Security News

BEC attacks are targeted at businesses that do a lot of invoicing or wire transfers, with the goal of scamming them using social engineering into sending money to attackers. BEC attacks can use malware to gain access to computers used by invoice approvers and other financial decision-makers and use their credentials to wire themselves money, as well as harvest other kinds of personal information for use in other scams.

Riddle: What do you get when you cross the COVID-19 quarantine with bored kids, heart-melting online ads for floppy-eared spaniel puppies, and online ordering? The Better Business Bureau last week raised the alarm on what it says is a spike in online puppy scams it's seeing now that the pandemic has so many people stuck at home, wistfully imagining that it's the perfect time to train and bond with a little fluff ball.

A new report from Kaspersky found that cybercriminals are using the increase in delivery demand to push convincing phishing emails into thousands of inboxes. "The spikes in demand are causing in-transit times to stretch out. As a result, customers are getting used to receiving apologetic messages from couriers linking to updated shipping statuses. Recently, we have observed a number of fake sites and emails supposedly from delivery services exploiting the coronavirus topic," Kaspersky Lab anti-spam analyst Tatyana Shcherbakova wrote in a blog post.

You may have heard that today's phone fraudsters like to use caller ID spoofing services to make their scam calls seem more believable. You probably didn't know that these fraudsters also can use caller ID spoofing to trick your bank into giving up information about recent transactions on your account - data that can then be abused to make their phone scams more believable and expose you to additional forms of identity theft.

In the past, most of these sextortion emails were sent in high numbers with links to Bitcoin sites, specific URLs, and other details that raised a red flag with security filters. That's why many sextortion emails have switched to using QR codes, which many filters can't detect.

The fact ís that yoü were ínfected wíth malware throügh an adült síte that yoü vísíted. Íf yoü are not famílíar wíth thís, wíll explaín.

In the past week, an average of 18 million COVID-19 phishing emails were sent per day via Gmail to unsuspecting marks, according to Google. Google said its malware scanner uses deep-learning tech to detect malware on 300 billion attachments each week, and 63 per cent of dodgy docs blocked by Gmail are different from day to day.

We discuss the biggest cybersecurity news stories of the week. New podcast episode out now!

Successful COVID-19-themed fraud attempts perpetrated in the US, since the beginning of the year resulted in a little over $13 million losses, the Federal Trade Commission has shared. Despite repeated alerts from a variety of sources - the FBI, the FTC, the FCC - US citizens continue to fall for COVID-19-themed scams.

Email security biz Mimecast has warned of a flight refund scam doing the rounds amid a general uptick in coronavirus-related online crime. It works by offering a fake flight refund form via email.