Posted by: David Harley | July 22, 2018

Microsoft Office 365 as phishing target

HelpNet Security: Microsoft tops list of brands impersonated by phishers. Summarizes an article by Vade Secure’s Phishers’ Favorites Top 25 List. Trailing quite a long way behind are PayPal, Facebook, Netflix etc. Vade reckon that Microsoft is such a favourite because it can be so profitable to get into a Microsoft Office 365 account.

David Harley

Posted by: David Harley | July 15, 2018

Sextortion and leaked passwords

Here’s an interesting article by Brian Krebs: Sextortion Scam Uses Recipient’s Hacked Passwords

The scammer claims to have made a video of the intended victim watching porn, and threatens to send it to their friends unless payment is made. Not particularly novel: the twist with this one is that it “references a real password previously tied to the recipient’s email address.” Krebs suggests that the scammer is using a script to extract passwords and usernames from a known data breach from at least ten years ago.

The giveaway is that very few people are likely to be using the same password now – and it’s unlikely that there are that many people receiving the email who might think that such a video could have been made. Still, it seems that some people have actually paid up, and it’s possible that a more convincing attack might be made sending a more recent password to a given email address, and perhaps using a different type of leverage.

Commentary from Sophos here.

(Further commentary here: Sextortion & leaked passwords revisited

David Harley

Posted by: David Harley | June 16, 2018

Phishing and BEC

A couple of links to interesting scam stories: one on a current phishing scam, one on a major operation successfully disrupting BEC (Business Email Compromise) scams across the world.

David Harley

Posted by: David Harley | June 8, 2018

ESET: more on World Cup scams

Tomáš Foltýn for ESET: You have NOT won! A look at fake FIFA World Cup-themed lotteries and giveaways

“With the 2018 FIFA World Cup in Russia just days away, fraudsters are increasingly using all things soccer as bait to reel in unsuspecting fans so that they get more than they bargained for”

David Harley

Posted by: David Harley | June 1, 2018

ESET on World Cup scams, and Snopes on a Starbucks hoax

Tomáš Foltýn for ESET: World Cup scams: how to avoid an own goal – “Whether travelling to enjoy the matches in person, or watching from home, fans should be on the lookout for foul play” (I always enjoy Tomáš’s wordplay.)

Snopes: Is Starbucks Installing ‘Shatter-Proof Windows’? – “An image circulating online falsely promised “free coffee for a year” to anyone who could damage the company’s new windows.” Put away that bazooka…

David Harley

Posted by: David Harley | May 28, 2018

The £9000 call to the TSB hotline

ESET: Scammers raid man’s bank account while he waits on hold to fraud hotline – “Criminals have set their sights on customers of a bank that has been struggling with a switchover to a new computer platform”.

Based on this report from the BBC: TSB left man on hold as his wedding savings were stolen – “A TSB customer has described how he watched thousands of pounds in wedding savings being stolen from his internet account as he waited on hold for the bank’s fraud department.”

David Harley

Posted by: David Harley | May 20, 2018

HoweyCoins: fake offer, real education

US Securities and Exchange Commission: The SEC Has an Opportunity You Won’t Want to Miss: Act Now! – “The SEC set up a website,, that mimics a bogus coin offering to educate investors about what to look for before they invest in a scam. Anyone who clicks on “Buy Coins Now” will be led instead to investor education tools and tips from the SEC and other financial regulators.” Commentary from Sophos: Don’t invest! The ICO scam that doesn’t want your money

And, returning to a more common scam topic on this site…

Malwarebytes: Fake Malwarebytes helpline scammer caught in the act – Given how much work Malwarebytes have done on these scams, not good targeting on the scammer’s part.

David Harley

Posted by: David Harley | May 12, 2018

Tech support scam article for ESET

Here’s an article by me for ESET: Tech support scams and the call of the void

“Christopher Burgess for Security Boulevard on what happens When Scammers Fill the Tech Support Void … says: “I still haven’t figured out why those companies that provide tech support tend to hide the connectivity to these saviors of their brand in the weeds of the website, but they do, and we search—and sometimes we strike gold.”

However, I don’t think the reluctance of companies to draw attention to their support services is too much of a mystery…”

There may be persuasive reasons why providers are reluctant to engage directly with their customers, but the consequences may be grim for both provider and customer.

And here are a couple of other scam-related stories you may find of interest:

David Harley

Posted by: David Harley | April 27, 2018

Microsoft on support scams – plus, assessing gullibility

Erik Wahlstrom for Microsoft talks about tech support scams, the volume of complaints Microsoft receives, and the partnerships it has built in an effort to reduce their impact. Worth reading. Teaming up in the war on tech support scams. Some commentary and basic advice from Graham Cluley: Reports of tech support scams rocket, earning handsome returns for fraudsters.

Homeland Security News Wire: Tool measures individuals’ likelihood to fall for internet scams. Taking a look at the actual survey, I find it hard to assess the validity of the questions, despite (or perhaps because of) my academic and professional background. There are a lot of questions there I simply wouldn’t choose to answer. Still, the paper is interesting: We will make you like our research: The development of a susceptibility-to-persuasion scale [Update: commentary from ESET: This test will tell you how likely you are to fall for fraud]

David Harley

Posted by: David Harley | April 21, 2018

UK ID Theft, IWF report on child abuse, Gold Galleon BEC

(1) The Register: ID theft in UK hits record high as crooks shift to more vulnerable targets – “Less checked online services bear brunt”

‘… Conor Burns MP, chairman of the All-Party Parliamentary Group on Financial Crime and Scamming, said:

“Fraud is the 21st century volume crime and the issue is not going to go away. With more and more people sharing data, transacting, setting up businesses, dating and chatting online this trend is only going to continue.”‘

(2) International Watch Foundation: “Our 2017 Annual Report (published on 18 April 2018) gives the latest data on what’s happening globally to tackle child sexual abuse images and videos online…Visit our interactive 2017 Annual report microsite here…” The statistics are summarized in a press release here.

(3) SecureWorks: GOLD GALLEON: How a Nigerian Cyber Crew Plunders the Shipping Industry – “In 2017, Secureworks® Counter Threat Unit™ (CTU) researchers continued to track GOLD SKYLINE, a financially motivated Nigerian threat group involved in business email compromise (BEC) and business email spoofing (BES) fraud. During the investigation, CTU™ researchers discovered a previously unidentified BEC group that they have named GOLD GALLEON.” BEC could be defined as 419 scammers wearing their corporate hat.

David Harley

« Newer Posts - Older Posts »