Brian Krebs reports: A financial cybercrime group calling itself the Disneyland Team has been making liberal use of visually confusing phishing domains that spoof popular bank brands using Punycode, an Internet standard that allows web browsers to render domain names with non-Latin alphabets like Cyrillic. The Disneyland Team uses common misspellings for top bank brands in its domains….
Category: Phishing
A state-appointed receiver is investigating a phishing scam that drained $400K from Chester’s coffers
Vinny Vella reports: A phishing scam siphoned more than $400,000 from Chester in June, and the state-appointed receiver who is handling the beleaguered city’s finances wants to know why his office wasn’t notified until two weeks ago. In a memo sent to Mayor Thaddeus Kirkland and Chester’s city council on Monday, Michael T. Doweary said…
Robin Banks phishing service returns to steal banking accounts
Bill Toulas reports: The Robin Banks phishing-as-a-service (PhaaS) platform is back in action with infrastructure hosted by a Russian internet company that offers protection against distributed denial-of-service (DDoS) attacks. Robin Banks faced operational disruption in July 2022, when researchers at IronNet exposed the platform as a highly threatening phishing service targeting Citibank, Bank of America, Capital One, Wells…
Sg: Victims lose $237,000 amid resurgence in SingPost and Singtel phishing scams: Police
Aqil Hamzah reports: At least 85 people here have lost about $237,000 since January 2022 after falling victim to phishing scams involving purported e-mails from Singapore Post (SingPost) and telco Singtel. It comes amid a resurgence in scammers impersonating both firms and sending out e-mails with unrelated domains, said the police on Thursday. The e-mails…
Aveanna Healthcare To Pay $425,000 Following Phishing Attacks in 2019 That Impacted Thousands of Massachusetts Residents
BOSTON — A Georgia-based home health and hospice care company will pay $425,000 after it failed to implement proper security measures to protect the personal information of patients and employees, Attorney General Maura Healey announced today. The complaint and consent judgment against Aveanna Healthcare, LLC, entered today in Suffolk Superior Court, follows a series of phishing attacks that impacted more than…
Dropbox admits 130 of its private GitHub repos were copied after phishing attack
Simon Sharwood reports: Dropbox has said it was successfully phished, resulting in someone copying 130 of its private GitHub code repositories and swiping some of its secret API credentials. The cloud storage locker on Tuesday detailed the intrusion, and stated “no one’s content, passwords, or payment information was accessed, and the issue was quickly resolved.” Read more…