Jump to content

Search the Community

Showing results for tags 'scammers'.

More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...

Found 8 results

  1. Actively exploited bug in fully updated Firefox is sending users into a tizzy Fraudulent tech-support sites cause Firefox to freeze while displaying scary message. Enlarge Jérôme Segura 104 with 63 posters participating, including story author Scammers are actively exploiting a bug in Firefox that causes the browser to lock up after displaying a message warning the computer is running a pirated version of Windows that has been hacked. The message, which appears without any user interaction upon visiting a site, reads: Please stop and do not close the PC... The registry key of your computer is locked. Why did we block your computer? The Windows registry key is illegal. The Windows desktop is using pirated software. The Window desktop sends viruses over the Internet. This Windows desktop is hacked. We block this computer for your safety. The message then advises the person to call a toll-free number in the next five minutes or face having the computer disabled. Below is a GIF showing the attack flow: Jérôme Segura The attack works on both Windows and Mac versions of the open source browser. The only way to close the window is to force-close the entire browser using either the Windows task manager or the Force Close function in macOS. Even then, Firefox will reopen previously open tabs, resulting in an endless loop. (Update: as a commenter pointed out, restore tabs is turned off by default.) To resolve the problem, users must force-close Firefox and then, immediately upon restarting it, quickly close the tab of the scammer site before it has time to load. Jérôme Segura, head of threat intelligence at security provider Malwarebytes, said the Firefox bug is being exploited by several sites, including d2o1sv4d11x6bc[.]cloudfront[.]net/firefox/index.html. He said the offending code on the site was written specifically to target the browser flaw. Enlarge Jérôme Segura On Monday, Segura reported the bug to the Bugzilla forum. He said he has since received word Mozilla is actively working on a fix. Firefox representatives couldn't immediately provide information on the status of the bug. Firefox is hardly alone in having bugs that cause the browsers to hang indefinitely while displaying a confusing or scary page. Chrome has had its share of similar flaws, which have also been exploited in the wild. Google developers have since fixed both of them. The exploit spotted by Segura is a common subclass of browser lock attacks. This subclass relies on authentication popups. Earlier this year, Mozilla shipped a comprehensive fix for these types of attacks some 12 years after being reported. Chrome and other browsers have also been vulnerable to this variety of attacks. Segura said he's aware of a separate Firefox browser lock bug that remains unfixed two years after it was reported. Although it was actively exploited in the past, Segura said, he hasn't seen any recent attacks targeting the flaw. For many people, it's not clear what to do when a browser becomes unresponsive while displaying a scary or threatening message. The most important thing to do is to remain calm and not make any sudden response. Force quitting the browser can be helpful, but as Segura has found, that fix is far from ideal since the offending site can reload once the browser is restarted. Whatever else people may do, they should never call the phone number displayed. Source: Actively exploited bug in fully updated Firefox is sending users into a tizzy (Ars Technica)
  2. Criminal hackers make a lot of money targeting businesses and institutions of all kinds with phishing attacks that lead to compromised business email. While crooks may have an array of systems in place to launder the funds they steal, researchers have noticed that so-called business email compromise scammers are leaning more and more on the humble gift card. At the RSA security conference in San Francisco next Tuesday, researchers from the email defense firm Agari will present detailed findings on a Nigerian scam group the company has dubbed Scarlet Widow. Agari researchers have monitored the group since 2017, and have tracked its prolific activity back to 2015. Scarlet Widow mostly focuses on targets based in the United States and the United Kingdom, dabbling in a number of types of fraud like tax scams, property rental cons, and especially romance scams. But over the past couple of years, the group has been perfecting its business email compromise efforts, known as BEC for short. The group has particularly targeted medium and large US nonprofits that are often equipped with less advanced defenses. Recent targets include the Boy Scouts of America, YMCA chapters, a midwestern Archdiocese of the Catholic Church, the West Coast chapter of the United Way, medical groups, antihunger organizations, and even a ballet foundation in Texas. "With most BEC attacks, a vast majority of employees that receive them would know they're scams," says Crane Hassold, senior director of threat research at Agari who previously worked as a digital behavior analyst for the FBI. "But it only takes a very small number of successes to make it very profitable." Charity work Between November 2017 and this month, Agari observed Scarlet Widow targeting 3,483 nonprofits and 5,581 individuals related to nonprofits. Similarly, the group targeted 660 education-related institutions and 1,815 associated individuals. Over the same period of time, the group also targeted 1,505 tax-related organizations and 9,592 individuals as part of tax prep cons. BEC relies on access to an organization's email. In practice, this can mean that scammers send carefully tailored emails from seemingly legitimate accounts of a business to coworkers, perhaps touting a fictitious initiative within a firm. Attackers can also use malware hidden in an email attachment or a malicious phishing link to gain access to an organization's networks, do reconnaissance on what the group is working on and might need, and then approach them from the outside with fictitious business propositions. Agari says that Scarlet Widow is organized much like a legitimate sales and marketing operation, with coordinated teams working on different aspects of the scams, and internal support to generate leads, distribute scam emails, create aliases, and generate fake documents as needed. But the group's most recent innovation involves tailoring certain scams so they now culminate with requesting gift cards instead of wire transfers. This trend is on the rise among scammers, both for individual targets and organizations. The Federal Trade Commission reported in October that 26 percent of people who report being scammed in 2018 said they bought or reloaded a gift card to deliver the money, up from 7 percent in 2015. The FTC says gift card-related losses reported to the agency totaled $20 million in 2015, $27 million in 2016, $40 million in 2017, and $53 million in the first nine months of 2018 alone. "Con artists favor these cards because they can get quick cash, the transaction is largely irreversible, and they can remain anonymous," Emma Fletcher, a fraud specialist at the FTC, wrote in the October report. If scammers can convince victims to buy gift cards—and send them photos of the physical cards or screenshots of the digital codes—they don't need to rely on middlemen to receive wire transfers and initiate the process of laundering money. Instead, they can use online marketplaces to buy cryptocurrency with the gift cards. Agari observed that Scarlet Widow particularly uses the US peer-to-peer marketplace Paxful to buy bitcoin with gift cards. Then they move the bitcoin from a Paxful wallet to a wallet on the cryptocurrency platform Remitano, where they can resell it with a bank transfer. Grift cards Scarlet Widow generally requests Apple iTunes or Google Play gift cards. The FTC notes that other scammers prefer these cards as well, though some will ask for cards to stores like CVS, Walmart, Target, or Walgreens. Though it may seem difficult in a business environment to trick people into paying for services in gift cards, scammers have developed narratives that make the suggestion fit. Around the holidays, for example, Hassold says that Scarlet Widow, posing as a third-party contractor, will claim they need gift cards for end-of-year employee gifts. One Scarlet Widow scammer played to a sense of urgency: "Ok I am in the middle of something and I need Apple iTunes gift cards to send out to a supplier, can you make this happen? If so, let me know if you can get it now so I can advise the quantity and domination to procure." Nothing beats gift cards for speed. In an August 2018 scam Agari analyzed, Scarlet Widow targeted an Australian university, and tricked an administrator into buying and sending $1,800 worth of iTunes gift cards. (The victim thought the request came from the head of the university finance department.) Scarlet Widow then sold the cards on Paxful and converted the bitcoin to cash, all within 139 minutes. Gift cards take a lot of the difficult and dangerous work out of money laundering, but they also have their downsides. For one thing, iTunes gift cards can fluctuate from 80 cents down to 40 cents on the dollar when you convert them on cryptocurrency on platforms like Paxful. It's also difficult to craft narratives that will trick people into buying more than a few thousand dollars' worth of gift cards at a time. If a scammer is looking to swindle a business out of tens of thousands of dollars in one operation, they'll likely still need a wire transfer. Though it may not have quite the hacker mystique of a more technical-sounding attack like cryptojacking, business email compromise is one of the main practical threats to organizations today. Note that the same measures that can help avoid wire-transfer scams—like requiring multiple employees to review and sign off on payments—apply to gift card scams as well. source
  3. The number of robocalls to US consumers increased massively last year. Consumers in the US received a whopping 26.3 billion robocalls in 2018, which was 46 percent more than that the total number of robocalls in 2017, according to Hiya, maker of a caller ID app. The company estimates that people received on average 10 unwanted calls per month and that 25 percent of all robocalls are scams. The top three categories of unwanted calls in the US include general spam, fraud and telemarketing. The Federal Communications Commission (FCC) has outlined plans to combat the problem of robocalls in the US. FCC chairman Ajit Pai in November fired off a letter to carriers demanding that the industry implements a call-authentication system by this year. The system aims to combat caller ID spoofing. He's pushing carriers to immediately adopt the Signature-based Handing of Asserted Information Using Tokens (Shaken) and the Secure Telephone Identity Revisited standards. Carriers would then 'sign' calls originating from their network, which would be validated by other carriers before reaching a phone. According to YouMail, another robocall-blocking service, the situation in 2018 was even worse, with the company last week reporting an estimated 47.8 billion robocalls in the US last year. Robocalls in 2018 were up 56.8 percent from the estimated 30.5 billion robocalls in 2017. Its data found that 37 percent of all robocalls were scams related to health insurance, student loans, easy money scams, tax scams, travel scams, business scams and warranty scams. The remaining 60 percent of robocalls were legitimate, including telemarketing calls, reminders and alerts. The FCC and the Federal Trade Commission both cite unwanted and illegal robocalls as their top source of complaints. The FTC received 7.1 million consumer complaints about robocalls in 2017, up from 5.3 million in 2016. The FCC says it gets about 200,000 complaints each year. The number of robocalls have increased over the years despite over 200 million US consumers have registered on the Do Not Call Registry. Hiya's research sets out the US area codes most targeted by spammers. Source
  4. Scammers are targeting American Express users’ financial details through spoof emails along with attached phishing form. The email scam states that there is a security issue with the credit card and asks for personal information to be submitted through an attached form. A phishing email scam faking to be from American Express is targeting users’ sensitive information by stating that there is a security issue with their credit card. The email scam asks users their personal information through an attached form and prompts the users to create new login credentials. Modus Operandi These phishing email scams are observed to have subjects such as ‘Notice Concerning your CardMember Account’, ‘Reminder - We've issued a security concern (Action Required)’, and ‘REMINDER: A concern that requires your action’. The email message states that at the time of report analysis, we encountered errors, therefore we mandate you to confirm your on-file records with us through the attached safe fillable web form. The attached fillable form asks for details such as users’ online account credentials, card number, security code, expiration date, mother's maiden name, mother's birth date, birth year, first elementary school name, and security pin. It then prompts the victims to create new login credentials. An example of the phishing email observed by Myonlinesecurity can be seen below. “Primary Cardmember Message We are writing to let you know that there is a recent security report for your American Express Account(s). At the time of report analysis, errors were encountered. In view of this, We mandate that you confirm your on-file records with us. You are to A safe attaced fillable Web form is sent with this message. *See attached form, download and open to continue. Thank you for your continued card membership, American Express Customer Service” Once the victims submit the form with their personal details, the collected information is then sent to the scammers. The users are then redirected to the legitimate americanexpress.com page that states "Thank you for your feedback." It is to be noted that these emails are sent out from mail domains that are based on the "American Express" keyword such as [email protected][.]com, [email protected][.]com, and [email protected][.]com. How to stay safe from such scams? It is important for all internet users to be aware of such phishing scams and follow certain standard security practices to protect their online accounts. It is to be remembered that companies especially financial organizations do not request personal information through email or on call. In case if you receive any such email that contains links to sites and asks for your personal information, then it might be a scam, therefore it is recommended that you contact the organization to confirm the email. source
  5. It is assessed that by right on time one year from now, almost 50 percent of the considerable number of calls you get on your cellphone will be robocalls. A month ago alone, in excess of five billion robocalls were made. Legislators a week ago proposed bipartisan enactment to fine trick robocallers up to $10,000 per call; and the FCC is requesting broadcast communications organizations spread out their plans to meet new models, with the goal that trick calls can be recognized and ceased. CBS News asked real organizations what they're doing to stop illicit robocallers and one, T-Mobile, offered to demonstrate us. T-Mobile's projects to stop robocalls start in a lab stuffed with PC servers. "This is the place we test everything that we put into our system," said organization VP Grant Castle. From that boisterous room came T-Mobile's Scam ID program. It alarms clients to issue calls they won't have any desire to get. "Despite the fact that the guest will utilize a telephone number near mine, regardless i will know it's a trick," Castle told journalist Anna Werner. "I realized the telephone number, I could see it was a trick, so I can send it away." Manor trusts T-Mobile is in front of its rivals, and the robocallers. "Each time we make an enhancement, the con artists roll out an improvement. Thus, it's a weapons contest to see who can trap who," he said. Also, the weapons contest is raising: "The con artists are attempting new innovations, better approaches to trick individuals. In this way, we're increasing our innovation to stay aware of them." Clients can utilize the Scam ID highlight to screen new calls, or square them totally. What's more, this week, T-Mobile is propelling another application, Name ID, that will enable clients to pick the kind of call they need to square – everything from disturbance calls, to political or philanthropy calls, even jail calls. "With this new application, clients have better authority over what they might want to see, and what they would prefer not to see," said Castle. In any case, the FCC is likewise pushing organizations to meet new norms known by the acronym SHAKEN/STIR. (SHAKEN = Signature-based Handling of Asserted data utilizing toKENs. Blend = Secure Telephone Identity Revisited.) They would enable transporters to check calls with an advanced unique mark, to demonstrate that the individual deciding and the individual getting the call are who they say they are, not a trickster attempting to "parody" or emulate a telephone number. Château stated, "The standard is basically, two administrators have endorsements or tokens that they trade with one another in each call, and pretty much it just says I am my identity." T-Mobile says it's prepared, and other real bearers say they're dealing with it. Yet, others obviously are not: in letters the FCC asked them for what good reason not, and gave every one of the 14 organizations until today to detail their plans to the office. As FCC executive Ajit Pai told "CBS This Morning" in March, "For those things that are inside our power, we're seeking after them forcefully." In any case, all together for that intend to work, all bearers need to get on board. What's more, industry master Aaron Foss stated, regardless of whether that occurs, "con artists will go where they can discover unfortunate casualties." Foss established Nomorobo, a robocall-blocking application for telephones. He says those new SHAKEN/STIR models are great, to a limited degree. "In any case, what it doesn't do is, it doesn't state if that call is legitimate," said Foss. "It doesn't say anything in regards to the substance. It just says that that number is permitted to be called. In this way, it will stop what is called 'neighbor mocking,' however it's in no way, shape or form going to take care of the entire robocall issue." Which is the reason Foss says Nomorobo takes a "publication" way to deal with robocalls – blocking them altogether. "A ton of alternate contenders are naming it or saying things like 'spam likely,' 'trick likely,' 'telemarketer.' We realize that customers simply don't need the telephone to ring, and that is what we're doing," said Foss. Nomorobo and T-Mobile's Name ID application both have a little month to month expense. CBS News contacted every one of the 14 telephone bearers that got a letter from the FCC. The lion's share reacted and said they will tell the FCC today what they are getting ready to do to receive the new call confirmation framework in 2019. Regardless of whether the transporters will all have the capacity to convey the framework in 2019 stays to be seen. Source: CBSNews
  6. Online swindlers looking for a quick buck are using a domain that can be easily confused with a voter information website to redirect users to pages pushing various types of scams. With the US midterm elections on November 6 and English comedian John Oliver promoting the website on his show last week, visits to VOTE411.org increased significantly. Top-level domain confusion The boost in popularity during this period draw the attention of online scammers who used the .com version of the original domain to point visitors from macOS and iOS platforms to pages showing fake malware infection alerts. The scammers attempt to take advantage of the users that do not pay attention tot he TLD (top-level domain) detail and instead of adding .ORG at the end of the domain name they go with the more popular .COM. This is the classic technical support scam where the victim is supposed to call a number to receive paid assistance in removing the threat. Pretending to be part of a popular company's support staff the scammers' purpose is to trick the victim into paying for fake services. Amanda Rousseau of Endgame discovered the VOTE411 scam and recorded the redirects coming from the .com variant. The alert that pops up on the screen says that the iPhone is infected with the Pegasus spyware (known as the creation of the Israel-based company NSO Group) and provides a phone number for assistance. The fraudsters have set up multiple redirects, some of them for pages specifically designed for iOS users. Lukas Stefanko of ESET also analyzed the scam and says that it does not attempt to deliver a binary. "Most of the time, it leads people to SMS subscription or to lure credit card details," he replied to Rousseau. He added that when he loaded the website on an Android device he received a localized version of the scam that enticed the user with the opportunity to win a $6.5 million jackpot. It is easy to confuse the name of a domain and land on a dangerous page. The typical recommendation when a website shows alerts about your system being infected with malware is to close it immediately. Source
  7. You know the scam: A web page tries to convince you (sometimes forcefully) that your system is infected. Getting away from that site can be very difficult. The scammers feed on naive users, frequently swindling them out of hundreds of dollars. In a new study from Stony Brook University, entitled “Dial One for Scam: A Large-Scale Analysis of Technical Support Scams“ (PDF), authors Najmeh Miramirkhani, Oleksii Starov, and Nick Nikiforakis built “an automated system capable of discovering, on a weekly basis, hundreds of phone numbers and domains operated by scammers.” They also contacted 60 different scammers and collected details about the scams. Here are just a few of the study’s many surprising results: While 15 different telecommunication providers were used, four of them were responsible for more than 90 percent of the phone numbers used by scammers. Although the average lifetime of a scam URL is approximately 11 days, 43 percent of the domains were pointing to scams for less than three days. 69 percent of scam campaigns have a lifetime of less than 50 days. The average call center houses 11 technical support scammers, ready to receive calls from victims. The study also talks about the use of Content Delivery Networks “such as CDN77, CDNsun, and KeyCDN [which] offer free services without requiring a phone number or a credit card. In addition, every uploaded scam page gets its own random-string-including URL which can not be guessed and thus cannot be preemptively blacklisted.” The study includes a long list of social engineering tricks that scammers use; a geographic breakdown (“85.4 percent of them were located in different regions of India, 9.7 percent were located in the U.S., and 4.9 percent were located in Costa Rica”); and a call for browser manufacturers to “adopt one universal shortcut that users can utilize when they feel threatened by a web page.” It’s a fascinating expose of a topic that affects all of us. Source: Fascinating detailed study of tech support scammers (AskWoody.com) Fascinating detailed study of tech support scammers (AskWoody forums)
  8. The man who developed a bot that frustrates and annoys robocallers is planning to take on the infamous Windows support scam callers head-on. Roger Anderson last year debuted his Jolly Roger bot, a system that intercepts robocalls and puts the caller into a never-ending loop of pre-recorded phrases designed to waste their time. Anderson built the system as a way to protect his own landlines from annoying telemarketers and it worked so well that he later expanded it into a service for both consumers and businesses. Users can send telemarketing calls to the Jolly Roger bot and listen in while it chats inanely with the caller. Now, Anderson is targeting the huge business that is the Windows fake support scam. This one takes a variety of forms, often with a pre-recorded message informing the victim that technicians have detected that his computer has a virus and that he will be connected to a Windows support specialist to help fix it. The callers have no affiliation with Microsoft and no way of detecting any malware on a target’s machine. It’s just a scare tactic to intimidate victims into paying a fee to remove the nonexistent malware, and sometimes the scammers get victims to install other unwanted apps on their PCs, as well. “I’m calling it a ‘Broadside’ campaign against Windows Support and the fake IRS.” Anderson plans to turn the tables on these scammers and unleash his bots on their call centers. “I’m getting ready for a major initiative to shut down Windows Support. It’s like wack-a-mole, but I’m getting close to going nuclear on them. As fast as you can report fake ‘you have a virus call this number now’ messages to me, I will be able to hit them with thousands of calls from bots,” Anderson said in a post Tuesday. “It’s like when the pirate ship turns ‘broadside’ on an enemy in order to attack with all cannons simultaneously. I’m calling it a ‘Broadside’ campaign against Windows Support and the fake IRS.” The Windows support scam is an old one, much like the fake IRS phone scams that have been victimizing consumers for several years. They typically involve large call centers and multiple layers of workers making the calls, transferring victims, and setting up new schemes. Anderson has posted several example recordings of the Windows scammers hitting his Jolly Roger bot and becoming increasingly agitated. Anderson said he’s still working out the details of how the operation will work and is hesitant to reveal too much about it. He said he did a test run recently and called a specific scammer’s number several hundred times via 20 separate lines and the scammers turned off the target number quickly. “I do not want to expose too much about what I’m doing because obviously it can be used for mischief or malice. This is likely why Microsoft or Apple don’t do anything about this. It will take a pirate,” Anderson said via email. Article source
  • Create New...