HackDig : Dig high-quality web security articles for hackers

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Fraudsters redirected email and web traffic destined for several cryptocurrency trading platforms over the past week. The attacks were facilitated by scams targeting employees at GoDaddy, the world’s largest domain name registrar, KrebsOnSecurity has learned. The incident is the latest incursion at GoDaddy that relied on tricking employees into transf
Publish At:2020-11-21 15:30 | Read:114 | Comments:0 | Tags:A Little Sunshine Web Fraud 2.0 Bibox Celcius.network Dan Ra

Be Very Sparing in Allowing Site Notifications

An increasing number of websites are asking visitors to approve “notifications,” browser modifications that periodically display messages on the user’s mobile or desktop device. In many cases these notifications are benign, but several dodgy firms are paying site owners to install their notification scripts and then selling that communicati
Publish At:2020-11-17 14:00 | Read:165 | Comments:0 | Tags:A Little Sunshine Latest Warnings Web Fraud 2.0 Frank Angiol

Two Charged in SIM Swapping, Vishing Scams

Two young men from the eastern United States have been hit with identity theft and conspiracy charges for allegedly stealing bitcoin and social media accounts by tricking employees at wireless phone companies into giving away credentials needed to remotely access and modify customer account information. Prosecutors say Jordan K. Milleson, 21 of Timonium, Md
Publish At:2020-11-03 18:29 | Read:218 | Comments:0 | Tags:Ne'er-Do-Well News SIM Swapping Web Fraud 2.0 Champagne Jord

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

There’s an old adage in information security: “Every company gets penetration tested, whether or not they pay someone for the pleasure.” Many organizations that do hire professionals to test their network security posture unfortunately tend to focus on fixing vulnerabilities hackers could use to break in. But judging from the proliferation
Publish At:2020-10-08 18:53 | Read:242 | Comments:0 | Tags:A Little Sunshine Ne'er-Do-Well News Web Fraud 2.0 domaintoo

Riding the State Unemployment Fraud ‘Wave’

When a reliable method of scamming money out of people, companies or governments becomes widely known, underground forums and chat networks tend to light up with activity as more fraudsters pile on to claim their share. And that’s exactly what appears to be going on right now as multiple U.S. states struggle to combat a tsunami of phony Pandemic Unempl
Publish At:2020-05-24 08:11 | Read:567 | Comments:0 | Tags:Web Fraud 2.0 Agari Pandemic Unemployment Assistance Patrick

U.S. Secret Service: “Massive Fraud” Against State Unemployment Insurance Programs

A well-organized Nigerian crime ring is exploiting the COVID-19 crisis by committing large-scale fraud against multiple state unemployment insurance programs, with potential losses in the hundreds of millions of dollars, according to a new alert issued by the U.S. Secret Service. A memo seen by KrebsOnSecurity that the Secret Service circulated to field off
Publish At:2020-05-18 13:12 | Read:546 | Comments:0 | Tags:Latest Warnings The Coming Storm Web Fraud 2.0 Coronavirus C

This Service Helps Malware Authors Fix Flaws in their Code

Almost daily now there is news about flaws in commercial software that lead to computers getting hacked and seeded with malware. But the reality is most malicious software also has its share of security holes that open the door for security researchers or ne’er-do-wells to liberate or else seize control over already-hacked systems. Here’s a look
Publish At:2020-05-18 13:12 | Read:530 | Comments:0 | Tags:A Little Sunshine Ne'er-Do-Well News Web Fraud 2.0 Cerber Ga

Would You Have Fallen for This Phone Scam?

You may have heard that today’s phone fraudsters like to use caller ID spoofing services to make their scam calls seem more believable. But you probably didn’t know that these fraudsters also can use caller ID spoofing to trick your bank into giving up information about recent transactions on your account — data that can then be abused to m
Publish At:2020-05-03 09:35 | Read:975 | Comments:0 | Tags:Latest Warnings Web Fraud 2.0 citibank email bomb Gemini Adv

How Cybercriminals are Weathering COVID-19

In many ways, the COVID-19 pandemic has been a boon to cybercriminals: With unprecedented numbers of people working from home and anxious for news about the virus outbreak, it’s hard to imagine a more target-rich environment for phishers, scammers and malware purveyors. In addition, many crooks are finding the outbreak has helped them better market the
Publish At:2020-05-03 09:35 | Read:856 | Comments:0 | Tags:Ne'er-Do-Well News Other Web Fraud 2.0 alex holden Coronavir

Sipping from the Coronavirus Domain Firehose

Security experts are poring over thousands of new Coronavirus-themed domain names registered each day, but this often manual effort struggles to keep pace with the flood of domains invoking the virus to promote malware and phishing sites, as well as non-existent healthcare products and charities. As a result, domain name registrars are under increasing press
Publish At:2020-04-16 13:00 | Read:882 | Comments:0 | Tags:Latest Warnings The Coming Storm Web Fraud 2.0 CAUCE Centers

Who’s Behind the ‘Web Listings’ Mail Scam?

In December 2018, KrebsOnSecurity looked at how dozens of U.S. political campaigns, cities and towns had paid a shady company called Web Listings Inc. after receiving what looked like a bill for search engine optimization (SEO) services rendered on behalf of their domain names. The story concluded that this dubious service had been scamming people and compan
Publish At:2020-03-23 16:33 | Read:958 | Comments:0 | Tags:Breadcrumbs Web Fraud 2.0 Appco Group charity muggers Chris

Coronavirus Widens the Money Mule Pool

With many people being laid off or working from home thanks to the Coronavirus pandemic, cybercrooks are almost certain to have more than their usual share of recruitable “money mules” — people who get roped into money laundering schemes under the pretense of a work-at-home job offer. Here’s the story of one upstart mule factory that
Publish At:2020-03-17 20:05 | Read:992 | Comments:0 | Tags:A Little Sunshine Latest Warnings Web Fraud 2.0 alex holden

Crafty Web Skimming Domain Spoofs “https”

Earlier today, KrebsOnSecurity alerted the 10th largest food distributor in the United States that one of its Web sites had been hacked and retrofitted with code that steals credit card and login data. While such Web site card skimming attacks are not new, this intrusion leveraged a sneaky new domain that hides quite easily in a hacked site’s source co
Publish At:2020-03-11 22:15 | Read:775 | Comments:0 | Tags:A Little Sunshine The Coming Storm Web Fraud 2.0 .ps Akamai

Pay Up, Or We’ll Make Google Ban Your Ads

A new email-based extortion scheme apparently is making the rounds, targeting Web site owners serving banner ads through Google’s AdSense program. In this scam, the fraudsters demand bitcoin in exchange for a promise not to flood the publisher’s ads with so much bot and junk traffic that Google’s automated anti-fraud systems suspend the use
Publish At:2020-02-17 12:48 | Read:914 | Comments:0 | Tags:A Little Sunshine The Coming Storm Web Fraud 2.0 AdSense ext

Does Your Domain Have a Registry Lock?

If you’re running a business online, few things can be as disruptive or destructive to your brand as someone stealing your company’s domain name and doing whatever they wish with it. Even so, most major Web site owners aren’t taking full advantage of the security tools available to protect their domains from being hijacked. Here’s the
Publish At:2020-01-24 15:35 | Read:1858 | Comments:0 | Tags:Latest Warnings The Coming Storm Web Fraud 2.0 Arno Vis CSC

Tools