Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Phishing messages. Show all posts

Cybercriminals Target Facebook Users with Malicious 'Look Who Died' Messages

'Look Who Died' Facebook Scam

In recent times, Facebook scams and fraud have been on the rise, with scammers finding new ways to exploit the platform for their malicious activities. The latest attention-grabbing scam to hit Facebook is the "Look who died" scam, which targets users seeking information about the death of a friend or celebrity. This article will delve into the details of the scam and provide expert advice on how to protect yourself from falling victim.

The 'Look Who Died' Scam: A Threat to Personal Data Security

The 'Look who died' scam operates by sending Facebook users messages with enticing subject lines like "Look who died." Curiosity prompts users to click on the link, expecting to find news or information related to the mentioned death. However, instead of being redirected to a legitimate news article, users unknowingly download a malware virus onto their computers or devices.

The Exploitative Tactics of Scammers on Facebook

As more people join Facebook and engage with its features, scammers are finding new ways to deceive and defraud users. Carey van Vlaanderen, a digital security expert and CEO of ESET Southern Africa, highlights the use of impersonation, fake promotions, and malware spread as some of the tactics scammers employ. Unfortunately, falling victim to these scams can result in financial loss and identity theft.

Identifying and Protecting Yourself from Facebook Scams

Van Vlaanderen emphasizes the need for caution and vigilance when using Facebook. She advises users to be wary of unusual requests or sensitive information being asked for, as these could be warning signs of a potential scam. To verify the authenticity of a message from a Facebook friend, Van Vlaanderen suggests checking for any sudden profile changes or strange posts that may indicate a compromised account.

The Wider Impact of Cybercrime and the Need for Protection

The rise in cybercrime is not limited to Facebook scams but extends to various forms of online attacks. According to experts from the Council for Scientific and Industrial Research (CSIR), cyber-attacks cost the country billions of rands annually. The digitalization era has seen an increase in cybercrime, posing risks to government institutions, large corporations, and small and medium-sized businesses. Financial and data loss, identity theft, and cyber extortion are significant concerns for individuals and organizations alike.

Urgent Action Required: Protecting Against Cybersecurity Breaches

Recent cybersecurity breaches, such as the one that affected the provincial legislature, highlight the urgency of addressing cyber threats. The lack of transparency surrounding such attacks and their implications raises concerns about preparedness and response strategies. ANC chief whip Pat Lekker has called for a debate on the cyberattack, emphasizing the need for open dialogue and effective measures to combat cybercrime.

Shifting Privacy Paradigm and Building Trust

Erhard Brand, a research and development lead at IT authentication company Entersekt, points out that digital privacy concerns are changing how companies handle personal and biometric data. Empowering individuals with control over their privacy fosters an environment of trust. As technology advances, it becomes crucial for companies to prioritize data security and privacy protection.

The 'Look who died' scam on Facebook serves as a reminder of the ever-present threat of online scams and fraud. To protect yourself from falling victim to such scams, exercise caution, be vigilant for warning signs, and adopt best practices for online security. As the cybercrime landscape evolves, individuals, businesses, and governments must work together to combat cyber threats, ensuring a safer digital environment for all.

Cybercriminals Tricked Britons into Downloading Flubot Malware

 

Hackers are mimicking delivery services and sending phishing text messages to Britons in an attempt to get them to download the Flubot malware. It's capable of intercepting messages and stealing financial information. Three, one of the UK's most popular mobile networks, has issued a warning about a phishing scam that has reportedly affected all network operators. “Many people in the UK have been targeted with a text message that looks like it’s from a delivery service, or it may say that you’ve received a voicemail,” the company warned in a blog post.

The message instructs you to install an app in order to monitor a package or listen to voicemail. Some messages claim to be from DHL, Amazon, Asda, and Argos. If a victim is tricked into participating in the malicious campaign, the scammer has access to their entire Android smartphone. This includes the possibility of stealing credit card data and online banking login passwords. 

To evade detection, the attacker disables the Android OS's built-in protection and prevents the installation of many third-party security software packages, which many users would employ to remove unwanted malware. 

First, the victim receives an SMS message impersonating a well-known shipping logistics company, such as FedEx, DHL, or Correos. The message's call to action is for the user to click a link to download and install an app with the same familiar branding as the SMS message, but which is actually harmful and contains the FluBot malware.

FluBot, once installed and given the necessary rights, unleashes a slew of features, including SMS spamming, credit card and banking credential theft, and spyware. The contact list is taken from the device and sent to the threat actor's servers, giving them access to more personal information and allowing them to launch new attacks on other potential victims. 

SMS and notifications from telecom carriers can be intercepted, browser sites can be visited, and overlays can be presented to capture credentials. To prevent detection by the operating system's built-in security, the malicious app also disables Google Play Protect. 

According to Three, this fraud attack has impacted all network operators. Despite the fact that the majority of messages were blocked, a tiny number of Three subscribers may have received them. As a result, the company advises staying aware and being cautious when clicking on any links sent by text message. 

“If your device has been infected with the Flubot malware, you may have been charged for text messages over your plan. If so, we’ll arrange a refund for you as soon as possible,” the company stated.

FTC Issued a Warning About Phishing Scams Involving Unemployment Benefits

 

Americans should be skeptical of text messages appearing to be from their state workforce agency, according to the Federal Trade Commission. Following the discovery of an SMS-based phishing effort targeting users of unemployment insurance benefits, the FTC has raised a red flag. In one year, consumers lost $57 million to phishing schemes, according to the FBI's Internet Crime Complaint Center.

"Identity thieves are targeting millions of people nationwide with scam phishing texts aimed at stealing personal information, unemployment benefits, or both," said Seena Gressin, attorney at the division of consumer and business education at the FTC. As part of the effort, several fraudulent texts are being sent out. One advises the receiver that their unemployment insurance (UI) claim requires "necessary corrections." Another instructs the target to double-check their personal details.

A targeted user who clicks on a link in one of these messages will be directed to a fake website impersonating their state workforce agency, which Gressin described as "looking very real." Instructions on the site ask the user to enter a slew of personal information, including their login credentials and Social Security number. "Fraudsters can use the information to file fraudulent UI benefits claims or for other identity theft," warned Gressin.

Scammers love to target people when they are most vulnerable, knowing that they will be more likely to fall for the trap. That is especially true for people who are unemployed and rely on unemployment benefits to get by. 

The Federal Trade Commission (FTC) disclosed the information of seven different phishing texts that are now circulating. One reads "RI-DLT Labor: This is to notify you that your Rhode Island insurance claim account is currently on hold for verification. Please complete your verification by following the instruction link below to activate your account."

"As we continue to work our way through the pandemic and associated issues, unemployment insurance has become more and more important to people unable to work when jobs that match their skills are not available," said KnowBe4security awareness advocate Erich Kron. "With the recent rise in cases, due to the Delta variant and other factors, stress levels continue to rise for people impacted. This makes them prime candidates for attacks such as this, which threaten their only source of income."

Meal Kit Delivery Scams Increase with Phishing Campaigns

 

Attackers are sending phishing text messages which appear like authentic correspondence from famous brands, such as HelloFresh and Gousto, and thus are piggybacking from this booming marketplace for meal kit delivery services since the epidemic.

Centered in Berlin, HelloFresh SE is a German public-traded meal kit firm. The company is the biggest supplier of meal kits in the USA and operates also in Australia, Canada, New Zealand, Sweden, Western Europe, and Denmark. Whereas Gousto is a meal kit retailer based in Shepherds Bush, London, UK – established by Timo Boldt and James Carter and an SCA Investments Limited trading company. Gousto provides customers with ready-made, fresh ingredients, and easy-to-follow recipe kit boxes. 

The meal-kit phishing operations were uncovered by researchers of Tessian and then several variations of the phishing pitch were published. Some of them are sent via SMS, some via WhatsApp. Some people have been asked to assess their experience. In terms of complexity, messages are widespread, from very persuasive to a Tessian example called “easy to spot,” which has various spelling errors. 

“Your Gousto box is now delivered,” the phishing message read. “Enjoy the reoipej! Rate delivesy and enter wrize diaw at ‘URL’.” 

Tessian added that, usually, thousands of these messages are sent simultaneously via SMS and WhatsApp. 

Gousto however has alerted its clients of the scams by posting a message on their Twitter account: “We are aware that these emails/texts are in circulation, unfortunately, and we would advise against opening them. Our Info Tech team are looking into this suspicious activity." 

The increasing popularity of meal kits coincides with an increase in phishing attacks focused on SMS, known as "smishing," around the world. Digital devices lack a lot of safety, they are all there and the emotional dependency with which many devices have grown makes customers vulnerable to shaking down. Meal kits have been established as an important weapon for cybercriminals to leverage against targets like other pandemic-related issues. 

Commenting on the findings, Tim Sadler, CEO, and co-founder of Tessian said: "Throughout the pandemic, we've seen cyber-criminals jump on trending topics and impersonate well-known brands, with increasing sophistication. Often, scammers will register new web domains to set up convincing-looking fake websites, luring their victims to these pages using phishing scams, and then harvest valuable information.” 

He further added, “These scams are getting harder and harder to spot, with the perpetrators regularly coming up with new tactics to convince users to follow their link and input their confidential data.”

National Crime Agency Detained the Operator of SMS Bandits for Phishing Message Services

 

The National Crime Agency of the United Kingdom has announced the arrest of the Service 'SMS Bandits' operator. However NCA did not disclose the suspected fraudster's identity, the cybercrime department of the Metropolitan Police has announced the detention of a Birmingham citizen who is linked to the company offering illicit phishing services. The aforementioned platform was used to send large amounts of phishing SMS. The fraudster had sent out a humungous number of fake messages by spoofing organizations like PayPal, some telecom providers, COVID-19 pandemic relief organizations, etc. 

SMS Bandits, including the man detained, got access to account credentials from numerous popular web pages, offered on dark web platforms that they controlled by sending fake SMSs by millions. Among other pseudonyms, Bamit9, Gmuni, and Uncle Munis are also used by the fraudulent service providers on the dark web. For mass transmission of texts intended to collect account credentials on various common websites and to steal personal and financial information, SMS bandits supplied an SMS phishing service for the mass transmission of text messages. 

Angus, a researcher at the Scylla Intel, a cyber intelligence firm, stated that the SMS Bandits sent phish lures that always made it possible to detect a fake message uncommonly, well done, and clean of syntax or orthographer's errors. “Just by virtue of these guys being native English speakers, the quality of their phishing kits and lures were considerably better than most,” Angus further added. 

According to Scylla Intel, the SMS Bandits made a variety of organizational security errors that made it relatively easy to figure out who they are in actuality. Scylla Intel further collected evidence against the SMS Bandits' and figured out that the SMS Bandits used the email addresses and passwords stolen from its services to validate the credentials. 

According to the sources, the SMS Bandits are also related to a dark web criminal program named, “OTP Agency”, a service that is designed to intercept the one- time- password which is required while logging into various websites. The modus operandi involves the customer entering the target’s phone number and name, and then the OTP Agency initiating an automated phone call to the target that alerts them about unauthorized activity on their account. 

SMS Bandits has also offered its patented "bulletproof hosting," which has been marketed as a "freedom of communications" portal, where clients can "host any content without restrictions." The content inevitably shapes the sites on which users of different web platforms are entitled to phish credentials.

According to a new survey, the amount of SMS phishing grew by over 328% in 2020. As a consequence of this, we do not see any feeling of terror among the fraudsters.