WEST PALM BEACH, FL - I've been writing about scam emails and phishing attempts for a number of years now and although I don't have as much time at my disposal as I used to, I still like to detail their processes when I can so people can learn how to avoid these scams while seeing and understanding how clever these little sneaks are when plotting to steal your information (and money). Past features have includes similar scams targeting customers of Facebook, GoDaddy, FedEx, … [Read more...]
Search Results for: phishing
Thousands of Domain Names Owned by Legitimate Brands Hijacked to Send Spam
TEL AVIV - As part of a sophisticated scheme involving spam proliferation and click monetization, over 8,000 domains and 13,000 sub-domains once owned by major, legitimate brands and institutions have been hijacked to allow millions of spam emails to bypass standard security blocks for nefarious gain. This coordinated malicious activity – dubbed “SubdoMailing” – has been going on since at least September 2022, according to Guardio Labs, the Israeli security … [Read more...]
Report: Domain Squatting, Brand Hijacking Presenting Increased Threat Across Internet
PALM BEACH, FL - “Domain squatting” – AKA cybersquatting – and “brand hijacking” are two internet-based threats that present unique dangers to both businesses and end users, opening up some to cybersecurity threats and brand/trademark damage including potential phishing and malware attacks. Domain squatting is registering or using a domain name to profit from a trademark belonging to a well-known brand, typically by registering a misspelled version of their URL to … [Read more...]
“Prolific Puma” Created 75k Unique Domain Names Since April 2022 Used for Scams
SANTA CLARA, CA - Researchers from security vendor Infoblox have uncovered an actor known as “Prolific Puma” that has been revealed as having provided link shortening services for countless cyber criminals for a span of time of at least four years or longer, an act that has likely been responsible for an immense number of scams targeting innocent people. As an example of how Prolific Puma lives up to the "prolific” part of their name, the actor reportedly … [Read more...]
FEDs Seize 17 Domains Suspected of Being Used for Fraud in U.S. by North Korea
WASHINGTON, D.C. - On Wednesday, the United States Justice Department announced it has seized 17 website domains utilized by North Korean information technology (IT) workers to purportedly evade government sanctions, conduct cyberattacks and defraud U.S. businesses, with the millions of dollars in illicit proceeds generated from such activities being used to fund North Korea's weapon development program. The Justice Department confirmed in a statement that the … [Read more...]
Expert: Blindly Authorizing Doman Listings Can Cause You to Lose Your Domains
TEMPE, AZ - Recently DomainInvesting.com’s Elliot Silver related a tale of an automated e-mail he received from internet domain registrar and web hosting company GoDaddy, listing several domain names that he owned that are listed for sale on a website called Squadhelp, a website where you can buy and sell domains. Silver had previously listed them on Afternic, but had deleted them in favor of Squadhelp. Side note: I had never heard of Squadhelp before, I'll have to check … [Read more...]
Managed Care Confirms Serious Breach of Nearly 9 Million Patients’ Critical Info
ATLANTA, GA - Managed Care of North America, Inc. (MCNA), a major insurance company, suffered a data breach that exposed the personal information of nearly 9 million patients. The Atlanta-based company claims to be the largest dental insurer in the nation. According to reports, Hackers had access to MCNA systems from February 26 to March 7, 2023, compromising confidential patient information such as full names, addresses, birthdates, driver’s license numbers, phone … [Read more...]
NextGen Healthcare Confirms Breach Of Over 1 Million Individuals’ Personal Info
ATLANTA, GA - A security incident has surfaced and you may or may not have been affected. NextGen Healthcare, a healthcare solutions provider, suffered a data breach that exposed the personal information of over 1 million individuals. According to the company, Hackers had access to NextGen systems from March 29 to April 14, 2023, compromising personal information such as full names, addresses, birthdates, and social security numbers. If exploited, cybercriminals can use … [Read more...]
Data Breach: Unauthorized Party Accessed DoorDash Customer Information
SAN FRANCISCO, CA - According to recent reports, a new data security incident has surfaced. DoorDash, a popular food delivery app, detected suspicious activity from the computer network of a third-party vendor, and determined the vendor was compromised by a sophisticated phishing attack. According to the report, certain personal information maintained by DoorDash like names, emails, addresses, phone numbers, and even partial payment card info have been affected. If … [Read more...]
Reported Twitter Data Breach Potentially Affects 5.4 Million Accounts
WEST PALM BEACH, FL – Stolen personal information from 5.4 million Twitter users has been discovered for sale on a hacker forum. With this information, including emails and phone numbers, cybercriminals can create profiles to target victims with spam or phishing attempts which could lead to identity theft. Twitter is currently investigating claims that a near-seven-month-old vulnerability in its software has been exploited and the hacker is asking for $30,000 for the … [Read more...]
Massive Data Breach of Neopets Website Affects 69 Million Users
WEST PALM BEACH, FL - Neopets, a virtual pet and gaming community, has reported a data breach exposing personal information like usernames, passwords, IP addresses, and more of 69 million user accounts. By combining this information, cybercriminals could target users with spam or phishing attempts to access additional personal information which could lead to identity theft. Neopets representatives have published a statement on Twitter addressing the breach. If … [Read more...]
Hundreds of Domains Being Reported in Scam for Free Federal COVID-19 Test Kits
WASHINGTON, D.C. - The federal government launched a new website in January to help distribute free at-home COVID-19 test kits to U.S. citizens; no sooner did this website go live, so did numerous copycat websites, none of which were legitimate, but many sporting very similar URLs in an attempt to run a scam on unsuspecting visitors. In mid-January, the Biden Administration announced a free COVID-19 test kit program, with the kits being distributed via the U.S. Postal … [Read more...]
Data Security Breach At Robinhood Exposes Personal Info Of Customers
PALM BEACH, FL - The Robinhood financial service company has confirmed a data security incident that has exposed full names or email addresses for approximately seven million customers, with a smaller subset having additional personal information revealed. These customers could be targeted with spam, phishing attempts, identity theft and more. No Social Security numbers, bank account numbers or debit card numbers were exposed according to the company. Robinhood … [Read more...]
Massive Data Breach of Twitch Live Streaming Service Confirmed
PALM BEACH, FL - According to The Verge the Twitch streaming service has confirmed a data breach, which reportedly includes their source code, creator payouts, and possible leak of users’ passwords. The leak includes the following: 3 years worth of details regarding creator payouts on Twitch.The entirety of twitch.tv, “with commit history going back to its early beginnings.”Source code for the mobile, desktop, and video game console Twitch clients.Code related to … [Read more...]
It’s Only A Matter of Time Until You Need to Be Licensed to Operate A Web Server
PALM BEACH, FL – I have been thinking about this off and on for a few years now, but I have never really posted or written about it. That is because it is an awful prediction that I hate the idea of, but I think it is going to eventually happen. Here it goes…. I predict that to operate a web server sometime in the near future, you will be required to have a license, or have passed a basic course in IT security or Cybersecurity intrusion mitigation. Not at the single site … [Read more...]