Phishing scam had all the bells and whistles—except for one
A reminder that stuff published on the Internet gets published on the Internet. Enlarge / The query window for username and password on a webpage can be seen on the monitor of a laptop. (credit: Jens Büttner/picture alliance via Getty Images).....»»
Lawsuit: Citibank refused to reimburse scam victims who lost “life savings”
Citibank's poor security helped scammers steal millions, NY AG's lawsuit says. Enlarge / The Citibank logo on a bank in New York City in January 2024. Citibank is being accused of illegally refusing to reimburse scam vi.....»»
What is catfishing and what can you do if you are catfished?
Catfishing is when a person uses false information and images to create a fake identity online with the intention to trick, harass, or scam another person. It often happens on social media or dating apps and websites as a tactic to form online relati.....»»
1Kosmos BlockID 1Key secures users in restricted environments
1Kosmos announced BlockID 1Key, a biometric security key to provide a phishing-resistant passwordless multi-factor authentication option for Sensitive Compartmented Information Facilities (SCIF), manufacturing clean rooms, customer help desks, higher.....»»
"Shark Tank" keto gummies are a scam. Yet, Google keeps letting scammers run search ads.
Shark Tank has never endorsed weight loss keto gummies. Google keeps letting scammers advertise these fake products anyway. Do a Google search for "Shark Tank keto gummies" and you'll find a slew of paid sponsored search ads promoting the suppo.....»»
Living Security Unify Power Insights identifies vulnerable members within an organization
Living Security announced Unify Power Insights, which combines intelligence across multiple identity management and security tools to pinpoint visibility into which members of the workforce are most vulnerable to phishing, account compromise, malware.....»»
Flipping the BEC funnel: Phishing in the age of GenAI
For years, phishing was just a numbers game: A malicious actor would slap together an extremely generic (and usually poorly-written) email and fire it out to thousands of recipients in the hope that a few might take the bait. Over time, however, as s.....»»
Actor paid to pose as crypto CEO “deeply sorry” about $1.3 billion scam
Fake CEO denied profiting off the alleged cryptocurrency scam. Enlarge / A screenshot from Jack Gamble's video outing Stephen Harrison as HyperVerse's fake CEO, posted on Gamble's "Nobody Special Finance" YouTube channel. (credit.....»»
Fake "hack-back" offers are putting ransomware victims at further risk
Fraudsters are now going after ransomware victims, offering to return stolen data for a price - but surprise surprise, it's a scam......»»
Uncovering the hidden dangers of email-based attacks
Email-based attacks have evolved beyond traditional spam and phishing attempts. Cybercriminals now employ sophisticated tactics such as spear-phishing, whaling, and business email compromise (BEC), posing a significant threat to businesses of all siz.....»»
Elon Musk drops price of X gold checks amid rampant crypto scams
Reports come the same week X reduced the cost of buying gold checkmarks. Enlarge (credit: ALAIN JOCARD / Contributor | AFP) There's currently a surge in cryptocurrency and phishing scams proliferating on X (formerly Twit.....»»
Apple settles lawsuit after being accused of benefiting from gift card scam
Apple this week agreed to settle a lawsuit over its gift cards that was filed in 2020. More specifically, the company had been accused of not helping victims of a scam involving its prepaid gift cards – and even of benefiting from these scams. Now.....»»
Breaking down the state of authentication
In this Help Net Security video, Bassam Al-Khalidi, co-CEO of Axiad, discusses the results of Axiad’s recent State of Authentication Survey. Key findings from the survey revealed: – 39% indicated phishing is the most feared cyberattack, while.....»»
Apple moves to settle gift card scam lawsuit
Apple has agreed to pay an as-yet undisclosed sum to settle a class-action lawsuit that claimed the company knowingly profited from scammers who stole its gift cards.An Apple gift cardThe original suit was filed in 2020 and alleged that Apple did not.....»»
Ransomware trends and recovery strategies companies should know
Ransomware attacks can have severe consequences, causing financial losses, reputational damage, and operational disruptions. The methods used to deliver ransomware vary, including phishing emails, malicious websites, and exploiting vulnerabilities in.....»»
Qakbot returns in fresh assault on hospitality sector
The Qakbot botnet has been disrupted this summer, but cybercriminals are not ready to give up on the malware: Microsoft’s threat analysts have spotted a new phishing campaign attempting to deliver it to targets in the hospitality industry. Qakb.....»»
Bitdefender Scamio helps users verify fraudulent online schemes
Bitdefender unveiled Bitdefender Scamio, a complimentary scam detection service designed to help users verify fraudulent online schemes delivered by email, embedded links, text, and instant messaging through collaboration with a chatbot powered by AI.....»»
Recruiters, beware of cybercrooks posing as job applicants!
Recruiters are being targeted via spear-phishing emails sent by cybercrooks impersonating job applicants, Proofpoint researchers are warning. “The tone and content of the emails suggest to the recipient the actor is a legitimate candidate, and.....»»
Week in review: Booking.com hotel booking scam, Kali Linux 2023.4 released
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Advanced ransomware campaigns expose need for AI-powered cyber defense In this Help Net Security interview, Carl Froggett, CIO at Deep Instinct, dis.....»»
Is the Facebook algorithm bypass a scam? Or is it a hack?
No, you can't bypass the Facebook algorithm by copying and pasting a post. Not then, not now. It's just not how things work......»»
Short-term AWS access tokens allow attackers to linger for a longer while
Attackers usually gain access to an organization’s cloud assets by leveraging compromised user access tokens obtained via phishing, by using malware, or by finding them in public code repositories. These are long-term access tokens associated w.....»»