dcsimg

Beware: not so festive social media scams

We’re now into the most crucial stage of Christmas festivities, where money and gifts are on the march…and social media is a conduit for both good and bad tidings. This is the absolute best time for social media scammers to make their move. A little confidence trick here, the promise of good cheer there, and someone is going to be out of pocket. Here’s a roundup of some of the most … [Read more...]

RevenueWire to pay $6.7 million to settle FTC charges

What can you do as a scammer when no legitimate payment provider wants to process your payments anymore? Or, what if you are growing sick and tired of these same payment providers reimbursing disgruntled customers who claim that your products didn’t fix computers, like—you know—you said they would? Simple. You rely on some novel help. That is, until you get caught. Let us tell you a … [Read more...]

A week in security (February 17 – 23)

Last week on Malwarebytes Labs, we highlighted the benefits and concerns of identity-as-a-service (IDaaS), an identity management scheme deployed from the cloud; reported on scammers and squatters taking advantage of Rudy Giuliani’s Twitter typos; and gave a high-level overview of RobbinHood, the latest ransomware baddie to specifically target organizations. Other cybersecurity news Hundreds … [Read more...]

Fake Elder Scrolls Online developers go phishing on PlayStation

A player of popular gaming title Elder Scrolls Online recently took to Reddit to warn users of a phish via Playstation messaging. This particular phishing attempt is notable for ramping up the pressure on recipients—a classic social engineering technique taken to the extreme. A terms of service violation? In MMORPG land, the scammers take a theoretically plausible deadline, crunch it into … [Read more...]

Help prevent disaster donation scams from causing more misery

It’s a sad day when we have to warn people about medical charity scams, or tax fakeouts, or even have a week dedicated to foiling charity fraud—but here we are. With so many natural disasters occurring, from wildfires in California to tornadoes in Dallas, disaster donation scams remain a top resource for scammers looking for free cash. Unfortunately, disaster donation scams are nothing new. Back … [Read more...]

Growing rate of robocalls threatens user privacy

When a person sees a call from an unknown number and picks up to hear a recorded voice on the other end, they’ve received a robocall. Some are helpful, such as reminders of upcoming doctor’s appointments or school announcements. However, the vast majority are from unsolicited parties trying to convince people to purchase products or services, or to disclose personal information. … [Read more...]

A week in security (September 2 – 8)

Last week on Malwarebytes Labs, we looked at a smart social engineering toolkit, delved into TrickBot tampering with trusted texts, and explained five ways to help keep remote workers safe. Other cybersecurity news A new Chinese Deepfake app is under fire for privacy concerns related to the use of uploaded images. (Source: CNN)Bucking the current trend for city councils and organizations … [Read more...]

Recipe for success: tech support scammers zero in via paid search

Tech support scammers are known for engaging in a game of whack-a-mole with defenders. Case in point, last month there were reports that crooks had invaded Microsoft Azure Cloud Services to host fake warning pages, also known as browser lockers. In this blog, we take a look at one of the top campaigns that is responsible for driving traffic to those Azure-hosted scareware pages. We discovered … [Read more...]

Sextortion emails: They’re probably not watching you

Back in July, Krebs on Security reported on a rather novel scam, where the threat actor would use credentials from old data dumps to suggest that they had directly hacked the victim and obtained the victim’s presumably sensitive browser history. Stolen credentials aside, sex-based extortion scams are actually fairly old and not all that sophisticated. A user on the Malwarebytes Forums … [Read more...]

Cybercrime tactics & techniques Q2 2018

A generally slow quarter reflects an overall lull in cybercrime, picking up where Q1 left off with cryptominers continuing to dominate, ransomware continuing to evolve through experimentation, and exploits making a small but significant comeback. In nearly every malware category for both business and consumer detections, we saw a decrease in volume, corroborating our general “Dang, it’s been a … [Read more...]