Tag Archive for: fraud

Police apprehend global cyber gang implicated in large-scale fraud

/in


The Met Police, a long with a host of other global law enforcement agencies, have dismantled a criminal gang that used a technology service to facilitate fraudulent text messages, leading to theft from victims. The scam primarily targeted younger individuals familiar with the internet. The technology service, LabHost, aided scammers in sending deceptive messages and directing victims to fake websites resembling legitimate online payment or shopping services.



The criminals obtained identity information, including card numbers and Pin codes, resulting in significant financial losses. Though the exact amount stolen remains unknown, LabHost reportedly generated nearly £1m in profits. In the UK alone, around 70,000 victims are thought to have been deceived into providing their details online, with 25,000 identified victims receiving warning text messages about potential fraudulent sites.

Victims are advised to seek guidance on the Metropolitan Police website, and their cases have been reported to fraud investigators. Personal details discovered in data obtained from LabHost have been secured by authorities.

In light of this story, the cybersecurity community has been positive in hearing this news:

Adam Pilton, Cyber Security Consultant at CyberSmart, and former Detective Sergeant investigating cybercrime at Dorset Police: “This is another fantastic result for UK and international law enforcement. 

“In February, we saw the takedown of Lockbit, the largest ransomware gang. This was an international operation which stemmed from fantastic work by the South West Regional Organised Crime Unit.

“This operation will be no different, and we should not underestimate the amount of work put into operations such as this. It took two years to reach this point and there would have been many people involved. This kind of incident would most likely have started from the intelligence gathered by law enforcement and investigative agencies. 

“This is why it is so important to report cybercrime: Even reporting phishing emails helps to build that intelligence picture, which enables law enforcement to protect us.

“One area of particular concern is the increasing tendency to see…

Source…

Yogurt Heist Reveals a Rampant Form of Online Fraud

/in


The Journal’s story reveals that cargo hijacking fraud remains a serious problem—one that cost $500 million in 2023, quadruple the year before. Victims say load board operators need to do more to verify users’ identities, and that law enforcement and regulators also need to do more to address the thefts.

Multifactor authentication (MFA) has served as a crucial safeguard against hackers for years. In Apple’s case, it can require a user to tap or click “allow” on an iPhone or Apple Watch before their password can be changed, an important protection against fraudulent password resets. But KrebsOnSecurity reports this week that some hackers are weaponizing those MFA push alerts, bombarding users with hundreds of requests to force them to allow a password reset—or at the very least, deal with a very annoying disruption of their device. Even when a user does reject all those password reset alerts, the hackers have, in some cases, called up the user and pretended to be a support person—using identifying information from online databases to fake their legitimacy—to social engineer them into resetting their password. The solution to the problem appears to be “rate-limiting,” a standard security feature that limits the number of times someone can try a password or attempt a sensitive settings change in a certain time period. In fact, the hackers may be exploiting a bug in Apple’s rate limiting to allow their rapid-fire attempts, though the company didn’t respond to Krebs’ request for comment.

Israel has long been accused of using Palestinians as subjects of experimental surveillance and security technologies that it then exports to the world. In the case of the country’s months-long response to Hamas’ October 7 massacre—a response that has killed 31,000 Palestinian civilians and displaced millions more from their homes—that surveillance now includes using controversial and arguably unreliable facial recognition tools among the Palestinian population. The New York Times reports that Israel’s military intelligence has adopted a facial recognition tool built by a private tech firm called Corsight, and has used it in its attempts to identify members of…

Source…

AllaKore RAT Malware Targeting Mexican Firms with Financial Fraud Tricks

/in


Jan 27, 2024NewsroomMalware / Software Update

AllaKore RAT Malware

Mexican financial institutions are under the radar of a new spear-phishing campaign that delivers a modified version of an open-source remote access trojan called AllaKore RAT.

The BlackBerry Research and Intelligence Team attributed the activity to an unknown Latin American-based financially motivated threat actor. The campaign has been active since at least 2021.

“Lures use Mexican Social Security Institute (IMSS) naming schemas and links to legitimate, benign documents during the installation process,” the Canadian company said in an analysis published earlier this week.

“The AllaKore RAT payload is heavily modified to allow the threat actors to send stolen banking credentials and unique authentication information back to a command-and-control (C2) server for the purposes of financial fraud.”

Cybersecurity

The attacks appear to be designed to particularly single out large companies with gross revenues over $100 million. Targeted entities span retail, agriculture, public sector, manufacturing, transportation, commercial services, capital goods, and banking sectors.

The infection chain begins with a ZIP file that’s either distributed via phishing or a drive-by compromise, which contains an MSI installer file that drops a .NET downloader responsible for confirming the Mexican geolocation of the victim and retrieving the altered AllaKore RAT, a Delphi-based RAT first observed in 2015.

“AllaKore RAT, although somewhat basic, has the potent capability to keylog, screen capture, upload/download files, and even take remote control of the victim’s machine,” BlackBerry said.

The new functions added to the malware by the threat actor include support for commands related to banking fraud, targeting Mexican banks and crypto trading platforms, launching a reverse shell, extracting clipboard content, and fetching and executing additional payloads.

The threat actor’s links to Latin America come from the use of Mexico Starlink IPs used in the campaign, as well as the addition of Spanish-language instructions to the modified RAT payload. Furthermore, the lures employed only work for companies that are large enough to report directly to the Mexican Social…

Source…

SquaredFinancial Introduces Enhanced Fraud Prevention Framework and Uncovers Fraud Network

/in


SquaredFinancial values transparency and is strongly dedicated to fighting deceptive practices by developing an advanced fraud prevention framework. Recognizing recent incidents of financial deceit in the trading industry, the company is proactively fortifying its compliance and risk teams and strengthening processes and protocols to promptly detect and address any fraudulent activities.

A holistic approach to fraud prevention and management requires robust tools to conduct comprehensive risk assessments, identify potential vulnerabilities and prioritize risk mitigation.

The first step towards effectively fighting digital fraud is to understand the forms of fraud that occur regularly in the fintech sector. Some of the most common kinds of fraud are identity theft, phishing, web skimming, social engineering, and botnet attacks which can effectively be prevented with a resilient IT infrastructure and a steadfast focus on cybersecurity. In the forex brokerage industry, fraudulent activities have been recurrent and are plotted by networks or individuals exploiting terms and conditions and applying trading tactics to abuse commission and other bonus schemes.

Adapting to the ever-evolving landscape of financial fraud

Throughout the years, fraud networks have consistently targeted businesses, exploiting trading tactics and incurring substantial losses. As such, tactics like shared IP addresses and devices have been employed to exploit trading systems and take advantage of bonus schemes.

Recent fraud case study and actions taken

In November 2023, SquaredFinancial initiated an internal investigation following the deceitful actions of a specific partner. Utilizing internal analytical tools, the company was able to swiftly identify irregularities and has immediately intervened, preventing further exploitation. Craig Jenkins, Chief Legal & Compliance Officer, emphasized, “The recent case of abusers was detected by our software used to identify suspicious patterns, revealing a network of connected trading activities. A thorough inspection uncovered dozens of ‘clients’ engaging in coordinated trades from the same location, even the same computer, to abuse the favourable…

Source…