Security News

There has been a surge in reports of people getting scammed after visiting TSA PreCheck, Global Entry, and NEXUS application service sites, being charged $140 only to get nothing in return. Reports about these scams first appeared in March 2021, and by July, threat actors were abusing Google Ads to promote the fake sites on Google Search and increase their traffic.

A recently discovered phishing scam tried to takeover more than 125 high-profile user accounts on TikTok. Researchers at cloud email security provider Abnormal Security detected the scams that attempted to take over people's accounts by sending emails impersonating TikTok and asking users to verify their log-in information.

As the agency describes it, the scammer will contact their victim and somehow convince them that they need to send money, either with promises of love, further riches, or by impersonating an actual institution like a bank or utility company. After the mark is convinced, the scammer will have them get cash, and head to an ATM that sells cryptocurrencies and supports reading QR codes.

Crooks combine a new social engineering scam with a new way of packaging malware. Oh! No! How to block radio communications in a land with no hills.

The SQUID cryptocurrency peaked at a price of $2,861 before plummeting to $0 around 5:40 a.m. ET., according to the website CoinMarketCap. This kind of theft, commonly called a "Rug pull" by crypto investors, happens when the creators of the crypto quickly cash out their coins for real money, draining the liquidity pool from the exchange.

Well, over the past 24 hours, we, and many of our colleagues, have been on the receiving end of an email scam that preys on exactly these fears. In other words, receiving an email from a "Colleague" whom you don't know, and who doesn't know you, but who seems to have been dragged into a customer "Dispute" that you weren't even aware of yet.

During the early days of the pandemic, while the rest of the world was stress streaming and working on sourdough starter, an ambitious teen stuck in his bedroom decided to set up a fake "Love2Shop" gift card site to harvest people's payment information, invest the stolen money in cryptocurrency and become a millionaire. His age certainly didn't prohibit the scammer from being allowed to purchase Google ads to help lure people to his phishing scam site, according to prosecutors, ultimately ranking the scam phishing site over the legitimate one.

A global fraud campaign has been found leveraging 151 malicious Android apps with 10.5 million downloads to rope users into premium subscription services without their consent and knowledge. The premium SMS scam campaign - dubbed "UltimaSMS" - is believed to commenced in May 2021 and involved apps that cover a wide range of categories, including keyboards, QR code scanners, video and photo editors, spam call blockers, camera filters, and games, with most of the fraudulent apps downloaded by users in Egypt, Saudi Arabia, Pakistan, the U.A.E., Turkey, Oman, Qatar, Kuwait, the U.S., and Poland.

It's easy to forget that the "Obviousness" of many scam emails comes from the fact that the crooks never intended those scams for us in the first place. We received a phish this morning that specifically targeted one of the main South African banks.

The latest findings show tech support scams, which often arrive as a pop-up alert convincingly disguised using the names and branding of major tech companies, have become the top phishing threat to consumers. Tech support scams are expected to proliferate in the upcoming holiday season, as well as shopping and charity-related phishing attacks.