.US Harbors Prolific Malicious Link Shortening Service

Credit to Author: BrianKrebs| Date: Tue, 31 Oct 2023 13:26:55 +0000

The top-level domain for the United States — .US — is home to thousands of newly-registered domains tied to a malicious link shortening service that facilitates malware and phishing scams, new research suggests. The findings come close on the heels of a report that identified .US domains as among the most prevalent in phishing attacks over the past year.

Read more

Why is .US Being Used to Phish So Many of Us?

Credit to Author: BrianKrebs| Date: Fri, 01 Sep 2023 15:38:11 +0000

Domain names ending in “.US” — the top-level domain for the United States — are among the most prevalent in phishing scams, new research shows. This is noteworthy because .US is overseen by the U.S. government, which is frequently the target of phishing domains ending in .US. Also, .US domains are only supposed to be available to U.S. citizens and to those who can demonstrate that they have a physical presence in the United States.

Read more

Crooks Continue to Exploit GoDaddy Hole

Credit to Author: BrianKrebs| Date: Mon, 04 Feb 2019 19:12:25 +0000

Godaddy.com, the world’s largest domain name registrar, recently addressed an authentication weakness that cybercriminals were using to blast out spam through legitimate, dormant domains. But several more recent malware spam campaigns suggest GoDaddy’s fix hasn’t gone far enough, and that scammers likely still have a sizable arsenal of hijacked GoDaddy domains at their disposal.

Read more

A week in security (January 21 – 27)

Credit to Author: Malwarebytes Labs| Date: Mon, 28 Jan 2019 18:00:14 +0000

A roundup of last week’s security news from January 21 to 27, including Modlishka, Crytekk, PUPs, and the State of Malware report.

Categories:

Tags:

(Read more…)

The post A week in security (January 21 – 27) appeared first on Malwarebytes Labs.

Read more

Bomb Threat, Sextortion Spammers Abused Weakness at GoDaddy.com

Credit to Author: BrianKrebs| Date: Wed, 23 Jan 2019 02:44:28 +0000

Two of the most disruptive and widely-received spam email campaigns over the past few months — including an ongoing sextortion email scam and a bomb threat hoax that shut down dozens of schools, businesses and government buildings late last year — were made possible thanks to an authentication weakness at GoDaddy.com, the world’s largest domain name registrar, KrebsOnSecurity has learned. Perhaps more worryingly, experts warn this same weakness that let spammers hijack domains registered through GoDaddy also affects a great many other major Internet service providers, and is actively being abused to launch phishing and malware attacks which leverage dormant Web site names currently owned and controlled by some of the world’s most trusted corporate names and brands.

Read more

Partnerstroka: Large tech support scam operation features latest browser locker

Credit to Author: Jérôme Segura| Date: Thu, 13 Sep 2018 15:00:00 +0000

Tech support scammers belonging to the Partnerstroka group are once again abusing browsers, this time with a new browlock feature to reel in more victims, in one of the biggest campaigns we’ve ever tracked.

Categories:

Tags:

(Read more…)

The post Partnerstroka: Large tech support scam operation features latest browser locker appeared first on Malwarebytes Labs.

Read more

A Sobering Look at Fake Online Reviews

Credit to Author: BrianKrebs| Date: Wed, 18 Apr 2018 16:08:36 +0000

In 2016, KrebsOnSecurity exposed a network of phony Web sites and fake online reviews that funneled those seeking help for drug and alcohol addiction toward rehab centers that were secretly affiliated with the Church of Scientology. Not long after the story ran, that network of bogus reviews disappeared from the Web. Over the past few months, however, the same prolific purveyor of these phantom sites and reviews appears to be back at it again, enlisting the help of Internet users and paying people $25-$35 for each fake listing.

Read more