Web Fraud 2.0 – Page 14 – WindowsTechs.com

NCR Barred Mint, QuickBooks from Banking Platform During Account Takeover Storm

Posted on November 3, 2019 by BrianKrebs

Banking industry giant NCR Corp. [NYSE: NCR] late last month took the unusual step of temporarily blocking third-party financial data aggregators Mint and QuicBooks Online from accessing Digital Insight, an online banking platform used by hundreds of financial institutions. That ban, which came in response to a series of bank account takeovers in which cybercriminals used aggregation sites to surveil and drain consumer accounts, has since been rescinded. But the incident raises fresh questions about the proper role of digital banking platforms in fighting password abuse. Continue reading NCR Barred Mint, QuickBooks from Banking Platform During Account Takeover Storm→

“BriansClub” Hack Rescues 26M Stolen Cards

Posted on October 15, 2019 by BrianKrebs

“BriansClub,” a popular underground store for buying stolen credit card data that uses Yours Truly’s likeness in its advertising, has itself been hacked. The data stolen from BriansClub encompasses more than 26 million credit and debit card records taken from hacked online and brick-and-mortar retailers over the past four years, including almost eight million records uploaded to the shop in 2019 alone. Continue reading “BriansClub” Hack Rescues 26M Stolen Cards→

Phishers are Angling for Your Cloud Providers

Posted on August 30, 2019 by BrianKrebs

Many companies are now outsourcing their marketing efforts to cloud-based Customer Relationship Management (CRM) providers. But when accounts at those CRM providers get hacked or phished, the results can be damaging for both the client’s brand and thei… Continue reading Phishers are Angling for Your Cloud Providers→

Meet the World’s Biggest ‘Bulletproof’ Hoster

Posted on July 16, 2019 by BrianKrebs

For at least the past decade, a computer crook variously known as “Yalishanda,” “Downlow” and “Stas_vl” has run one of the most popular “bulletproof” Web hosting services catering to a vast array of phishing sites, cybercrime forums and malware download servers. What follows are a series of clues that point to the likely real-life identity of a Russian man who appears responsible for enabling a ridiculous amount of cybercriminal activity on the Internet today. Continue reading Meet the World’s Biggest ‘Bulletproof’ Hoster→

Feds Bust Up Dark Web Hub Wall Street Market

Posted on May 3, 2019 by BrianKrebs

Federal investigators in the United States, Germany and the Netherlands announced today the arrest and charging of three German nationals and a Brazilian man as the alleged masterminds behind the Wall Street Market (WSM), one of the world’s largest dark web bazaars that allowed vendors to sell illegal drugs, counterfeit goods and malware. Now, at least one former WSM administrator is reportedly trying to extort money from WSM vendors and buyers (supposedly including Yours Truly) — in exchange for not publishing details of the transactions. Continue reading Feds Bust Up Dark Web Hub Wall Street Market→

‘Land Lordz’ Service Powers Airbnb Scams

Posted on April 14, 2019 by BrianKrebs

Scammers who make a living swindling Airbnb.com customers have a powerful new tool at their disposal: A software-as-a-service offering called “Land Lordz,” which helps automate the creation and management of fake Airbnb Web sites and the sending o… Continue reading ‘Land Lordz’ Service Powers Airbnb Scams→

Bomb Threat, Sextortion Spammers Abused Weakness at GoDaddy.com

Posted on January 23, 2019 by BrianKrebs

Two of the most disruptive and widely-received spam email campaigns over the past few months — including an ongoing sextortion email scam and a bomb threat hoax that shut down dozens of schools, businesses and government buildings late last year — were made possible thanks to an authentication weakness at GoDaddy.com, the world’s largest domain name registrar, KrebsOnSecurity has learned.

Perhaps more worryingly, experts warn this same weakness that let spammers hijack domains registered through GoDaddy also affects a great many other major Internet service providers, and is actively being abused to launch phishing and malware attacks which leverage dormant Web site names currently owned and controlled by some of the world’s most trusted corporate names and brands. Continue reading Bomb Threat, Sextortion Spammers Abused Weakness at GoDaddy.com→

Dirt-Cheap, Legit, Windows Software: Pick Two

Posted on January 8, 2019 by BrianKrebs

Buying heavily discounted, popular software from second-hand sources online has always been something of an iffy security proposition. But purchasing steeply discounted licenses for cloud-based subscription products like recent versions of Microsoft Office can be an extremely risky transaction, mainly because you may not have full control over who has access to your data. Continue reading Dirt-Cheap, Legit, Windows Software: Pick Two→

How to Shop Online Like a Security Pro

Posted on November 23, 2018 by BrianKrebs

‘Tis the season when even those who know a thing or two about Internet scams tend to let down their guard in the face of an eye-popping discount or the stress of last-minute holiday shopping. So here’s a quick refresher course on how to make it through the next few weeks without getting snookered online. Continue reading How to Shop Online Like a Security Pro→

That Domain You Forgot to Renew? Yeah, it’s Now Stealing Credit Cards

Posted on November 13, 2018 by BrianKrebs

If you own a domain name that gets decent traffic and you fail to pay its annual renewal fee, chances are this mistake will be costly for you and for others. Lately, neglected domains have been getting scooped up by crooks who use them to set up fake e-commerce sites that steal credit card details from unwary shoppers. Continue reading That Domain You Forgot to Renew? Yeah, it’s Now Stealing Credit Cards→