Category Archives: News

Elon Musk

Crypto spam bots go quiet as Musk guarantees towards prosecute scammers

Leave a reply

Some individuals in the crypto Twitter area are actually currently stating a decrease in the variety of fraud bots after Elon Musk’s newest modifications towards the social networks system.

Elon Musk’s newest barrage in his battle versus crypto spam bots on Twitter shows up towards have actually created a genuine effect, along with the crypto neighborhood stating a large decrease in the variety of bots reacting to their messages.

In a Dec. 11 message, the Twitter CEO hinted that “bots remain in for a shock tomorrow” as well as later on discussed that they’ve discovered a handful of individuals responsible for a a great deal of bot/troll profiles as well as the system will certainly be actually shutting down IP addresses of “understood poor stars.”

He after that subsequented through discussing that while scammers may attempt various other techniques towards prevent the IP deal with obstruct, Twitter will certainly be actually “shutting all of them down as quickly as they appear.”

Shibetoshi Nakamoto, the pseudonym of Billy Markus, co-creator of meme coin Dogecoin, informed Musk in a Dec. 11 message, “I created an examination message as well as rather than viewing fifty bot responds I just viewed one a lot development, extremely buzz.”

Various other individuals likewise mosted likely to examination Musk’s newest modifications. PlanB, a Bitcoin expert as well as investor, published a graph towards view the number of bots will respond. During the time of composing, no reactions coming from bots possessed appeared in the remarks.

Ethereum founder Vitalik Buterin likewise kept in mind that while “Twitter *seems* to become partially much a lot better towards utilize recently,” he could not inform if certainly there certainly possessed been actually a decrease in bots because of Musk.

twitter elon musk

“No concept ways to different apart things Elon performed vs crypto-winter vs my mind picturing modifications that may not be really certainly there certainly,” he stated.

Some have actually stated that the bot reactions still appear on messages, however are actually extremely rapidly eliminated due to the system.

Associated: ‘Twitter will certainly perform great deals of stupid things’ in the happening months: Elon Musk

Twitter spam as well as fraud bots have actually been actually a afflict on the system as well as were actually viewed through Musk as among his leading concerns for Twitter after taking the reins in Oct.

In his newest message, Musk likewise hinted that the system will certainly be actually intending towards get lawsuit versus scammers on Twitter later on, however really did not deal any type of extra information.

“Twitter will certainly likewise be actually transferring to prosecute scammers anywhere on Planet,” he stated.

Phone Scams

Nearly 45 million received scam calls in three months

Leave a reply

Almost 45 million people in the UK were targeted by scam text messages or phone calls over the summer, according to telecoms regulator Ofcom.

About half reported getting a scam call or text at least once a week.

A survey of 2,000 adults in September found that almost a million people had been misled by a message or a call which they received.

Text scams are most common among 16 to 34-year-olds, with two-thirds receiving one between June and August.

The elderly are more often targeted using their landlines, with 61% of those over 75 receiving a scam phone call, but all ages are at risk.

UK residents who believe they have been targeted, or are the victim of a scam, can report a text message by forwarding it to 7726 – the numbers on the keypad that have the letters for spam on them.

However, Ofcom found that 79% of mobile phone users were unaware of that service.

Scam calls should be reported to Action Fraud.

Lindsey Fussell, Ofcom’s networks and communications group director, urged the public not to reply to messages which do not seem quite right.

“Criminals who defraud people using phone and text scams can cause huge distress and financial harm to their victims, and their tactics are becoming increasingly sophisticated,” she said.

“Stay alert to any unsolicited contact. Put the phone down if you have any suspicion that it is a scam call, and don’t click on any links in text messages you’re unsure about.”

Online casino scam

These online casino emails never pay what they promise

Leave a reply

Spammers are abusing affiliate programs to promote online casinos, such as Raging Bull Casino, Sports and Casino, Ducky Luck, and Royal Ace Casino, with misleading emails.

Many of the larger online casinos utilize an affiliate program that allows other websites or influencers to promote their products and earn a commission for anyone who signs up for an account.

To refer users, the affiliates will create specially crafted URLs that contain an affiliates ID or drops a cookie that allows the casino to give them credit when a referral registers a new account.

This week, BleepingComputer was told about an online spam campaign conducted by affiliates of online casinos that are bombarding users with misleading emails stating they won the ‘Grand Prize,’ that a large cash payout is ready, or that the recipient needs to confirm their account.

After being told about the campaign, we took a look at the spam folder for one of our emails accounts and saw that we too are heavily targeted with this spam campaign, as shown below.

List of spam emails

While Gmail has done an excellent job marking these types of emails as spam, other free email services may not do as good of a job, and the spam could make it into the general mailbox.

For example, below are two affiliate spam emails for Raging Bull Casino and Royal Ace Casino. You can see that they promise a payout of $3,500 or a betting strategy will be shared after confirming their online account.

Royal Ace phishing

When clicking on the links, the user is redirected through another site that drops an affiliate cookie and then redirects them to the casino.

As you can see below, the redirection to Raging Bull Casino includes the affiliate ID (affid) in the URL so that the affiliate can get credit for the signup.

Raging Bull Affiliate

As you can imagine, when you sign up for the account expecting a nice payout waiting for you, there is no payout waiting for you. Instead, the only one making money is the affiliate who sent you the email.

BleepingComputer has reached out to the online casinos listed in the article and their affiliate managers, if available, but did not receive a response.

If you receive these types of emails, simply mark them as spam so that your email provider’s spam filters will be trained to recognize them in the future.

corona virus

Victims of coronavirus scams leave UK victims seriously out of pocket

Leave a reply

Victims of scams related to the coronavirus outbreak lost nearly €1 million in February, according to the UK’s fraud and cybercrime centre.

In a warning to the public, Action Fraud UK said fraudsters conned people out of more than £800,000 (€918,000) in the month, using the COVID-19 crisis to concoct phishing email scams.

It said since the start of February, 21 cases of fraud have been identified where coronavirus was mentioned.

Ten were reported by victims who were trying to buy facemasks from fraudulent sellers, with one victim losing more than £15,000 on a purchase of masks which was never delivered.

Others were victims of coronavirus-themed phishing emails, where people are tricked into opening malicious attachments or divulging login information.

Some fraudsters have been pretending to be from research organisations associated with the Center for Disease Control and Prevention (CDC) and the World Health Organisation (WHO).

WHO has itself warned people of malicious emails appearing to be from the organisation.

“WHO is aware of suspicious email messages attempting to take advantage of the 2019 novel coronavirus emergency,” it says on its website, warning the emails ask for information such as usernames and passwords, or include malicious links or attachments.

How to steer clear of online scams

  • Don’t click on links or attachments in suspicious emails, says Action Fraud
  • Don’t reveal any personal or financial details during unsolicited messages or calls
  • WHO says you can verify the sender by checking the email address – an official WHO email will be sent only from an address ending in @who.int
  • Don’t feel under pressure to reveal any information – cybercriminals use emergencies such as coronavirus to scare people into making rash decisions
  • The WHO also advises, if you think you may have given personal information mistakenly to a scammer, change your credentials immediately
Football Fraud

Belgium football transfer: Two arrested in fraud inquiry

Leave a reply

Two people have been detained in an inquiry in Belgium into alleged fraud involving the transfer of football players, prosecutors say.

One, players’ agent Christophe Henrotay, was held in Monaco. The other is said to be an associate in Belgium.

They were detained during raids on Tuesday and Wednesday.

Prosecutors said the arrests stem from an ongoing inquiry into the £13m (€18m) transfer of striker Aleksandar Mitrovic from Anderlecht to Newcastle United in 2015.

“The facts involve notably money-laundering operations and private corruption in the context of football player transfers,” they said on Wednesday.

A search was also carried out in London, where a Metropolitan Police spokesman said they were assisting the Belgian investigation.

It is understood that Newcastle believe they are not directly connected to the inquiry.

In April, Anderlecht premises were searched. No-one was detained at the time.

A separate inquiry into suspected fraud involving transfers during the 2017-2018 season led to raids on premises linked to Anderlecht, Club Bruges and Standard Liège last October.

CAPTCHA Phishing Scam

CAPTCHA Phishing Scam Targets Android Users

Leave a reply

A CAPTCHA phishing scam has been detected which is being used to trick users into downloading a malicious file that intercepts multi-factor authentication codes on a user’s smartphone. With the codes, hackers can perform a more extensive attack and gain access to a much wider range of resources such as email and bank accounts.

When a visitor lands on the phishing page, a check is performed to determine what device is being used. If the user is on an Android device, a malicious APK file is downloaded to their device. Any other platform will receive a zip file containing malware.

A fake version of the familiar Google reCAPTCHA is displayed on the phishing page. It closely resembles the legitimate version, although it does not support sound and the images do not change when they are clicked. The fake reCAPTCHA is housed on a PHP webpage and any clicks on the images are submitted to the PHP page, which triggers the download of the malicious file. This campaign appears to be focused on mobile users.

On an Android device, the malicious APK intercepts PIN codes from two-factor authentication messages, which allow the attackers to gain access to the user’s bank account. With these PIN codes, an email account can also be compromised, which would allow further accounts to be compromised by requesting password resets.

A successful attack could see several accounts used by an individual subjected to unauthorized access. Businesses are also attacked in a similar manner. Successful attacks on businesses could give the attackers access to huge volumes of sensitive company data and even infrastructure resources.

This method of delivering malware is nothing new and has been around since 2009. A CAPTCHA phishing campaign was detected in February 2018 attempting to download a malicious file, and a similar campaign was run in 2016.

A method of attack is adopted for a while then dropped. While it is possible to prepare the workforce for phishing attacks such as this through training, security awareness training alone is not enough as tactics frequently change, and new methods of attack are frequently developed.

As this attack shows, two-factor authentication is far from infallible. In addition to this method of obtaining 2FA codes, the SS7 protocol used to send SMS messages has flaws that can be exploited to intercept messages.

Security awareness training and 2FA are important, but what is required on top of these protections is a powerful anti-spam and anti-phishing solution. Such a solution will block phishing emails at the gateway and make sure they are not delivered to inboxes.

It is important to choose a solution that provides protection against impersonation attacks. Many phishing campaigns spoof a familiar brand or known individual. A solution that incorporates Domain-based Message Authentication, Reporting & Conformance (DMARC) will help to ensure that the sender of the message is genuine, by performing checks to make sure that the sender of the message is authorized to send messages from that domain.

Most anti-phishing solutions incorporate an anti-virus component that scans all incoming attachments for malware and malicious code, but cybercriminals are using sophisticated methods to evade detection by AV solutions. Files may include malicious code that is hard to detect. A sandbox is therefore required to execute suspicious attachments in a safe environment where they can be monitored for malicious activity. By testing attachments in the sandbox, malicious files can be identified and more genuine emails and attachments will arrive in inboxes.

Football Fraud

Middlesbrough FC fake football trial scam warning

Leave a reply

Fraudsters are targeting young footballers across the world offering them fake trials in return for money.

Middlesbrough Football Club said it had been contacted by would-be professionals saying they had been offered trials by the club.

Club spokesman Paul Dews said in one case $150 (£116) was demanded but no cash was handed over.

A number of other clubs have been targeted and Middlesbrough has informed the Football Association (FA).

Mr Dews said the club had received at least 15 queries – from within the UK, Africa and the Caribbean – asking if the offers were genuine.

“We understand we are one of a number of clubs whose name is being used in this manner and have reported this to both the police and the FA, who we are currently assisting in their investigations,” he said.

Impersonating football agents

The FA said there had been a “number of reported scams/schemes in different areas of the country”.

Young players are promised trials and they or their family are asked for payment in advance to cover “insurance and travel”, it said.

Once the money is sent no more is heard.

The FA said it had alerted clubs and local police, and issued a warning to players and parents.

In the latest scam fraudsters had been impersonating football agents but did not appear to have received any money so far, Middlesbrough said.

Mr Dews said “any invitations for players to join on trial would always be made directly from the club and not from any third parties”.

Phone Scams

Almost £13,000 scammed from Armagh and Tyrone victims

Leave a reply

Two people were scammed out of almost £13,000 last weekend, the PSNI has said.

One of the victims had nearly £10,000 taken from their bank account after they gave their bank details over the phone, while the other lost £2,500.

Both of them were scammed by people claiming to be from BT within a day of each other.

The scams happened on Friday and Saturday in counties Armagh and Tyrone.

The second victim was kept on the phone for about three hours and persuaded to download software, which resulted in the victim being swindled out their money.

Scammers will use any tactic

Chief Superintendent Simon Walls has called on families to stay alert and for people not to give out financial details over the phone.

“I want to appeal to family members to do all they can to let their loved ones know, especially those who are older and vulnerable, never to give out any kind of financial details over the phone or to download software during a call unless they are 110% sure it is safe to do so,” he said.

“Scammers are creative and will do whatever they can to con people out of money. They don’t care who their victim is, they just want the money and will employ whatever tactic is necessary.”

Call center fraud

Raids mounted on fake Indian tech support centres

Leave a reply

More than 50 people have been arrested in India for their alleged involvement in fake security warning scams.

The New York Times said that Delhi police made the arrests during raids on 26 call centres linked to the scams.

Software giant Microsoft helped police trace who was behind the large-scale operations.

It said it received more than 11,000 calls per month about fake security warnings and that many people lost significant sums to the fraudsters.

“This is an organised crime,” Courtney Gregoire, an assistant general counsel in Microsoft’s digital crimes unit told the US newspaper.

Microsoft has estimated that fraudsters make about $1.5bn (£1.2bn) a year through fake Windows support calls.

Raids on 16 call centres were carried out this week and, earlier in November, another 10 locations were visited by police.

The raids were prompted by Microsoft filing complaints with local police in New Delhi about call centres it claimed were involved in the fraudulent operations.

Typically, said Microsoft, attempts to trick people revolved around pop-up warnings that falsely claimed that a person’s computer was infected with a virus.

Fixing the non-existent virus could involve ringing a tech support centre. An operator would talk a victim through a fake fix and then charge them for the work.

In another version of the scam, staff at call centres claimed to be calling from Windows official support saying they had spotted that a person’s computer has been hacked or harboured a virus. Again, victims were expected to pay to fix the non-existent problem.

Some people caught out by the scam paid up to $1,000 for the fake tech support, said the newspaper.

Microsoft has published advice about ways to spot the fake calls and avoid becoming a victim.

Spam at supermarket

Drug addicts in Hawaii are actually taking ‘Spam’ towards feed their practices

Leave a reply

Because its own intro throughout World War II, Spam has actually mesmerized Hawaii a lot to ensure that there’s also a yearly celebration commemorating the tinned meat.

Now Spam likewise shows up towards have actually caught the creativities of bad guys as well as drug user in the 50th condition.

Hawaii has actually seen a spate of shoplifters taking cans of Spam as well as resulting in shopkeepers keeping the item in secured cupboards or even maintaining it near to the checkouts therefore personnel can easily maintain their eyes on it.

Ra Long, that has a store in Hawaii’s Chinatown, informed Hawaii Information Since burglars have actually just lately changed coming from taking booze towards targeting spam.

“I imply you attempt as well as watch on it however if they operate you simply can not leave behind the chase after all of them and respond to. Therefore you simply reached get the struck,” he stated.

Previously in September, authorities in Honolulu stated that a guy took a claim of Spam coming from a shop in the capital’s Midtown area. When he was actually faced through a safety and security protector, the supposed thief punched the protector. Authorities are actually currently providing a $1,000 benefit for the guy.

As well as inning accordance with Kimo Carvalho, a spokesperson for the state’s biggest provider for homeless individuals, Spam is actually a profitable item for drug user to obtain their practical.

“It is fast money for fast drug cash,” Carvalho, that jobs at the Principle for Individual Solutions, informed Hawaii Information Currently. He included that items—including clothes as well as toiletries—were likewise being actually offered towards money drug practices.

Spam American Meat Icon

Spam is actually peculiarly prominent in Hawaii, where locals have actually the greatest per head usage of the tinned meat in the Unified Conditions. Spam is actually utilized in prominent sushi meals in Hawaii as well as is actually offered in quick meals chains consisting of Hamburger Master as well as McDonalds on the islands.

The foodstuff is actually therefore admired amongst locals of the islands that it is actually frequently described as the Hawaiian steak as well as a yearly road festival—known as the SPAM JAM —is kept as well as views cooks contending towards create one of the absolute most distinct Spam meal.

Spam has actually lengthy struggled with a credibility for tastelessness as well as being actually a supposed secret meat. However its own manufacturers state that it includes top quality pig shoulder meat as well as pork, together with sprinkle, sugar, flavors, and sodium. A number of chemicals—sodium nitrite, trisodium phosphate as well as salt ascorbate—are contributed to protect the meat as well as safeguard versus germs.

The phrase spam has actually end up being associated along with unsolicited e-mail notifications as well as interactions, partly because of a sketch through English comic army Monty Python, through which a restaurant’s food selection as well as customers are actually overtaken through Spam.