Security News

In this episode, we dig into research that figured out a way to steal data from iPhones wirelessly; we tell the fascinating story of how environmentalist divers in Germany came across an old Enigma cipher machine at the bottom of the Baltic sea; and we give you advice on how to talk to phone scammers. LISTEN NOW. Click-and-drag on the soundwaves below to skip to any point in the podcast.

With the holiday season in bloom, watch out for scams that promise free gift cards or offer to check your gift card balance, says Bolster. A report released Tuesday by fraud prevention company Bolster looks at two types of gift card scams ringing in the holiday season and offers tips on how to avoid them.

Phone scams, where a person or a computer calls you up and tries to trick you into saying, buying or doing something you later regret, are still a prevalent sort of cybercrime. What we have noticed is that most of the scam calls we're getting these days are automated, and that the calls themselves - just like phishing emails that are trying to cajole you into taking the next step by yourself - are merely calls-to-action, not full-on sales pitches in their own right.

A man pleaded guilty Thursday to his role in a computer protection services scam that cheated victims out of nearly $1 million by misleading them into believing that malware had been detected on their computers, federal prosecutors said. Himanshu Asri, 33, of Delhi, India, pleaded guilty in federal court in Providence to wire fraud conspiracy, according to the office of U.S. Attorney for Rhode Island, Aaron Weisman.

The Federal Bureau of Investigation has issued a notification to warn organizations of scammers setting up auto-forwarding email rules to facilitate business email compromise schemes. Cybercriminals are exploiting the mass shift to telework during the COVID-19 pandemic to conduct malicious operations, including BEC scams that are more likely to succeed due to the targeting of an email rule forwarding vulnerability.

Threat actors are exploiting legitimate SendGrid mailing service to spoof HMRC phishing emails that bypass spam filters. Email delivery service abused for spoofing HMRC emails.

The man who headed an international criminal call center racket that conned Americans into handing over tens of millions of dollars in the belief they were being chased for money by the US government has been jailed for 20 years. 24 of some 60 individuals charged in relation to the scam - essentially, those who were based in the US - have been found guilty and sentenced.

November saw a spike in phishing emails spoofing shipping companies such as DHL, Amazon, and FedEx, says Check Point Research. A blog post published Tuesday by cyber threat intelligence provider Check Point Research examines the recent spike in phishing email notifications that impersonate popular shipping companies and offers advice on how to defend yourself against these types of scams.

An Indian national on Monday was sentenced to 20 years in prison in the Southern District of Texas for operating and funding India-based call centers that defrauded US victims out of millions of dollars between 2013 and 2016. The first-ever large-scale, multi-jurisdictional investigation targeting the India call center scam industry saw the US Department of Homeland Security and Treasury Inspector General for Tax Administration charging Patel and 60 co-conspirators for orchestrating a "Complex scheme" that involved employees based out of call centers in Ahmedabad masquerading as officials from the IRS and US Citizenship and Immigration Services.

Hackers are looking to cash in on the top shopping days in the U.S. - Black Friday and Cyber Monday - as well as other events, like Singles' Day, which recently occurred this week in China. Last year, researchers said that social-media scams and domain-impersonation scams were some of the biggest types of attacks during the holiday shopping season.