X-Industry

The US Social Security Administration (SSA) Office of the Inspector General (OIG) is cautioning the public to be aware of emails that appear to be from SSA and include a link to download a utility tool.  This fake email is an attempt to lure individuals to fraudulent sites that are not associated with SSA by claiming there is a problem, a potential error and to correct the issue you must download a ‘Security Update Tool.” 

THIS EMAIL IS NOT FROM SSA (see attached).  This version of the scam emai

If you are looking to plan a future vacation, take a minute to scrutinize hotel and travel service booking sites. Hotel and hostel workers are being tricked into downloading credential-stealing malware by cybercriminals impersonating Booking[.]com. In a phishing campaign that began in December 2024 and continued through February, the threat actors are targeting people in the hospitality industry across North America, Southeast Asia and Europe who are likely to work with Booking[.]com and to op

What is the E-ZPass Smishing Scam?  Recently, scammers have been targeting consumers with a "smishing" scam where they send a text or email claiming to be from the E-ZPass tolling agency.   The message claims that a driver has an unpaid toll and they need to settle their bill using a link provided in the message before late fees are incurred.

InfraGard Rhode Island urges you to NEVER click on links from unknown senders, in both text messages and emails.

What should you do if you have received a

About a year ago, I rented an AirBnB house.  Once I signed up, I realized the point of contact was named “China.”  Well, my heart sank until I realized that China was her name.  Still unconvinced, I have someone actually “look” at the property and see if it was real.  It was, whew…..and “China” turned out to be a lovely person.  I guess parents name their children other names than Susie, Patty and Cathy…. Ok, ok - I’m showing my age.  But caution should still be employed for any AirBnB rental tr

Cybersecurity researchers have warned of ongoing phishing campaigns that abuse refresh entries in HTTP headers to deliver spoofed email login pages designed to harvest users' credentials.  Unlike other phishing webpage distribution behavior through HTML content, these attacks use the response header sent by a server, which occurs before the processing of the HTML content.  Malicious links direct the browser to automatically refresh or reload a web page immediately without requiring user interact

Crypto took a major hit last year with losses exceeding $5.6 billion, mainly driven by investment fraud, tech support scams, and social engineering via government impersonation.  Latest findings published by the FBI’s Internet Crime Complaint Center (IC3), the product of almost 70,000 reports, marks this 45% rise as a new record high for the industry.  The US alone accounts for $4.8 billion of these reported cases, followed by the Cayman Islands, Mexico, Canada, the UK, India, and Australia.

(So

Almost everyone knows dating sites can be dangerous, and you need to be careful. But a nasty new threat plays on those fears, and by the time you realize it, it could be too late…..Don't make this mistake on your dating app.

Online dating can be dangerous; who is at the other end of all those flirty and exciting messages, and whose pictures have they chosen to share?  But now, a new FBI warning has taken something of a twist because the latest threat to dating app users plays on those fears that

Spanish police have arrested more than 100 people who stole €850,000 (more than $900,000 USD) through WhatsApp by pretending to be their victims’ family members in urgent need of help.

According to a statement by the Guardia Civil, one of Spain's police forces, the suspects, men and women aged between 20 and 60, were arrested from February to April in seven Spanish provinces.  All were charged with fraud, money laundering, and being part of a criminal organization.

To trick their victims, the sc

Cybersecurity researchers are warning about an increase in phishing attacks that are capable of draining cryptocurrency wallets.  These threats are unique in their approach, targeting a wide range of blockchain networks, from Ethereum and Binance Smart Chain to Polygon, Avalanche, and almost 20 other networks by using a crypto wallet-draining technique.  A prominent contributor to this troubling trend is a notorious phishing group called Angel Drainer, which advertises a "Scam-as-a-Service" offe

Cybersecurity has always been a race between cybercriminals and defenders. Defense against attackers will improve to adapt to new threats, and then attackers respond by refining their tactics to find the next vulnerability in the defense.  It's one of the most dynamic environments in the world of computer science.

One of the most successful and increasingly prevalent ways of attack has come from social engineering, which is when criminals manipulate humans directly to gain access to confidential

If you have ever owned a domain name, the chances are good that at some point you have received a snail mail letter which appears to be a bill for a domain or website-related services.   These misleading missives try to trick people into paying for useless services they never ordered, don’t need, and probably will never receive. Below, Krebs takes a look at the most recent details of this scam, DomainNetworks, and some clues about who may be behind it.

The DomainNetworks mailer may reference a d

A common tactic for cybercriminals is to distribute storage drives, phones, or other internet-connected devices filled with hidden malware to hack victims and steal their information. Although smartwatches have not been known for major security breaches so far, they carry many of the same vulnerabilities as other IoT products and warrant a similar degree of caution.  A recent InfraGard brief by DHS cautioned the use of Smartphones and being vulnerable to malware.

The US Army’s Criminal Investiga

According to various investigating agencies, thousands are believed to have lost their savings after investing in a cryptocurrency trading app called iEarn Bot   https://www.iearnbot.com.  DO NOT VISIT THIS WEBSITE; IT IS A SCAM.  Experts investigating the company say it could be one of the largest crypto scandals.  Cryptocurrency trading has become popular, with people often promising large rewards over short periods.  But law enforcement agencies warn of many scams and recommend investors cond

Phishing, the theft of users' credentials or sensitive data using social engineering, has been a significant threat since the early days of the internet and continues to plague organizations, accounting for more than 30% of all known breaches. With the ongoing trend to remote working during and post pandemic, hackers have increased their efforts to steal login credentials as they take advantage of the chaos and lack of in-person user verification.

This has led to the revival of the old-school te

Most of us have had or heard from a friend who has been the target of an email scammer pretending to be a friend in distress who needs money wired out of town or out of the country.  Now scammers are using the telephone to inform you that your loved one is in distress.  And the caller may sound “just like” your friend/relative. At that moment, your instinct would be to do anything to help them escape danger, including wiring money.  My father was a victim of such a scam, but he called me first f

Tis the season for cybersecurity and IT teams have to send out a company-wide email: “No, our CEO does NOT want you to buy gift cards.”  As much of the workforce signs off for the holidays, hackers are stepping up their game.  We will see an increase in activity as hackers continue to introduce e-commerce scams and holiday-themed phishing attacks.  Hackers love to use these tactics to trick end users into compromising not only their personal data but also their organization data.

Use this time o

Stealing, skimming and scams are nothing new in the credit card industry.  But a new report by Reason Labs shows new twists to a credit card scam. In 2022, the cybersecurity world is no stranger to phishing attacks, credit card scams, virus distribution, and identity theft.  They are ongoing on a daily basis and we have almost reached the point where we think we have seen it all. However, researchers have just uncovered potentially one of the largest fraudulent online credit card schemes active

If you were one of the millions of people who watched Netflix's The Tinder Swindler, you may have shaken your head in wonder at how women could be allegedly hoodwinked out of millions of dollars.  People fall for these scams for the same reasons that they fall prey to cold-call scam texts claiming that their loved one is in hospital and fees urgently need to be paid: When emotions are involved, rational thinking can go out of the window.

See:  https://www.netflix.com/title/81254340

Simon Leviev,

I found this in my Inbox this morning.   I think the only truthful piece of information included - is that Mary Beth Leonard actually is the current US Ambassador to Nigeria. 

See:  Ambassador Mary Beth Leonard | U.S. Embassy & Consulate in Nigeria (usembassy.gov)

This one fact shows that the criminal involved has done some homework for his scam.   I am always amused by the mis-use of words in the text of theses “kind offers,” such as using the word “missing” instead of “mincing.”  There are too

Costco Wholesale Corporation is warning American internet users to be wary of more than a dozen digital scams targeting its customer base.   On its website,  HERE the American multinational corporation has published screenshots of 14 "prominent fraudulent emails, texts, and posts" in which cyber-criminals are impersonating Costco  The majority of the traps use financial benefits to lure victims, promising free products, financial reimbursements, exclusive offers, cash-back rewards, and gift card