cybercriminals per group was 10 members. The average number of scam links per group reached 100. SaaS helped grow not only fraudsters’ appetites but also the industry itself. In 2021 our DRP system tracked 350 groups, reaching up to 390 scam groups at the peak time. The number of cybercriminals in fraudulent groups has increased dramatically, averaging between 100 and 1,000 per group. In turn, their infrastructure has grown proportionally: the average number of scam links per group was between 2,000 and 3,000”, said Antony Dolgalev, Deputy Head of Digital Risk Protection at Group-IB. 

Following the research, analysts reported that traffic has become the circulatory system of scams. The number of websites that uses illegal traffic to lure victims into fraudulent schemes has increased by 1.5 times. With the advancement of technology, cyber gangs have also raised the sophistication level of scam techniques. One such technique, 'scam attack automation' is becoming more and more popular amongst fraudsters. Through this scheme hackers attract specific groups of victims to increase conversion rates, social media is the fastest doorway to establish contact between scammers and their potential victims.
Read more »
Subscribe to: Posts (Atom)