Tag Archive for: Fraudulent

California man says fraudulent accounts opened, home purchased in his name since city of Oakland ransomware attack

/in


OAKLAND, Calif. — It’s been ten months since the city of Oakland, California’s network was hacked and the personal information of tens of thousands of people was leaked onto the dark web. Now, one victim says multiple accounts have been opened in his name, making fraudulent purchases, including a house.

Our sister station KGO was the first to report the city’s oversight — exposing dozens of victims who were never notified that their sensitive financial information was leaked.

“It’s a living nightmare,” said Oakland native Dedrick Warmack, as he anxiously checked his mailbox. “On the credit report, there’s credit cards that should’ve been closed, they’re now open with balances of $17,000 and $30,000.”

VIDEO: Dozens of Oakland ransomware victims never notified SSN were leaked on dark web

Dozens of victims of Oakland ransomware hack were never notified their social security numbers were leaked on the dark web, the I-Team found.

Warmack says his identity was stolen months after the city’s network was hacked.

“I have no idea how many accounts have been opened in my name,” he said.

Warmack says his credit score dropped more than 200 points, but he didn’t know at the time that was just the beginning.

At first, he says he started receiving strange phone calls and emails about refinancing a home. That was followed by letters he says he got from several banks notifying him of new accounts in his name.

“I knew something was going on,” he said.

Warmack is one of dozens of victims who previously filed a claim with the city alleging injury, but instead, ended up with their personal and financial information leaked.

Now, he says fraudulent checks are being made in his name.

RELATED: Oakland ransomware attack: Leaked data has more than 3.1K views on dark web

“Like this water and sewage bill for $2,000,” Warmack showed as he scrolled through his accounts. “This is not East Bay Mud…”

Warmack says some of the bills appear to be from New England.

“It says it’s an open balance, how can I have an open balance?”

From there — he says it only got worse.

“I’m getting notices about refinancing a home… and I’m like, I pay rent,” said Warmack. “Somebody has something in my name somewhere since October, I’ve been…

Source…

Windows, Android malware deployed via fraudulent ChatGPT apps – SC Media

/in



Windows, Android malware deployed via fraudulent ChatGPT apps  SC Media

Source…

Malware resets Android devices after performing fraudulent wire transfers

/in


If your Android phone initiates a factory reset out of the blue, there’s a chance it has been infected with the BRATA banking malware and you’ve just been ripped off.

Android malware reset

The unusual functionality serves as a kill switch for the trojan, Cleafy researchers have explained, while also making the victim lose time trying to find out what happened as crooks siphon money out of their account.

European users under attack

First documented by Kaspersky researchers in 2019, BRATA was a RAT targeting Android users in Brazil. It was able to capture and send user’s screen output in real-time, log keystrokes, retrieve device information, turn off the screen to give the impression that it has been turned off, and more.

Through the years, BRATA evolved primarily into banking malware and has lately been aimed against Android users in Europe and the rest of Latin America. (Cleafy researchers hypothesize that the group responsible for maintaining the BRATA codebase is probably located in the LATAM area and is reselling this malware to other local groups.)

The trojan has been spotted targeting customers of several Italian banks in H2 2021.

“The attack chain usually starts with a fake SMS containing a link to a website. The SMS seems to come from the bank (the so-called spoofing scam), and it tries to convince the victim to download an anti-spam app, with the promise to be contacted soon by a bank operator. In some cases, the link redirects the victim to a phishing page that looks like the bank’s, and it is used to steal credentials and other relevant information (e.g. fiscal code and security questions),” the researchers shared last December.

Victims are persuaded by the fraud operators to install the app, which gives the latter control of the device and access to the 2FA code sent by the bank, allowing them to perform fraudulent transactions.

Since then, several variants of the malware posing as a variety of security apps have been targeting users of banks and financial institutions in the UK, Poland, Italy, and LATAM.

BRATA’s new capabilities

These “European” variants have gained interesting capabilities such as establishing multiple communication channels (HTTP and…

Source…

With cyber crime on the rise, we speak to experts to share tips on dealing with fraudulent activities

/in


Digital advancement has given fraudsters new ammunition to target the vulnerable. In the WhatsApp fraud, the target receives a message saying the sender has found his number on contact. Scamsters gain information slowly for misuse. The Facebook fraud has a link from a friend – Is this you in the video? The account gets hacked after clicking on the link. It’s time to know ways to deal with them.

Online frauds 

Shedding light on the situation, Niranjan Upadhye, General Manager, Fraud Risk Management Division, Worldline India, says, “Most frauds are Social Engineering frauds. After gaining your trust, fear or greed, fraudsters typically coax you for a ‘call to action’, something they’d like you to do. Once they manage to get you to do the same, they would exploit your weakness further by cajoling or coercing you.” Thus, despite a generally sorted infrastructural security, India faces peril in IT-related frauds thanks to user conduct.

There are talks about the hijacking, which has the attacker taking over communication between two entities. The attacker then mimics one of the entities. It is all done to gather information or become one of the users to conduct things that he or she normally does online. This is what Shibu Paul, Vice President, International Sales at Array Networks, has observed.

“Thieves use email to try to trick you into visiting a false website where you get told to reveal confidential information,” he reveals about Phishing. “There’s ‘Vishing’. Scammers utilise a phone number in phishing emails. A person or an automated response system will ask for your personal or account details if you call. One most prevalent attack is infecting a user’s computer with malicious software, or ‘Malware’. ‘Botnet’ refers to a network of robot computers. The use of malware disseminated via Botnet allows criminals to acquire sensitive data and possibly commit fraud.”

Many might have seen newer frauds on the horizon hitting millennials and Gen Z. Like dating site frauds, fun games around celebrity crushes, credit card renewal fee waivers, credit card blocked, Buy Now Pay Later (BNPL), Cryptocurrency, AnyDesk fraud, Covid related and fuel card frauds and…

Source…