Experts Weigh in on E-Commerce Security Amid Snowballing Threats

Experts Weigh in on E-Commerce Security Amid Snowballing Threats. How a retail sector reeling from COVID-19 can lock down their online systems to prevent fraud during the upcoming holiday shopping spike. ... But experts are warning retailers not to focus only on one threat or on protecting one particular system.

Mobile Browser Bugs Open Safari, Opera Users to Malware

A set of address-spoofing bugs affect users of six different types of mobile browsers, with some remaining unpatched.

Microsoft is the Most-Imitated Brand for Phishing Emails

In a recent study into the brands most frequently spoofed by cyber-attackers to steal personal information, Microsoft came out on top with 19% of all brand phishing attempts - 10 percentage points above the next closest brand.

Phishers Capitalize on Headlines with Breakneck Speed

Marking a pivot from COVID-19 scams, researchers track a single threat actor through the evolution from the pandemic to PayPal, and on to more timely voter scams — all with the same infrastructure.

Biden Campaign Staffers Targeted in Cyberattack Leveraging Antivirus Lure, Dropbox Ploy

Kết quả hình ảnh cho Biden Campaign Staffers Targeted in Cyberattack Leveraging Antivirus Lure, Dropbox Ploy1 ngày trước Hackers sent Joe Biden's presidential campaign staffers malicious emails that impersonated anti-virus software company McAfee, and used a mix of legitimate services (such as Dropbox) to avoid detection. The emails were an attempt to steal staffers' credentials and infect them with malware.

Phishing Lures Shift from COVID-19 to Job Opportunities

Fortinet researchers are seeing a pivot in the spear-phishing and phishing lures used by cybercriminals, to entice potential job candidates as businesses open up.

Silent Librarian Goes Back to School with Global Research-Stealing Effort

The Iranian hacker group is targeting universities in 12 countries. The Iranian hacker group is targeting universities in 12 countries. The Silent Librarian campaign has re-emerged for the fall school session, ...

Amazon Prime Day Spurs Spike in Phishing, Fraud Attacks

Kết quả hình ảnh cho Amazon Prime Day Spurs Spike in Phishing, Fraud Attacks A spike in phishing and malicious websites aimed at defrauding Amazon.com customers aim to make Prime Day a field day for hackers. ... Researchers analyzed hundreds of millions of web pages to track the number of new phishing and fraudulent sites using the Amazon brand and logos.

FIFA 21 Blockbuster Release Gives Fraudsters an Open Field for Theft

In-game features of the just-released FIFA 21 title give scammers easy access its vast audience. FIFA 21 Blockbuster Release Gives Fraudsters an Open Field for Theft. In-game features of the just-released FIFA 21 title give scammers easy access its vast audience.

IRS COVID-19 Relief Payment Deadlines Anchor Convincing Phish

The upcoming deadlines for applying for coronavirus relief are the lure for a phish that gets around email security gateways by using a legitimate SharePoint page for data-harvesting.

Barnes & Noble Hack: A Reading List for Phishers and Crooks

Customers' lists of book purchases along with email addresses and more could have been exposed during a (ransomware?) attack — and that's a problem. Barnes & Noble is warning that it has been hacked, potentially exposing personal data for shoppers – and offering phishers an early holiday gift.

Microsoft Office 365 Phishing Attack Uses Multiple CAPTCHAs

Researchers are warning of an ongoing Office 365 credential-phishing attack that's targeting the hospitality industry – and using visual CAPTCHAs to avoid detection and appear legitimate. ... The multiple CAPTCHAs serve as backups, in case the first one gets defeated by automated systems, said researchers.

Malware Families Turn to Legit Pastebin-Like Service

Cybercriminals are increasingly turning to a legitimate, Pastebin-like web service for downloading malware — such as AgentTesla and LimeRAT — in spear-phishing attacks. AgentTesla, LimeRAT, W3Cryptolocker and Redline Stealer are now using Paste.nrecom in spear-phishing attacks.

Facebook Small Business Grants Spark Identity-Theft Scam

“The collected information allowed the scammers to gain access of their victims' Facebook accounts, which they could use to pull off other crimes, including identity theft.” ... However, the form fields provide the crooks with enough personal information to steal full identities, researchers warned.

AI Is A Double-Edged Sword In Phishing

AI Is A Double-Edged Sword In Phishing. To prevent smart hacking, the security community must be prepared for AI-enabled threats as well as embrace AI-powered security techniques.

Razer Gaming Fans Caught Up in Data Leak

A cloud misconfiguration at the gaming-gear merchant potentially exposed 100,000 customers to phishing and fraud.

Ransomware And Zoom-Bombing: Cyberattacks Disrupt Back-to-School Plans

Cyberattacks have caused several school systems to delay students' first day back – and experts warn that new COVID-related delays could be the new "snow days."

BEC Wire Transfers Average $80K Per Attack

That number represents a big uptick over Q1. The average wire-transfer loss from business email compromise (BEC) attacks is significantly on the rise: In the second quarter of 2020 the average was $80,183, up from $54,000 in the first quarter.

The Sectors Most at Risk from Remote Work and How to Secure Them

In many cases, it is against the rules for certain jobs to be performed remotely out of concern for security. Under normal circumstances, it would make perfect sense to forbid the employees of large financial institutions from making sensitive transactions over insecure home networks.

A Bunch of other Fraudulent Services hosted

This is an investigation which kick-started by targeting a Crypto Platform and gradually uncovered a series of other fraudulent services