Web Fraud 2.0 – Page 4 – WindowsTechs.com

E-Crime Rapper ‘Punchmade Dev’ Debuts Card Shop

Posted on January 17, 2024 by BrianKrebs

The rapper and social media personality Punchmade Dev is perhaps best known for his flashy videos singing the praises of a cybercrime lifestyle. With memorable hits such as “Internet Swiping” and “Million Dollar Criminal” earning millions of views, Punchmade has leveraged his considerable following to peddle tutorials on how to commit financial crimes online. But until recently, there wasn’t much to support a conclusion that Punchmade was actually doing the cybercrime things he promotes in his songs. Continue reading E-Crime Rapper ‘Punchmade Dev’ Debuts Card Shop→

Who’s Behind the SWAT USA Reshipping Service?

Posted on November 6, 2023 by BrianKrebs

Last week, KrebsOnSecurity broke the news that one of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure. In today’s Part II, we’ll examine clues about the real-life identity left behind by “Fearless,” the nickname chosen by the proprietor of the SWAT USA Drops service. Continue reading Who’s Behind the SWAT USA Reshipping Service?→

Russian Reshipping Service ‘SWAT USA Drop’ Exposed

Posted on November 2, 2023 by BrianKrebs

One of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure. Here’s a closer look at the Russia-based SWAT USA Drop Service, which currently employs more than 1,200 people across the United States who are knowingly or unwittingly involved in reshipping expensive consumer goods purchased with stolen credit cards. Continue reading Russian Reshipping Service ‘SWAT USA Drop’ Exposed→

.US Harbors Prolific Malicious Link Shortening Service

Posted on October 31, 2023 by BrianKrebs

The top-level domain for the United States — .US — is home to thousands of newly-registered domains tied to a malicious link shortening service that facilitates malware and phishing scams, new research suggests. The findings come close on the heels of a report that identified .US domains as among the most prevalent in phishing attacks over the past year. Continue reading .US Harbors Prolific Malicious Link Shortening Service→

The Fake Browser Update Scam Gets a Makeover

Posted on October 18, 2023 by BrianKrebs

One of the oldest malware tricks in the book — hacked websites claiming visitors need to update their Web browser before they can view any content — has roared back to life in the past few months. New research shows the attackers behind one such scheme have developed an ingenious way of keeping their malware from being taken down by security experts or law enforcement: By hosting the malicious files on a decentralized, anonymous cryptocurrency blockchain. Continue reading The Fake Browser Update Scam Gets a Makeover→

Tech CEO Sentenced to 5 Years in IP Address Scheme

Posted on October 17, 2023 by BrianKrebs

Amir Golestan, the 40-year-old CEO of the Charleston, S.C. based technology company Micfo LLC, has been sentenced to five years in prison for wire fraud. Golestan’s sentencing comes nearly two years after he pleaded guilty to using an elaborate network of phony companies to secure more than 735,000 Internet Protocol (IP) addresses from the American Registry for Internet Numbers (ARIN), the nonprofit which oversees IP addresses assigned to entities in the U.S., Canada, and parts of the Caribbean. Continue reading Tech CEO Sentenced to 5 Years in IP Address Scheme→

Phishers Spoof USPS, 12 Other Natl’ Postal Services

Posted on October 9, 2023 by BrianKrebs

Recent weeks have seen a sizable uptick in the number of phishing scams targeting U.S. Postal Service (USPS) customers. Here’s a look at an extensive SMS phishing operation that tries to steal personal and financial data by spoofing the USPS, as well as postal services in at least a dozen other countries worldwide. Continue reading Phishers Spoof USPS, 12 Other Natl’ Postal Services→

LastPass: ‘Horse Gone Barn Bolted’ is Strong Password

Posted on September 22, 2023 by BrianKrebs

The password manager service LastPass is now forcing some of its users to pick longer master passwords. LastPass says the changes are needed to ensure all customers are protected by their latest security improvements. But critics say the move is little more than a public relations stunt that will do nothing to help countless early adopters whose password vaults were exposed in a 2022 breach at LastPass. Continue reading LastPass: ‘Horse Gone Barn Bolted’ is Strong Password→

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

Posted on September 6, 2023 by BrianKrebs

In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. Since then, a steady trickle of six-figure cryptocurrency heists targeting security-conscious people throughout the tech industry has led some security experts to conclude that crooks likely have succeeded at cracking open some of the stolen LastPass vaults. Continue reading Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach→

Why is .US Being Used to Phish So Many of Us?

Posted on September 1, 2023 by BrianKrebs

Domain names ending in “.US” — the top-level domain for the United States — are among the most prevalent in phishing scams, new research shows. This is noteworthy because .US is overseen by the U.S. government, which is frequently the target of phishing domains ending in .US. Also, .US domains are only supposed to be available to U.S. citizens and to those who can demonstrate that they have a physical presence in the United States. Continue reading Why is .US Being Used to Phish So Many of Us?→