Smartphones have become a crucial part of our everyday lives; we shop, bank and network using our phones. But with so much valuable personal data being stored on these devices, they have become a top target for cyber criminals. If they can crack our phones, they can steal our identities, blackmail us for cash, or empty our bank accounts using scams. As a res

All Hands to the Pump (and Dump) Posted by David Harley on April 19, 2017.A few years ago, even before I started working directly with vendors in the security industry, ‘Pump and Dump’ scams were a major nuisance. Here’s a description from a paper Andrew Lee and I wro

If you’ve got an email account or social media profile, it’s likely you’ve come across phishing of some kind before. In a sentence, phishing is the fraudulent attempt to steal personal information by social engineering: the act of criminal deception.Verizon’s latest Data Breach Investigations Report notes that “social engineerin

In a recent article, I discussed how HDDCryptor, Cerber, and eight other families dominated the ransomware scene in 2016. It was a good year for ransomware authors. But they weren’t the only ones who closed out 2016 in the black. Scammers also made a killing off unsuspecting users. They did so partly because 2016 saw such a dramatic spike in scams.Back

Accommodation scams targeting Australian users and shared economy platforms have tripled in number from 2015 to 2016.So far this year, the Australian Competition and Consumer Commission has received 150 reports of scams on websites like Airbnb tricking unsuspecting travelers out of a total of $80,000. That’s triple the number of reports in 2015, which

Robocalls: Automating Nuisance Calls Posted by David Harley on August 8, 2016.Recently I received an email from Nikki Courtney of Radio KTRH, in Houston, requesting a radio interview on robocalls. Why me, I’m not sure, unless it was because of an article I wrote earlier this year

With the 2016 Olympic Games opening on August 5, hundreds of thousands of tourists will soon be traveling to Rio de Janeiro, Brazil. Although major international events like the Summer Olympics boost tourism and economic transactions, they also present lucrative opportunities for cybercriminals.Rio visitors and Olympic travelers alike have been targeted by c

In less than two months, online businesses have paid more than $100,000 to scammers who set up a fake distributed denial-of-service gang that has yet to launch a single attack.Further ReadingHow extorted e-mail provider got back online after crippling DDoS attackHint: It had nothing to do with the $6,000 ransom it paid to the Armada Collective.The charlatans

We’ve encountered many a tech support scam over the years, and the story is usually the same: a fake Blue Screen of Death says your computer is packed with viruses, and to call “tech support” at a handy 800 number.  At this point the scammers remote into your system and can do anything from load malware to steal your credit card information

This TED talk is so hilarious that I just have to share it with you. Watch it! British comedian James Veitch is engaging in the noble art of scam baiting, or scamming the scammers. The same as this site is dedicated to, or when I almost sold my boat to Mexico. I guess most or all of you already know how to spot an advance payment scam, aka. Nigerian scam. Bu

For National Cyber Security Awareness Month (NCSAM) last year, The State of Security published an article offering advice on how users can securely navigate the world of social networking. Among other things, our experts cited users sharing too much information and posting revealing photos as dangerous behaviors that could potentially invite attackers to pr

Cyber Monday is the heaviest online shopping day in the United States, with last year’s sales exceeding $2 billion within 24 hours. Unfortunately, for bargain-hungry consumers, the holiday shopping season is also a bonanza for cyber criminals.The huge uptick in website traffic means more potential targets, making the holiday season the perfect time for attac

Cyber criminals have long known that one the best ways to hack into something is to simply ask you for the password. This technique called “phishing” has long relied on the fact that most of are used to entering our credentials so if a site looks trustworthy enough, we’ll just type our credentials. From there, the bad guys can use these key

The 419: Mugs and Mugus Posted by David Harley on September 23, 2015.I was delighted to receive the following invitation recently from someone calling himself Heinz:… I have an offer worth 23million if interested,please contact meI wonder what it’s worth if I’m not interest

The styles associated with Sakawa scammers have been highlighted in previous articles, but today I would like to describe the anatomy of a scam for people to be aware of just how they complete these wicked assaults on our inboxes.This could serve as a guide for Sakawa, but is intended to give insight. Nothing is new here – these guides are passed through the