PINDROP BLOG

Category: Social Engineering

April 26, 2017
Phone Fraud Jumps 113% as Criminals Focus on Call Centers
Criminals are targeting corporate call centers at an unprecedented rate, resulting in a 113 percent spike in the fraud rate in the last year, new data compiled by Pindrop shows. Phone fraud has become one of the favored tactics for criminals as they look for less-risky and more-profitable avenues to get into targeted organizations. The phone…
Read More →
April 17, 2017
Unicode Domain Phishing Attack Resurfaces
Researchers are warning about a phishing attack that abuses the way some browsers handle unicode characters to display attack domains that are identical to legitimate ones. The concept behind the attack is quite old, but it has resurfaced in the current versions of both Firefox and Chrome. The attack relies on the fact that the…
Read More →
April 14, 2017
Inside the Tech Support Scam Ecosystem
By Jonah Berg-Ganzarain A pair of doctoral students and their advisor, looking for insights into the inner workings of tech support scams, spent eight months collecting data on and studying the tactics and infrastructure of the scammers, using a purpose-built tool. What they uncovered is a complex, technically sophisticated ecosystem supported by malvertising and victimizing people around…
Read More →
April 12, 2017
FTC Halts Tech-Support Scam That Pretended to Represent the FTC
The FTC has shut down a phone and email scam that involved scammers contacting consumers, falsely claiming to be working on behalf of the FTC and offering fake tech support services. The scheme is a twist on the old Windows tech support scam in which fraudsters call consumers and try to sell remote tech support…
Read More →
March 28, 2017
FCC Warns on New ‘Can You Hear Me’ Phone Scam
Phone scammers have adopted a new tactic recently that is part of a long-term scheme to impersonate victims during calls with banks or other financial institutions. The new technique involves a scammer calling a victim and when the victim answers, immediately asking, “Can you hear me?” The idea is to record the victim’s voice as…
Read More →
February 28, 2017
Email Scam Losses Pass $3 Billion, FBI Says
The amount of money that enterprises in the United States are losing to business email compromise scams is growing at an alarming rate, and is now well into the billions of dollars, according to the FBI. BEC scams, also known as CEO or executive impersonation schemes, are the evolution of phishing attacks and rely on the criminals’…
Read More →
January 31, 2017
Your Brain Is Bad at Security
OAKLAND–Security teams are frustrated constantly by users who ignore warnings about phishing sites, bad certificates, or malware, and just click through to get wherever they were going. It turns out that behavior probably isn’t the users’ fault. It’s just human nature. There are many reasons why this behavior persists, even when users are told in no uncertain…
Read More →
January 19, 2017
Decline of Necurs Botnet Hurts Locky Ransomware
Many ransomware gangs rely on help from other members of the cybercrime ecosystem to distribute their malware, and when those connections don’t hold up, it can cause serious problems. That’s what’s happened to the Locky ransomware in the last few weeks, as its main distribution mechanism, the Necurs botnet, has disappeared. The botnet has been…
Read More →
January 19, 2017
Gmail Phishing Campaign Racking Up Victims
There is a clever, well-crafted phishing campaign targeting Gmail users that includes a fake login page that exactly mimics the real thing to trick victims into entering their credentials. The campaign has been going on for some time but it recently began to gain attention after researchers analyzed it and broke down the techniques the…
Read More →
December 19, 2016
Hailstorm Spam Campaigns Being Used to Evade Defenses
In an effort to get past anti-spam and anti-malware systems and put their garbage in front of potential victims, some spammers are avoiding the traditional strategy of sending huge volumes of mail for long periods of time in favor of sending large bursts of spam in a very short timeframe. This technique, known as hailstorm…
Read More →