Web Fraud 2.0 – Page 15 – Computer Security Articles

Credit to Author: BrianKrebs| Date: Wed, 23 Jan 2019 02:44:28 +0000

Two of the most disruptive and widely-received spam email campaigns over the past few months — including an ongoing sextortion email scam and a bomb threat hoax that shut down dozens of schools, businesses and government buildings late last year — were made possible thanks to an authentication weakness at GoDaddy.com, the world’s largest domain name registrar, KrebsOnSecurity has learned. Perhaps more worryingly, experts warn this same weakness that let spammers hijack domains registered through GoDaddy also affects a great many other major Internet service providers, and is actively being abused to launch phishing and malware attacks which leverage dormant Web site names currently owned and controlled by some of the world’s most trusted corporate names and brands.

Independent Krebs

January 8, 2019 admin

Dirt-Cheap, Legit, Windows Software: Pick Two

Credit to Author: BrianKrebs| Date: Tue, 08 Jan 2019 15:00:33 +0000

Buying heavily discounted, popular software from second-hand sources online has always been something of an iffy security proposition. But purchasing steeply discounted licenses for cloud-based subscription products like recent versions of Microsoft Office can be an extremely risky transaction, mainly because you may not have full control over who has access to your data.

Independent Krebs

November 23, 2018 admin

How to Shop Online Like a Security Pro

Credit to Author: BrianKrebs| Date: Fri, 23 Nov 2018 23:24:06 +0000

‘Tis the season when even those who know a thing or two about Internet scams tend to let down their guard in the face of an eye-popping discount or the stress of last-minute holiday shopping. So here’s a quick refresher course on how to make it through the next few weeks without getting snookered online.

Independent Krebs

November 13, 2018 admin

That Domain You Forgot to Renew? Yeah, it’s Now Stealing Credit Cards

Credit to Author: BrianKrebs| Date: Tue, 13 Nov 2018 16:26:39 +0000

If you own a domain name that gets decent traffic and you fail to pay its annual renewal fee, chances are this mistake will be costly for you and for others. Lately, neglected domains have been getting scooped up by crooks who use them to set up fake e-commerce sites that steal credit card details from unwary shoppers.

Independent Krebs

November 6, 2018 admin

Busting SIM Swappers and SIM Swap Myths

Credit to Author: BrianKrebs| Date: Wed, 07 Nov 2018 05:49:37 +0000

KrebsOnSecurity recently had a chance to interview members of the REACT Task Force, a team of law enforcement officers and prosecutors based in Santa Clara, Calif. that has been tracking down individuals engaged in unauthorized “SIM swaps” — a complex form of mobile phone fraud that is often used to steal large amounts of cryptocurrencies and other items of value from victims. Snippets from that fascinating conversation are recounted below, and punctuated by accounts from a recent victim who lost more than $100,000 after his mobile phone number was hijacked.

Independent Krebs

November 4, 2018 admin

Who’s In Your Online Shopping Cart?

Credit to Author: BrianKrebs| Date: Sun, 04 Nov 2018 19:10:06 +0000

Crooks who hack online merchants to steal payment card data are constantly coming up with crafty ways to hide their malicious code on Web sites. In Internet ages past, this often meant obfuscating it as giant blobs of gibberish text that is obvious even to the untrained eye. These days, a compromised e-commerce site is more likely to be seeded with a tiny snippet of code that invokes a hostile domain which appears harmless or that is virtually indistinguishable from the hacked site’s own domain.

Independent Krebs

October 29, 2018 admin

How Do You Fight a $12B Fraud Problem? One Scammer at a Time

Credit to Author: BrianKrebs| Date: Thu, 25 Oct 2018 16:11:57 +0000

The fraudsters behind the often laughable Nigerian prince email scams have long since branched out into far more serious and lucrative forms of fraud, including account takeovers, phishing, dating scams, and malware deployment. Combating such a multifarious menace can seem daunting, but in truth it calls for concerted efforts to tackle the problem from many different angles. This post examines the work of a large, private group of volunteers dedicated to doing just that.

Independent Krebs

September 24, 2018 admin

Beware of Hurricane Florence Relief Scams

Credit to Author: BrianKrebs| Date: Mon, 24 Sep 2018 16:34:48 +0000

If you’re thinking of donating money to help victims of Hurricane Florence, please do your research on the charitable entity before giving: A slew of new domains apparently related to Hurricane Florence relief efforts are now accepting donations on behalf of victims without much accountability for how the money will be spent. For the past two weeks, KrebsOnSecurity has been monitoring dozens of new domain name registrations that include the terms “hurricane” and/or “florence” and some word related to support (e.g., “relief,” “assistance,” etc. Most of these domains have remained parked or dormant since their creation earlier this month; however, several of them became active only in the past few days, directing visitors to donate money through private PayPal accounts without providing any information about who is running the site or what will be done with donated funds.