Researchers are reporting the discovery of malware targeting YouTub content creators. The aim is to compromise accounts and then take over the victims’ channels completely. The malware, dubbed YTStealer, has one game plan: Grabbing authentication cookies. A site gives you an authentication cookie when you log in, and your browser then uses it in pla

Billboards and digital real world advertising has raised many questions of privacy and anonymity in recent years. Until now, the primary concern has been (mostly) legal, yet potentially objectionable geolocation and user profiling. Bluetooth beacons work in tandem with geofenced billboards to send you offers. Stores follow your movements and tailor products

Digital currency fraud is a growing issue on social media, and LinkedIn is no different. In fact, according to according to Sean Ragan, the FBI’s special agent in charge of the San Francisco and Sacramento, California, field offices, cryptocurrency scams are big business on LinkedIn. “It’s a significant threat. This type of fraudulent activity is si

A large-scale Interpol operation has resulted in arrested and ill-gotten gains seizures galore. Operation First Light took place between March and May of this year. It involved 76 countries taking social engineers and telecommunications fraudsters to task, with multiple wins for those involved. Taking the fight to the scammers The operations focused on

What would you do if a friend of yours set up a NSFW account, and then used it to follow you on Instagram? Would you check it out? We recently learned of a group of friends who had to ask themselves exactly that. Fortunately, they realised that something was off. The account wasn’t the real owner’s, it just used her identity and left her with

Father’s Day in the UK (June 19) is almost upon us, and scammers are taking advantage of it—and the fractional possibility of some nice weather—using a barbeque-themed lure. A mysterious WhatsApp message The barbeque bait arrives out of the blue, from a somebody who has your number, as a random message bringing word of a supposed “B&Q F

Facebook is once again the launchpad for a large-scale phishing campaign, according to researchers at PIXM. The campaign, which first shows signs of life back in September 2021, has generated millions of page views and ad referral revenue “estimated to be millions of USD at this scale of operation”. Credential harvesting on a grand scale Re

Today we took a look at a phishing mail pinning its hopes on a QR code linking to a bogus website. Scammers claim that your mail address has “not been registered for the 3D Secure Security Update”. 3D Secure phishing mail The mail reads as follows: Dear Sir / Madam, Our administration has shown that the data linked to this email address

A Runescape-themed missive landed in our email inbox today, claiming action is required to secure our account. The malicious email and the scam behind it are perfect examples of one of the more reliable tactics in the world of phishing—fooling a victim into thinking they need to take some action as part of a larger, ongoing process. With this tactic, phi

The BBC has revealed details of how a food bank in the UK was conned out of about $63,000 (£50,000) by scammers who used two separate attacks to fleece their victims. A food bank is a way for people to ensure they don’t starve. They are a backstop during times of economic uncertainty, and have been hugely important during the pandemic. An attack on

Our spam traps recently caught a phishing scam that neatly illustrates some of the tactics scammers use routinely to avoid both human intuition, and automatic detection. The scam starts with an unsolicited email, of course… The scam email is ostensibly from the Post Office, an instantly recognisable postal service brand in the UK, and it tell

If you’re on the hunt for cracked software or games, be warned. Rogue ISO archive files are looking to infect your systems with ChromeLoader. If you think campaigns such as this only target Windows users, you’d sadly be very much mistaken. The attack sucks in several operating systems and even uses mobiles as bait to draw in additional victims. Of PowerSh

Instagram, like other social platforms, has a verification system for high profile accounts. A verified badge means Instagram has confirmed that the account is the authentic presence of a public figure, celebrity or brand. Have you ever wanted to get your own account verified? We noticed a large number of Instagram accounts all claiming to offer this as a

Criminals love easy targets, and one of the easiest targets for foreign-state-based scammers is older adults living in the USA. Elders are often not fully up-to-speed with technology, which makes them vulnerable to tech-related attacks. In addition, this type of social group is generally living off retirement savings meaning that they have access to cash. Un

Facebook-themed messages are a frequent source of bogus links from both spam and compromised accounts. Whether you receive the messages via SMS, the Messenger app, or just inside regular web chat, it pays to be careful. A wide variety of attacks use bogus messages as their launchpad, and the risk of account compromise is ever-present. Phishing is not the onl