Security News
Cryptocurrency scammers are abusing a legitimate X "Feature" to promote scams, fake giveaways, and fraudulent Telegram channels used to steal your crypto and NFTs. On X, formerly Twitter, a post's URL consists of the account name of the person who tweeted it and a status ID, as shown below. This allows you to take an URL for a Tweet and modify the account name to whatever you want, even high-profile accounts.
Interpol on Tuesday revealed the results of what it's dubbed Operation HAECHI IV - a six-month effort that saw 34 nations cooperate, with funding from South Korea. The majority - about three quarters - of the crime investigated by the op was business email compromise, e-commerce fraud, and investment fraud.
The threat actors behind the BazaCall call back phishing attacks have been observed leveraging Google Forms to lend the scheme a veneer of credibility. The method is an "attempt to elevate the...
Human trafficking for the purposes of populating cyber scam call centers is expanding beyond southeast Asia, where the crime was previously isolated. The latest five-month operation discovered that victims from Malaysia were being trafficked to work in Peruvian call centers and Ugandan victims were being trafficked to Dubai for the same reason, only to be diverted to Thailand and then Myanmar.
A Los Angeles man has been jailed after pulling off SIM-swap attacks on victims, hijacking social media accounts, committing fraud with Zelle payments, and impersonating Apple support. Amir Hossein Golshan, 25, described in court documents as a "Serial cybercriminal and scammer," was sentenced to eight years in prison by a California federal court on Monday, and ordered to pay $1,218,526 in restitution.
Sad story of Tokelau, and how its top-level domain “became the unwitting host to the dark underworld by providing a never-ending supply of domain names that could be weaponized against internet...
Plus: Chocolate Factory launches second lawsuit against false DMCA takedowns Google has sued three scammers for offering a fake download of its Bard AI chatbot that contained malware capable of...
China-based scammers are using a combination of fake loan apps and India's real-time mobile payment system, Unified Payments Interface, to separate victims from their cash, according to a report by threat intel firm CloudSEK. "UPI service providers currently operate without coverage under the Prevention of Money Laundering Act," explained [PDF] CloudSEK researchers, letting the scammers' exploit the platforms with relative ease. Chinese payment gateways ensure the authorities cannot pursue the scammers.
The U.S. government has announced the seizure of 17 website domains used by North Korean information technology (IT) workers as part of an illicit scheme to defraud businesses across the world,...
India's Central Bureau of Investigation raided 76 locations in a nationwide crackdown on cybercrime operations behind tech support scams and cryptocurrency fraud. The police operation, part of Operation Chakra-II, aims to dismantle cyber-enabled financial crime rings and is a collaborative effort involving international law enforcement agencies and tech companies such as Microsoft and Amazon, working alongside the Indian federal enforcement agency.