Scam
Convincing LinkedIn comment-reply tactic used in new phishing
Scammers are flooding LinkedIn posts this week with fake “reply” comments that appear to come from the platform itself, warning users of bogus policy violations and urging them to visit an external link. The messages convincingly impersonate LinkedIn branding and in some cases even use the company’s official lnkd.in URL shortener, making the phishing links harder […]
Fake Grubhub emails promise tenfold return on sent cryptocurrency
Grubhub users received fraudulent messages, apparently from a company email address, promising a tenfold bitcoin payout in return for a transfer to a specified wallet. The emails claimed to be part of a ‘Holiday Crypto Promotion’ and came from an email address on ‘b.grubhub.com’, which is a legitimate subdomain that Grubhub uses to communicate with […]
European authorities dismantle call center fraud ring in Ukraine
European law enforcement authorities dismantled a fraud network operating call centers in Ukraine that scammed victims across Europe out of more than 10 million euros. Authorities from the Czech Republic, Latvia, Lithuania, and Ukraine (supported by Eurojust) arrested 12 suspects out of 45 identified during the investigation. They also seized 21 vehicles, weapons, a polygraph […]
Beware: PayPal subscriptions abused to send fake purchase emails
An email scam is abusing abusing PayPal’s “Subscriptions” billing feature to send legitimate PayPal emails that contain fake purchase notifications embedded in the Customer service URL field. Over the past couple of months, people have reported [1, 2] receiving emails from PayPal stating, “Your automatic payment is no longer active.” The email includes a customer service URL field […]
FBI warns of virtual kidnapping scams using altered social media photos
The FBI warns of criminals altering images shared on social media and using them as fake proof of life photos in virtual kidnapping ransom scams. This is part of a public service announcement published today about criminals contacting victims via text message, claiming to have kidnapped a family member and demanding ransom payments. However, as […]
Google expands Android scam protection feature to Chase, Cash App in U.S.
Google is expanding support for its Android’s in-call scam protection to multiple banks and financial applications in the United States. The announcement specifically mentions the addition of fintech app Cash App, which has 57 million users, and the JPMorganChase mobile banking app, which has more than 50 million downloads on Google Play. In-call scam protection is a new feature […]
Malicious NPM packages abuse Adspect redirects to evade security
Seven packages published on the Node Package Manager (npm) registry use the Adspect cloud-based service to separate researchers from potential victims and lead them to malicious locations. The purpose of the attack is to lead victims to cryptocurrency scam sites, according to an analysis from researchers at application security company Socket. All malicious packages were published under the developer […]
US announces new strike force targeting Chinese crypto scammers
U.S. federal authorities have established a new task force to disrupt Chinese cryptocurrency scam networks that defraud Americans of nearly $10 billion annually. The Scam Center Strike Force team, supported by agents from the U.S. Attorney’s Office, the Department of Justice, the FBI, and the Secret Service, investigates and prosecutes criminal groups operating large-scale cryptocurrency investment […]
“Bitcoin Queen” gets 11 years in prison for $7.3 billion Bitcoin scam
A Chinese woman known as the “Bitcoin Queen” was sentenced in London to 11 years and eight months in jail for laundering Bitcoin from a £5.5 billion ($7.3 billion) cryptocurrency investment scheme. The sentence follows a seven-year investigation by the Met’s Economic Crime team into international money laundering, which revealed that the 47-year-old woman, Zhimin Qian […]
Lost iPhone? Don’t fall for phishing texts saying it was found
The Swiss National Cyber Security Centre (NCSC) is warning iPhone owners about a phishing scam that claims to have found your lost or stolen iPhone but is actually trying to steal your Apple ID credentials. When iPhone customers lose their phone or it is stolen, they can set a custom message in Apple’s Find My app that appears on […]