dcsimg

Scammers use old browser trick to create fake virus download

Tech support scammers are reusing an old technique in their existing browser locker (browlock) schemes to force a special kind of file download. Contrary to past attacks, where the purpose was to flood the machine with a large amount of file requests in order to crash the browser, this one is purely a social engineering ploy. Indeed, the flooding technique that abuses … [Read more...]

Sextortion emails: They’re probably not watching you

Back in July, Krebs on Security reported on a rather novel scam, where the threat actor would use credentials from old data dumps to suggest that they had directly hacked the victim and obtained the victim’s presumably sensitive browser history. Stolen credentials aside, sex-based extortion scams are actually fairly old and not all that sophisticated. A user on the Malwarebytes Forums … [Read more...]

Information operations on Twitter: new data released on election tampering

Back in April, we talked about the wealth of options available to Russian hackers and others launching social engineering campaigns, whether on social networks or through clever attacks launched via Advanced Persistent Threats. Some of that was information published by Twitter at the time in relation to election tampering/interference by so-called “Russian Troll farms”—specifically, the IRA … [Read more...]

100 channels and nothing on, except TV Licensing phishes

We’ve seen a lot of people referencing fake TV Licensing emails they’ve received over the last few days. The majority so far appear to be fake refund notices, asking potential victims to log in to a phony TV License website and provide payment details for refunds. It’s definitely keeping customer support busy: Click to enlarge Many of the URLs we’ve looked at are down now, but not all, so … [Read more...]

Mass WordPress compromises redirect to tech support scams

Content Management Systems (CMSes) such as WordPress, Drupal, or Joomla are under a constant barrage of fire. Earlier this year, we detailed several waves of attacks against Drupal, also known as Drupalgeddon, pushing browser-based miners and various social engineering threats. During the past few days, our crawlers have been catching a larger-than-usual number of WordPress sites being hijacked. … [Read more...]

6 sure signs someone is phishing you—besides email

There are several common and, unfortunately, frequently successful avenues of attack that cybercriminals can use to part you from your personal contact and financial information. These phishing attack methods include email, phone calls, corrupted software or apps, social media, advertisements, and even direct SMS (text) messages. Beyond the medium used to reach you (which is most often … [Read more...]

HMRC phish swipes email login, payment details

It’s not tax season in the UK, but that hasn’t deterred scammers from sending out mail looking to swipe both card details and email logins in one fell swoop. The email, which claims UKGOV has issued a tax refund to the tune of 542.94 GBP, arrives under the following title, which is spectacularly poorly formatted: [RCPT-07010144] processed your automatic payment is available – … [Read more...]

Partnerstroka: Large tech support scam operation features latest browser locker

Tech support scams continue to be one of the top consumer threats in 2018, despite actions from security vendors and law enforcement. Scammers are constantly looking for new ways to reel in more victims, going beyond cold calls impersonating Microsoft to rogue tech support ads using the good name of legitimate brands, and of course, malicious pop-ups. We have been monitoring a particular tech … [Read more...]