Security News

"Most often associated with digital art, NFTs are considered to be the modern equivalent of an art collection. Only a certain number of NFTs are produced for a project and they have a variety of traits, which can contribute to the value of an NFT from a rarity standpoint," Narang explains. "Most of the popular NFT projects are what are called PFPs projects like CryptoPunks or Bored Apes. Buyers acquire these and use them as their profile pictures on social media, because social media has become our digital art gallery. While it's true that anyone can right click and save a PFP from one of these projects and claim it for their own, because these are blockchain based projects, there is a way to verifiably prove ownership. Twitter recognized the value of NFTs as PFPs, which is why they started offering the ability for cryptocurrency enthusiasts to verify ownership of their NFTs on the blockchain in a more transparent way."

Attackers are targeting the Discord servers of several popular nonfungible token projects. According to Fraser, Discord API leaks "The name, description, members list, and activity data for every private channel on every server." He explained he stumbled on the issue while setting up an automated script to notify him anytime a user enters a certain keyword.

An Interpol-led operation code-named Killer Bee has led to the arrest and conviction of a Nigerian man who was said to have used a remote access trojan to reroute financial transactions and steal corporate credentials. Interpol linked the suspects to a syndicate of Nigerian fraudsters using a RAT known as Agent Tesla to access business computers and divert monetary transactions to their own accounts.

Interpol on Monday announced the arrest of three suspected global scammers in Nigeria for using remote access trojans such as Agent Tesla to facilitate malware-enabled cyber fraud. The law enforcement said that the suspects systematically used Agent Tesla to breach business computers and divert financial transactions to bank accounts under their control.

A new wave of cryptocurrency systems dubbed De-Fi, short for decentralised finance, has arisen to fill that transactional void. Instead of depositing your funds with a licensed and regulated bank, and then trading with those funds by choosing from a carefully curated list of transaction types, De-Fi systems let you invest your money with them, in return for access to a "Smart contract" system that allows you trade automatically with other users of the system in a way to suit yourself.

A platform for everyone to seamlessly share their best moments online, Instagram is slowly turning into a mecca for the undesirables-from sexual harassers to crypto "Investors" helping you "Get rich fast." American investor and hedge fund manager, Mark W. Yusko is one such person whose identity is being misused by not one-several Instagram scammers.

Google on Monday disclosed that it's taking legal action against a nefarious actor who has been spotted operating fraudulent websites to defraud unsuspecting people into buying non-existent puppies. "The actor used a network of fraudulent websites that claimed to sell basset hound puppies - with alluring photos and fake customer testimonials - in order to take advantage of people during the pandemic," Google's CyberCrime Investigation Group manager Albert Shin and senior counsel Mike Trinh said.

Threat actors have new targets in their sites this tax season during the annual barrage of cyber-scams as people file their U.S. income-tax documents. It's common for attackers to target popular tax filing and preparation apps such as Intuit and TurboTax in various cybercriminal campaigns during tax season, a time that's traditionally rife with scams.

As SophosLabs reported last year cybercriminals were nevertheless able to draw iPhone users into their cryptocoin app scams by using Enterprise Provisioning. The technological basis for these scam apps is surprisingly simple: the crooks persuade you, for example on the basis of a friendship carefully cultivated via a dating site, into giving them the same sort of administrative power over your iPhone that is usually reserved for companies managing corporate-owned devices []. Typically, [this means] they can remotely wipe them, unilaterally or on request, block access to company data, enforce specific security settings such as lock codes and lock timeouts.

We monitor a range of email addresses related to Naked Security, so we receieve a regular supply of real-world spams and scams. Right now our scam feed is awash with a variety of frauds targeting Instagram, Instagram, and Instagram.