With the advancement of scam technology, it has become increasingly difficult to determine the authenticity based solely on the appearance of the screen.In the past, scammers would create fake websites or emails with differences in logo size, layout, wording, etc., which could be identified as fake if observed carefully.…
Read More Tag: SCAM
Infostealers are one of the most lucrative types of malware employed by criminals. And because this is a tried and tested approach, there are still new players entering this illegal game. The new kid on the block is called “Sharp Stealer”, and one of its favourite targets are gamers.…
Summary: Cybersecurity researchers have discovered almost 30 phishing websites that are impersonating the electronic toll collection service E-ZPass, following an FBI warning about smishing attacks targeting road toll collection services.
Threat Actor: Unknown threat actor | Unknown threat actor Victim: E-ZPass customers and users of road toll collection services
Key Point :
Cybersecurity researchers have identified nearly 30 newly created domains related to tolls, 15 of which are likely to be used for phishing, malware, or spam.…AhnLab SEcurity intelligence Center (ASEC) has recently identified the distribution of phishing files identical to Korean portal website login screens. Cases impersonating multiple Korean portal websites, logistics and shipping brands, and webmail login pages have been very common from the past.
* In the left/right comparison images used in this post, the left side shows the phishing page and the right side shows the normal page.…
In early 2024, Group-IB’s Threat Intelligence team observed a surge in phishing URLs targeting INTERAC, a Canadian payment service. Subsequently, a client operating in Canada reported an uptick in phishing attempts against their customers and shared a suspicious URL, lab-host[.]ru, prompting an investigation.
This inquiry unveiled a connection between the shared URL and INTERAC phishing pages, all originating from the LabHost Phishing-as-a-Service (PhaaS) platform.…
Summary
Read More In late 2023, BlackBerry analysts identified a spear-phishing campaign by threat group FIN7 that targeted a large automotive manufacturer based in the United States. FIN7 identified employees at the company who worked in the IT department and had higher levels of administrative rights. They used the lure of a free IP scanning tool to run their well-known Anunak backdoor and gain an initial foothold utilizing living off the land binaries, scripts, and libraries (lolbas).…
Summary: The number of ransomware victims who choose to pay a ransom has dropped to a record low, with only 28% paying in the first quarter of 2024, down from 29% in the previous quarter. Additionally, two major ransomware groups hit by law enforcement disruptions have swindled their affiliates, causing disaffection and driving away business partners.…
Summary: Cheap ransomware is being sold on dark web forums, allowing inexperienced individuals to enter the world of cybercrime without the need for affiliates, posing a challenge for defenders.
Threat Actor: Inexperienced freelancers selling cheap ransomware on dark web forums.
Victim: Small companies and individuals who are unlikely to have the resources to defend themselves effectively.…
The Trellix Advanced Research Center has recently observed an uptick of LockBit-related cyber activity surrounding vulnerabilities in ScreenConnect. This surge suggests that despite the Law Enforcement’s (LE) “Operation Cronos” aimed at dismantling LockBit’s infrastructure, the ransomware operators somehow managed to survive and stay a float. It appears that the cybercriminals group behind LockBit ransomware partially restored their infrastructure and created an impression that the LE actions did not affect their normal operation.…
Summary: The World Cybercrime Index reveals that Russia is the top hub for digital threat actors and the most significant source of global cybercrime, followed by Ukraine, China, the United States, Nigeria, and Romania.
Threat Actor: Russia, Ukraine, China, United States, Nigeria, Romania
Victim: N/A
Key Point:
Russia is the most significant source of global cybercrime and serves as the top hub for digital threat actors worldwide.…Summary: The Federal Bureau of Investigation (FBI) has issued a warning about a wave of SMS phishing attacks targeting Americans with fake road toll fee messages, with thousands of people already reporting being targeted by scammers.
Threat Actor: Unknown | SMS phishing attacks Victim: Americans | Americans
Key Point :
The FBI has received over 2,000 complaints about smishing texts related to road toll collection services from at least three states.…Adversaries don’t work 9-5 and neither do we. At eSentire, our 24/7 SOCs are staffed with Elite Threat Hunters and Cyber Analysts who hunt, investigate, contain and respond to threats within minutes.
We have discovered some of the most dangerous threats and nation state attacks in our space – including the Kaseya MSP breach and the more_eggs malware.…
Anyone who has had to deal with HTML emails on a technical level has probably reached the point where they wanted to quit their job or just set fire to all the mail clients due to their inconsistent implementations. But HTML emails are not just a source of frustration, they can also be a serious security risk.…
Podcasts provide an easy and effective way to stay up to date on the threat intelligence landscape. They cover a wide range of topics, including insights into the most recent developments and advice on how to protect yourself, your devices, and your business.
AI illustration by Bing
In this post, we have compiled a list of the top 10 threat intelligence podcasts.…
A hacker fakes his own death to avoid paying child support
Read More A hacker has confessed to orchestrating his own death to evade over $100,000 in child support payments to his ex-wife. Jesse E. Kipf pleaded guilty on March 29, 2024, to aggravated identity theft and computer fraud charges.…
10/04/2024
Today a phishing campaign aimed at misappropriating credentials for access to Certified Email (PEC) mailboxes has emerged. This fraudulent operation is carried out through the sending of a deceptive email, intended for PEC mailbox users. The message warns of a supposed account deactivation request, to be completed within 24 hours, and suggests clicking on a link provided in the body of the message if it is considered an error.…
Check out our on-demand Annual Report webinar or read on for a summary of key topics and themes in the report.
2023 was a year in which cybercrime evolved in significant ways. Our 2023 annual report serves as a playbook of adversaries’ tactics, techniques, and procedures (TTPs) in 2023, with the goal of giving your security team a 360-degree view of the threat landscape.…
Summary: The U.S. Department of Health and Human Services (HHS) has warned that hackers are using social engineering tactics to target IT help desks in the Healthcare and Public Health sector, allowing them to gain access to organizations’ systems and carry out business email compromise attacks.…
Online investment scams these days are no longer an issue limited to specific nations, now becoming a social issue prevalent around the globe. Scammers (criminals) deceive their victims through illegal and immoral means, extorting financial assets including cash and virtual assets from them. They are usually a part of a structured criminal syndicate, where they devise sophisticated scenarios to commit “transnational” fraud crimes.…
Summary: Google is suing two China-based Android app developers for allegedly scamming 100,000 users worldwide through fake cryptocurrency and investment apps, with victims losing up to $75,000.
Threat Actor: China-based Android app developers | China-based Android app developers Victim: 100,000 users worldwide | 100,000 users worldwide
Key Point :
Google is suing two China-based Android app developers for allegedly scamming 100,000 users worldwide through fake cryptocurrency and investment apps.…