Security News

Last week we wrote about a WhatsApp hoax that was spreading widely, warning people to look out for a cybersecurity catastrophe that simply wasn't going to happen. The City of London Police in turn link you to UK National Fraud and Cyber Crime Reporting Centre's ActionFraud website, where you will see that the "City of London Police hasn't issued any alerts about fake messages from Danske Bank.".

If anyone is using that house party app DELETE IT My friends email account been hacked into by it And managed to get bank account details too and has hacked that. To be honest, we can't tell you that the Houseparty app is bug-free, because we haven't decompiled or analysed it, and even if we had, working out that an app is totally free of vulnerabilities is a close-to-impossible exercise, as are many tasks where you are expected to prove a negative.

Research from Akamai recently found that up to 75 percent of all credential abuse attacks against the financial services industry in 2019 targeted APIs directly. "We talk about API attacks and the reason why criminals are using targeted methods against API because the traditional 'throw it and hope it sticks' against financial services just isn't cutting it anymore, they have to be more creative," Steve Ragan, security researcher with Akamai, told Threatpost.

That's a very 1990s approach! Why not put your money into a digital piggy bank, instead? Better yet, why not choose a piggy bank that deliberately starts out in debt?

On August 7, 2019, a single credential stuffing attack against a financial services company recorded 55,141,782 malicious login attempts. The majority of API attacks against finserv was negligible for much of the two years covered by the analysis, but suddenly spiked to more than 80% of all malicious login attempts in May 2019, and to more than 75% in October 2019.

The web services 'n' security biz said, in a report released today, that three-quarters of all credential abuse attacks it detected in 2019 were targeted at banks' publicly available APIs. Akamai said it had "Observed 85,422,079,109 credential abuse attacks" over two years, spanning December 2017 to November last year.

British customers of High Street banking brand Natwest are being advised not to use the domain natwest.co.uk - by none other than Natwest itself. Consumers are increasingly becoming aware of threats to their online banking security through malware and malicious apps designed to steal credentials.

The SMS messages purport to be from local U.S. numbers and impersonate banks, warning users of locked bank accounts. The messages urge victims to click on a link, which redirects them to a domain that's known to distribute Emotet.

A mobile phishing campaign that targeted customers of more than a dozen North American banks, including Chase, Royal Bank of Canada and TD Bank, managed to hook nearly 4,000 victims. The attacks used an automated SMS tool to blast bogus security text messages to mobile phone users between June and last month.

Knowing the topic is critical for many, spammers are sending phishing emails with malicious attachments masquerading as instructions around the coronavirus. These coronavirus-themed phishing emails could affect businesses due to China's role in the world economy, according to OneSpan.