Posts filtered by tags: Social Engineering[x]


 

A Phishing Scam Targeting Postmates Drivers Pretends to Represent the Company to Empty Out Victims’ Accounts

As if gig workers didn’t have it hard enough already, they now have to be on the lookout for possible phishing scams from malicious actors that pretend to represent their company. Read more...
Tags: Uber, Science, Crime, Fraud, Social Engineering, Phishing, Postmates, Spamming, Online Food Ordering, Deception, Meghan Casserly, Confidence Tricks


Beware of These Creative Online Dating Scams

Both the Better Business Bureau and the FBI are warning people about romance scams, which are expected to remain an elevated threat leading up to Valentine’s Day. This type of scam has been made worse during the pandemic, as cases have spiked by 18% in the last year, according to the FBI. Here’s what you need to know. Read more...
Tags: Crime, Fraud, Fbi, Lifehacks, Social Engineering, Better Business Bureau, Spamming, Matchmaking, Deception, Confidence Tricks, Romance Scam, Advance Fee Scam, Technical Support Scam, Money Mule


North Korean Hackers Successfully Phished Cyber Researchers Using a Fake Blog

A recent phishing campaign by North Korean nation-state hackers successfully duped a number of security professionals who were involved in vulnerability research and development, according to a new report from Google’s Threat Analysis Group.Read more...
Tags: Google, Science, Crime, Linkedin, Malware, Cybercrime, Security Breaches, Social Engineering, Phishing, Cyberwarfare, Computer Security, Zero Day, Computer Programming, Fancy Bear, Technology_internet, Entertainment_culture


Hiding Malware in Social Media Buttons

Clever tactic: This new malware was discovered by researchers at Dutch cyber-security company Sansec that focuses on defending e-commerce websites from digital skimming (also known as Magecart) attacks. The payment skimmer malware pulls its sleight of hand trick with the help of a double payload structure where the source code of the skimmer script that steals customers’ credit cards will be concealed in a social sharing icon loaded as an HTML ‘svg’ element with a ‘path’ element as a container. ...
Tags: Credit Cards, Uncategorized, Social Media, Malware, Social Engineering, Bruce Schneier, Social Media Buttons, Sansec


Decrypted: How Twitter was hacked, GitHub DMCA backfires

One week to the U.S. presidential election and things are getting spicy. It’s not just the rhetoric — hackers are actively working to disrupt the election, officials have said, and last week they came with a concrete example and an unusually quick pointing of blame. On Wednesday night, Director of National Intelligence John Ratcliffe blamed Iran for an email operation designed to intimidate voters in Florida into voting for President Trump “or else.” Ratcliffe, who didn’t take any questions from...
Tags: Iphone, Android, Security, Social, Startups, Twitter, Florida, New York, Tech, Iran, Encryption, Law Enforcement, United States, President, Fireeye, Vpn


HacWare wants you to hate email security a little less

Let’s face it, email security is something a lot of people would rather think less about. When you’re not deluged with a daily onslaught of phishing attacks trying to steal your passwords, you’re also expected to dodge the simulated phishing emails sent by your own company all for the sake of checking a compliance box. One security startup wants that to change. Tiffany Ricks founded HacWare in Dallas, Texas, in 2017 to help bring better cybersecurity awareness to small businesses without getting...
Tags: Security, Startups, Verizon, New York City, Tech, Cybercrime, Pentagon, Social Engineering, TechStars, Phishing, Identity Theft, Battlefield, Computer Security, Dallas Texas, Ricks, Multi-factor Authentication


Decrypted: Uber’s former security chief charged, FBI’s ‘vishing’ warning

A lot happened in cybersecurity over the past week. The University of Utah paid almost half a million dollars to stop hackers from leaking sensitive student data after a ransomware attack. Two major ATM makers patched flaws that could’ve allowed for fraudulent cash withdrawals from vulnerable ATMs. Grant Schneider, the U.S. federal chief information security officer, is leaving his post after more than three decades in government. And, a new peer-to-peer botnet is spreading like wildfire and inf...
Tags: Security, Crime, Privacy, San Francisco, Tech, Data Breach, Fbi, Law Enforcement, United States, Telephony, Travis Kalanick, Social Engineering, Cloudflare, Federal Trade Commission, Peer To Peer, Computer Security


Twitter says ‘phone spear phishing attack’ used to gain network access in crypto scam breach

Twitter has revealed a little more detail about the security breach it suffered earlier this month when a number of high profile accounts were hacked to spread a cryptocurrency scam — writing in a blog post that a “phone spear phishing attack” was used to target a small number of its employees. Once the attackers had successfully gained network credentials via this social engineering technique they were in a position to gather enough information about its internal systems and processes to tar...
Tags: Travel, Security, Twitter, UK, Hack, Social Engineering, Breach, Reuters, Graham Cluley, Cluley, Crypto Scam, Phone Spear Phishing


Apple, Biden, Musk and other high-profile Twitter accounts hacked in crypto scam

A number of high-profile Twitter accounts were simultaneously hacked on Wednesday by attackers who used the accounts — some with millions of followers — to spread a cryptocurrency scam. Apple, Elon Musk, Joe Biden and Bill Gates were among the accounts compromised in a broadly targeted hack that remained mysterious hours after taking place. Those accounts and many others posted a message promoting the address of a bitcoin wallet with the claim that the amount of any payments made to the addre...
Tags: Apple, Security, Twitter, Spacex, Elon Musk, Finance, Barack Obama, Tech, Spokesperson, Tesla, Joe Biden, Bill Gates, Wiz Khalifa, Jack Dorsey, Social Engineering, Cloudflare


Apple, Biden, Gates, Musk and other high-profile Twitter accounts hacked in crypto scam

A number of high-profile Twitter accounts were simultaneously hacked on Wednesday by attackers who used the accounts — some with millions of followers — to spread a cryptocurrency scam. @bitcoin, @ripple, @coindesk, @coinbase and @binance were among the accounts hacked with the same message: “We have partnered with CryptoForHealth and are giving back 5000 BTC to the community,” followed by a link to a website, which we are not linking to. The scammer’s website was quickly pulled offline. Kris...
Tags: Apple, Amazon, Security, Twitter, Spacex, Elon Musk, Finance, Tech, Spokesperson, Tesla, Wiz Khalifa, Jack Dorsey, Social Engineering, Cloudflare, Cryptocurrencies, Phishing


Many high-profile Twitter accounts simultaneously hacked to spread cryptocurrency scam

A number of high-profile Twitter accounts were simultaneously hacked on Wednesday by attackers who used the accounts — some with millions of followers — to spread a cryptocurrency scam. @bitcoin, @ripple, @coindesk, @coinbase and @binance were among the accounts hacked with the same message: “We have partnered with CryptoForHealth and are giving back 5000 BTC to the community,” followed by a link to a website, which we are not linking to. The scammer’s website was quickly pulled offline. Kris...
Tags: Amazon, Security, Twitter, Spacex, Elon Musk, Finance, Tech, Spokesperson, Tesla, Jack Dorsey, Social Engineering, Cloudflare, Cryptocurrencies, Phishing, Coinbase, Digital Currencies


Many popular Twitter accounts simultaneously hacked to spread cryptocurrency scam

A number of high-profile Twitter accounts were simultaneously hacked on Wednesday by attackers who used the accounts — some with millions of followers — to spread a cryptocurrency scam. @bitcoin, @ripple, @coindesk, @coinbase, and @binance were among the accounts hacked with the same message: “We have partnered with CryptoForHealth and are giving back 5000 BTC to the community,” followed by a link to a website, which we are not linking to. Some of the accounts were quickly back under their ow...
Tags: Security, Twitter, Spacex, Money, Finance, Tech, Spokesperson, Tesla, Bitcoin, Jack Dorsey, Social Engineering, Cloudflare, Cryptocurrencies, Phishing, Coinbase, TechCrunch


Microsoft secretly seized domains used in COVID-19-themed email cyberattacks

A court has granted a bid by Microsoft to seize and take control of malicious web domains used in a large-scale cyberattack targeting victims in 62 countries with spoofed emails in an effort to defraud unsuspecting businesses. The technology giant announced the takedown of the business email compromise operation in a Tuesday blog post. Tom Burt, Microsoft’s consumer security chief, said the attackers tried to gain access to victims’ email inboxes, contacts and other sensitive files in order t...
Tags: Security, Crime, Email, Microsoft, Russia, Tech, Spokesperson, Iran, Fraud, Fbi, Cybercrime, United States, Social Engineering, Phishing, Federal Bureau of Investigation, TechCrunch


Google says Iranian, Chinese hackers targeted Trump, Biden campaigns

Google security researchers say they’ve identified efforts by at least two nation state-backed hackers against the Trump and Biden presidential campaigns. Shane Huntley, director for Google’s Threat Analysis Group, said in a tweet that hackers backed by China and Iran recently targeted the campaigns using malicious phishing emails. But, Huntley said, there are “no signs of compromise,” and that both campaigns were alerted to the attempts. Recently TAG saw China APT group targeting Biden ca...
Tags: Google, Security, Crime, Microsoft, China, Tech, Spokesperson, Iran, Fraud, Cybercrime, Democrats, Biden, Social Engineering, Donald Trump, Director, Phishing


Anti-phishing startup Inky raises $20M to ramp up enterprise adoption

Anti-phishing startup Inky has raised $20 million in its Series B round of funding, led by Insight Partners . The funding will help the company push for greater enterprise adoption and expand to international markets including Europe, Asia and Latin America. Inky started out a decade ago with a bold mission to reinvent email with its desktop app focused on helping users better organize and filter their inboxes. The company pivoted away from its email improvement efforts in 2018 to focus on ...
Tags: Security, Verizon, Asia, Europe, Crime, Email, Tech, Cybercrime, Information Technology, Machine Learning, Cross-site Scripting, Social Engineering, Phishing, Latin America, Identity Theft, Series B


How to Avoid Talking to Your Friends and Family

Remember the days when you could ignore an incoming call and say “I’m busy”?Read more...
Tags: Lifehacks, Social Engineering, Joels Hot Takes, Social Distancing


What you need to know about COVID-19-related cyberattacks

Ray Espinoza Contributor Share on Twitter Ray Espinoza is head of security at Cobalt.io. He’s the first line of defense, driving operational security and risk initiatives to fortify the company’s security posture and optimize security services for customers. The COVID-19 outbreak has not only caused global disruption, it has also changed the cybersecurity threat landscape. We are observing changing patterns of behaviors from t...
Tags: Security, Work, Column, Tech, Sms, Ransomware, Cybercrime, Cyberattack, Italy, Vpn, Las Vegas, Social Engineering, Phishing, Cyberwarfare, Threat, Indian Ocean


Extensive US Intellectual Property theft by Chinese being investigated by FBI

Extensive US Intellectual Property theft by Chinese being investigated by FBI Intellectual theft is a huge problem in the US and the largest perpetrator is the Chinese government.   They target military sub-contractors and sub-sub-contractors, universities, businesses, financial entities, medical...
Tags: Security, Updates, Cloud, Business, Technology, News, Internet, Government, China, US, Sem, Malware, Cybersecurity, Fbi, Cybercrime, Artificial Intelligence


Red teams OK to push ethical limits but not on themselves, study says

Wake up, make breakfast, get the kids to school, drive to work, break into the chief financial officer’s inbox and steal the entire company’s employee tax records. Maybe later you’ll grab a bagel from across the street. For “red teams” — or offensive security researchers — it’s just another day at work. These offensive security teams are made up of skilled hackers who are authorized to find vulnerabilities in a company’s systems, networks but also their employees. By hacking a company from withi...
Tags: Security, Africa, Tech, Cryptography, Cybercrime, Washington Dc, Iowa, Middle East, Wheeler, South America, Social Engineering, Software Testing, Phishing, Computer Security, New America, Iversen


Most Businesses Attacked By Business Email Compromise Last Year

Most Businesses Attacked By Business Email Compromise Last Year 2019 was the year for Business Email Compromises also known as BEC attacks.  In fact, a majority of all businesses across the world became targets of these directed attacks involving their executives. While technology improvements did...
Tags: Psychology, Security, Business, Technology, Internet, Sem, Malware, HR, Cybersecurity, Spear Phishing, Cybercrime, Hacking, Employees, Hackers, Social Engineering, Phishing


Only a few 2020 US presidential candidates are using a basic email security feature

Just one-third of the 2020 U.S. presidential candidates are using an email security feature that could prevent a similar attack that hobbled the Democrats’ during the 2016 election. Out of the 21 presidential candidates in the race according to Reuters, seven Democrats and one Republican candidate are using and enforcing DMARC, an email security protocol that verifies the authenticity of a sender’s email and rejects spoofed emails, which hackers often use to try to trick victims into opening mal...
Tags: Google, Security, Crime, Government, Elizabeth Warren, US, Tech, Cybercrime, Green, Hillary Clinton, United States, Wikileaks, Social Engineering, Donald Trump, Phishing, Presidential Election


How to Use Social Engineering—But Not in an Evil Way

If you want to win friends and influence people, well, there’s a whole book on how to do that. But how do you do social engineering the right way—to make life better for everyone, not just to manipulate people into doing what you want?Read more...
Tags: Networking, Romance, Friendship, Conversation, Social Gps, Lifehacks, Social Engineering


Microsoft says Iranian hackers targeted a 2020 presidential candidate

Microsoft said it has found evidence that hackers associated with Iran have targeted a 2020 presidential candidate. The tech giant’s security and trust chief confirmed the attack in a blog post, but the company would not say which candidate was the target. The threat group, which Microsoft calls Phosphorous — also known as APT 35 — made more than 2,700 attempts to identify consumer email accounts belonging to specific Microsoft customers. These accounts, he said, are “associated” with a presiden...
Tags: Google, Security, Crime, Microsoft, Yahoo, Tech, Iran, Fbi, Cybercrime, National Security, Tehran, Social Engineering, Phishing, Cyberwarfare, Threat, U.s. Government


Malware researcher Marcus Hutchins pleads guilty, ending his legal case

Malware researcher Marcus Hutchins has pleaded guilty to two counts of creating and selling a powerful banking malware, ending a long and protracted battle with U.S. prosecutors. Hutchins, a British national who goes by the online handle MalwareTech, was arrested in August 2017 as he was due to fly back to the U.K. following the Def Con security conference in Las Vegas. Prosecutors charged Hutchins with his involvement with creating the Kronos banking malware, dating back to 2014. He was late...
Tags: Security, North Korea, Tech, Banking, Malware, Ransomware, Spyware, Cybercrime, Las Vegas, Department Of Justice, Social Engineering, National Security Agency, Justice Department, Kronos, Marcia Hofmann, Eastern District of Wisconsin


Microsoft: Hackers compromised support agent’s credentials to access customer email accounts

On the heels of a trove of 773 million emails, and tens of millions of passwords, from a variety of domains getting leaked in January, Microsoft has faced another breach affecting its web-based email services. Microsoft has confirmed to TechCrunch that a certain “limited” number of people who use web email services managed by Microsoft — which cover services like @msn.com and @hotmail.com — had their accounts compromised. According to an email Microsoft has sent out to affected users (the rea...
Tags: Security, TC, Email, Microsoft, Tech, European Union, Mail, Social Engineering, Phishing, Microsoft Windows, Webmail, Spamming


Florida man convinces Western Union clerk to insert a thumb drive, steals $32K, does it again, gets caught

Vasile Savu is accused of walking into a Western Union in Hollywood, Florida and asking the clerk to print out his flight itinerary, a pretense he used to get the clerk to insert a thumb-drive loaded with malicious software into his computers, which allegedly allowed Savu to steal $32k from the business. Savu then went into another Western Union, in nearby Opa-locka, and allegedly tried to do it again. The clerk recognized him and called the cops. Savu is now under house arrest pending tria...
Tags: Post, Florida, News, Malware, Infosec, Badusb, Social Engineering, Florida Man, Western Union, Hollywood Florida, Safe Hex, Savu, Vasile Savu


Security keys are "transformative" and "revolutionary" for information security

Mark Risher adapts his viral Twitter thread about the security advantages of security keys like Ubikey and Google's Titan Security Key, and how they are game-changers for information security. As Risher tells it, two factor authentication is supposed to require "something you know" (like a passphrase) and something you have (like a dongle, or a phone, etc). The problem is that most 2FA systems are actually about two things you know: your passphrase, and the six- or eight-digit code generate...
Tags: Google, Security, Post, News, Identity, Infosec, Social Engineering, FIDO Alliance, 2FA, Risher, Mark Risher, Advanced Protection Program, Security Keys, Something You Have, Ubikey, Federated Identity


Hacking Instagram to Get Free Meals in Exchange for Positive Reviews

This is a fascinating hack: In today's digital age, a large Instagram audience is considered a valuable currency. I had also heard through the grapevine that I could monetize a large following -- or in my desired case -- use it to have my meals paid for. So I did just that. I created an Instagram page that showcased pictures of New York City's skylines, iconic spots, elegant skyscrapers ­-- you name it. The page has amassed a following of over 25,000 users in the NYC area and it's still rapidl...
Tags: Instagram, NYC, New York City, Social Media, Artificial Intelligence, Social Engineering, Bruce Schneier


So You Want to Start a Cybersecurity Company?

Cybercrime has become a global epidemic. Attacks will cost the world $6 trillion by 2021, research firm Cybersecurity Ventures says-–the greatest transfer of economic wealth in history and more profitable than the trade in all major illegal drugs.As the threat keeps rising, the cybersecurity industry keeps growing. According to data released in January by Strategic Cyber Ventures, a cybersecurity-focused venture capital firm, global funding for security companies nearly doubled between 2016 and ...
Tags: Deals, Security, Startups, Cloud, Internet Of Things, Entrepreneurship, Funding, Trends, Cisco, Cybersecurity, Cybercrime, Vc, Hacks, Innovation, Mark Cuban, Venture Capital


Bounty hunters and stalkers are able to track you in realtime by lying to your phone company and pretending to be cops

Early in January, Motherboard's Joseph Cox broke a blockbuster story about how America's mobile carriers sold access to their customers' realtime location data to many shady marketing brokers, who then quietly slipped that data to bounty hunters and other unsavory characters -- a practice that they'd been caught in before and had ">falsely promised to end. Since then, things have only gotten worse, with revelations that the companies involved had lobbied for lax privacy rules, arguing that ...
Tags: Post, News, Fcc, Privacy, Congress, Stalkers, US, America, Infosec, Google Maps, Social Engineering, Trump, Cox, Edens, Ajit Pai, Bounty Hunters