Security | Threat Detection | Cyberattacks | DevSecOps | Compliance



Cybercriminals Use Google Looker Studio to Host Crypto Scam to Steal Money and Credentials

Security researchers at Check Point have discovered yet another attack that leverages legitimate web applications to host attacks in order to bypass security scanners. One of the easiest ways for a security solution to spot a phishing attack is to evaluate the webpage a malicious link takes the recipient to.


TikTok Impersonations of Elon Musk Scam Victims of Their Bitcoin

There’s been a surge of Elon Musk-themed cryptocurrency scams on TikTok, BleepingComputer reports. The scammers inform the victims that they can claim their reward after spending a small amount of bitcoin (about $132) to activate their account. “BleepingComputer tested one of the giveaways to see how it works and found that almost all utilize the same template, which pretends to be a crypto investment platform,” BleepingComputer says.


Scam-as-a-Service Classiscam Expands Impersonation in Attacks to Include Over 250 Brands

Now entering its third year in business, the phishing platform, Classicam, represents the highest evolution of an “as a service” cybercrime, aiding more than 1000 attack groups worldwide. What do cybercriminals need for a successful attack? A convincing email, a list of potential target email addresses, and a website to extract payment details, bank login credentials, etc. And it’s the last part that’s usually the barrier to market for those that want to get into cybercrime.


How To Stay Safe From Zelle Scams

To stay safe from Zelle scams, you should only send Zelle payments to people you know, be wary of urgent payment requests, use a different app to send and receive payments from strangers, use strong passwords and enable Multi-Factor Authentication (MFA) on your banking accounts. Continue reading to learn about common Zelle scams and how to avoid falling victim to them.


Romance Scams That Run Your Crypto Wallet Dry

Scammers are using dating sites to lure victims into phony cryptocurrency investment schemes, according to Sean Gallagher at Sophos. These types of investment scams are known as “pig butchering,” loosely translated from the Chinese phrase “sha zhu pan.” In this case, the scammers convince the victim to participate in a liquidity pool arrangement, a legitimate but risky cryptocurrency investment technique.


New Scam Impersonates QuickBooks to Steal Credentials, Extract Money

Establishing urgency through a false need to “upgrade” or lose services, this new attack takes advantage of the widespread use of the popular accounting app to attract victims. Impersonation in phishing attacks only works if the target has an established rapport or relationship with the sender.


Protection from Carding: Inside Russian Carding Fraud Part 4

Welcome to the fourth and final part in our series on credit card fraud originating in Russia. After covering the basics of what carding is, why so much of it is perpetrated by Russian speakers, then digging deeper into how carders operate, in this part we’ll explore ways to protect yourself and your business from this pervasive financial threat. Click here to download the full report: "Inside Russian Carding" (PDF)


Advanced Persistent Threats (APT): The Silent Parasites in Payment Networks

In the critically acclaimed, Oscar-winning 2019 film Parasite, a family’s cunning scheme to infiltrate a wealthy family’s home is a vivid metaphor for the stealthy and calculated maneuvers of advanced persistent threats (APTs) in the digital realm.