HackDig : Dig high-quality web security articles for hackers

Riding the State Unemployment Fraud ‘Wave’

When a reliable method of scamming money out of people, companies or governments becomes widely known, underground forums and chat networks tend to light up with activity as more fraudsters pile on to claim their share. And that’s exactly what appears to be going on right now as multiple U.S. states struggle to combat a tsunami of phony Pandemic Unempl
Publish At:2020-05-24 08:11 | Read:198 | Comments:0 | Tags:Web Fraud 2.0 Agari Pandemic Unemployment Assistance Patrick

U.S. Secret Service: “Massive Fraud” Against State Unemployment Insurance Programs

A well-organized Nigerian crime ring is exploiting the COVID-19 crisis by committing large-scale fraud against multiple state unemployment insurance programs, with potential losses in the hundreds of millions of dollars, according to a new alert issued by the U.S. Secret Service. A memo seen by KrebsOnSecurity that the Secret Service circulated to field off
Publish At:2020-05-18 13:12 | Read:151 | Comments:0 | Tags:Latest Warnings The Coming Storm Web Fraud 2.0 Coronavirus C

This Service Helps Malware Authors Fix Flaws in their Code

Almost daily now there is news about flaws in commercial software that lead to computers getting hacked and seeded with malware. But the reality is most malicious software also has its share of security holes that open the door for security researchers or ne’er-do-wells to liberate or else seize control over already-hacked systems. Here’s a look
Publish At:2020-05-18 13:12 | Read:134 | Comments:0 | Tags:A Little Sunshine Ne'er-Do-Well News Web Fraud 2.0 Cerber Ga

Would You Have Fallen for This Phone Scam?

You may have heard that today’s phone fraudsters like to use caller ID spoofing services to make their scam calls seem more believable. But you probably didn’t know that these fraudsters also can use caller ID spoofing to trick your bank into giving up information about recent transactions on your account — data that can then be abused to m
Publish At:2020-05-03 09:35 | Read:456 | Comments:0 | Tags:Latest Warnings Web Fraud 2.0 citibank email bomb Gemini Adv

How Cybercriminals are Weathering COVID-19

In many ways, the COVID-19 pandemic has been a boon to cybercriminals: With unprecedented numbers of people working from home and anxious for news about the virus outbreak, it’s hard to imagine a more target-rich environment for phishers, scammers and malware purveyors. In addition, many crooks are finding the outbreak has helped them better market the
Publish At:2020-05-03 09:35 | Read:369 | Comments:0 | Tags:Ne'er-Do-Well News Other Web Fraud 2.0 alex holden Coronavir

Sipping from the Coronavirus Domain Firehose

Security experts are poring over thousands of new Coronavirus-themed domain names registered each day, but this often manual effort struggles to keep pace with the flood of domains invoking the virus to promote malware and phishing sites, as well as non-existent healthcare products and charities. As a result, domain name registrars are under increasing press
Publish At:2020-04-16 13:00 | Read:450 | Comments:0 | Tags:Latest Warnings The Coming Storm Web Fraud 2.0 CAUCE Centers

Who’s Behind the ‘Web Listings’ Mail Scam?

In December 2018, KrebsOnSecurity looked at how dozens of U.S. political campaigns, cities and towns had paid a shady company called Web Listings Inc. after receiving what looked like a bill for search engine optimization (SEO) services rendered on behalf of their domain names. The story concluded that this dubious service had been scamming people and compan
Publish At:2020-03-23 16:33 | Read:487 | Comments:0 | Tags:Breadcrumbs Web Fraud 2.0 Appco Group charity muggers Chris

Coronavirus Widens the Money Mule Pool

With many people being laid off or working from home thanks to the Coronavirus pandemic, cybercrooks are almost certain to have more than their usual share of recruitable “money mules” — people who get roped into money laundering schemes under the pretense of a work-at-home job offer. Here’s the story of one upstart mule factory that
Publish At:2020-03-17 20:05 | Read:503 | Comments:0 | Tags:A Little Sunshine Latest Warnings Web Fraud 2.0 alex holden

Crafty Web Skimming Domain Spoofs “https”

Earlier today, KrebsOnSecurity alerted the 10th largest food distributor in the United States that one of its Web sites had been hacked and retrofitted with code that steals credit card and login data. While such Web site card skimming attacks are not new, this intrusion leveraged a sneaky new domain that hides quite easily in a hacked site’s source co
Publish At:2020-03-11 22:15 | Read:470 | Comments:0 | Tags:A Little Sunshine The Coming Storm Web Fraud 2.0 .ps Akamai

Pay Up, Or We’ll Make Google Ban Your Ads

A new email-based extortion scheme apparently is making the rounds, targeting Web site owners serving banner ads through Google’s AdSense program. In this scam, the fraudsters demand bitcoin in exchange for a promise not to flood the publisher’s ads with so much bot and junk traffic that Google’s automated anti-fraud systems suspend the use
Publish At:2020-02-17 12:48 | Read:509 | Comments:0 | Tags:A Little Sunshine The Coming Storm Web Fraud 2.0 AdSense ext

Does Your Domain Have a Registry Lock?

If you’re running a business online, few things can be as disruptive or destructive to your brand as someone stealing your company’s domain name and doing whatever they wish with it. Even so, most major Web site owners aren’t taking full advantage of the security tools available to protect their domains from being hijacked. Here’s the
Publish At:2020-01-24 15:35 | Read:1396 | Comments:0 | Tags:Latest Warnings The Coming Storm Web Fraud 2.0 Arno Vis CSC

Phishing for Apples, Bobbing for Links

Anyone searching for a primer on how to spot clever phishing links need look no further than those targeting customers of Apple, whose brand by many measures remains among the most-targeted. Past stories here have examined how scammers working with organized gangs try to phish iCloud credentials from Apple customers who have a mobile device that is lost or s
Publish At:2020-01-13 15:35 | Read:413 | Comments:0 | Tags:Latest Warnings Web Fraud 2.0 Apple phishing

Tricky Phish Angles for Persistence, Not Passwords

Late last year saw the re-emergence of a nasty phishing tactic that allows the attacker to gain full access to a user’s data stored in the cloud without actually stealing the account password. The phishing lure starts with a link that leads to the real login page for a cloud email and/or file storage service. Anyone who takes the bait will inadvertentl
Publish At:2020-01-07 20:35 | Read:690 | Comments:0 | Tags:Latest Warnings The Coming Storm Web Fraud 2.0 Jeff Jones lo

The Great $50M African IP Address Heist

A top executive at the nonprofit entity responsible for doling out chunks of Internet addresses to businesses and other organizations in Africa has resigned his post following accusations that he secretly operated several companies which sold tens of millions of dollars worth of the increasingly scarce resource to online marketers. The allegations stemmed fr
Publish At:2019-12-11 20:35 | Read:1044 | Comments:0 | Tags:A Little Sunshine Web Fraud 2.0 Adconion Direct AFRINIC Afri

It’s Way Too Easy to Get a .gov Domain Name

Many readers probably believe they can trust links and emails coming from U.S. federal government domain names, or else assume there are at least more stringent verification requirements involved in obtaining a .gov domain versus a commercial one ending in .com or .org. But a recent experience suggests this trust may be severely misplaced, and that it is rel
Publish At:2019-11-27 03:35 | Read:1046 | Comments:0 | Tags:The Coming Storm Web Fraud 2.0 CISA Cybersecurity and Infras


Share high-quality web security related articles with you:)