Security News

Cybersecurity researchers have discovered a large-scale ongoing fraud scheme that lures unsuspecting Russian Internet users with promises of financial rewards to steal their payment card information. According to researchers at Group-IB, the multi-stage phishing attack exploited the credibility of Russian Internet portal Rambler to trick users into participating in a fictitious "Like of the Year 2020" contest.

Cybersecurity researchers have discovered a large-scale ongoing fraud scheme that lures unsuspecting Russian Internet users with promises of financial rewards to steal their payment card information. According to researchers at Group-IB, the multi-stage phishing attack exploited the credibility of Russian Internet portal Rambler to trick users into participating in a fictitious "Like of the Year 2020" contest.

Tax season is upon us and cybercriminals have taken notice, unleashing a tidal wave of attacks targeting every US citizen and tax prep company. "This information is also valuable and could be used or resold for identity fraud purposes. Additionally, the employees legitimate tax documents can also be found here. This could be used by the attackers to file fraudulent tax returns on the employee's behalf to direct their tax returns to the attacker's coffers." Threat researchers at Zix-AppRiver released a report last week detailing their efforts monitoring and actively battling a series of Business Email Compromise attacks on CPAs and law firms over the past month.

The attacks are emerging alongside the traditional e-mail based attacks that try to trick users into installing malware that can steal credentials or take control of systems. Attackers this year are focusing on smaller tax-preparation firms probably because "Smaller companies often have fewer resources and less expertise to prevent these attacks and detect them when they've happened," he wrote.

Puerto Rico's government said Friday that it suspended three employees as federal agents investigate an online scam that attempted to steal more than $4 million from the U.S. territory. Manuel Laboy, executive director of Puerto Rico's Industrial Development Company, said rigorous procedures were not followed when the agency received an email alleging a change in banking accounts that prompted someone to transfer more than $2.6 million to a fraudulent account in the U.S. mainland last month.

Obviously, these romance scams work obviously, but you know, whenever I see these types of messages in my Twitter inbox or even just on Facebook, because I see them a lot on social media. It's social engineering at its finest and I you know, never ceases to amaze me actually how good cyber criminals are sort of taking the pulse of what's going on out thereAnd definitely things like Valentine's Day where you know, people are going to be feeling a little vulnerable maybe or, or maybe they're you know, elated because they're in a new relationship or something and they're not paying as much attention as they should be.

Puerto Rico's government has lost more than $2.6 million after falling for an email phishing scam, according to a senior official. The finance director of the island's Industrial Development Company, Rubén Rivera, said in a complaint filed to police Wednesday that the agency sent the money to a fraudulent account.

A phishing scam has swindled a Puerto Rico government agency out of more than $2.6 million, according to reports. According to reports, the email-based phishing scam hit Puerto Rico's Industrial Development Company, which is a government-owned corporation aimed at driving economic development to the island along with local and foreign investors.

Business email compromise and email account compromise scams are still the most lucrative schemes for cybercriminals: the FBI's Internet Crime Complaint Center has calculated that, in 2019, the average monetary loss per BEC/EAC scam complaint reached $75,000. During the past year, the IC3 received a total of 467,361 cybercrime complaints with reported losses exceeding $3.5 billion, and $1.77 billion of those are the result of BEC/EAC. For comparison, BEC/EAC-associated losses were $1.3 billion in 2018, $676 million in 2017 and $360 million in 2016.

Several cybersecurity companies have spotted campaigns that use coronavirus-themed emails to deliver malware, phishing attempts and scams. The malicious emails warn potential victims about the impact of the coronavirus on the shipping industry.