Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Phishing scam. Show all posts
Phishing scam
Cyber Fraud Google Ads Malicious Campaign PayPal Scam Phishing scam

Scammers Exploit Google and PayPal’s Infrastructure to Steal Users Private Data

 

Cybersecurity experts discovered a sophisticated phishing campaign that used Google Ads and PayPal's infrastructure to defraud users and obtain sensitive personal information. 

The attackers abused vulnerabilities in Google's ad standards and PayPal's "no-code checkout" feature to create fake payment links that appeared authentic, duping victims into communicating with fake customer care agents. 

Malicious actors created fraudulent adverts imitating PayPal. These adverts shown in the top search results on Google, displaying the official PayPal domain to boost user trust. A flaw in Google's landing page regulations allowed these advertisements to send consumers to fraudulent sites hosted on PayPal's legitimate domain.

The URLs used the format paypal.com/ncp/payment/[unique ID], which was designed to allow merchants to securely accept payments without requiring technical knowledge. 

Scammers took advantage of this functionality by customising payment pages with misleading information, such as fake customer service phone numbers labelled as "PayPal Assistance." Victims, particularly those using mobile devices with limited screen area, were more likely to fall for the scam due to the challenges in spotting the fake nature of the links. 

Mobile devices: A key target 

Due to the inherent limitations of smaller screens, mobile users were the campaign's main target. Users of smartphones frequently rely on the top search results without scrolling further, which increases their vulnerability to clicking on malicious ads. Additionally, once they were directed to the phoney payment pages, users would see PayPal's official domain in their browser address bar, which further confirmed the scam's legitimacy. 

Victims who called the fake help numbers were most likely tricked into disclosing sensitive information or making unauthorised payments. According to MalwareBytes Report, this attack highlights how cybercriminals may use trusted platforms such as Google and PayPal to conduct sophisticated scams. Scammers successfully bypassed typical security measures by combining technical flaws with social engineering techniques, preying on people' trust in well-known brands.

The campaign has been reported to Google and PayPal, yet new malicious adverts utilising similar techniques continue to appear. Experts advise people to use caution when interacting with online adverts and to prioritise organic search results above sponsored links when looking for legitimate customer service information. Security technologies such as ad blockers and anti-phishing software can also help to reduce risks by blocking malicious links.
Read more »
security threat
AI Phishing Cybbercrime Cyber Attacks Cybersecurity CyberThreat Cyerhackers Phishing scam security threat

Lack of Phishing Awareness Among Executives Poses a Security Threat

 


Even though phishing scams are predicted to continue to pose a serious cybersecurity threat in the years to come, recent research has highlighted the fact that a worrying gap in awareness among business leaders has been identified as a major concern. The study found that a vast majority of executives in the United States are unable to recognize all the warning signs of a phishing email. This demonstrates that corporate security practices are vulnerable. 

As cyber threats have become increasingly sophisticated, the threat to personal and corporate data has risen. Security breaches and ransomware attacks have become increasingly common, driven by advances in artificial intelligence, which have enabled cybercriminals to develop more deceptive and efficient scams as a result of advances in artificial intelligence. Organizations are constantly facing new threats, as the digital landscape continues to evolve. As phishing tactics emerge every day, it becomes increasingly challenging for organizations to stay ahead of them. 

Cybersecurity awareness must be raised at the leadership level to mitigate these risks and protect sensitive information. There is currently a significant gap in cybersecurity knowledge among senior executives, raising concerns about how businesses are resilient to phishing attacks, according to a recent study. The findings suggest that only 1.6% of senior leaders were able to identify all key indicators of phishing emails in a correct manner, which indicates a critical weakness in cybersecurity defences at organizations. 

The lack of awareness is putting businesses at considerable risk, as phishing remains the most common method cybercriminals use to gain access to corporate networks. Phishing scams are expected to continue to cause major concern to businesses in 2025, as data indicates that these attacks directly lead to security breaches in the future. As a result of the survey, 40% of organizations experiencing a breach attributed the incident to phishing, which is the second most common cause of cybersecurity failures after malicious attacks. The number of breaches caused by computer viruses was second only to those caused by malware, affecting 53% of firms. 

In light of these findings, executives must enhance cybersecurity training and awareness initiatives so that they can mitigate the growing threats posed by phishing and other cyber threats to mitigate them. A report published annually examines the changing trends shaping the business landscape by looking at the impact of technology on the workplace. Technology advances, including cybersecurity, have been assessed comprehensively in this study to assess the impact they have on businesses daily. 

The latest study surveyed 1,036 senior executives and workplace managers from a variety of industries to gain insights into how organizations are dealing with these changes. This study reveals a concerning lack of leadership preparedness for data protection, which is concerning. Even though cyber threats are becoming increasingly sophisticated, many senior leaders in organizations are still unprepared to deal with vulnerabilities within their organizations. This study illustrates the urgency of improving cybersecurity training and establishing strategic initiatives to enhance data security measures in this era when digital threats continue to grow in sophistication. 

The study, conducted a few months ago, surveyed 1,036 U.S. business leaders to determine if they could recognize certain indicators of phishing emails from real emails. Participants were evaluated on their sensitivity to common red flags, among them: Spelling and grammatical errors Emails received from unfamiliar senders Requests for sensitive information Messages conveying urgency or threats Senior executives are showing a troubling lack of cybersecurity awareness, according to the findings of this study. 

Alarmingly, 33% of respondents failed to recognize when they received an email from an unknown sender that it might be a potential phishing scam. Even more concerning is that 47% of respondents failed to identify a tone of urgency or threat as a sign of phishing scams. In 2024, phishing attacks are estimated to have accounted for 40% of all data breaches affecting businesses, a sharp increase over 2023, when phishing attacks made up 23% of data breaches. Another finding of the study is that nearly a third (19%) of business leaders do not understand the concept of two-factor authentication, which is a fundamental security measure aimed at protecting against unauthorized access to their business systems. 

A significant gap is evident in cybersecurity education at the leadership level, indicating that serious concerns have been raised about organizations' data protection strategies. As a result, there will be substantial financial consequences for businesses if these vulnerabilities are exploited, with data breaches costing on average $4.88 million in 2024, which is an increase of 10% over last year's cost. Tech.co's Editor, Jack Turner, emphasizes the importance of addressing this matter and emphasises that research serves as a wake-up call for business leaders who may underestimate the risks associated with cybercrime. 

A significant percentage of respondents were unable to identify even the most basic signs of phishing attempts, which indicates why phishing attacks remain so effective. A company's cybersecurity training programs should not be limited to the IT department. They should be available to all employees, including entry-level employees and senior managers. Only by continuously increasing the level of education and vigilance can organizations strengthen their defences against cyberattacks, which are becoming increasingly commonplace. 

The business continues to suffer from significant financial and reputational damage as a result of poor cybersecurity practices, a result in data breaches that result in substantial revenue losses and long-term brand erosion. Since these risks must be taken into account, cybersecurity has become a top priority for companies, and leadership must take active steps to enhance security measures within their organization. 

The problem is, however, that many senior executives do not possess the fundamental knowledge they need to be able to implement effective security strategies. The latest survey reveals that almost 19% of senior leaders are unable to define multi-factor authentication (MFA) correctly, despite it being widely recognized as an effective tool to safeguard sensitive data, even though nearly 19% of them cannot do so. 

As a consequence, there is a significant vulnerability at the leadership level as they play a pivotal role in shaping and enforcing cybersecurity policies, and these policies are tightly regulated by their organizations. As a part of establishing a robust cybersecurity framework for an organization, senior leadership needs to take an active role in acquiring knowledge of key security measures and becoming familiar with those measures. However, securing an organization cannot rest solely in the hands of executive management. 

To develop a comprehensive security strategy, the entire company must be involved, with all employees being able to recognize and respond to potential threats. With technology progressing at such a rapid pace, investing in cybersecurity education at all levels of an organization is no longer an optional investment; rather, it is a must. By implementing structured training programs, companies can ensure their employees and executives remain alert to the ever-changing cyber threats. 

By cultivating a culture of cybersecurity awareness, businesses can ensure that their data, financial stability, and long-term reputation are protected in an increasingly digital environment, thus enhancing the efficiency of their business. Several key findings of the report reveal the urgent need for senior executives to have a better understanding of cybersecurity. 

Organizations must address this knowledge gap by providing comprehensive training and utilizing robust security frameworks that can strengthen their defences against cyberattacks from the outside. Cyber threats are becoming more advanced every day, and proactive leadership as well as company-wide awareness will be of crucial importance for mitigating risks and safeguarding business operations in a world where everything is going digital.
Read more »
Technology
AI ChatGPT Email Gen AI Phishing scam Technology

Dangers of AI Phishing Scam and How to Spot Them

Dangers of AI Phishing Scam and How to Spot Them

Supercharged AI phishing campaigns are extremely challenging to notice. Attackers use AI phishing scams with better grammar, structure, and spelling, to appear legit and trick the user. In this blog, we learn how to spot AI scams and avoid becoming victims

Checking email language

Earlier, it was easier to spot irregularities in an e-mail, all it took was one glance. As Gen AI models use flawless grammar,  it is almost impossible to find errors in your mail copy, 

Analyze the Language of the Email Carefully

In the past, one quick skim was enough to recognize something is off with an email, typically the incorrect grammar and laughable typos being the giveaways. Since scammers now use generative AI language models, most phishing messages have flawless grammar.

But there is hope. It is easier to identify Gen AI text, and keep an eye out for an unnatural flow of sentences, if everything seems to be too perfect, chances are it’s AI.

Red flags are everywhere, even mails

Though AI has made it difficult for users to find phishing scams, they show some classic behavior. The same tips apply to detect phishing emails.

In most cases, scammers mimic businesses and wish you won’t notice. For instance, instead of an official “info@members.hotstar.com” email ID, you may notice something like “info@members.hotstar-support.com.” You may also get unrequested links or attachments, which are a huge tell. URLs (mismatched) having subtle typos or extra words/letters are comparatively difficult to notice but a huge ti-off that you are on a malicious website or interacting with a fake business.

Beware of Deepfake video scams

The biggest issue these days is combating deepfakes, which are also difficult to spot. 

The attacker makes realistic video clips using photo and video prompts and uses video calling like Zoom or FaceTime to trap potential victims (especially elders and senior citizens) to give away sensitive data. 

One may think that only old people may fall for deepfakes, but due to their sophistication, even experts fall prey to them. One famous incident happened in Hong Kong, where scammers deepfake a company CFO and looted HK$200 million (roughly $25 million).

AI is advancing, and becoming stronger every day. It is a double-edged sword, both a blessing and a curse. One should tread the ethical lines carefully and hope they don’t fall to the dark side of AI.

Read more »
Phishing scam
AI scam Cyber Cyber Fraud Fraud Gmail Hack Google security Phishing scam

Gmail Confirms AI Hack: 2.5 Billion Users Warned of Phishing Scam

 

  
Gmail has issued a warning to its 2.5 billion users about a sophisticated AI-powered phishing attack. Fraudsters are using caller IDs that seem to originate from Google support, convincing users that their accounts have been compromised. Under the pretense of an account recovery process, they send an email with a recovery code that appears to come from a genuine Gmail address, Forbes reports.

Zach Latta, founder of Hack Club, noticed irregularities during an interaction with a so-called Google support agent. "She sounded like a real engineer, the connection was super clear, and she had an American accent," Latta told Forbes. Despite the convincing approach, the scam's goal is to deceive users into providing their login credentials, allowing cybercriminals to take control of their accounts.

Spencer Starkey, Vice President at SonicWall, emphasized the evolving nature of cyber threats: "Cybercriminals are constantly developing new tactics, techniques, and procedures to exploit vulnerabilities and bypass security controls, and companies must be able to quickly adapt and respond to these threats." He advised businesses to adopt a proactive cybersecurity approach, including regular security assessments and incident response planning.

Users Report Similar Fraud Attempts

According to the New York Post, Y Combinator founder Garry Tan shared his experience on X (formerly Twitter) after receiving phishing emails and phone calls.

"They claim to be checking that you are alive and that they should disregard a death certificate filed that claims a family member is recovering your account," Tan wrote, calling it an elaborate scheme to manipulate users into approving password recovery.

Microsoft solutions consultant Sam Mitrovic also encountered this scam months ago. Initially, he ignored the recovery notification and follow-up call, but when it happened again, he decided to answer.

"It's an American voice, very polite and professional. The number is Australian," Mitrovic recalled. He even verified the number on an official Google support page, making the deception more convincing. 

The caller alleged there was suspicious activity on his account and asked if he had logged in from Germany. When he denied it, the agent claimed someone had been accessing his account for a week and offered to help secure it. Mitrovic realized something was off when he spotted a suspicious email address in the follow-up message and stopped responding.

Forbes advises Gmail users to remain calm and immediately disconnect any call from so-called Google support, as Google does not contact users via phone. Instead, users should verify account activity themselves:
  • Use Google Search to check official security support pages.
  • Log into Gmail and navigate to the bottom right corner to review recent account activity.
  • Avoid sharing recovery codes with anyone over the phone.
With cyber threats evolving rapidly, vigilance is key to safeguarding online accounts.

Read more »
Scammer
AWS Crypto Phishing cryptocurrency cryptocurrency theft Cyber Attacks Fake Emails Ledger Phishing scam Scammer

Ledger Phishing Scam Targets Cryptocurrency Wallets

 


A sophisticated phishing email campaign has emerged, targeting cryptocurrency users by impersonating Ledger, a prominent hardware wallet provider. These fraudulent emails claim that the recipient’s Ledger wallet seed phrase — also known as a recovery or mnemonic seed — has been compromised. In an attempt to secure their funds, users are directed to a so-called “secure verification tool” where they are asked to confirm their seed phrase. The phishing emails appear convincing, offering a “Verify my recovery phrase” button. Clicking this button redirects victims through an Amazon Web Services (AWS) website to a fake domain, “ledger-recovery[.]info.”

Once users enter their seed phrase on this page, the attackers capture the information, granting them full access to the victims’ cryptocurrency wallets. A recovery phrase, typically consisting of 12 or 24 random words, acts as the key to accessing a wallet’s funds. The importance of keeping this phrase private and offline cannot be overstated. By stealing these phrases, the attackers gain control of the wallets and can siphon all funds, leaving victims with no recourse.

To increase the scam’s credibility, the phishing site includes several deceptive features. For example, it accepts only valid seed phrase words from a predetermined list of 2,048 options. Regardless of the entered data, the site falsely informs users that their phrase is incorrect, encouraging them to re-enter their information multiple times and ensuring the attackers receive accurate details.

The Evolving Nature of Phishing Scams

This phishing attempt highlights the evolving sophistication of such scams. In the past, phishing emails were often marred by poor grammar or clumsy wording, making them easier to spot. However, with advancements in generative artificial intelligence, scammers can now produce polished and professional-looking messages. In this instance, one of the few red flags was the use of the SendGrid email marketing platform and the redirection through an AWS website, which sharp-eyed recipients might notice.

While it remains unclear how many individuals fell victim to this scheme, any user who shared their seed phrase likely lost their funds permanently. This incident underscores the importance of exercising caution and maintaining strict security protocols when handling sensitive information like recovery phrases.

How to Protect Your Cryptocurrency Wallet

Cryptocurrency users are advised to verify communications directly through official sources and avoid clicking on links in unsolicited emails. Recovery phrases should never be shared online, as doing so compromises the entire wallet’s security. With scams becoming increasingly sophisticated, vigilance and education are crucial in safeguarding digital assets.

Read more »
Rhadamanthys malware
Check Point Cyber Attacks data security Gmail Gmail Hack Gmail-Accounts Personal Data Phishing scam Rhadamanthys malware

Gmail Alert: Massive Phishing Campaign Spreads Rhadamanthys Malware

 

Cybersecurity experts have issued a new warning about a large-scale phishing attack targeting Gmail users worldwide. Researchers at Check Point have uncovered the threat, which uses fake Gmail accounts to send emails impersonating well-known companies. These fraudulent messages claim recipients have violated copyright laws on their social media accounts, urging them to take immediate action. 

The goal of these emails is to trick victims into downloading attachments laced with the Rhadamanthys Stealer malware. Once installed, this malware infiltrates systems to steal sensitive personal data. The attackers’ strategy is both sophisticated and alarming. They create convincing fake Gmail accounts and customize emails to appear as if they are from legitimate organizations. Victims are informed of supposed copyright violations and pressured to resolve the issue by downloading attached files. 

However, clicking on these files triggers the malware’s installation, granting hackers access to a victim’s computer. The malware operates silently, collecting private information such as login credentials and other sensitive data without the user’s knowledge. The phishing campaign has already reached a global audience, targeting users in Europe, Asia, and the United States. Check Point highlights the staggering scale of the operation, noting that nearly 70% of the impersonated companies belong to the entertainment, media, technology, and software industries. This wide range of targets makes the attack more challenging to detect and stop. 

The campaign leverages people’s trust in established companies and creates urgency, making victims more likely to fall for the scam. One of the most concerning aspects of the attack is the advanced capabilities of the Rhadamanthys Stealer malware. This sophisticated program is specifically designed to evade detection by traditional security measures. Once installed, it can extract a variety of data from the infected system, including passwords, financial information, and personal files. The malware’s ability to operate covertly increases the risk for users who are unaware that their devices have been compromised. 

Experts stress the importance of vigilance in protecting against this type of phishing attack. Email users should carefully verify the sender’s identity and be cautious of messages that create a sense of urgency or demand immediate action. Legitimate organizations rarely use generic Gmail accounts to contact users, and they typically do not send unsolicited attachments or links. Users should also avoid downloading files or clicking on links from unknown sources, as these actions can initiate malware installation. 

Keeping antivirus software up to date is another critical step in preventing infections. Modern security programs are designed to detect and block malicious files like those associated with Rhadamanthys Stealer. Additionally, users are encouraged to report any suspicious emails to their email providers, which can help prevent further spread of such attacks. By staying informed and adopting safe online practices, individuals can reduce their vulnerability to these increasingly sophisticated phishing campaigns.
Read more »
Quishing
Cyber Fraud Data Privacy Phishing scam QR Codes Quishing

Phishing And The Threats of QR Codes

 

Cybercriminals have always been adept at abusing the latest technological developments in their attacks, and weaponizing QR codes is one of their most recent strategies. QR codes have grown in popularity as a method for digital information sharing due to their ease of use and functionality. 

However, their widespread use has created a new channel for phishing attempts, namely QR code phishing (or quishing). With the NCSC recently warning of an increase in these attacks, businesses must grasp how QR codes can be used to compromise staff and what they can do to effectively protect against these rising threats. 

Leaders at risk from QR code attacks 

Quishing attacks, like traditional phishing campaigns, typically attempt to steal credentials by social engineering, in which an email is sent from a supposedly trusted source and uses urgent language to persuade the target to perform a specific action. 

In a quishing attack, the target is frequently induced to scan a QR code disguised as a fake prompt, such as updating an expired password or examining a critical file. The malicious QR code will then direct visitors to a counterfeit login page, prompting them to enter - and ultimately expose - their credentials. 

CEOs and senior executives, who have the system access, are naturally appealing targets due to the high value of account credentials. In fact, the study discovered that C-Suite members were 42 times more likely than other employees to receive QR code phishing assaults. 

Quishing attacks mainly follow the same standard phishing strategy, in which social engineering is employed to control the victim's actions. However, when it comes to QR code phishing, cybercriminals appear to prefer two methods. 

Data collected in the second half of 2023 revealed that QR codes were most commonly used in false notifications for MFA activity (27% of all QR assaults) and shared documents (21%). Whatever the explanation for the malicious code, the majority of QR assaults security experts detected are credential phishing attempts. 

Prevention tips 

The best defence is to keep these attacks from reaching their intended targets at all. However, it is becoming increasingly evident that these new phishing schemes outperform secure email gateways (SEGs) and other legacy email systems. Unfortunately, these safeguards were not intended to thoroughly detect QR code threats or assess the code's destination.

Businesses need to be aware that new threats like QR codes will outsmart many of the classic security solutions, forcing them to switch to more contemporary, dynamic strategies like AI-native detection technologies.
Read more »
Vahan Parivahan
Cyber Fraud Cyberattacks CyberCrime CyberThreat Phishing scam Vahan Parivahan

Phishing Alert: Spotting the 'Vahan Parivahan' Speeding Violation Ticket Scam

 


There is no doubt that traffic violations have also been victimized by scammers, as have most online services, as phishing has become one of the new ways in which unsuspecting victims have been tricked into giving out their personal information. The scammer sends users an e-challan that mentions an issue, and as soon as they click on it, or download the app, they use this information to wipe their bank account clean and get away from them. 

Receiving an e-challan and questioning its legitimacy may indicate a scam is on the horizon. It has been found that cybercriminals have been exploiting traffic violations to lead unwitting individuals into phishing traps, leading unsuspecting individuals into phishing schemes. As the landscape of online fraud continues to evolve, a new scam has emerged, targeting unsuspecting vehicle owners through WhatsApp. A new scam dubbed the "Fake Traffic Violation Challan Scam" involves fraudsters sending bogus traffic challans through the messaging service, along with an APK file which is designed to take personal information. 

Several online scams have surfaced over the past few months, ranging from job offers to investment schemes, however, now a new threat has emerged - a fake traffic violation Challan scam. Recently, a Reddit user, known as Dambu186, shared his experience with the scam, emphasizing the importance of being aware of these types of scams and avoiding them. It is important to understand that Android uses an APK file format for distributing and installing its apps. 

APK files, a similar software installation process to EXE files for Windows computers, are used by Android devices for software installation. However, in this scam, the APK file isn't just another benign installer, but a Trojan horse designed to take control of users' phones. Vahan Parivahan phishing scams or e-challan scams are cyberattacks aimed at unsuspecting citizens who are notified via SMS that they have been charged with a traffic violation. 

In most cases, scammers send users a message with a link that invites them to pay the fine or download an app called Vahan Parivahan and once the app is downloaded, they have access to users' data and can steal money from their bank account as a result. There has been an increase in the number of scams targeting vehicle owners and drivers. One example of this scam is the "Vahan Parivahan Fraud." It is a scam in which users receive an APK file via WhatsApp along with an SMS that informs them of a traffic violation. 

There is a common fraud that one receives via SMS for an e-challan, and the link to the fake website or even an app will prompt users to download. Let's try to understand it and learn how to avoid it. There are fake websites that are similar to the official ones that are designed to steal information such as credit card numbers, Aadhaar numbers, login credentials, etc. These fake websites look like the official ones, but they are meant to steal information like these. 

Despite its disarmingly simple mode of operation, the scam has been successfully evading people for years. In India, scammers impersonate the government traffic department Parivahan, and they send messages on WhatsApp informing victims of an alleged traffic violation registered against their vehicles. An APK file is attached to the message, which encourages recipients to download the app to view and pay the challan. There are several details included in the message, including the specific date, a location that was generated randomly, as well as a fake challan number. 

This is an e-mail that seems legitimate enough to deceive the uninitiated, particularly those who are not familiar with traffic violation notifications or new car drivers. To stay safe from such scams, one of the best ways is to simply not click on any links in messages. The best thing users can do if they receive an e-challan notification is to go to the official website and check it out. Users can also contact the traffic police to verify the information. Despite what the message says, be aware of the ‘.gov.in’ extension when it comes to any official government website. 

Whenever users visit an unknown website, do not share any personal information until they are certain the site is legitimate. Installing the provided APK unintentionally installs malware on the user's computer. To create these fake apps, the attackers present a fake payment gateway to steal credit card details or net banking credentials from the user. The fake apps take many forms, from spyware that records keystrokes, to more aggressive types that allow the attacker to control the device completely. Keeping a vigilant eye out for scams like these is crucial to protecting users from them. 

Verify before Clicking, and ensure that all communication from official sources is authentic by verifying the authenticity of the communication through the official channels that they have verified. In no circumstances should users rely on messages received by WhatsApp or other social media platforms if they have not been verified. Keep an eye out for downloaded apps and unsolicited links. Never trust links or downloads from unknown sources, and do not download apps from them. 

The official apps are only available on reputable stores such as Android Play, or they can be downloaded directly from the official website of the developer. Ensure that a secure network whenever possible protects users' financial information from being intercepted in case of public Wi-Fi networks or unprotected networks. 

Be on the lookout for suspicious activity in their accounts: Make sure users routinely check their bank statements and transaction histories for any suspicious activity. It is crucial to educate others about such scams, especially those who might be less tech-savvy, and make sure they are aware of these threats. There are several things citizens can do to protect not only their personal information but to ensure their own peace of mind as well by staying informed and cautious. The key to a successful campaign against cybercrime is awareness, and action is the sword when it comes to fighting this crime.
Read more »
Subscribe to: Posts (Atom)