Security News

Black Friday cyber-pariahs have revamped gift-card scams to better target modern online shoppers hungry for deals post-Thanksgiving. Internet-based Black Friday and Cyber Monday scams have become as common as the Macy's Thanksgiving Day Parade.

The Federal Bureau of Investigation warned today that online shoppers risk losing more than $53 million during this year's holiday season to scams promising bargains and hard-to-find gifts. "During the 2020 holiday shopping season, the FBI Internet Crime Complaint Center received over 17,000 complaints regarding the non-delivery of goods, resulting in losses over $53 million," the federal law enforcement agency said in a public service announcement issued through the Internet Crime Complaint Center.

There has been a surge in reports of people getting scammed after visiting TSA PreCheck, Global Entry, and NEXUS application service sites, being charged $140 only to get nothing in return. Reports about these scams first appeared in March 2021, and by July, threat actors were abusing Google Ads to promote the fake sites on Google Search and increase their traffic.

A recently discovered phishing scam tried to takeover more than 125 high-profile user accounts on TikTok. Researchers at cloud email security provider Abnormal Security detected the scams that attempted to take over people's accounts by sending emails impersonating TikTok and asking users to verify their log-in information.

As the agency describes it, the scammer will contact their victim and somehow convince them that they need to send money, either with promises of love, further riches, or by impersonating an actual institution like a bank or utility company. After the mark is convinced, the scammer will have them get cash, and head to an ATM that sells cryptocurrencies and supports reading QR codes.

Crooks combine a new social engineering scam with a new way of packaging malware. Oh! No! How to block radio communications in a land with no hills.

The SQUID cryptocurrency peaked at a price of $2,861 before plummeting to $0 around 5:40 a.m. ET., according to the website CoinMarketCap. This kind of theft, commonly called a "Rug pull" by crypto investors, happens when the creators of the crypto quickly cash out their coins for real money, draining the liquidity pool from the exchange.

Well, over the past 24 hours, we, and many of our colleagues, have been on the receiving end of an email scam that preys on exactly these fears. In other words, receiving an email from a "Colleague" whom you don't know, and who doesn't know you, but who seems to have been dragged into a customer "Dispute" that you weren't even aware of yet.

During the early days of the pandemic, while the rest of the world was stress streaming and working on sourdough starter, an ambitious teen stuck in his bedroom decided to set up a fake "Love2Shop" gift card site to harvest people's payment information, invest the stolen money in cryptocurrency and become a millionaire. His age certainly didn't prohibit the scammer from being allowed to purchase Google ads to help lure people to his phishing scam site, according to prosecutors, ultimately ranking the scam phishing site over the legitimate one.

A global fraud campaign has been found leveraging 151 malicious Android apps with 10.5 million downloads to rope users into premium subscription services without their consent and knowledge. The premium SMS scam campaign - dubbed "UltimaSMS" - is believed to commenced in May 2021 and involved apps that cover a wide range of categories, including keyboards, QR code scanners, video and photo editors, spam call blockers, camera filters, and games, with most of the fraudulent apps downloaded by users in Egypt, Saudi Arabia, Pakistan, the U.A.E., Turkey, Oman, Qatar, Kuwait, the U.S., and Poland.