Eskenzi PR ad banner Eskenzi PR ad banner

Scam Of The Week

New Variants Of Russian Mobile Banking Trojan Riltok Go International.

Kaspersky researchers have discovered that the money-stealing mobile malware, Riltok has launched new variants and is extending its targeting from Russia to the rest of the world, starting with Europe, disguising itself as services popular in France, Italy and the United Kingdom. Riltkok was first observed in mid-2018. Riltok is a Banking Trojan. These represent a dangerous threat to smartphone users because they are designed to gain access to the financial accounts and assets of...

Read more
SneakyPastes: Basic But Effective Operation By Gaza Cybergang Hits Middle East Related Targets In 39 Countries.

In 2018, the Gaza Cybergang, now known to comprise several groups of varying sophistication launched a cyberespionage operation targeting individuals and organisations with a Middle-Eastern political interest. The campaign, named SneakyPastes made use of disposable email addresses to spread the infection through phishing, before downloading the malware in chained stages using multiple free sites. This low cost but effective approach helped the group to hit around 240 high profile victims in 39 countries worldwide, including...

Read more
ESET Records A Wave Of Multi-Lingual E-mail Based (S)Extortion Scams Scaring Victims Into Payment.

ESET continues to warn users of fraudulent e-mail messages that seek to extort money, especially from people watching online pornographic videos. The attacker in the email claims they have hacked the intended victim's device and has recorded the person while watching pornographic content. The email also asserts that the video has not only captured the user's behaviour in front of the webcam, but also which videos were played. "In order to conceal the compromising materials,...

Read more

A very-large extortion phishing scam began hitting inboxes early Wednesday AEST. There are several variations of the email scam, each attempting to blackmail their target. The theme is the same – telling victims that sensitive, often deeply personal and embarrassing, information has been obtained, and threatening to publish the content unless a ransom payment is made in bitcoin. Three variations of the scam are described below: 1) Stolen passwords The first variation involves extortion emails...

Read more
Image of Apple

As cybercrime evolves and becomes more complex, cybercriminals are increasingly mimicking well-known brands and trusted companies, brandjacking them in a bid to infect computer systems and to steal sensitive data. Apple Pay is the latest victim, with legitimate-looking receipts purporting to be from the company hitting inboxes Thursday morning (AEDT). These are actually phishing emails designed to steal confidential personal and billing credentials, like the victims’ Apple ID and password, mobile phone numbers, credit card...

Read more

Financial phishing campaigns are still a very common attack vector for cyber criminals looking to exploit consumers and businesses alike. Every year, thousands of individuals fall prey to these types of attacks and the financial repercussions are devastating. This week’s Threat Thursday post takes a look at a spam campaign aimed at Citibank customers. The email blast was spotted by our security research department late Monday evening in the final hours of Halloween. The campaign attempts to use...

Read more

This week’s scam focuses on a social engineering campaign in an attempt to impersonate the United States Postal Service. The security research team at AppRiver first spotted this phishing blast late last week. In the campaign, an email contains fraudulent information about a package delivery. The message states that there is an issue with the package and in order to resolve this, the email recipient must click on the link provided. The cyber criminals use URL obfuscation in the message to deceive recipients into thinking the...

Read more

This week’s Threat Thursday is from AppRiver, and focuses on a newly spotted social engineering campaign targeting American Express customers. The email blast seeks to trick users into providing highly sensitive information such as their social security number, credit card information and other personal identifiers. The email informs the recipient that a phone call requesting a one-time password was made to them in regards to a recent transaction. Those who did not receive a phone call are...

Read more

There’s little doubt that Netflix is a major competitor in the video streaming industry by a wide margin. It should also come as no surprise that cybercriminals view their customers as prime targets for phishing campaigns. With the recently announced Netflix service fee hike, the ever-adaptable spammers has found an opportunity to exploit the video-on-demand company. At AppRiver, their security research team has been monitoring a Netflix phishing blast. The campaign attempts to impersonate a Netflix account verification email. The email...

Read more

How would you like to make over $1100 DAILY using a system with a  97%+ proven success rate, 24/7 support and all while sitting back and letting the money earn itself? Sound too good to be true? Logic dictates that it probably is. This is what one email campaign is promoting and is our spotlight spam in this week's Threat Thursday series. The AppRiver security research team has spotted the "Get Rich" campaign a few days ago. Stock trading spam isn't...

Read more
Page 1 of 6 1 2 6