Criminal gangs have been hitting e-commerce sites hard lately by injecting their malicious code to "skim" customers' payment card details. In a recent twist, Malwarebytes spotted a malicious iFrame that steps in front of the normal payment process to intercept card details.
Nine men have been charged in connection with an alleged SIM card swapping scheme that led to the theft of $2.4 million in cryptocurrency, the U.S. Justice Department says. The scheme allegedly involved the bribing of employees of Verizon and AT&T.
Good news for customers of accounting software vendor Wolters Kluwer: The IRS has given you a 7-day extension to submit several different types of filings. Bad news: It's because the accounting software giant was hacked, knocking its cloud-based CCH software suite offline.
Among the top new spear-phishing threats to
This whitepaper outlines the top three spear-phishing threats and new strategies to defend against them.
Download this whitepaper to learn more about:
Insights from the latest report on spear-phishing;
Why top threats are so successful;
In the latest incident, an attack targeted about 200 online campus stores in the U.S. and Canada, Trend Micro reports. But this attack apparently was waged by a new group.
German police have disrupted Wall Street Market and arrested its alleged administrators, who apparently "exit scammed" with $13 million in bitcoins, while U.S. authorities detained two of the site's alleged top narcotics vendors. Separately, Finnish police disrupted Silkkitie, aka Valhalla Marketplace.
Russian national Anton Bogdanov has been charged with stealing more than $1.5 million from the Internal Revenue Service via a tax return fraud scheme. He was arrested last November while on vacation in Thailand, at U.S. request, and subsequently extradited.
The latest edition of the ISMG Security Report describes how a Facebook Marketplace glitch created serious privacy issues. Plus: An update on the activities of the FBI's Recovery Asset Team and HSBC whistleblower Everett Stern's preview of keynote address at upcoming ISMG Fraud and Breach Summit in Chicago.
TA505, a sophisticated advanced persistent threat group, is now using legitimately signed certificates to disguise malware that can penetrate banking networks, security researchers warn in a new report.
The 2019 Insider Data Breach survey gathered responses from 252 U.S. and 253 U.K.-based IT leaders (CIOs, CTOs, CISOs and IT Directors) and 2004 U.S. and 2003 U.K.-based employees to assess the root causes of these employee-driven data breaches, as well as the frequency and impact of such instances.
Everett Stern, the whistleblower who called attention to HSBC's international money laundering activities, which ultimately resulted in a $1.9 billion fine, says the crackdown on financial fraud still has a long way to go. He'll be the keynoter at ISMG's Fraud and Breach Summit in Chicago on May 14.