Research into a global phishing-as-a-service operation will take you through:
Hundreds of thousands of victims spanning the globe
A glimpse into the lifestyle of the operators
Technical insight into the phishing toolkit
The backend of a phishing threat actor operating at scale
The scam industry has seen explosive growth over the past several years. The types of scams and methods used are constantly evolving as scammers adapt their techniques to continue their activities. They often capitalise on new technologies and target areas where our societies have yet to build mechanisms to protect themselves.
This story begins in December 2023 when people all over the world – including a large portion of the Norwegian population - started to receive text messages about packages waiting for them at the post office. The messages would come in the form of an SMS, iMessage or RCS message. What we were witnessing was the rise of a scam technique known as smishing or SMS phishing.
Such messages have one thing in common: they impersonate a brand that we trust to create a credible context for soliciting some kind of personal information, thus tricking us into willfully giving away our information.
Some scams are easier to spot than others. Spelling errors, poor translations, strange numbers or links to sketchy domains often give them away. But even tell-tale signs can be easy to miss on a busy day. When a large number of people are targeted, some will be expecting a package. And the tactic is obviously working. If it wasn’t worth their while, the scammers wouldn’t have invested so much time, money and effort.
Hannah Neumann was targeted in a cyber-espionage operation by an infamous Iranian hacking group earlier this year, she said.
A prominent European Parliament member was the victim of what is believed to be a cyber-espionage operation tied to her role as chair of the chamber's Iran delegation, she told POLITICO.
The office of Hannah Neumann, a member of the German Greens and head of the delegation spearheading work on European Union-Iran relations, was targeted by a hacking campaign that started in January, she said. Her staff was contacted with messages, phone calls and emails by hackers impersonating a legitimate contact. They eventually managed to target a laptop with malicious software.
"It was a very sophisticated attempt using various ways to manage that someone accidentally opens a link, including putting personal pressure on them," Neumann said.
In the takedown announced on Wednesday, Europol said it investigated 102 suspects and arrested 11 of them on accusations they were distributing content from streaming services illegally.
Recent scrutiny of the Russia-linked Doppelgänger influence operation has disrupted how it behaves, according to the BayLfV, an agency of the Bavarian state government.
One day at the dawn of the 1980s, an FBI agent in his 30s named Rick Smith walked into the Balboa Café, an ornate, historic watering hole in San Francisco’s leafy Cow Hollow neighborhood. Smith, who was single at the time, lived nearby and regularly frequented the spot.
As he approached the oak wood bar to order a drink he suddenly spotted a familiar face — someone Smith had met about a year before, after the man had walked into the Soviet Consulate in San Francisco. He was Austrian by birth, but a denizen of Silicon Valley, an entrepreneur who operated as a middleman between American tech companies and European countries hungry for the latest hi-tech goods.
This page is designed to gather a timeline of the Doppelganger operation with a few elements gathered from different reports.
German law enforcement takes down dark web giant "Kingdom Market," specializing in narcotics and malware sales to tens of thousands of users.
Operation HAECHI IV emphasizes the key role of INTERPOL in enabling police worldwide to address the growing complexity of cyber-enabled scams
An international law enforcement operation coordinated by Europol resulted in the dismantling of one of the largest groups involved in the distribution of
Active since 2007, this prolific malware (also known as QBot or Pinkslipbot) evolved over time using different techniques to infect users and compromise systems. Qakbot infiltrated victims’ computers through spam emails containing malicious attachments or hyperlinks. Once installed on the targeted computer, the malware allowed for infections with next-stage payloads such as ransomware. Additionally, the infected computer became part of...
Similarities with newly discovered Linux malware used in Operation DreamJob corroborate the theory that the 3CX attack was carried out by Lazarus.
Microsoft detected a unique operation where threat actors carried out destructive actions in both on-premises and cloud environments.
First Coinbase, now Crypto.com. Lazarus campaign targets more crypto exchange platform job seekers with multi-stage malware.
ESET research uncovers attacks against several high-profile aerospace and military companies in Europe and the Middle East, with several hints suggesting a possible link to the Lazarus group.
