Archive for July 21, 2022

Stolen logins selling for same price as a gallon of gas on the Dark Web: HP Wolf Security Study

Posted in Commentary with tags on July 21, 2022 by itnerd

Something that caught my attention today is a new cybercrime study from HP Wolf Security, revealing how it has never been cheaper or easier to be a cybercriminal.

Here are some key findings both in print and in graphics:  

  • Stolen remote desktop credentials – which allow an attacker to log into targets devices from anywhere – average at just $5. 
  • Malware and exploits that let cybercriminals infect and control machines are typically less than $10. 
  • ‘Noob friendly’ mentoring and hosting services are selling for a fraction of the price of IT qualifications. 

Here are some examples of advertisements on the dark web:

As the barriers to entry lower and the number of attackers get higher, the more likely Canadian businesses are at risk of becoming a target.

The Evolution of Cybercrime: Why the Dark Web is Supercharging the Threat Landscape and How to Fight Back gives an overview of how this cybercrime economy is emerging, actionable insights into what the future holds and advice on how to better defend against cybercriminals.  

Leave a comment »

New PayPal Phishing Attack: Hackers Trick Victims, Send Emails via The Invoice Expressway

Posted in Commentary with tags on July 21, 2022 by itnerd

Last month, researchers at Avanan released their findings on the QuickBooks phishing scam, where hackers send spoofed invoices from a legitimate QuickBooks account to get into user inboxes and steal credentials and money. 

Researchers at Avanan have now observed hackers using this same technique, only now using the legitimacy of PayPal to bypass email scanners and successfully deliver fake invoices. 

Like the previous attack, hackers present an invoice, encouraging victims to call with any questions. Users are asked to provide credit card details to cancel the transaction when calling the number provided.

Jeremy Fuchs, Cybersecurity Research Analyst at Avanan had this to say:

“This is yet another example of hackers taking advantage of static Allow Lists. PayPal is a trusted site, so security solutions are likely to trust content coming from the site. This is an effective way for hackers to land in the users’ inbox. Plus, since the email comes from PayPal, it looks more convincing. When looking at the message, end-users should be encouraged to not call unfamiliar phone numbers and to do a Google search of any phone numbers to see if it is legitimate.”

You can read the report here.

Leave a comment »

Guest Post: Top 5 phishing statistics of 2022 According To Atlas VPN

Posted in Commentary with tags on July 21, 2022 by itnerd

While 2022 is not over, phishers have already launched various attacks. The Atlas VPN team compiled a list of the top five most notable phishing statistics and findings of 2022 so far to shine the light on the current cybercrime landscape.

#1 Almost 70% of email scammers leave the ‘subject’ line empty 

If there is a tell-tale sign that the email one received is a phishing attempt is an empty subject line. Research finds that 67% of cybercriminals leave the subject line blank when sending malicious emails. 

Other subject lines attackers use, although much less frequently, include ‘Fax Delivery Report’ (9%), ‘Business Proposal Request’ (6%), ‘Request’ (4%), ‘Meeting’ (4%), ‘You have (1*) New Voice Message’ (3.5%) , ‘Re: Request’ (2%), ‘Urgent request’ (2%), and ‘Order Confirmation’ (2%). 

#2 LinkedIn users targeted in 52% of all phishing attacks globally in Q1 2022 

Cybercriminals often utilize big brand names in their phishing attempts in hopes receivers will not notice the message is coming from an illegitimate source. In the first quarter of 2022, attackers most frequently chose LinkedIn as they go to brand. 

Linkedin was used in over half (52%) of phishing scams worldwide — a 44% upshift from 8% in the previous quarter. It was the first time a social media brand outranked tech giants like Apple, Google, and Microsoft as phishers’ favorites. 

#3 ​​Blockchain.com, Luno, and Cardano are the top-most phished crypto projects 

Even with the cryptocurrency market going through hard times, cybercriminals continue to use crypto brands in their scams. One of their tactics is to set up fraudulent websites that look like legitimate brands with hopes of stealing sensitive information. 

Cryptocurrency financial service company Blockchain.com was the most spoofed crypto brand, with 662 phishing websites in the last 90 days (till June 22, 2022). Crypto investing app Luno is the second on the list with 277 phishing pages, followed by proof-of-stake blockchain platform Cardano with 191.

If you would like to learn more about the online crime landscape, we have prepared a report that overviews 60 Worrying Cybercrime Statistics.

To read the full article, head over to: https://atlasvpn.com/blog/top-5-phishing-statistics-of-2022

Leave a comment »