Security News

A threat actor named Savvy Seahorse is abusing CNAME DNS records Domain Name System to create a traffic distribution system that powers financial scam campaigns. Using DNS CNAME records as a TDS. Savvy Seahorse creatively uses Canonical Name records as a Traffic Distribution System for its operations, allowing threat actors to easily manage changes, such as performing IP rotation that enhances detection evasion.

Mexican users have been targeted with tax-themed phishing lures at least since November 2023 to distribute a previously undocumented Windows malware called TimbreStealer. Cisco Talos,...

In this Help Net Security video, Tyler Adams, CEO at CertifID, illustrates how the real estate sector needs to invest significant effort in educating consumers and implementing protective measures to safeguard real estate transactions. Recent CertifID research found that median consumer losses in real estate fraud schemes exceeded $70,000 per incident as a result of stolen buyer down payments and seller net proceeds.

Two Chinese nationals face 20 years in prison after being caught and convicted of submitting over 5,000 fake iPhones worth more than $3 million to Apple with the goal of having them replaced with genuine devices. Apple offers a one-year warranty for new iPhones, enabling customers to return malfunctioning devices to Apple or authorized resellers for a replacement.

Two Chinese nationals are facing a maximum of 20 years in prison after being convicted of mailing thousands of fake iPhones to Apple for repair in the hope they'd be replaced with new handsets. The Department of Justice says the pair submitted upwards of 5,000 "Inauthentic" iPhones to the tech giant "Intending to cause a loss of more than $3 million to Apple" between May 2017 and September 2019.

First-person account of someone who fell for a scam, that started as a fake Amazon service rep and ended with a fake CIA agent, and lost $50,000 cash. If you think it couldn't happen to you, think again.

Analysis of 7 billion emails shows clean links are duping users, malicious EML attachments increased 10-fold in Q4, and social engineering attacks are at all-time highs, according to VIPRE Security. Often protected by nothing more than human nature and an antivirus, cybercriminals continue to use email to launch their most basic and persistent attacks.

70% of businesses report that fraud losses have increased in recent years and over half of consumers feel they're more of a fraud target than a year ago, according to Experian. Experian predicts fraudsters will use generative AI to accelerate "Do-it-yourself" fraud with a wide range of deepfake content, such as emails, voice and video as well as code creation to set up scam websites and perpetuate online attacks.

The extent of the scam was revealed on Monday in an audit of the ATO's management and oversight of fraud control arrangements for the Goods and Services Tax - Australia's equivalent of a value-added or sales tax. The scam promoted in online ads detailed a means of securing a loan from the ATO - an outright lie, as Australian tax authorities are not notably more generous than others around the world.

The threat actor known as Patchwork likely used romance scam lures to trap victims in Pakistan and India, and infect their Android devices with a remote access trojan called VajraSpy. Slovak...