Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Investment Scam. Show all posts
Investment Scam
bank scams CFPB Crypto Scam cryptocurrency Cyber Security DBS Bank Investment Scam

California Man Sues Banks Over $986K Cryptocurrency Scam



Ken Liem, a California resident, has filed a lawsuit against three major banks, accusing them of negligence in enabling a cryptocurrency investment scam. Liem claims he was defrauded of $986,000 after being targeted on LinkedIn in June 2023 by a scammer promoting crypto investment opportunities. Over six months, Liem wired substantial funds through Wells Fargo to accounts held by Hong Kong-based entities.

Liem’s ordeal escalated when his cryptocurrency account was frozen under false allegations of money laundering. To regain access to his funds, scammers demanded he pay a fake IRS tax—an established tactic used to maximize financial extraction from victims before vanishing.

The lawsuit names three financial institutions as defendants:
  • Chong Hing Bank Limited (Hong Kong-based)
  • Fubon Bank Limited (Hong Kong-based)
  • DBS Bank (Singapore-based, with a Los Angeles branch)

Allegations of Negligence and Non-Compliance

Liem accuses these banks of failing to follow mandatory “Know Your Customer” (KYC) and anti-money laundering (AML) protocols as required by the U.S. Bank Secrecy Act. The lawsuit asserts that the banks:
  • Failed to Verify Identities: Inadequate due diligence on account holders allowed fraudsters to operate unchecked.
  • Neglected Business Verification: The nature of the businesses linked to these accounts was not properly investigated.
  • Ignored Complaints: Liem reported the scam in August 2024, but the banks either disregarded his concerns or denied accountability.

The lawsuit contends that these financial institutions enabled the transfer of illicit funds from the U.S. to Asian accounts tied to organized scams by ignoring suspicious transactions.

Liem's case highlights the growing debate over banks' responsibility in preventing fraud. While lawsuits of this nature are uncommon, they are not without precedent. For instance:
  • January 2024: Two elderly victims of IRS impersonation scams sued JPMorgan Chase for allowing large international transfers without adequate scrutiny.

Globally, different approaches are being adopted to address fraud:
  • United Kingdom: New regulations require banks to reimburse scam victims up to £85,000 ($106,426) within five days, though banks have pushed back against raising this cap.
  • Australia: Proposed legislation could fine banks, telecom providers, and social media platforms for failing to prevent scams.
  • United States: The Consumer Financial Protection Bureau (CFPB) has taken legal action against Bank of America, Wells Fargo, and JPMorgan Chase for not preventing fraud on the Zelle platform, which has resulted in $870 million in losses since 2017.

As global authorities and financial institutions grapple with accountability measures, victims like Ken Liem face significant challenges in recovering their stolen funds. This lawsuit underscores the urgent need for stronger fraud prevention policies and stricter enforcement of compliance standards within the banking sector.
Read more »
Phishing Attack
Cyber Attacks Cyber Hacking DNS Investment Scam Phishing Attack

Savvy Seahorse: The DNS-based Traffic Distribution System Undermining Cybersecurity

 

In the vast landscape of cyber threats, a new player named Savvy Seahorse has emerged, showcasing a distinctive modus operandi that sets it apart from its counterparts. While the investment scam it orchestrates is unfortunately commonplace, it's the intricate infrastructure supporting it that demands attention. 

Savvy Seahorse employs a sophisticated Traffic Distribution System (TDS), capitalizing on the Domain Name System (DNS) to perpetually alter its malicious domains, making takedowns a formidable challenge. This TDS, as detailed in a recent report by Infoblox, leverages Canonical Name (CNAME) records to maintain a fluid network of thousands of diverse domains. 

Traditionally associated with HTTP-based TDS networks, the use of DNS in this context is a novel approach that poses unique challenges for cybersecurity professionals. Renée Burton, Head of Threat Intelligence at Infoblox, emphasizes that DNS-based TDSs are often overlooked, with a prevailing focus on HTTP-based systems. 

However, Savvy Seahorse has been operational since at least August 2021, operating in the shadows and evading conventional detection methods. The key to Savvy Seahorse's success lies in its exploitation of CNAME records. In the DNS realm, CNAME allows multiple domains to map to a single base (canonical) domain. This seemingly innocuous feature is manipulated by Savvy Seahorse to rapidly scale and relocate its operations. 

When one phishing site is shut down, the threat actor effortlessly shifts to a new one, relying on CNAME as a map to mirror sites. CNAME not only applies to domains but extends to IP addresses. In the event of a hosting infrastructure shutdown, Savvy Seahorse can swiftly redirect its CNAME to a different address, ensuring resilience and evading detection. 

The attacker's ability to advertise any subdomain for a brief period further complicates tracking and takedown efforts. Crucially, CNAME serves as both Savvy Seahorse's strength and vulnerability. While the threat actor has cunningly utilized 30 domain registrars and 21 ISPs to host 4,200 domains, they all trace back to a single base domain: b36cname[.]site. This centralized link becomes Savvy Seahorse's Achilles' heel, presenting a unique opportunity for defenders. 

From a threat intelligence perspective, countering Savvy Seahorse involves a relatively straightforward approach – blocking the one base domain to which the CNAME points. Renée Burton notes that despite the existence of thousands of malicious domains, there's only one malicious CNAME. This single point of failure provides defenders with a potent strategy, allowing them to neutralize the entire threat with one decisive action. 
 
While attackers theoretically have the option to build malicious networks using multiple CNAMEs, Burton highlights a trend among cybercriminals to aggregate towards a smaller set of CNAMEs. This strategic choice, possibly driven by a desire to avoid detection, simplifies the task for defenders, who can focus efforts on a limited number of CNAMEs associated with the threat. 

Savvy Seahorse's exploitation of DNS-based TDS with CNAME records presents a new frontier in cyber threats. The intricate dance between attackers and defenders highlights the importance of understanding and adapting to evolving tactics. As defenders fortify their strategies, the hope is to stay one step ahead of sophisticated threat actors like Savvy Seahorse, ensuring a safer digital landscape for individuals and organizations alike.
Read more »
User Security
Crypto Cyber Frauds Investment Scam User Security

Australian Consumer Watchdog Reports Massive Surge of Crypto Use in Investment Scams

 

Australians’ losses from investment frauds surged 90% to AU$103 million from the start of the year to March 20, with the Australian Competition and Consumer Commission (ACCC) confirming payments to fraudsters are most often carried out in cryptocurrency. 

Consumer and Fair Trade Executive Managing Director Rami Greiss said that while the increase in the use of crypto follows its growing popularity, it has facets that lend themselves to being exploited by fraudsters. “It’s also the fact that it’s an unregulated product, so there are no controls. There are no institutions that can be roped in to assist. So really, it’s the fact that it’s the wild west,” Greiss explained.

"In relation to scamwatch, we see a number of scams relating to investment schemes, and we are now seeing that the payments in relation to those are now more often by way of cryptocurrency than by way of bank transfer," Gina Cass-Gottlieb, the new president of the ACCC stated. 

According to ACCC, it has received 66 reports of money recovery frauds this year on its website Scamwatch which is a 725 percent increase compared to the same period in 2021. The commission also disclosed that fraudsters target previous scam victims by contacting them and then posing as someone representing a trusted firm such as a law firm, fraud task force, or government agency. 

Subsequently, the fraudsters ask victims to fill out fake paperwork or provide identity documents and seek upfront payments. They may request remote access to computers or smartphones, enabling them to scam their unsuspecting victims. Earlier this year, the Australian government announced it would design a crypto badge of approval to licence intermediaries such as exchanges.

Last week, Australia’s Financial Services Minister Jane Hume stated that the license will include a "fit and proper person" test, and could include anti-hawking measures to prevent cold calling. Hume also explicitly ruled out a ban. 

“Crypto values will go up and down sure as eggs, and the government will not be protecting consumers from market volatility—and nor should they,” she said. But Australian investors will be sure that if they use a licensed Australian exchange, they can trust the exchange will deliver on its commitments to customers and have appropriate protections.”
Read more »
Subscribe to: Posts (Atom)