Scammers Impersonate IRS and FBI in New Ransomware Attack
The IRS and the FBI are warning consumers about a new phishing campaign that impersonates both of those agencies in an effort to collect victims’ personal information through a fake questionnaire. The phishing attack uses an email template that includes the seals of both the FBI and the IRS and it plays on people’s fear […]
Victims of $120M Phone Fraud Scam to Get Refunds
After winning a lawsuit against the operators of an alleged tech support scam, the FTC is returning some of the money taken from victims of the scam. The commission won a settlement of $10 million from the defendants, which included companies doing business as Advanced Tech Support and Inbound Call Experts. The fund will be […]
FCC Wants Telecoms to Upgrade SS7 Security
The FCC is pushing telecom carriers and other providers to upgrade the security of their networks to address weaknesses in one of the key signaling protocols that underpins phone networks. The commission has asked providers to implement a set of security best practices for the SS7 signaling protocol that’s been compiled by an FCC advisory […]
Chrome May Let Users Mute Site Audio, Helping Prevent Audio Tracking
Google is working on a feature in its Chrome browser that would enable users to mute audio on websites on a site-by-site basis. The feature could help prevent an emerging kind of user tracking that employs ultrasonic signals. The feature has shown up in the Canary build of Chrome, which is the early build that […]
Podcast: Ronnie Tokazowski
In the latest edition of the On the Wire podcast, Dennis Fisher talks with Ronnie Tokazowski of Flashpoint about his research into business email compromise campaigns, especially a new one that originated in West Africa. The new campaign uses rigged PDF files that come from trusted senders to push victims to malicious sites, starting a […]
How Social Engineering Enables a Facebook Adware Campaign
A slick social engineering campaign is using Facebook Messenger, Google Docs, and a series of malicious websites to install adware and other unwanted applications on victims’ machines. The campaign begins with Facebook Messenger messages sent to a new victim. The messages come from a contact of the victim and contain a shortened link that points […]
Call Center Fraud & Authentication By The Numbers
$14 Billion Call center fraud loss is having a significant effect on enterprises. According to Pindrop® Labs, the average call center is losing $0.58 to fraud for every incoming call. That means, across the U.S., companies are losing $14 billion to fraud attacks annually. 113% Things are not improving any time soon. Pindrop® Labs has […]
Pindrop Labs | Replay Attack
Voice is a leading input interface for Internet of Things (IoT) devices. This is mainly attributed to the success of automatic speech recognition (ASR), voice biometrics, and natural language processing (NLP). With this progress comes the increased risk of attacks over the voice channel. Attackers are reportedly trying to use diverse voice spoofing techniques to […]
On the Wire Podcast: Mike Mimoso
Dennis Fisher speaks with Mike Mimoso of Threatpost about the arrest of security researcher Marcus Hutchins in connection with the Kronos banking trojan, the effect that the incident could have on the cooperation between researchers and law enforcement, and what else may come out of the AlphaBay dark wen market takedown. Music by Chris Gonsalves and […]