Security News

Dark web: Underground forums remain a hotbed of COVID-19 scams
2020-11-10 13:21

In closed forums on the dark web, criminals are trading vast databases of consumer information gathered via data breaches and phishing attacks, but also through readily-available government databases. Already a marketplace for drugs, weapons, stolen bank details and leaked website databases, the dark web has now become a thriving underground community where individuals discuss and trade techniques for capitalizing on COVID-19.

HMRC smishing tax scam targets UK banking customers
2020-11-08 13:10

The smishing campaign is concerning as it employs multiple HMRC phishing domains and tactics, with new domains added every day as older ones get flagged by spam filters. Not only do the phishing pages mimic HMRC's web interface meticulously, but they also have entire online banking workflows built into them, depending on who your banking provider is.

Scam PSA: Ransomware gangs don't always delete stolen data when paid
2020-11-04 17:47

Ransomware gangs are increasingly failing to keep their promise to delete stolen data after a victim pays a ransom. In the Coveware Q3 2020 ransomware report released today, we learn that some ransomware gangs do not keep their promise to delete stolen data after a ransom is paid.

Two Charged in SIM Swapping, Vishing Scams
2020-11-03 18:30

Two young men from the eastern United States have been hit with identity theft and conspiracy charges for allegedly stealing bitcoin and social media accounts by tricking employees at wireless phone companies into giving away credentials needed to remotely access and modify customer account information. Investigators allege the duo set up phishing websites that mimicked legitimate employee portals belonging to wireless providers, and then emailed and/or called employees at these providers in a bid to trick them into logging in at these fake portals.

Trump Campaign Website Defaced by Cryptocurrency Scam
2020-10-28 11:32

UPDATE. Hackers took over President Trump's 2020 election campaign website late Tuesday, replacing parts of the site with a cryptocurrency scam before returning it to its original content several minutes later. "While the hacked page claimed that the threat actors responsible compromised"multiple devices" that gave them "full access" to internal and secret conversations" of "Trump and relatives," there is no evidence that these statements are true, according to the Trump campaign.

XSS Vulnerability Exploited in Tech Support Scam
2020-10-22 13:49

Malwarebytes security researchers have identified a new campaign in which tech support scammers are exploiting a cross-site scripting vulnerability and are relying exclusively on links posted on Facebook to reach potential victims. This, they say, suggests that the tech support scammers were regularly changing these links to avoid blacklisting.

Rapper Scams $1.2M in COVID-19 Relief, Gloats with ‘EDD’ Video
2020-10-19 19:22

Rapper Fontrell Antonio Baines, who goes by the stage name "Nuke Bizzle," made his first appearance in U.S. District Court in downtown Los Angeles on Friday after being charged with fraudulently applying for more than $1.2 million in jobless benefits under the Coronavirus Aid, Relief and Economic Security Act, according to a statement from the U.S. Attorney's Office in the Central District of California. Authorities were tipped off to the scheme after Baines posted a music video on YouTube and Instagram titled "EDD," an apparent reference to the state unemployment agency.

Naked Security Live – Stay on top of phishing scams
2020-10-05 18:31

We do a show on Facebook every week in our Naked Security Live video series, where we discuss one of the big security concerns of the week. For those of you who [a] don't use Facebook, [b] had buffering problems while we were live, [c] would like subtitles, or [d] simply want to catch up later, we also upload the recorded videos to our YouTube channel.

Facebook Small Business Grants Spark Identity-Theft Scam
2020-09-30 16:27

Cybercriminals are exploiting a $100 million Facebook grant program designed for small businesses impacted by the pandemic, to phish personal information and take over Facebook accounts. They pointed out that there is in fact, a real CNBC article about coronavirus-related Facebook grants, but the legitimate program is for small businesses, not individuals.

Naked Security Live – “SMS scams: keep yourself and your family safe!”
2020-09-28 07:59

Naked Security Live - here's the recorded version of our latest video. Enjoy.