200+ Fake Retail Sites Used in New Wave of Subscription Scams

Bitdefender discovered over 200 incredibly realistic websites offering a wide range of products, including shoes, clothing, and electronics. Customers are tricked into providing credit card information and agreeing to monthly subscriptions.

Mystery Box Scams Deployed to Steal Credit Card Data

Cybercriminals are deploying highly sophisticated subscription scams, including deceptive “mystery box” offers, to harvest credit card data and commit financial fraud. These scams are spreading across social media platforms, particularly Facebook.

How NFC-Enabled POS Terminals Facilitate Cybercriminal Money Laundering Chains

Chinese cybercriminals are especially active in NFC-enabled fraud and are known for their well-established money laundering chains across multiple continents. They arrange for an NFC-enabled POS terminal and a merchant account linked to it.

Decoding Fake US ESTA Emails: Scam or Real Deal?

A sophisticated phishing campaign is targeting individuals seeking U.S. travel authorization by impersonating the U.S. Customs and Border Protection (CBP) and the Electronic System for Travel Authorization (ESTA).

WordPress ad-fraud plugins generated 1.4 billion ad requests per day

A large-scale ad fraud operation called 'Scallywag' is monetizing pirating and URL shortening sites through specially crafted WordPress plugins that generate billions of daily fraudulent requests.

FBI Warns of Scammers Impersonating the IC3

The FBI has issued a warning about a persistent fraud scheme in which scammers impersonate employees of the Internet Crime Complaint Center (IC3) to deceive and revictimize individuals, particularly those who have already suffered financial fraud.

Phishing Kits Now Validate Victims in Real-Time Before Stealing Credentials

Phishing actors are employing a new evasion tactic called 'Precision-Validated Phishing' that only shows fake login forms when a user enters an email address that the threat actors specifically targeted.

Smishing Triad is Now Targeting Toll Payment Services in a Massive Fraud Campaign Expansion

The Smishing Triad group has been linked to a surge in smishing campaigns targeting the U.S. and the U.K. The fraudulent text messages claim unpaid toll bills or payment requests related to toll services like FasTrak, E-ZPass, and I-Pass.

Threat Actors Leverage Tax Season To Deploy Tax-Themed Phishing Campaigns

These campaigns lead to phishing pages delivered via the RaccoonO365 phishing-as-a-service (PhaaS) platform, remote access trojans (RATs) like Remcos, and other malware like Latrodectus, BruteRatel C4 (BRc4), AHKBot, and GuLoader.

Russian Intelligence-backed Campaigns Impersonate the CIA to Target Ukraine Sympathizers, Russian Citizens, and Informants

Silent Push Threat Analysts discovered a phishing campaign using website lures to gather information against Russian individuals sympathetic to defending Ukraine and willing to share sensitive information.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags