HackDig : Dig high-quality web security articles for hackers

A Look Back on Misleading Advertising

Increasing reports on malvertising has left us with the notion that any site belonging to legitimate businesses that earn through ads may be potentially harmful. Although encountering exploits by means of ads pose a truly serious threat to anyone’s computing device, especially if they’re not religiously patched, one of our recent hunts for in-the-wild
Publish At:2016-03-30 07:45 | Read:4221 | Comments:0 | Tags:Fraud/Scam Alert fraud site malvertising misleading ads phis

“Exclusive” Fallout 4 iOS Release Banished to the Wasteland

Online marketplaces such as Google Play and Apple’s App Store have various checks in place to ensure rogue / fake apps don’t slip through the cracks, but you can’t stop them all. Sure enough, here’s one which came crashing into, er, number 105 with a vengeance: Fallout 4 – Biohazard, priced at $6.99. Fallout 4 is currently sell
Publish At:2016-03-22 18:05 | Read:4756 | Comments:0 | Tags:Fraud/Scam Alert app apps fallout 4 falout iOS store IOS

Scammers Impersonate ISPs in New Tech Support Campaign

Tech support scammers are investing a lot of efforts to attract new victims each day, and despite many takedowns, this is a highly profitable industry. We uncovered a new tech support scam campaign pushed via malvertising which cleverly detects which Internet Service Provider (ISP) you are using (based on your IP address) and displays a legitimate looking pa
Publish At:2016-03-21 05:45 | Read:4177 | Comments:0 | Tags:Fraud/Scam Alert ISP tech support scam

This Steam Scam is a Rat Race

We are alerted by someone who submits to hpHosts, a free-to-use Malwarebytes facility where users can look up potentially malicious URLs, about a few scam domains being shared on Steam via its chat feature. They’re essentially similar to what we have seen before: they purport to be legitimate gift card pages but ask users to share, like, Tweet, or +1 f
Publish At:2016-03-19 17:25 | Read:5706 | Comments:0 | Tags:Fraud/Scam Alert free giftcard giftcard code scam steam scam

Will Hand Over Millions for Your Info: A 419 Scam

“Maria” (not her real name), a friend of mine based in the Philippines, received an SMS recently, that said: I have important information I need to tell you. Please email me at turx4@outlook.com The message came between 1 a.m. to 2 a.m. from a number belonging to a local telco company. Since the sender didn’t introduce themselves, Maria assumed it had someth
Publish At:2016-03-15 04:25 | Read:5719 | Comments:0 | Tags:Fraud/Scam Alert 419 scam phishing scam

Google Docs? Check One More Time…

If you go looking for Google Docs related URLs on your travels, you may run into the following site (registered through an “Offshore anonymous hosting company” in Panama): googledocs(dot)info Despite the name, you won’t find your documents sitting in a pile waiting to be edited. Indeed, you’ll currently see this: If we had a magical
Publish At:2016-03-04 15:05 | Read:4701 | Comments:0 | Tags:Fraud/Scam Alert fake Google phish

The Amazon Survey Phish: Back for Round 2

We’ve seen another run of Amazon themed spam doing the rounds, and they may well already be dropping into your mailbox. Here’s the email in question: The text is identical to the last one we took a look at (notice also the open red padlock, which is a new Gmail feature). As before, the link uses a redirect to send potential victims to an imitati
Publish At:2016-02-26 20:20 | Read:3942 | Comments:0 | Tags:Fraud/Scam Alert amazon email fake phish phishing scam

Avoid this “Casino Online Promotion” 419 Scam

Remember the time when you won a ridiculous amount of money from a Casino you’d never heard of, much less visited? Me neither, but as it turns out it doesn’t really matter when dealing with the wacky world of email spam – where winnings are often plentiful despite not actually taking part: Going by the wonderfully informative title of R
Publish At:2016-02-23 20:00 | Read:4231 | Comments:0 | Tags:Fraud/Scam Alert 419 fake lottery scam scammers

Tech Support Scammers Use New Browser Trick To Defeat Blocking

These days, the vast majority of tech support scams are delivered via malvertising attacks pushing fake error notifications and preventing users from normally closing their browsers. Because those warnings are very convincing and often accompanied by audio cues, many people will get desperate and panic when they realize they cannot close those pages. Unfortu
Publish At:2016-02-17 01:15 | Read:3751 | Comments:0 | Tags:Fraud/Scam Alert

Off the Market: One Airbnb Phish

It might still be a little too early in the year to think about vacation, but there’s always a chance you’ll need some lodging and short notice and that’s where services like Airbnb come into play. The hugely popular service lets travellers temporarily lodge with people from all around the World, and in some situations that would be an attr
Publish At:2016-02-12 12:40 | Read:7040 | Comments:0 | Tags:Fraud/Scam Alert airbnb phish phishing

Fake Amazon Mail Phishes for Login, Payment Information

From the mailbox: a fake Amazon mail which attempts to persuade the lucky recipient that they have the chance to win £10 in return for completing a quick survey. The mail, titled “ΙD: 569369943” and claiming to be from “members support” / message@notice-amazon(dot)com, reads as follows: As a valued customer we would like to present yo
Publish At:2016-02-04 23:50 | Read:6966 | Comments:0 | Tags:Fraud/Scam Alert amazon phish scam

A weather app with a twist

Recently, a weather app caught our attention by doing something far worse than predicting rain all the time. It installed all the ingredients for a false Blue Screen Of Death (BSOD) with a number to call for assistance. WeatherWizard As the app is bearing the same name as one comic book “super villain” this might have been a warning that there was something
Publish At:2016-02-04 05:45 | Read:4445 | Comments:0 | Tags:Fraud/Scam Alert bsod fake scam tech support scam

More Fake Facebook “Security System Page” Scams

All of the below pages – which offer up Facebook phishing in the guise of “Security pages” – have all recently been unplugged and taken out of action, but that doesn’t mean we can’t poke them with a stick and give you some advice on what to avoid should you see them elsewhere. At least one of them was reusing the text temp
Publish At:2016-01-26 22:50 | Read:7237 | Comments:0 | Tags:Fraud/Scam Alert facebook phish phishing scam

Tech Support Scammers Lure Users With Fake Norton Warnings, Turn Out To Be Symantec Reseller

Fraudulent tech support companies are well-known for taking advantage of unsavvy computer users by reeling them in with scare tactics and charging large amounts of money for bogus services. In many cases, these crooks sell free security products (or straight up pirate them) for hundreds of dollars more than their actual retail price. Security vendors may not
Publish At:2016-01-20 22:10 | Read:4337 | Comments:0 | Tags:Fraud/Scam Alert fake scam TechSupportScams

Clickjacking Campaign Plays on European Cookie Law

We’ve spotted an advertising campaign that tricks users into clicking on what looks like a notification alert that actually hides a legitimate advert, therefore abusing both the advertiser and the ad network hosting the ad (Google Ads Services). The rogue actors behind this fraudulent activity are cleverly leveraging a European law on the use of cookie
Publish At:2016-01-08 02:45 | Read:3709 | Comments:0 | Tags:Fraud/Scam Alert ads adverts fake fraud Google

Announce

Share high-quality web security related articles with you:)

Tools