Authorities in Europe, Australia, the United States, Ukraine, and Canada joined forces to crack down on iSpoof, a service that helped cybercriminals impersonate corporations or trusted contacts in order to extract money from them. The operation, which provided a payment service that allowed consumers to make spoofed calls anonymously, send recorded messages and intercept one-time passwords, resulted in more than £100 million being stolen from its targets. CSO Online explains that a coordinated action led by the UK and backed by Europol and the EU judicial cooperation firm Eurojust resulted in the arrest of 142 suspects, adding the lead administrator of the iSpoof website. Naked Security notes that over a hundred of those arrests have been in the UK alone, and as many as 200,000 UK citizens have been victims of iSpoof crimes. Europol reports that during the 16 months of the website’s operation, it received $3. 8 million in fees. London Metropolitan Police Commissioner Mark Rowley said: “The Met is targeting criminals in the midst of those illicit networks that are causing thousands of other people distress. By shutting down the equipment and systems that have allowed fraudsters to lie to other innocent people on a large scale, this operation shows how committed we are to attacking the corrupt, hell-bent on exploiting other occasionally vulnerable people.
We’ve already noted that this year’s politically charged FIFA World Cup in Qatar has also caused privacy experts to warn of potential risks to participants and viewers. Group-IB risk intelligence researchers are aware of a number of scams and phishing attacks targeting others seeking tickets, official merchandise and employment at this high-profile foreign sporting event. wingspan. This includes more than 16,000 fraudulent domain names and dozens of fake social media accounts, ads and mobile apps intended to profit from World Cup interest, and researchers have already exposed more than 80, 10 potentially compromised World Cup accounts. Official FIFA World Cup 2022. Hayya fan identity portal. The passwords for those accounts were acquired by cybercriminals by exploiting information-stealing malware such as RedLine and Erbium, which are readily available on the dark web. Four other scam and phishing schemes have become known, adding a fake World Cup merchandise online page featuring more than 130 social media ads to lure patients to the site. Investigators also learned of five phishing Internet sites and more than fifty social media accounts targeting enthusiasts seeking World Cup tickets.
Added, 10:30 a. m. ET, November 30, 2022.
Joe Gallop, Cofense’s director of intelligent analysis, wrote to emphasize that immediate scams may not be the end of the story. Personal data compromised in incidents will also enable long-term criminal activities:
“Fans around the world are eagerly awaiting the biggest football event since 2018, but cybercriminals have used global fanfare to take over the public with scams. Cybercriminals seek to use the World Cup World Cup Forum for a variety of purposes, adding monetary gains. , ideological promotion or surveillance, or for cyberespionage purposes. Phishing, as a vector of risk, targets human habits, considerations and interests. Any factor that is causing a stir on social media lately is a lure option for the significant percentage of the population is aware of it and is potentially interested or even involved. The World Cup is no exception.
“Unfortunately, threat actors will use PII to disclose to victims of fraud and scams over the long term. It’s imperative to note that even when running phishing campaigns that hijack a big event like the World Cup, risk actors may occasionally simply upload this topic. to others who have proven themselves. The topics of account verification, overdue payments/invoices, and order confirmation are not unusual in phishing campaigns, and most phishers won’t fully transfer from those incredibly broad topics to a more specific sports theme. only for the era when the World Cup is attracting attention. However, by combining the two, a menacing actor can try to make the most of either world, betting on fan interest while forcing a sense of urgency. This probably reduces your potential victim’s group, but it can also increase the chances of good fortune rather than specific users. Users should be wary at all times of unexpected emails requesting payment or not being public. information.
“As phishing campaigns become more common, it is critical that mandatory measures are taken to protect inboxes, stumble upon threats and respond to attacks. Adopting actionable intelligence that provides visibility into your network’s threat points and fast, decisive responses to phishing threats will help keep malicious actors at bay and ensure you protect sensitive data.
The Department of Human Services in Tehama County, located in the US state of California, revealed a data breach in which an intruder gained unauthorized access to the department’s computer network between November 2021 and April 2022. Action News Now reports that compromised data comes with names, dates of birth, Social Security numbers, and driver’s license numbers. The county has begun informing potential victims, who come with service recipients and employees, and provides track of loose credits and protection against identity theft.
Connexin Software, a company that provides IT solutions for pediatric fitness, suffered a data breach in August that affected more than 2. 2 million people and nearly 120 pediatric doctors’ offices. Health IT Security explains that in late August Connexin discovered a “knowledge anomaly” in its internal network. It was decided that an unauthorized party accessed an offline patient knowledge pool used for problem solving and knowledge conversion, which included demographic information, social security numbers, remedy information, billing and claims information, and physical insurance information. Connexin explained, “The online electronic registration formula was not accessed in this incident, and the incident did not involve any formula, knowledge base, or medical record formula of any physician organization. “
Chinese Covid protesters become targets of Beijing’s surveillance state (Wall Street Journal) Chinese police have begun leveraging the country’s state surveillance powers to prosecute protesters who have taken part in rare public demonstrations in defiance of the government’s strict Covid policies.
LockBit 3. 0 “Black” Attacks and Leaks Reveal Anti-Parasite Features and Equipment (Sophos News) Reverse Engineering Has Close Similarities to BlackMatter Ransomware, With Some Improvements
Punisher ransomware uses COVID lure to spread among users (Heimdal Security Blog) A new variant of the Punisher ransomware spreading via a fake COVID tracking app was recently discovered.
TikTok porn malware “Invisible Challenge” puts us all in danger (Naked Security) A wound for one is a wound for all. Especially if other people are part of your social network.
Field scams: Group-IB identifies online threats that oppose 2022 FIFA World Cup enthusiasts in Qatar (Group-IB) Group-IB, one of the world’s leading cybersecurity companies, has known of several scams and phishing attacks targeting users for tickets, official products and jobs at the 2022 FIFA World Cup in Qatar.
IKEA investigates cyberattacks in Kuwait, Morocco (The Record until Recorded Future) Swedish furniture giant IKEA has shown that its franchises in Kuwait and Morocco are facing a cyberattack.
Third-party knowledge gap affects 119 pediatric practices, 2. 2 million patients (fitnesscare IT security) The fitnesscare knowledge gap occurred at Connexin Software, a provider of pediatric fitness IT solutions.
Tehama County Alerts Others to Data Breach Compromising Social Security Numbers (Action News Now) Tehama County sends letters to others whose private data could have been compromised in a data breach.
HSE launches National Knowledge Breach Notification (HSE. ie) program The HSE began today (Tuesday, November 29, 2022) to notify by mail HSE patients and staff whose non-public data was illegally accessed and copied the cyberattack on the HSE.
Microsoft 365 faces demanding GDPR situations in Europe after German report Microsoft has not clarified the wording of its contracts and its retention and disposal regulations are not GDPR compliant, German regulators have found