Web Fraud 2.0 – Page 14 – Computer Security Articles

Feds Bust Up Dark Web Hub Wall Street Market

May 3, 2019 admin @feruccifrances, dark web, McGregor W. Scott, MED3LIN, Ne'er-Do-Well News, The Coming Storm, Wall Street Market, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Fri, 03 May 2019 16:48:36 +0000

Federal investigators in the United States, Germany and the Netherlands announced today the arrest and charging of three German nationals and a Brazilian man as the alleged masterminds behind the Wall Street Market (WSM), one of the world’s largest dark web bazaars that allowed vendors to sell illegal drugs, counterfeit goods and malware. Now, at least one former WSM administrator is reportedly trying to extort money from WSM vendors and buyers (supposedly including Yours Truly) — in exchange for not publishing details of the transactions.

Independent Krebs

‘Land Lordz’ Service Powers Airbnb Scams

April 14, 2019 admin A Little Sunshine, Airbnb scam page, alex holden, goatsontheroad.com, Gumtree, Hold Security LLC, Land Lords, Land Lordz, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Sun, 14 Apr 2019 18:40:33 +0000

Scammers who make a living swindling Airbnb.com customers have a powerful new tool at their disposal: A software-as-a-service offering called “Land Lordz,” which helps automate the creation and management of fake Airbnb Web sites and the sending of messages to advertise the fraudulent listings.

Independent Krebs

Bomb Threat, Sextortion Spammers Abused Weakness at GoDaddy.com

January 22, 2019 admin A Little Sunshine, Amazon Web Services, Cisco Talos, Digital Ocean, DNS, GoDaddy, Google Cloud, Matthew Bryant, mozilla firefox, Mozilla Foundation, Ron Guilmette, Spammy Bear, The Coming Storm, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Wed, 23 Jan 2019 02:44:28 +0000

Two of the most disruptive and widely-received spam email campaigns over the past few months — including an ongoing sextortion email scam and a bomb threat hoax that shut down dozens of schools, businesses and government buildings late last year — were made possible thanks to an authentication weakness at GoDaddy.com, the world’s largest domain name registrar, KrebsOnSecurity has learned. Perhaps more worryingly, experts warn this same weakness that let spammers hijack domains registered through GoDaddy also affects a great many other major Internet service providers, and is actively being abused to launch phishing and malware attacks which leverage dormant Web site names currently owned and controlled by some of the world’s most trusted corporate names and brands.

Independent Krebs

Dirt-Cheap, Legit, Windows Software: Pick Two

January 8, 2019 admin A Little Sunshine, eBay, Latest Warnings, Microsoft Office 2016 Professional Plus, Newhotsale68, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Tue, 08 Jan 2019 15:00:33 +0000

Buying heavily discounted, popular software from second-hand sources online has always been something of an iffy security proposition. But purchasing steeply discounted licenses for cloud-based subscription products like recent versions of Microsoft Office can be an extremely risky transaction, mainly because you may not have full control over who has access to your data.

Independent Krebs

How to Shop Online Like a Security Pro

November 23, 2018 admin Latest Warnings, Security Tools, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Fri, 23 Nov 2018 23:24:06 +0000

‘Tis the season when even those who know a thing or two about Internet scams tend to let down their guard in the face of an eye-popping discount or the stress of last-minute holiday shopping. So here’s a quick refresher course on how to make it through the next few weeks without getting snookered online.

Independent Krebs

That Domain You Forgot to Renew? Yeah, it’s Now Stealing Credit Cards

November 13, 2018 admin A Little Sunshine, Abuse.ch, Flashpoint, instagram, Julie Randall, Latest Warnings, Magecart, RiskIQ, Shadowserver, The Coming Storm, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Tue, 13 Nov 2018 16:26:39 +0000

If you own a domain name that gets decent traffic and you fail to pay its annual renewal fee, chances are this mistake will be costly for you and for others. Lately, neglected domains have been getting scooped up by crooks who use them to set up fake e-commerce sites that steal credit card details from unwary shoppers.

Independent Krebs

Busting SIM Swappers and SIM Swap Myths

November 6, 2018 admin A Little Sunshine, Caleb Tuttle, Christian Ferri, Erin West, John Rose, Latest Warnings, REACT Task Force, Samy Tarazi, SIM swap, T-Mobile, The Coming Storm, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Wed, 07 Nov 2018 05:49:37 +0000

KrebsOnSecurity recently had a chance to interview members of the REACT Task Force, a team of law enforcement officers and prosecutors based in Santa Clara, Calif. that has been tracking down individuals engaged in unauthorized “SIM swaps” — a complex form of mobile phone fraud that is often used to steal large amounts of cryptocurrencies and other items of value from victims. Snippets from that fascinating conversation are recounted below, and punctuated by accounts from a recent victim who lost more than $100,000 after his mobile phone number was hijacked.

Independent Krebs

Who’s In Your Online Shopping Cart?

November 4, 2018 admin @breachmessenger, 46.161.40.49, A Little Sunshine, AIDE, Breadcrumbs, British Airways breach, formjacking, Magecart, Newegg breach, RiskIQ, Symantec, The Coming Storm, Tripwire, watchdo.gs, Web Fraud 2.0, wewatchyourwebsite.com, window.atob, Yonathan Klijnsma

Credit to Author: BrianKrebs| Date: Sun, 04 Nov 2018 19:10:06 +0000

Crooks who hack online merchants to steal payment card data are constantly coming up with crafty ways to hide their malicious code on Web sites. In Internet ages past, this often meant obfuscating it as giant blobs of gibberish text that is obvious even to the untrained eye. These days, a compromised e-commerce site is more likely to be seeded with a tiny snippet of code that invokes a hostile domain which appears harmless or that is virtually indistinguishable from the hacked site’s own domain.