Security News

Crooks almost certainly can't get hold of a server name that ends with, say, paypal DOT com, but can create any number of subdomains that start with paypal DOT and end with some unrelated domain. The suspicious-looking right-hand end of a full domain name often ends up invisible on a mobile phone because it won't fit in the address bar.

A non-profit community housing collective has been swindled out of more than $1.2 million in a business email compromise campaign. Red Kite Community Housing, a coop housing association in High Wycombe, U.K. announced in a recent website notice that £932,000 of the money paid into its coffers by tenant-owners was transferred to cybercrooks thanks to a convincing domain-spoofing effort.

Nearly five years after the high-profile Ashley Madison data breach, hundreds of impacted website users are being targeted by a new extortion attack this past week. Victims are receiving emails threatening to expose their Ashley Madison accounts - along with other embarrassing data - to family and friends on social media and via email, unless they pay a Bitcoin ransom.

What's the difference between a real job and the horde of fake ones found on the internet? It's even more basic than the fact that one is fake - fake jobs are suspiciously easy to get interviews for.

More than a week after its website and online services were taken offline by malware, foreign currency super-exchange Travelex continues to battle through what has become an increasingly damaging outage that may have unpatched VPN servers at its heart. While the capital's cops declined to name a specific victim, a spokesperson told us: "On Thursday, 2 January the Met's Cyber Crime Team were contacted with regards to a reported ransomware attack involving a foreign currency exchange. Enquiries into the circumstances are ongoing."

That IT exec's name is Hicham Kabbaj, and on Friday, he pleaded guilty to one count of wire fraud for having set up a shell company and billing his employer for firewalls and services that "Interactive Systems" never actually installed. Once Company-1 paid up, Kabbaj would slide the cash on over to his own bank account - a scam that netted him a cool $6 million.

Have you ever received items by courier from people overseas? A free MacBook Pro for just $1! As we mentioned above, scams like this aren't miles away from real life, because emails from courier companies that document unexpected import and delivery charges are not unusual.

Gas stations are gearing up for a major change in credit-card fraud liability in October, when they will find themselves on the hook for card-skimming attacks at the pump. Dobieski however believes that with the shift in liability for attacks on card data looming, gas stations will indeed spend the next 10 months either finally upgrading their fuel pumps to chip-and-PIN, or, finding a workaround, such as implementing tokenization or point-to-point encryption.

More than 100 Chinese nationals in Nepal on tourist visas have been detained over a suspected cyber scam, police said Wednesday, in the country's largest ever crackdown involving foreigners. Eight...

14 Bank Websites Spoofed as Part of Two-Year Campaign, Check Point ReportsFor two years, an attack group using Ukraine-based infrastructure has been creating hundreds of lookalike domains to...