Security News

British police are saying coronavirus-related fraud reports have spiked by 400 per cent over the past six weeks as the COVID-19 illness continues its inexorable march through humanity. Although absolute numbers of reports are low, perhaps kept that way because the public now knows Action Fraud is largely useless, the National Fraud Intelligence Bureau said there were a total of 200 reports of coronavirus scams made to them since 1 February.

Twenty-four individuals were arrested for laundering funds illegally obtained via business email compromise, romance, and retirement account scams targeting victims across the United States. The large-scale fraud operation facilitated by the arrested individuals has caused losses of more than $30 million, the Department of Justice has revealed.

Hackers are getting hacked via trojanized hacking toolsSomeone has been trojanizing a wide variety of hacking tools to compromise the machines of hackers who want to use the tools for free, Cybereason researcher Amit Serper has revealed. SECURE Magazine: RSAC 2020 special issue releasedRSA Conference, the world's leading information security conference and exposition, concluded its 29th annual event in San Francisco.

Scam robocalls and phishing emails disguised as banks continue to trick consumers to put their personal information at risk, and tax season is no exception. These tactics are particularly effective due to tax payers concerns of misfiling their taxes or accidentally running into trouble with groups like the IRS. McAfee researchers recently uncovered an example of an illegitimate IRS site created to scam unsuspecting consumers.

The menace of Business Email Compromise is often overshadowed by ransomware but it's something small and medium-sized businesses shouldn't lose sight of. Bang on cue, the FBI Internet Crime Complaint Center has alerted US businesses to ongoing attacks targeting organisations using Microsoft Office 365 and Google G Suite.

With the Western world conducting a considerable chunk of its day-to-day life online, with the help of computers, mobile phones and email, they are open to a variety of coronavirus-related cyber scams and schemes. Then there are the phishers and malware peddlers: since the very beginning of Covid-19's surge in Wuhan, they've been tricking users with fake email notifications and fake alerts impersonating local authorities, the US Centers for Disease Control and Prevention, and the World Health Organization to deliver malware or to steal email credentials.

For anyone who is a Stripe user - even if they haven't logged in for a while - the email seems pretty genuine. OK, the button didn't head to a Stripe domain, but the link didn't look particularly out of place, either - it was an HTTPS link to a regular-looking.com domain.

Cybersecurity researchers have discovered a large-scale ongoing fraud scheme that lures unsuspecting Russian Internet users with promises of financial rewards to steal their payment card information. According to researchers at Group-IB, the multi-stage phishing attack exploited the credibility of Russian Internet portal Rambler to trick users into participating in a fictitious "Like of the Year 2020" contest.

Cybersecurity researchers have discovered a large-scale ongoing fraud scheme that lures unsuspecting Russian Internet users with promises of financial rewards to steal their payment card information. According to researchers at Group-IB, the multi-stage phishing attack exploited the credibility of Russian Internet portal Rambler to trick users into participating in a fictitious "Like of the Year 2020" contest.

Tax season is upon us and cybercriminals have taken notice, unleashing a tidal wave of attacks targeting every US citizen and tax prep company. "This information is also valuable and could be used or resold for identity fraud purposes. Additionally, the employees legitimate tax documents can also be found here. This could be used by the attackers to file fraudulent tax returns on the employee's behalf to direct their tax returns to the attacker's coffers." Threat researchers at Zix-AppRiver released a report last week detailing their efforts monitoring and actively battling a series of Business Email Compromise attacks on CPAs and law firms over the past month.