Security News

The ScamClub malvertising group used a zero-day vulnerability in the WebKit web browser engine to push payloads that redirected to gift card scams. During their campaigns over the past three months, the number of malicious ad impressions served in a day recorded spikes as high as 16 million.

Romance scams remain the most successful fraud strategy for cybercrooks, and represents a growing sector, according to the Federal Trade Commission. Romance scams have flourished during the COVID-19 pandemic, thanks to a widening pool of targets, the FTC said.

Businesses and consumers are relying on the voice call more than ever during the pandemic with voice traffic up 184% in 2020 compared to 2019, according to a Hiya report. Nearly 40% of all respondents reported losing money to phone scams in 2020 - with an average of $182 per person.

A text message-based tax scam is making the rounds in the U.K., in a probable harbinger of things to come as the U.S. tax season gets underway in earnest. "In this scam, we have to admit that the crooks pulled off a surprisingly believable sequence of web pages - not perfect, but visually believable nevertheless," he said.

Every month of the year has some sort of tax relevance somewhere in the world, and tax scamming cybercrooks take advantage of the many different regional tax filing seasons to customise their criminality to where you live. In the UK, the 2019/2020 tax year ended on 05 April 2020, and the deadline for filing your taxes electronically was 31 January 2021.

Brit cops have cuffed eight men in England and Scotland amid a probe into SIM-swapping attacks on high-profile US targets - including sports stars, musicians, and "Influencers" - that had money and personal data stolen. Last year unauthorised third parties took over the Twitter accounts of 130 celebrities including Elon Musk, Bill Gates, and former US president Barrack Obama.

Because my email address is public, most of these messages are unsolicited; a few might even be dangerous. Scam emails often look real; they're personalized and can be quite convincing.

Hundreds of investors in a fake cryptocurrency scam were bilked out of $11 million by John DeMarr, who advised them to invest in fake cryptocurrency "Bitcoiin," took their money and spent it on a Porsche, jewelry and upgrades to his home, a criminal complaint from the Department of Justice alleges. Actor Steven Seagal was hired to promote the company, also known as "Bitcoiin2Gen" or "B2G," and was ordered last year by the Securities and Exchange Commission to pay a $157,000 penalty, without admitting to any crimes.

More than 40 scammer groups are actively engaged in schemes leveraging a scam-as-a-service offering that provides users the tools and resources needed to conduct fraud, according to threat hunting and intelligence company Group-IB. The automated scam service has been named Classiscam by Group-IB and it's meant to help cybercriminals steal money and payment data from unsuspecting victims, through the use of fake pages mimicking those of legitimate classifieds, marketplaces and delivery services. Simple and straightforward, the scheme has gained a lot of popularity, with over 5,000 scammers registered in the 40 most popular Telegram chats by the end of 2020.

A new automated scam-as-a-service has been unearthed, which leverages Telegram bots in order to steal money and payment data from European victims. These groups have bought into full-fledged scam kits, equipping them with Telegram chatbots for automated communication with victims, as well as customized webpages that lead victims to phishing landing pages.