Arrest in ‘Ransom Your Employer’ Email Scheme

In August, KrebsOnSecurity warned that scammers were contacting people and asking them to unleash ransomware inside their employer’s network, in exchange for a percentage of any ransom amount paid by the victim company. This week, authorities in Nigeria arrested a suspect in connection with the scheme — a young man who said he was trying to save up money to help fund a new social network. Continue reading Arrest in ‘Ransom Your Employer’ Email Scheme

TikTok scammers tried hacking 125 targets that followed famous accounts, researchers find

More than 125 people and businesses associated with large TikTok accounts based around the world were targeted as part of a recent phishing campaign, according to research published Tuesday. Emails warned that targeted accounts were either in danger of being deleted for copyright violations or eligible for a verification badge. If victims replied to a message, attackers directed them to click a link to a WhatsApp chat, where a purported TikTok representative would confirm their accounts. While it remains unclear if any accounts were breached, the campaign is the latest to demonstrate how TikTok’s popularity makes its mot visible users targets for scammers. In addition to individual account holders, the latest campaign targeted talent agencies, brand-consultant firms, social media production studios, influencer management firms, according to Rachelle Chouinard, a threat intelligence analyst at email security firm Abnormal Security, which shared its findings with CyberScoop. Crane Hassold, the director of threat […]

The post TikTok scammers tried hacking 125 targets that followed famous accounts, researchers find appeared first on CyberScoop.

Continue reading TikTok scammers tried hacking 125 targets that followed famous accounts, researchers find

Wanted: Disgruntled Employees to Deploy Ransomware

Criminal hackers will try almost anything to get inside a profitable enterprise and secure a million-dollar payday from a ransomware infection. Apparently now that includes emailing employees directly and asking them to unleash the malware inside their employer’s network in exchange for a percentage of any ransom amount paid by the victim company. Continue reading Wanted: Disgruntled Employees to Deploy Ransomware

Phishers Are Upping Their Game. So Should You.

Not long ago, phishing attacks were fairly easy for the average Internet user to spot: Full of grammatical and spelling errors, and linking to phony bank or email logins at unencrypted (http:// vs. https://) Web pages. Increasingly, however, phishers are upping their game, polishing their copy and hosting scam pages over https:// connections — complete with the green lock icon in the browser address bar to make the fake sites appear more legitimate. Continue reading Phishers Are Upping Their Game. So Should You.