Search This Blog

Showing posts with label Cyber Fraud. Show all posts

Number of fake delivery services increased in Russia


Alexander Vurasko, a leading Infosecurity analyst at Softline Company, said that during the pandemic, scammers learned how to qualitatively fake food and electronics delivery sites.  Over the past four months, 56 clones have appeared at Delivery Club, and at least 30 at Yandex.Food. Companies try to quickly block such resources, but they do not always succeed.

The expert noted that the peak of the appearance of such Internet resources was recorded in April.

In addition to food sites, experts found fake Samsung online stores and Citilink online electronics hypermarket.

These sites almost completely copy the original ones: they have a catalog with hundreds of items, users can choose a restaurant, order dishes, enter the delivery address and pay for the order with a Bankcard.

Alexei Drozd, head of the information security department at SerchInform, noted that in April, the use of the delivery theme in the domain name increased: if in February there were 53 domain registrations with the word delivery, then in April — 288. According to him, this means that a high-quality Grabber has appeared on the Darknet,  a program that can reliably copy the look and content of the site.

Fraudsters actively used such software, but it is more difficult to copy marketplaces with a complex structure than a regular website, and if they already succeed, then we should expect new large phishing waves, warns Mr. Drozd. According to him, phishing sites live up to the first complaints from users or copyright holders, so it is important that companies themselves fight phishing.

Moreover, on the fake Delivery Club, after entering the card data, users need to enter the code from the SMS, so it can not be excluded that at this moment "someone links their number to your mobile Bank", noted the Telegram channel In4security, which discovered such a resource.

Kaspersky Lab also noticed sites that mimic well-known food delivery services. Hackers always use popular brands, says Tatiana Sidorina, a senior content analyst at the company.

eSIM Swapping Fraud: Cyber Criminals Targeting Airtel Customers in Hyderabad


Hyderabad witnessed three back to back cases of cyberfraud wherein criminals targeted Airtel customers promising them eSIM connection that led to a fraud of more than 16 lakh Rs. In the wake of the frauds, the Hyderabad cyber crime police station issued an advisory alerting Airtel customers regarding the fraudsters befooling people in the name of the eSIM connection.

S. Appalanaidu, a resident of Miyapur, Hyderabad received a message on 11th July informing him that if he fails to update his KYC details, his SIM card would get blocked. “Dear Customer Your SIM Card Will Be Blocked in 24 hours Please Update Your eKYC verification Thanks”. The message read.

Later, he received a phone call from a person acting to be a customer care executive for Airtel who asked Mr. Appalanaidu to forward the e-mail address sent by him to #121 i.e., Airtel customer care number, in order to get his KYC updated online. Reportedly, after forwarding the email-id, Mr. Appalanaidu got an auto-generated SMS from the service provider for registering the email address for his contact number. Once the e-Sim request was forwarded by him to Airtel along with the email address, he received another auto-generated SMS handing him the e-SIM enabled handset and asking to proceed with the same. After that, he received a Google view form link on which he submitted the name of his bank and forwarded it to the caller. Immediately after his SIM card got blocked and a sum of Rs. 9,20,897 had been deducted from his bank account. Following the incident, Mr. Appalanaidu filed a complaint on 14th July urging for necessary actions to be taken by cyber police.

Similarly, the criminals cheated two other Airtel users for amounts - Rs. 5,94,799 and 1,03,990 respectively. In the light of that, Hyderabad cyber police issued an advisory to warn customers about how fraudsters are sending a heap of messages and calling them claiming to be Airtel customer care executives and asking them to send requests for the activation of eSIM and eSIM enables devices, which is just another way of cheating customers and tricking them into providing enough personal and financial details for fraudsters to capitalize on. ,

WhatsApp Scam: Hackers stealing Verification Codes from Users


WhatsApp Messenger, a cross-platform messaging app owned by Facebook is the most popular messaging application in the world and recently it's usage increased by 40% amid lock-down. But with it's rising popularity, the users are facing security threats as a new scam has emerged on the Facebook-owned messenger that tries to steal the user's verification code.

The scammers pose as WhatsApp's official account and ask the user to verify his/her identity by providing the six-digit verification code to the account.

This verification code is sent to the user via SMS in order to register their device.

WABetaInfo, a blog that tracks WhatsApp features shared the scam in a tweet. Dario Navarro, a Twitter user asked WABetaInfo that he got such a message and if he should reply, in response the feature tracker responded with “WhatsApp never asks your data or verification codes,”.


According to the message sent to Navarro, the spammer sends the message posing as WhatsApp (with WhatsApp's logo as a profile picture) and in a message written in Spanish ask him to verify his identity and account number by providing the six-digit verification code which the spammer could use to hack the account.

WhatsApp will never ask for your personal details or verification code

WhatsApp clearly states in their FAQs section not to share the verification code, “If someone is trying to take over your account, they need the SMS verification code sent to your phone number to do so. Without this code, any user attempting to verify your number can't complete the verification process and use your phone number on WhatsApp,” the company says.

Any information by the company is either published on their blog or tweeted on their official account. And even if WhatsApp does message you ( a rare phenomenon) it would be from an account with a green tick next to it.

If you get a verification SMS, it means someone is trying to log in to your account, this could be because someone entered the wrong phone number or if someone is trying to hack your account. So, if someone hacks your account, you can simply verify your phone number and the other user will be logged out.

Russian banks revealed new types of fraud


Stanislav Kuznetsov, Deputy Chairman of the Board of the Bank, said that fake Internet recruiting agencies that offer employment have become more active. An applicant should fill out a form with personal data. Then a letter arrives that he was hired, and he needs to transfer money for some equipment urgently. In the end, no money, no work.

VTB specialists reported cases of fraud when hackers place job ads and get access to mobile phones while communicating with candidates. Then, using remote access, hackers get to the client's personal account and can withdraw money.

Hackers are looking for candidates without experience, for example, for the position of mobile app tester. Those who responded to the ad, they are asked to pass testing and install remote access programs to their computer or smartphone for control. Fraudsters can use them to log in to their personal account and withdraw funds.

The VAT refund scheme is also gaining popularity among fraudsters. Attackers publish videos on the Internet with a proposal to refund value-added tax to all Russians left without income. In this scheme, customers click on a fraudulent link from the description to the video and independently perform expense transactions, which leads to a loss of money.

"Internet companies began to actively appear that offer customers to take advantage of the volatility of cryptocurrencies and promise a large profit," said Kuznetsov about another scheme.

Finally, financial fraudsters copy popular initiatives of well-known brands and companies to attract their victims, using hashtags of the period of self-isolation, for example, #stayhome and offer to participate in the campaign to get three thousand rubles ($42). For this, it is allegedly necessary to provide card data and a one-time SMS password.

It is worth adding, according to the international company Group-IB, using the remote access program TeamViewer, fraudsters steal from the clients of large banks on average from 6 million to 10 million rubles per month ($84,000 - 140,000).

Russia recognized as the leader in posting fraudulent resources on the Web


According to the results of last year, Russia seized the first place from the United States in terms of
the placement of fraudulent Internet resources, found out in the international company Group-IB, which specializes in repelling and preventing cyberattacks.

If in the previous three years, most of the blocked phishing resources were located in the United States, in 2019, Russia took first place in this indicator. Hosting services in Russia received 34% of blocked phishing resources, in the US 27%. Panama is in third place, it accounted for 8% of blocking.
The company also indicated that in 2019, the total number of blocked phishing resources increased three times, from 4.4 thousand to 14,093.

According to the Group-IB, earlier scammers stopped their campaigns after they were blocked and switched to other brands. Now they continue to work, replacing the blocked pages with new ones. They also complicated and expanded the mechanisms for implementing phishing attacks.

At the same time, the scammers revised their goals: the number of phishing resources for attacks on cloud storage doubled over the year and the number of fraudulent pages targeting users of Internet service providers tripled. This is due to the desire to get personal and payment data of users.

It is worth noting that Group-IB may require blocking resources as a competent organization that cooperates with the Coordination Center of RU domains.

Kaspersky lab reported in November 2019 that cyber fraudsters have developed a new method of corporate phishing to steal personal data from banks. For example, Bank employees receive an invitation to pass certification with the requirement to enter a username and password from their work email. As a result, fraudsters get access to their correspondence, which may contain files with personal data of credit institution clients.

Experts warned of a wave of repeated attacks on victims of cyber fraud



Group-IB specialists identified the spread of a popular scam on the Network. The Double Deception scheme is as follows: people who have already become victims of Internet scams are offered assistance in obtaining compensation for damage, after which scammers steal their personal information, including bank card information.

"The scheme has several scenarios — scammers offer to refund money for participating in popular fake polls, give away or dishonest lotteries. In another case, they promise VAT compensation for expenses on the purchase of foreign goods: medicines and dietary supplements, clothes and shoes, food, fuel, building materials, household appliances, etc.,” said Group-IB.

Experts have studied the working scheme of one of the fraudulent resources. As it turned out, behind it is a network of sites of more than 170 domain names registered for one person. Fraudsters often register their sites in the domain zone .xyz and not in .ru. This allows them to avoid quick locks.

In order to attract victims, fraudsters use several methods. They can send newsletters in social networks, messengers and by mail, or use clones of popular media. Group-IB experts gave an example of the title of one of such fake publications: "a 76-year-old pensioner received 170,000 rubles of VAT compensation and spent all the money on a stripper." From this page, users were redirected to a website where they were asked to calculate their VAT refund amount. To do this, the victim must enter four digits of the Bank card number. The final step of this scheme is to redirect the person who wants to receive compensation to the chatbot. There, the user was asked to talk to a lawyer who would help them get compensation, and finally pay for their services to get a refund. As a result, the victim's card details and money are debited by fraudsters.

Earlier, EHackingNews reported than according to cybersecurity experts, attacks on the network perimeter of domestic companies have begun to grow. Hackers are trying to get access over servers and get into the local network. This boom is caused by the transfer of employees to remote work.

Information security experts have warned Russians about bonus card fraud schemes.


Fraudsters several thousand times tried to illegally take advantage of discount bonuses of Russians in 2019.

Some attackers gained access to customers' personal accounts, and then bought the products using bonuses, said Alexey Sizov, head of the anti-fraud department of the Application Security Systems Center at Jet Infosystems.

According to him, a fraudster can register a personal account on a card that was issued to another person. The victim will accumulate points without knowing about the existence of his profile, and the attacker will write off bonuses, said Sizov.

The expert added that this is mainly done by novice scammers. According to him, loyalty programs are poorly protected, unlike banking operations. He said that they are estimated at 50 billion rubles ($760 milliard) for the 30 largest retailers.

Alexey Fedorov, Chairman of the Business Russia Trade Committee, said that in 2019, the number of bonus and discount thefts "increased significantly."

According to Fedorov, scammers often pay attention to gas stations. The expert noted that often points are stolen by employees of stores and call-cents who have access to information about loyalty programs. Especially for customers who do not use the accumulated points for a long time, said Fedorov.

The press service of the Russian trading network Magnit told that they also see a problem in fraud with bonus points. However, the damage from it is more image-based, as customers are disappointed in the loyalty program and lose confidence in it.

In addition, representatives of the largest retail chains in Russia said that they have already taken care of the problem of stealing discount points. To protect against such scams, sellers introduce two-factor identification: bonus debits must now be confirmed with a code from SMS, similar to banking operations.

The hacker explained why in Russia cards will become more often blocked


Hacker Alexander Warski told what to expect from Governing Bodies. According to him, bank cards will more often be blocked in Russia.

The information security specialist expressed the opinion of the new law on mandatory notification of blocking of finances on the accounts of Russians. Starting from March 28, according to the new law, credit institutions are obliged to notify customers about the blocking of funds on the same day, necessarily indicating the reason for their actions. According to the hacker, the new law will only contribute to a significant increase in blockages.

"The governing bodies will be more likely to use this tool," - said Warski.
At the moment, the percentage of all illegal withdrawals is 1% of all financial transactions. Scammers use fake phone numbers that are displayed as Bank numbers and disturb people on behalf of the Bank. In this regard, the hacker believes that mobile operators are to blame for allowing the sale of virtual SIM cards.

State Duma Deputy Natalia Poklonskaya believes that the introduction of the new law will make the bank-client relationship system more transparent.

"Now this side of banking will become more open, and blocking the client's account will no longer be unexpected, which means that it will not be able to be a manipulative tool," said Natalia.

Earlier, EhackingNews reported that experts from the information security company Positive Technologies came to the conclusion that hackers will need only five days on average to hack a large Russian Bank.

In addition, it became known that 89% of data leakage incidents in Russian banks were caused by ordinary employees.

Banks also noted the appearance of special Telegram bots, through which people can earn anonymously on the leak of information and personal data. Each case of information disclosure costs 50-100 thousand rubles ($750 - $1,500).

The Central Bank of Russia warned about the new scheme of fraud "taxi from the Bank"


Fraudsters have found a new way to withdraw money from Russians. Social engineering is also in progress: people are offered a new service from banks "taxi to ATM", and on the way, they are convinced to transfer money to a third-party account.

Victims of the new scheme are those who do not use online banking, in particular, the elderly. Attackers force them to transfer money through an ATM, for which they offer to use the "taxi from the Bank" service for free.

This information is confirmed not only in banks but also in the Central Bank. Several people have already become victims of such a fraud, all of them tell about the same story: criminals call from the number "8 800" and report that someone is trying to withdraw funds from the client's card. If the potential victim does not have an Internet Bank, the person was offered a special taxi to the ATM.

"Allegedly, it will be possible to transfer funds to a secure account from ATM. Attackers order a regular taxi for the victim, and when a person is at the ATM, he makes a dictation operation to transfer money to the attacker's account," said Alexey Golenishchev, Director of monitoring operations and disputes at Alfa-Bank.

The Central Bank warned that customers are never asked to make transactions through ATMs when a suspicious operation is suspected. Scammers often offer to transfer money through an ATM, and "taxi from the Bank" is one of the varieties of this scheme.

Sberbank confirms this scenario and recognizes that the scheme is becoming more popular. The victims are lonely people or elderly people who are easily to trick, and they do not have the opportunity to consult with someone. Scammers do not give time to think and convince a person to act quickly.

Usually, the damage from such fraudulent actions is about 15 thousand rubles ($220).
Previously, fraudsters began to practice another way of cheating. A man finds a forgotten card at an ATM, picks it up and then the owner of the card appears. Of course, the owner reports that money has disappeared from his card.

Insider data breaches : a big concern say 97% of IT leaders


According to a survey by Egress, a shocking 97% of IT leaders said insider breach is a big concern. 78% think employees have put the company's data in jeopardy accidentally while 75% think they (employees) put data at risk intentionally. And asking about the consequences and implication of these risk, 45% said financial damage would be the greatest.


Egress surveyed more than 500 IT leaders and 5000 employees from UK, US and Benelux regions. The survey showed serious incompetence of IT sector in handling data and their own security as well as employee confusion about data ownership and responsibility.

On the question of how they manage insider data breach and security measures they use, half of IT leaders said they use antivirus software to detect phishing attacks, 48% use email encryption and 47% use secure collaboration tools. And 58% , that is more than half relied on employee reporting than any breach detecting system.

Egress CEO, Tony Pepper says that the report shows the ignorance of IT leaders towards insider breaches and the lack of risk management on their part.
 “While they acknowledge the sustained risk of insider data breaches, bizarrely IT leaders have not adopted new strategies or technologies to mitigate the risk. Effectively, they are adopting a risk posture in which at least one-third of employees putting data at risk is deemed acceptable. “The severe penalties for data breaches mean IT leaders must action better risk management strategies, using advanced tools to prevent insider data breaches. They also need better visibility of risk vectors; relying on employees to report incidents is not an acceptable data protection strategy.”

Misdirected and phishing emails are top cause of insider data breaches- 

Misdirected and phishing emails are top cause of accidental insider data breaches as 41% of employees who leaked data said they did it because of phishing emails and 31% said they sent the information to the wrong individual by email.

 Tony Pepper adds;
“Incidents of people accidentally sharing data with incorrect recipients have existed for as long as they’ve had access to email. As a fundamental communication tool, organizations and security teams have weighed the advantages of efficiency against data security considerations, and frequently compromise on the latter. 
“However, we are in an unprecedented time of technological development, where tools built using contextual machine learning can combat common issues, such as misdirected emails, the wrong attachments being added to communications, auto-complete mistakes, and employees not using encryption tools correctly. Organizations need to tune into these advances to truly be able to make email safe.”

Phishing Scam: Puerto Rico Government Loses More than $2.6 million



Puerto Rico's government fell for an email phishing scam and unintentionally lost over $2.6 million to cyber-criminals behind the scam, as per a senior Puerto Rico official. It is a government-owned agency whose mission is to drive economic development on the island while working with local as well as foreign investors.

These days, scammers launch thousands of phishing scams like these which resulted in it being a top reported crime to the Federal Bureau of Investigation (FBI), in the past year, as per the IC3 annual report released recently. Some top victims of a similar kind of attack from last year include a Texas school district being scammed for $2.3m, a British community housing non-profit being scammed for $1.2m and Nikkei for a whopping $29m.

On Wednesday a complaint was filed to police, in which Rubén Rivera, finance director of the island's Industrial Development Company confirmed that the money has been sent to a fraudulent account by an unsuspecting employee from Puerto Rico's Industrial Development Company. The officials discovered the incident earlier this week and it was immediately reported to the FBI, according to the statements given by the executive director of the agency, Manuel Laboy to the Associated Press.

However, Laboy did not comment on how the officials came to know about the phishing scam and the aftermath of the incident involving employees being dismissed or how this incident affected the overall operations when the funds went missing. He further told that an internal investigation has been instigated to find out if someone disregarded the set standards and were negligent about the laid out procedures, he also added that the officials at the corporation are attempting to recover the lost funds.

The agency received a fraudulent email claiming that the bank account used by them for remittance payments should not be used anymore for that purpose and it also told the agency that they should transfer the money to a new account that belonged to the criminals operating the scam which agency was oblivious to.

Acknowledging the seriousness of the matter and addressing the criticism from the Puerto Ricans Laboy told, “This is a very serious situation, extremely serious, we want it to be investigated until the last consequences,” “I cannot speculate about how these things might happen,” “It’s a big responsibility.”

Canadian Teenager Charged and Arrested for $50 Million Cryptocurrency Theft


Samy Bensaci, an 18-year-old teenager from Montreal, Canada has been indicted for 4 criminal charges in relation to a theft of cryptocurrency worth $50 million in a SIM-swapping scam that targeted cryptocurrency holders, as per the reportings by Infosecurity Magazine, dated 17th of January.

The Canadian authorities have accused the teen hacker of being a part of a hacking group that was involved in the theft of millions of dollars from Canadians and Americans. The scam, of which Bensaci was allegedly a part of, stole, "$50 million from our neighbors to the south and $300,000 in Canada" told Lieutenant Hugo Fournier, a spokesperson for the Sûreté du Québec.

Bensaci was charged and consequently arrested in November and was later released on CA $200,000 bail, on orders of living with his parents in Northeast Montreal, as per the local media reports. As a result of the incident, prosecutors prohibited Bensaci's access to any device that can be connected to the internet including computers, mobile phones, tablets, games, and consoles. Specifically from accessing, “any computer, tablet, mobile phone, game console, including PS3, PS4, Xbox, Nintendo Switch, or any other device capable of accessing the Internet”. He has also been ordered to hand over his passport to local police to assure he does not flee away from the country.

One of the purported victims Don Tapscott confirmed, “We can confirm that last year a hacker attempted to steal crypto assets from our company and its employees. That attempt was unsuccessful. We cooperated with the police [and] have been impressed with their determination to bring those responsible to justice.”

SIM swapping attack, also known as SIM jacking or SIM splitting is a form of identity theft where an attacker targets a weakness in two-factor authentication to take over an account. The attacker exploits a cell phone carrier's ability to port a phone number to a new device with a new SIM to acquire access to the victim's credit card numbers, bank accounts, and other financial information. The feature is normally used when someone loses access to his phone (or gets it stolen) or is switching service to a new device. As the reliability of customers on mobile-based authentication is growing, SIM swap attacks have also been on a rise in recent times.

Google Chrome Extension, Shitcoin Wallet found stealing passwords and crypto-wallet keys


MyCrypto platform reported that Shitcoin Wallet, a Google Chrome extension was injecting JavaScript code on web pages, in order to steal passwords and keys from cryptocurrency wallets.


The extension, Shitcoin Wallet, Chrome extension ID: ckkgmccefffnbbalkmbbgebbojjogffn, was launched last month on December 9. With Shitcoin Wallet, users managed their Ether (ETH) coins, and Ethereum ERC20-based tokens -- tokens usually issued for ICOs (initial coin offerings) either from the browser or by installing a desktop app.

Malicious Behavior with the extension

Harry Denley, Director of Security at the MyCrypto platform, discovered that the chrome extension isn't what it promises to be. He found malicious code within the extension. In a blog, ZDNet reported that "According to Denley, the extension is dangerous to users in two ways. First, any funds (ETH coins and ERC0-based tokens) managed directly inside the extension are at risk.
Second, the extension also actively injects malicious JavaScript code when users navigate to five well-known and popular cryptocurrency management platforms. "

 Danley, said that the extension traffics all the keys on its system to a third party website at erc20wallet[.]tk.

 The malicious code works by the following process

1. The user installs the chrome extension Shitcoin Wallet.
2. The extension request permission to inject the malicious JavaScript code to 77 websites.
3. If the user navigates to any of these 77 websites, it injects an additional code.
4. The code activates on five websites: MyEtherWallet.com, Index. Market, Binance.org, NeoTracker.io, and Switcheo.exchange
5. After activation, the code saves the user's login credentials, keys, and other data then siphon it to a third party.

It is not constructively clear yet if the Shitcoin Wallet team is responsible for the malicious behavior or a third party infiltrated the extension. The Shitcoin Wallet team is silent on the allegations and has yet to give any comments on the matter.

Desktop App

Both 32-bit and 64-bit installers are available for the user to download on the extension's official website. VirusTotal, a website that aggregates the virus scanning engines of several antivirus software makers, showed that both versions were clean. But on a warning note, the desktop app may contain the code or something even worse.

Online Payments for Water Services Intercepted By Hackers


The City of Waco warns residents that their online payments for water services may have been impeded by hackers who stole credit card details.

As per a spokesperson for the City of Waco, the Click2Gov portal for water bill payments was breached by vindictive hackers who had the option to plant pernicious code that redirected sensitive data between August 30th and October 14th.

Security researchers have been following these attacks against Click2Gov's payment portals for two or three years now, with numerous reports of breaches including the urban areas extending across the United States and Canada, bringing about a thousands of payment card details being traded on the dark web.

The core of the issue is said to have been the third-party online payment software that Waco and a few other urban communities and regions use to let residents pay their bills, pay parking fines, just as make other financial transactions. CentralSquare Technologies, the creators of Click2Gov, counters that lone a "limited number" of Click2Gov customers have announced unauthorized access by hackers and that a vulnerability they recognized in the portal has now been closed.

As indicated by media reports, on account of the latest breach including water utility payments, the City of Waco was informed regarding the issue with the Click2Gov software on November 8, 2019.

City representative Larry Holze says, “Of the 44,000 water customers, typically we receive 12,500 payments online each month. During the period identified, a little over 8,000 customers were mailed letters. Payments made with a credit card inside the water office (not online) are not involved in this incident.”

Consumers affected by the breach can hope to get a letter from the city the previous week informing them about the occurrence and advising them whenever required on the means that ought to be taken to secure against such fraud.

“We’ve sent out letters to all those people who they’ve been able to give us that have been compromised, in some fashion, asking them to be careful and watch their statements and make sure something doesn’t show up,” said spokesman Holze.

The city has additionally set up a hotline for residents with inquiries regarding the breach, accessible from Monday to Friday on 833-947-1419.7

Bitcoin fraud worth $ 359M caught by the Brazil Police


The Brazilian police have found what is said to be an alleged Bitcoins fraud that stole $ 359M from the sufferers. "The Brazillian state police have been able to counter the anonymous operation and have caught 9 criminals," says the Parana state government in a statement. "Growing concern in crypto-currency businesses has been followed by an increase of scams,” the report states. “The absence of supervision and attention along with large levels of distraction, unfamiliarity, cross-perimeter activities, and other characteristics crucial to the cryptocurrency business reveals possible dangers to the users," says Brazilian Congressman Aureo Ribeiro.


The 4 months inquiry exposed five hundred personalities from over 6 states that have fallen prey to the Bitcoin grant fraud. However, the figures could go up to 5000 persons. “It was obvious that the plan was a fraud when the victims got a notification from the organization, informing the users that the investors would not be able to debit their money for 6 months,” says the Parana state government's statement.

The company responded to the situation by saying it too had suffered a scam estimating $5 million. But the investors' withdrawal money was delayed even after 6 months passed, and that's how the company was caught red-handed.' According to one of the victims, a fraud had promised everyday returns up to 4% on investments. The people arrested for the theft are accused of money laundering, scam, counterfeit and unlawful connection. 

Cryptocurrency Frauds happened recently-

Sadly, it is not the first instance when people have fallen prey to the cryptocurrency scam. "In May, a cryptocurrency fraud gang had was locked down for theft of $200M from over 50,000 victims," reports Hard Fork. Criminals pretended to give crypto-currency grants assuring people 15% of profits for their money. "During the time, the firm had collected about $215M through February 2019, however, police concluded the figure could be around $250M," says Federal Revenue Service.

The police in April caught an individual on doubt that he was running drugs racket gang and stealing money through Bitcoins. In the region Porto Alegre, Southern Brazil, the police officials have discovered a secret drug lab having Bitcoin digging facilities.

Cyber Intrusions on a Rise in Oregon, Attackers Bringing in Sophisticated Methods


Cyber intrusions have been on a rise with cybercrime becoming more dangerous and sophisticated than ever. The pervasive and evolving cybercrime poses a serious threat to both the public and private sector networks as attackers target international organizations to steal corporate data and individuals are subjected to identity theft.

In December 2018, Aaron Cole, from the Portland suburb of Oregon City, fell prey to a wire scam and nearly lost his home after being duped into making a fraudulent down payment of $123,000. The attacker sent Cole an email directing him to make the payment and tricked him into believing that it is from the title company he had been working with. At the time, Cole did not realize that a sophisticated network of hackers had been keeping track of his interactions with the title company. Although the email appeared similar in structure to the original emails he received from his title company, it had slight differences.

It was only when the title company reached out Cole on due dates, asking him to send the money, the realization of the blunder hit the Oregon man hard. He suddenly realized that he was duped by cybercriminals to give away all the money which he had saved from the sale of his former house along with other family savings.

Cole's title company, WFG came to his immediate rescue and made up for the losses, in turn, Cole is helping the company in spreading the word about more such scams. He was fortunate to be hired for the same amount he lost to the hackers - to be a spokesperson at the National Title Insurance Company.

“They warned we're never going to send you an email with wire instructions, it'll be an encrypted email. We’ll call you with wire instructions. They're putting all the red flags out there that they can possibly think of,” said Cole. “I was looking at it more like the terms of use when you want to download an app and you just skip through the thing and you click accept.”

While explaining the unfortunate incident and the state of mind which followed, the Oregon Husband and father of two said: "It was the worst feeling."

"And then having to go home and tell my wife that I just gave away all the money. She could tell right when I walked in the house and just sat down, and I just couldn't come up with the words to tell her." He added.

Referencing from the statements given by Gabriel Gundersen, an FBI supervisory special agent with the Oregon Cyber Task Force, "The emails have gotten well-crafted and quite detailed. They're highly tailored to that particular victim."

"It's a social engineering piece, where they're coercing a victim to do something based on an artificial agenda or an artificial timeline." He added.

Earlier the attempts made by attackers to dupe people were uncoordinated and clumsily executed due to which individuals had a scope of making distorted sense of anything which strikes them as strange and makes them feel uncomfortable, however now these cyber traps are set sophisticatedly making it difficult for individuals to locate the red flags.

Security officers are in a constant race with the attackers, ensuring they are not lacking behind with the fixes for every new approach slammed in by con men. However, the overall impact is still staggering as crucial systems are bypassed, disrupting the entire functioning of vital medical and banking networks.

Mumbai Techie Loses Rs 3 Lakh, Card Info Used 56 Times Abroad



A few days before Diwali, a Mumbai based engineer on a maternity leave to look after her new-born woke up to a shocking discovery from her bank as she was informed that she has fallen prey to a debit card fraud. While she was asleep, her debit card was used online to carry out 56 transactions, resulting in a loss of Rs 3.3 lakh, reported Times of India.

Around 2:30 am an automated phone call from the bank in which she has a savings account, alerted her about transactions carried out on her debit card and told her to reach out to customer care if the transactions had not been made by her. Upon receiving her response, customer care got her card blocked immediately and she also lodged a complaint with the Kanjumarg police, however, there are no remarkable leads on the case yet.

The unfortunate incident happened just a few days before Diwali and ruined the Diwali plans for the Mumbai techie's family. Notably, the transactions were made internationally and the owner did not receive any text or call requesting a one-time password (OTP). According to the statements given by the victim and her husband, they had never used the particular debit card internationally before. They had used it lately on domestic websites while shopping for baby products.

What experts have to say about the fraud? 


While commenting on the matter, cybersecurity expert, Vicky Shah said, "There could be various reasons how this happened. One of the possibilities is that the card could have been cloned. When a card is used internationally, an OTP is not required. Another possibility is that the card details were compromised. There were recent reports about details of 1.3 million cards being leaked. It’s a matter under police investigation." He also pointed out the RBI norms, which bound the bank to reverse the lost amount back into the victim's bank account within a time frame of 10 days as the transaction was carried out internationally.

Meanwhile, the victim's husband tweeted, "Bank representatives should have noticed that something was wrong when dozens of transactions were made so early in the morning. They should have called us before approving the transactions."

Websites tricking buyers with fake high-end products!


Bengaluru: The city's Cyber Crime Police Station (CCPS) has been receiving cases of a new modus operandi, where sellers on websites fraud people by delivering them fake products instead of the plush ones they ordered. Victims of this "gifts scam", as it is being called have lost from Rs 2,000 to Rs 10,000 , with around five cases being filed per day.

People are being scammed on websites as well as a popular Facebook marketplace where exorbitant and high quality products are advertised but the buyers receive fake, low-quality or copy products. In response, police did raid a go-down but no constructive steps have been taken as shutting down the alleged websites or finding the miscreants.

“Two days ago, a go-down was raided at Ramanagara where fake products were stored. They would advertise good-quality products and cheat customers with fake ones. This year, two cases were cracked - the second one by the CID cyber cell,” says K N Yeshvanth Kumar, cybercrime inspector in-charge of the Cyber Crime Police Station.

The buyers are being duped on various purchases, Essesse Satheesh, a product developer accounts- "I purchased a second hand Apple Watch but received a fake and lost Rs 16,000." Another buyer wanted to file a complaint to the police, to see the site shut down, "I had lost only Rs 2,000, but more than getting my money back, I want to inform the police that the website Mindhole.com is fake and that others should not fall for it".

Bengaluru has only one cybercrime police station with a tally of 8,200 cases this year, and in 2018 CCPS registered 5,036 cases and officials says that this number could easily go up to 10,000 if more cyber crime police stations are not introduced in the city; to open more of these has been repeatedly proposed to no effect.

Since 2017, only 3,000 of 12,000 cases have been disposed. “The numbers may seem alarming but that is because one station caters to the whole city. The CCP stations will come in soon but cannot say when,” said Additional Commissioner of Police (Crime) Sandeep Patil.

An App Helping Scammers Hack into Bank Accounts on the Rise in Bengaluru


An app called AnyDesk, utilized by telecallers pretending to be officials from legitimate banks is clearly on the rise in Bengaluru, helping hackers effectively access to the bank accounts of clueless customers.

AnyDesk is said to be a tool that gives remote access to digital devices and can be downloaded from Google Play and App Store. In February this year, the Reserve Bank of India cautioned of a digital banking fraud that utilizes AnyDesk as the main attack route.

Bengaluru cyber police have registered 25 cases over the last two months and as per a senior cybercrime investigator people have lost between Rs 15,000 and Rs 2 lakh subsequent to downloading the application.

The fakes talk about complimentary gifts, coupons and limits to draw their exploited people. “They use these to bait people into sharing their pin, and then access OTPs and credit card and CVV numbers saved on their phones,” he says.

The callers essentially persuade the victim to share their pin saying it is important to enact free insurance or extra credit. OTPs are their greatest weapons as they can be utilized to get to photos and recordings as well as personal data, which is now and then used to compromise and blackmail people, the official says.

“They can also see your chats and get passwords you may have stored on your phone,” the officer says. Reasons given by scam telecallers to extract information from the customers:

  1. Your ATM card has expired. 
  2. Your ATM card needs to be reactivated. 
  3. Your reward points need to be upgraded. 
  4. Your reward points can be cashed. 
  5. Your Aadhar and PAN need to be linked to your ATM card.

And so the banks have warned the people to remain cautious regarding certain parameters like:

  1. No bank ever asks you to share your OTP, CVV and Internet banking details over the phone. 
  2. People calling from banks based in Karnataka first speak in Kannada, and not in Hindi or English. Bank employees don’t ask you to deposit money through Google Pay. 
  3. Don’t install any app that allows remote access to your phone.

Bengaluru: Passport offices alerts public against fake websites


Bengaluru: Passport offices throughout the country are apprehensive about the increase in fake websites that masquerade as official portals for passport related services and siphon off applicant's data and money.

The ministry has been issuing advisories and alerts on its social media handles to caution the public against such fraudulent websites. The crime branch, working with the ministry has also started awareness drives in order to prevent passport applicants from being duped by bogus.

 The fake websites that the offices caught were-
 www.indiapassport.org,
 www.online-passportindia.com,
 www.passport-seva.in,
 www.passport-india.in,
 www.passportindiaporlal.in and www.applypassport.org. (Sc.TOI)

Whereas, the official website to apply for a passport is- "www.passportindia.gov.in" and the official mobile application to avail passport related services is - "mPassport Seva".

Victims who were cheated by these bogus websites and mobile applications approached the passport office and filed complaint at the local police station, said Officials at the Regional Passport Office, Bengaluru. Not only websites but mobile applications and brokers outside the passport offices also demand more payment and could be stealing personal data like Adhaar Card, Voter Id, resident proof and birth certificate to partake in more serious crimes like identity theft or selling the data to immigrants.

The officials said they came across websites that charged unwarranted prices for filling up online forms for a new passport and other services and even people who were highly educated fell victim to the fraud. Where the real cost for a passport is Rs.1,500 for normal and Rs.3, 500 for tatkal, these fraudsters are charging from Rs. 4,500 to Rs. 6,000. And money is the lighter concern, the bigger threat is the theft of personal data like Adhar Number, Voter ID and phone connections.

These websites used logos of other government schemes like Swachh Bharat Abhiyan to appear more genuine and true. Even on Google Play Store, at least eight unauthenticated and false applications were found.

This problem is not centrist to Karnataka, as cases from all over the country have been popping up, for instance, NCR and Bhuvaneshwar being two of the areas. Bharath Kumar Kuthati, regional passport officer, Bengaluru, says "they are creating awareness by issuing warnings on social media. It is a pan-India problem and the department is taking steps to counter it."