dcsimg
November 30, 2020

November spam roundup: Stalkers, property tips, porn, stern words and PayPal

Today we’re rounding up some of the interesting pieces of spam currently in circulation, taking in everything from housing deals to mysteriously free slices of cash. You may have seen some of these already. Hopefully we can help make up your mind about whatever’s lurking in your mailbox. A full house of spam Whether by accident or design, you may see spam land in your inbox … [Read more...]

Filed Under: cybercrime, email, mail, phish, phishing, roundup, Social engineering, spam
November 20, 2020

Demystifying two common misconceptions with e-commerce security

Online shopping has seen a dramatic increase in the months following the Covid-19 outbreak as more and more people opt-out of visiting physical stores. Such a phenomenon does not go unnoticed or without additional consequences. During the same time period, we have seen an increase in the usual scams but also digital skimming, the online equivalent of credit card theft. As a consumer, you may be … [Read more...]

Filed Under: cybercrime, e-commerce, HTTPS, iframe, Magecart, merchant, padlock, security, skimmer, skimming
November 4, 2020

QBot Trojan delivered via malspam campaign exploiting US election uncertainties

This blog post was authored by Jérôme Segura and Hossein Jazi. The 2020 US elections have been the subject of intense scrutiny and emotions, while happening in the middle of a global pandemic. As election night ended and uncertainty regarding the results began to creep in, threat actors decided to jump in on it too. Those tracking the threat landscape know very well that major world events … [Read more...]

Filed Under: cybercrime, elections, malspam, Pinkslipbot, Qakbot, Qbot, Social engineering, spam
October 30, 2020

Vastaamo psychotherapy data breach sees the most vulnerable victims extorted

“Hell is too nice a place for these people.” Never have we seen outrage about a cybercrime at such a level. The outrage is aimed at cybercriminals behind the data breach that occurred at Finnish psychotherapy practice Vastaamo. Vastaamo, which has treated some 40,000 patients, is a subcontractor to several major public-sector hospital districts. Finland’s president Sauli Niinisto called the … [Read more...]

Filed Under: cybercrime, data breach, extortion, GDPR, patient records, vastaamo
October 30, 2020

Vastaamo psychotherapy data breach sees the most vulnerable victims extorted

“Hell is too nice a place for these people.” Never have we seen outrage about a cybercrime at such a level. The outrage is aimed at cybercriminals behind the data breach that occurred at Finnish psychotherapy practice Vastaamo. Vastaamo, which has treated some 40,000 patients, is a subcontractor to several major public-sector hospital districts. Finland’s president Sauli Niinisto called the … [Read more...]

Filed Under: cybercrime, data breach, extortion, GDPR, patient records, vastaamo
October 28, 2020

Fake COVID-19 survey hides ransomware in Canadian university attack

This post was authored by Jérôme Segura with contributions from Hossein Jazi, Hasherezade and Marcelo Rivero. In recent weeks, we’ve observed a number of phishing attacks against universities worldwide which we attributed to the Silent Librarian APT group. On October 19, we identified a new phishing document targeting staff at the University of British Columbia (UBC) with a fake COVID-19 … [Read more...]

Filed Under: cybercrime, phish, phishing, ransomware, Social engineering, UBC, university, vaggen
October 27, 2020

Keeping ransomware cash away from your business

A ransomware gang has made headlines for donating a big chunk of stolen funds to two charities. Two separate donations given to Children International and The Water Project rang tills to the tune of $10,000 each. Their reason was that they’re targeting “only large profitable corporations, we think it’s fair that some of the money they’ve paid will go to charity. No matter how bad you think our … [Read more...]

Filed Under: bitcoin, charities, charity, cybercrime, donations, illegal, law, Malware, money laundering, phish, ransomware, regulations, scam, uk
October 21, 2020

XSS to TSS: tech support scam campaign abuses cross-site scripting vulnerability

Tech support browser lockers continue to be one of the most common web threats. Not only are they a problem for end users who might end up on the phone with scammers defrauding them of hundreds of dollars, they’ve also caused quite the headache for browser vendors to fix. Browser lockers are only one element of a bigger plan to redirect traffic from certain sites, typically via … [Read more...]

Filed Under: cross-site scripting, cybercrime, Social engineering, tech support scam, TSS, vulnerability, xss
October 16, 2020

Deepfakes and the 2020 United States election: missing in action?

If you believe reports in the news, impending deepfake disaster is headed our way in time for the 2020 United States election. Political intrigue, dubious clips, mischief and mayhem were all promised. We’ll need to be careful around clips of the President issuing statements about being at war, or politicians making defamatory statements. Everything is up for grabs, and in play, or at stake. Then, … [Read more...]

Filed Under: 2020 US election, AI, conspiracy, cybercrime, deepfake, deepfakes, disinformation, fake, manipulation, Social engineering, video
October 14, 2020

FIFA 21 game scams: watch out for unsporting conduct

Despite COVID-19, soccer season is slowly ebbing its way back into daily life around the world. It’s also sneaking back onto TV screens in the form of huge-budget video games. Step up to the plate, FIFA 21. FIFA games: the football juggernaut The FIFA series is an absolute monster in terms of sales, clocking in at around 280 million copies across 51 countries over the lifetime of the … [Read more...]

Filed Under: coins, cybercrime, EA, fake, FIFA, football, FUT, games, origin, scam, Social engineering, social media, steam, video game
Next Page »