Security News

Two Charged in SIM Swapping, Vishing Scams
2020-11-03 18:30

Two young men from the eastern United States have been hit with identity theft and conspiracy charges for allegedly stealing bitcoin and social media accounts by tricking employees at wireless phone companies into giving away credentials needed to remotely access and modify customer account information. Investigators allege the duo set up phishing websites that mimicked legitimate employee portals belonging to wireless providers, and then emailed and/or called employees at these providers in a bid to trick them into logging in at these fake portals.

Trump Campaign Website Defaced by Cryptocurrency Scam
2020-10-28 11:32

UPDATE. Hackers took over President Trump's 2020 election campaign website late Tuesday, replacing parts of the site with a cryptocurrency scam before returning it to its original content several minutes later. "While the hacked page claimed that the threat actors responsible compromised"multiple devices" that gave them "full access" to internal and secret conversations" of "Trump and relatives," there is no evidence that these statements are true, according to the Trump campaign.

XSS Vulnerability Exploited in Tech Support Scam
2020-10-22 13:49

Malwarebytes security researchers have identified a new campaign in which tech support scammers are exploiting a cross-site scripting vulnerability and are relying exclusively on links posted on Facebook to reach potential victims. This, they say, suggests that the tech support scammers were regularly changing these links to avoid blacklisting.

Rapper Scams $1.2M in COVID-19 Relief, Gloats with ‘EDD’ Video
2020-10-19 19:22

Rapper Fontrell Antonio Baines, who goes by the stage name "Nuke Bizzle," made his first appearance in U.S. District Court in downtown Los Angeles on Friday after being charged with fraudulently applying for more than $1.2 million in jobless benefits under the Coronavirus Aid, Relief and Economic Security Act, according to a statement from the U.S. Attorney's Office in the Central District of California. Authorities were tipped off to the scheme after Baines posted a music video on YouTube and Instagram titled "EDD," an apparent reference to the state unemployment agency.

Naked Security Live – Stay on top of phishing scams
2020-10-05 18:31

We do a show on Facebook every week in our Naked Security Live video series, where we discuss one of the big security concerns of the week. For those of you who [a] don't use Facebook, [b] had buffering problems while we were live, [c] would like subtitles, or [d] simply want to catch up later, we also upload the recorded videos to our YouTube channel.

Facebook Small Business Grants Spark Identity-Theft Scam
2020-09-30 16:27

Cybercriminals are exploiting a $100 million Facebook grant program designed for small businesses impacted by the pandemic, to phish personal information and take over Facebook accounts. They pointed out that there is in fact, a real CNBC article about coronavirus-related Facebook grants, but the legitimate program is for small businesses, not individuals.

Naked Security Live – “SMS scams: keep yourself and your family safe!”
2020-09-28 07:59

Naked Security Live - here's the recorded version of our latest video. Enjoy.

SMS phishing scam pretends to be Apple “chatbot” – don’t fall for it!
2020-09-24 18:59

Sadly what works for legitimate businesses almost always works for cybercriminals too, so there are plenty of crooks still using SMSes for phishing - an attack that's wryly known as smishing. Your phone's operating system will happily recognise when the text in an SMS looks like a URL and automatically make it clickable for you.

Free Apple iPhone 12? Chatbot Scam Spreads Via Texts
2020-09-24 18:11

A mobile phishing campaign is spreading via text messages purporting to come from an Apple chatbot - and offering "Free trials" of iPhone 12. Clicking the link triggers an interaction - via multiple texts - with a supposed "Apple chatbot."

Man Pleads Guilty to Role in $600K Malware Protection Scam
2020-09-16 10:31

A man from India has pleaded guilty to his role in a scheme that tried to embezzle about $600,000 from seven people over the age of 65 in the U.S., federal prosecutors say. Chirag Sachdeva, 30, participated in a telemarketing scheme that offered victims computer protection services after misleading them to believe that malware had been detected on their computers, according to a statement from the U.S. attorney's office in Rhode Island.