Security News

Cybersecurity researchers have detailed an updated version of an advanced fingerprinting and redirection toolkit called WoofLocker that's engineered to conduct tech support scams. The sophisticated traffic redirection scheme was first documented by Malwarebytes in January 2020, leveraging JavaScript embedded in compromised websites to perform anti-bot and web traffic filtering checks to serve next-stage JavaScript that redirects users to a browser locker.

The Feds didn't go as far as naming any specific vendors or services here, but one of the main reasons that crooks go down the "Beta-testing" route is to lure users of Apple iPhones into installing software that didn't come from the App Store. In contrast, even iPhone apps that are 100% free must be submitted by the vendor to the App Store to become available for download, and downloaded by the user from the App Store for installation.

The FBI is warning of an increase in scammers pretending to be recovery companies that can help victims of cryptocurrency investment scams recover lost assets. "Representatives of fraudulent businesses claiming to provide cryptocurrency tracing and promising an ability to recover lost funds may contact victims directly on social media or messaging platforms," reads the FBI notice.

Every year local government bodies or councils across Britain contact residents, asking them to update their voter details on the electoral register if these have changed. What's worse is, failure to respond to this notice by visiting the website can, at least in theory, lead to a criminal penalty-a fine up to £1,000, according to the Electoral Commission website.

The Federal Communications Commission (FCC) has announced a record-breaking $299,997,000 fine imposed on an international network of companies for placing five billion robocalls to more than 500...

A new report from Forrester is cautioning enterprises to be on the lookout for five deepfake scams that can wreak havoc. The deepfake scams are fraud, stock price manipulation, reputation and brand, employee experience and HR, and amplification.

FBI warns of a surge in tech support scams targeting the elderly across the United States and urging victims to dispatch cash concealed within magazines or similar items through shipping firms. While tech support scams have been around for years, the FBI says this is a departure from scammers' conventional tactics of soliciting their targets to send money using bank transfers, cryptocurrencies, or gift cards.

Experts at Group-IB noted both an increase in the number of scams as well as the number of people engaged in scam activity, both driven by the more frequent use of social media to spread scams and the growing automation of scam processes. In the APAC region, 58% of scam resources targeting companies in seven core economic sectors used this vector, while in Europe, messengers remained the primary vector for scam activity.

Cybersecurity researchers have exposed the workings of a scam ring called CryptosLabs that's estimated to have made €480 million in illegal profits by targeting users in French-speaking individuals in France, Belgium, and Luxembourg since April 2018. The syndicate's massive fake investment schemes primarily involve impersonating 40 well-known banks, fin-techs, asset management firms, and crypto platforms, setting up a scam infrastructure spanning over 350 domains hosted on more than 80 servers, Group-IB said in a deep-dive report.

A U.K. citizen who took part in the massive July 2020 hack of Twitter has been sentenced to five years in prison in the U.S. Joseph James O'Connor, 24, was awarded the sentence on Friday in the Southern District of New York, a little over a month after he pleaded guilty to the criminal schemes. The infamous Twitter breach allowed the defendant and his co-conspirators to obtain unauthorized access to backend tools used by Twitter, abusing them to hijack 130 popular accounts to perpetrate a crypto scam that netted them about $120,000 in illegal profits.