Security News

The FBI warned today of fraudsters posing as Non-Fungible Token developers to prey upon NFT enthusiasts and steal their cryptocurrency and NFT assets. In these attacks, the criminals gain unauthorized access to NFT developer social media accounts or create nearly identical accounts to promote "Exclusive" NFT releases.

Cybercriminals are taking their business offline in a new approach to familiar technical support scams recently identified by the US Federal Bureau of Investigation. In a bulletin published yesterday, the FBI's Internet Crime Complaint Center says it's noticed a recent uptick in technical support scams across the US that, rather than urging victims to wire funds, send cryptocurrency or hand over gift card codes, is asking them to mail magazine-wrapped wads of cash.

The usage of platforms like Cash App, Zelle, and Venmo for peer-to-peer payments has experienced a significant surge, with scams increasing by over 58%. Additionally, there has been a corresponding rise of 44% in scams stemming from the theft of personal documents, according to IDIQ. AI voice technology. The report also highlights the rise of AI voice scams as a significant trend in 2023.

Ransomware actors and cryptocurrency scammers have joined nation-state actors in abusing cloud mining services to launder digital assets, new findings reveal. Earlier this March, Google Mandiant disclosed North Korea-based APT43's use of the hash rental and cloud mining services to obscure the forensic trail and wash the stolen cryptocurrency "Clean."

The FBI has issued a warning about fake job ads that recruit workers into forced labor operations in Southeast Asia - some of which enslave visitors and force them to participate in cryptocurrency scams. "Criminal actors assign debts to victims under the guise of travel fees and room and board, and use victims' mounting debt and fear of local law enforcement as additional means to control victims. Trafficked victims are sometimes sold and transferred between compounds, further adding to their debt," said the FBI. Advocacy groups and media report similar tactics, with victims targeted online and promised lucrative jobs abroad with travel fees and other benefits paid.

These apps have popped up in the Google Play and Apple App Store. "Scammers have and always will use the latest trends or technology to line their pockets. ChatGPT is no exception. With interest in AI and chatbots arguably at an all-time high, users are turning to the Apple App and Google Play Stores to download anything that resembles ChatGPT," said Sean Gallagher, principal threat researcher, Sophos.

Identity theft can lead to a nightmare of events, from scammers ruining people's credit score, to selling their information on the dark web, and even impersonating people to pass background checks. "If you think your data has no value then why would scammers spend so much time trying to steal your data if it's worthless? The truth is that anyone can be affected and it is important to stay vigilant and use proper protection," said Jakub Kroustek, Avast Malware Research Director.

Money mules, individuals whose bank accounts are used by fraudsters to transfer money, are becoming an increasingly prominent aspect of cybercriminals' economic business models too. In the US particularly, fraudsters are targeting unwitting consumers to become money mules.

Two execs and a multinational payment processing company must pay $650k to the US government, says the FTC, which accuses them of knowingly processing credit card payments for Microsoft-themed support scammers. The Justice Department and the Feds claim [PDF] Nexway, along with a web of related companies based in France, Switzerland, Germany, and the US, violated the FTC Act and the Telemarketing Sales Rule by processing payments for India-based Tech Live Connect and "Other foreign clients" that commit telemarketing fraud via tech support scams all over the world, although the agency and the department are regulating the United States side of things.

Fraudsters are underestimating the power of AI to detect fake IDs, according to a new report from Ondato. Based on an analysis of millions of ID verifications carried out for its customers in 2022, Ondato found that ID cards were used in 52% of fraudulent verification attempts - far ahead of driving licences and passports.