Get Permission In Britain, the National Crime Agency and Financial Conduct Authority are warning that the number of clone firm scams has significantly increased during the COVID-19 pandemic. Over a six-month period, these fraudulent schemes have led to more than 78 million pounds ($107 million) in losses for victims. A clone firm is a fake entity created by fraudsters that uses the name, address and Firm Reference Number - a unique identifier assigned to every financial or investment firm in the U.K and issued by the Financial Conduct Authority - of a legitimate organization, according to the alert. In some cases, the scammers will clone or spoof the entire website of a legitimate firm.
Get Permission A Cypriot hacker has pleaded guilty to a pair of federal charges after admitting that he hacked the websites of several U.S. organizations, stole data and then threatened to disclose it unless a ransom was paid, according to the U.S. Justice Department. Joshua Polloso Epifaniou, 21, of Nicosia, Cyprus, pleaded guilty this week to computer fraud conspiracy and obtaining information from a protected computer. He faces up to five years in prison and a $250,000 fine when he s sentenced in March, according to court documents. Police in Cyprus arrested Epifaniou in February 2018, and he was extradited to the U.S. in June 2020, according to the Justice Department. He has remained in custody since. The case marked the first time that Cyprus extradited a suspect to the U.S. to face charges under a treaty signed in 2006.
Russian Pleads Guilty to Running Cybercrime Forum News Highlights: Russian Pleads Guilty to Running Cybercrime Forum. Cryptocurrency fraud, cybercrime, fraud management and cybercrime Kirill Victorovich Firsov was the manager of the Deer.io market Prajeet Nair (@prajeetspeaks) • January 25, 2021 Recommended The Deer.io domain was seized by the FBI in March 2020. A Russian citizen who served as the administrator of the now-defunct Deer.io online clearinghouse – which sold stolen credentials, hacked servers, and criminal services such as assistance with hacking activities – has pleaded guilty to a federal charge, according to the U.S. government United States Department of Justice. See also: Top 50 Security Threats
Two domains were seized by federal authorities and shut down. (Source: Department of Justice) Federal investigators have seized two domains impersonating the pharmaceutical firms Moderna, which has begun shipping a COVID-19 vaccine, and Regeneron, which developed a treatment for COVID-19, according to the U.S. Justice Department. The investigation into the two sites was launched earlier this month after fraudsters were found impersonating the names of the two pharmaceutical companies and using the spoofed websites to steal identities that could be used to create phishing campaigns and spread malware, according to the U.S. Attorney s Office for the District of Maryland, which is overseeing the case.
Get Permission An updated version of the AgentTesla information-stealing malware now boasts additional data harvesting capabilities, including the ability to target more web browsers and email clients, according to a report released this week by security firm Cofense. AgentTesla was first uncovered by security researchers in 2014. Since then, its developers have steadily added to its capabilities. One recent update that was spotted in August by analysts with Sentinel Labs found the malware could steal credentials from VPNs, web browsers, FTP files and email clients (see: Since the start of the COVID-19 pandemic, AgentTesla has become popular with fraudsters and cybercriminals due to its ability to steal a large range of data from targeted victims and its relatively low licensing fees, which the Sentinel Labs analysis found ranges from $12 for a monthly rental to $35 for a six-month lease.
Malicious domain designed to look like an Office 365 logon page (Source: Abnormal Security) A spear-phishing campaign detected earlier this month that uses messages that appear to originate with legitimate companies is targeting enterprise users in an effort to steal Microsoft Office 365 credentials, according to a report from Abnormal Security. The fraudsters appear to have compromised hundreds of legitimate accounts to help craft realistic-looking emails, the researchers say. In one case, the malicious messages impersonated eFax, an online fax service, and the messages included personalized Doc Delivery notifications to entice victims to click. The phishing emails typically contain an embedded link that leads the user to what the researchers call “never-seen-before Microsoft Office 365 spear-phishing pages hosted on legitimate digital publishing sites such as Joom, Weebly and Quip.” So far, hundreds of these domains have been detected, according to the report.