Tag: #scam

UPS customs fee sms scam to watch out for

There is plenty of scams knocking about now and if you are one to regularly get packages like me it seems like an easy target for scammers be it coincidental or not these scams are getting better all the time and catching people out and even some high profile individuals have took to the press here which was a silly move in my eyes they should know better.

When it comes to scams they are with all courier companies and in the form of looking for some form of payment such as customs fees and they do have tell tale signs from the offset such as a bad URL and incorrect spelling in the text itself.. See  below what the situation is with the UPS customs fee scam is.

In all cases if you do get an sms or email and not sure you can always check if these are real or fake by checking the tracking code with the courier website or using 17 track as we have shown above and in the video below and you will swiftly get the result, in all cases you should always ask and check before proceeding any further as it is most likely a scam and this one with UPS is a new one on me and for the most looks original.

Video

How Telekopye Telegram scam toolkits onboard aspiring fraudsters – ESET

ESET researchers have recently discovered and analysed Telekopye, a toolkit that helps less tech-savvy people pull off online scams more easily, with the first part of the research being published in August. In this second part, ESET Research focuses on scammers’ internal onboarding process, a detailed view of the whole scamming operation, and analysis of the scam scenarios.

The capabilities of Telekopye include creating phishing websites, sending phishing SMS texts and emails, and creating fake screenshots. According to ESET telemetry, this tool is still in use and in active development,and is implemented as a Telegram bot. Victims of this scam operation are called Mammoths by the scammers. For the sake of clarity, and following the same logic, ESET refers in its findings to the scammers using Telekopye as Neanderthals.

Telekopye groups recruit new Neanderthals via advertisements across many different channels, including underground forums. These advertisements clearly state the purpose: to scam online marketplace users. Aspiring Neanderthals are required to fill out an application, answering basic questions like what experience they have in this line of “work.” If approved by existing group members with sufficiently high rank, the new Neanderthals can start using Telekopye to its full potential.

There are three main scam scenarios: seller, buyer, and refund. In the seller scam, attackers pose as sellers and try to lure unsuspecting victims into buying some nonexistent item. When the victim shows interest in the item, the “seller“ persuades him them to pay online rather than in person and provides a link to a phishing website posing as a legitimate payment site. Unlike the legitimate web page, though, this page asks for an online banking login, credit card details (sometimes including balance), or other sensitive information. The phishing website automatically steals it.

In the buyer scam, attackers pose as buyers, researching victims to target. They show interest in an item and claim they’ve already paid via the provided platform. Then they send the victim an email or SMS message (created via Telekopye) with a link to a carefully crafted phishing website, claiming that the victim needs to click this link in order to receive their money from the platform. The rest of the scenario is very similar to the “seller“ scam. In the refund scenario, attackers create a situation where the victim is expecting a refund and subsequently send them a phishing email with a link to the phishing website, once again serving the same purpose.

“In almost every group of Neanderthals, we can find references to manuals with online market research from which Neanderthals draw their strategies and conclusions,” says ESET researcher Radek Jizba, who investigated Telekopye. “For example, during the buyer scam scenario, Neanderthals choose their targets based on the type of items they are selling. For instance, some groups avoid electronics completely. The price of the item is also important. Manuals recommend that Neanderthals, in the buyer scam scenario, pick items with a price between €9.50 to €290,” he adds. Additionally, attackers using Telekopye utilize web scrapers to quickly go through many online marketplace listings and pick a “perfect victim” who will most likely fall for the scam.

Telekopye attackers believe that their groups are full of “rats” (for example, law enforcement or researchers). Thus, they religiously stick to the rules; mainly, no probing for information that could identify other members of the group. Breaking such rules may very well result in being banned. The golden rule is “Work more, talk less.”

Even though the main targets of scammers are online markets popular in Russia, such as OLX and YULA, ESET has also observed targets that are not native to Russia, such as BlaBlaCar and eBay, and even others that have nothing in common with Russia, like Jófogás and Sbazar.

For more information about how Telekopye attackers operate, check out the blogpost “Telekopye: Chamber of Neanderthal’s Secrets.”

New DHL sms scam

Being a person that gets many packages a week I guess I would be prone to these scams but no I am not the only one, this text message landed on myphone last night so I did the usual and tinker around with the messages and went through the process to see where we are at here.

As seen above you can basically enter anything into the fields above for your personal details and it will will allow you carry onto the payment section for a small value which remains at 0.95 this morning still, however when you begin to enter your personal card details these auto pop up if you have your phone selected to do so, again however you can place anything but note you are never asked to enter a tracking number in the process, nor will you get a text message with the code,again this is a scam and scammers just trying to get your credit card details with half looks like a DHL portal but again the URL on top should be the main giveaway.

Again beware and let your friends and family know.The last notification of a scam on their website is here which needs to be adjusted.m

Quick video on the scam 

Gen Announces AI Scam Detection App, Norton Genie

Scams are one of the most pervasive Cyber Safety threats of our time. The sheer volume is staggering – people are collectively wading through 3.4 billion phishing emails on a daily basis – and scams are becoming more sophisticated and harder to spot without help. Today, Norton, a leader in Cyber Safety and part of Gen™ (NASDAQ: GEN), is inviting people to join in the fight against scams by offering early access to Norton Genie, a real-time AI-powered scam detector, to provide an easy, fast and free way to check if texts, emails, websites and social media posts are a scam.

“Every day, we’re inundated with messages and scams that have become so believable that anyone, even the savviest of us, is just one wrong tap from becoming a scammer’s next victim,” said Ondrej Vlcek, President at Gen. “We want to give people Digital Freedom – the freedom that can only be achieved when you’re safe and empowered online. Genie is an always on, easy-to-use, trusted advisor that helps you stay ahead of highly convincing scams. By bringing together best-in-class scam intel from Norton with advanced AI, we can empower people to take full advantage of the digital world safely, privately and confidently.”

Norton Genie is a brand new innovation from Norton designed to be as simple as asking for advice from a friend that’s available 24/7. With just a few clicks or taps, Genie will give immediate guidance on whether the message, email, link or post is potentially a scam and what to do next. Genie is powered by a unique combination of Norton expertise and advanced AI that’s trained on millions of scam messages and the red flags to watch for. As scammers adapt to new technology to make their attacks more convincing, now more than ever, people need AI on their side to help stay ahead of today’s ever evolving scams. Norton Genie is constantly improving to help stop scammers in their tracks and help fight today’s scams and tomorrow’s.

Norton Genie is a comprehensive mobile app and web-based service providing scam detection with the following key features:

  • Fast, free and easy: You can upload a screenshot or copy and paste the text of a suspicious message and Genie will instantly tell you if a message or site appears to be a scam.
  • Norton technology: Genie combines advanced AI with best-in-class cybersecurity data and technology to help identify scams before you engage. As part of Gen, Norton tapped into the company’s investment and application of AI research and innovation, decades of experience uncovering and remediating scams, phishing attacks, and sketchy websites, and extensive library of known threats to create Genie.
  • Protection that evolves: The more people use Genie, the smarter it gets. Our AI powering Genie will continue to learn and adapt to detect new scams and help protect against emerging threats. While Genie gets better and better with scam detection in messages, emails and social media posts, we will be hard at work developing additional ways Genie can protect people from other types of scams they could fall victim to.
  • Trusted advice: Beyond telling you if a message is likely a scam, Genie takes it one step further by answering your most pressing follow-up questions. How did it know the message was a scam? What should you do next? Like a trusted advisor, Genie empowers you with the information you need to be safer in your digital life.

Norton Genie is still learning and in an early access phase. Genie is available now in Australia, Ireland, New Zealand and the United States, for free at Norton.com and the Apple App Store. Norton Genie is compatible with iOS 14.0 or greater, Chrome, Safari, Microsoft Edge and Firefox. Norton Genie is expected to become generally available, expand platform availability to Android, and enter additional markets later this year. To learn more, visit genie.norton.com.

Bord Gáis Energy sms scam is back

Another scam is back and this time it is Bord Gais, recently we had another one return and it was Guinness which again turned out to be rampant and claiming to give free full fridges of beer. This particular sms asks you to pay an overdue bill which you possibly might have due to the energy crisis going and again shows how these scammers operate. As always if you get the said sms just ignore and delete. Most importantly in today’s world of scams getting more realistic looking remain vigilant and feel free to ask us too as people do if they get a suspicious looking message.

 

Bord Gais Energy already have stated on their website

We’re aware of recent fraudulent messages that have been circulating via SMS and WhatsApp, which may look like they have been sent by Bord Gáis Energy. We’ll never send you a link asking for account details or personal information. If you receive a message like this, please delete it immediately.

We have asked the company for a comment on the matter.

Guinness WhatsApp Mini Fridge for Fathers Day Scam

Another day another scam has just landed on WhatsApp and this time Guinness maker Diageo are apparently giving away free mini fridges full of beer for Fathers Day which is quickly approaching, in fact I got two of these text in succession and you can see the screenshots below as what you will see on your device but do not open the link.

In the so called quiz you will be asked a few questions then you will be given three chance to open a parcel and it is most likely you will be told you won with so many mini fridges left which changes every time you enter, so it is certainly a scam and it should be ignored

We have contacted Guinness for a statement on this and will revert back if we hear back from them. As always you should be vigilant and if it looks too good to be true it most likely is and there is many scams doing the rounds of late so beware. Update! A spokesperson since has stated they have nothing to do with the scam.

Check it out

Garda cyber crime email scam returns

Last year there was a Garda scam doing the round which had people concerned and it has popped up again this time looking totally different than before. Again this pertains to cyber crime and sex related crimes and is poorly written as the last one was and cites laws brought in March 2007. Again this is just another scam to trick you into handing over money and most likely lots of it. Here is what it looks like below.

 

Advice once again given and you should take heed of it and never open suspicious emails or text message.

  • Don’t respond to any unsolicited email seeking personal, financial or security advice.
  • Never click on a link or attachment in an unsolicited email.
  • If you believe the email is from a genuine source, verify this independently. Independently means independent of the email sender.
  • Independently verify any requests for information and never use the contact details supplied to you by the caller or texter. Independent means independent of the caller or texter.

Further fraud prevention advice can be found here https://www.garda.ie/en/crime/fraud/

Criminals are using QR codes to scam people in restaurants!

There has been a massive increase in the use of QR code restaurant menus over the past two years, and now it seems criminals are using this development to scam innocent people out of their money and data.

According to TitanHQ, an Anti Phishing Platform based in Galway and with offices in Connecticut, almost 84% of smartphone users have scanned a QR code at least once, and over 34% scan a QR code once a week. Cybercriminals love popular technologies and focus on them to scam, hack, and cause malware infection.

This popularity has led to a rise in “QR code phishing” and in the US the FBI even issuing a warning about QR codes, highlighting their use for data phishing. Here is how hackers use QR codes to hack your network and how you can prevent it:

Types of QR Code Phishing Scams

QR codes work by embedding instructions into a black and white dot-based image. They work a little like the barcodes you see on food in a store. A smartphone camera, app, or QR code scanning device scans the QR code. The scan then translates the data into human-readable information.

QR codes usually contain web links or links to media such as videos or links to download an app. This use of links in a QR code provides a cybercriminal with the opportunity to perform phishing.

During the pandemic, many restaurants switched to using QR code menus and have kept them. With a smartphone you can easily access the menu removing the need for  paper menus. The customer simply scans the barcode using their phone’s camera app, and a link to the online menu becomes available.

With a QR code scam the scammer replaces the legitimate menu QR code with a malicious one. Instead of taking the customer to the restaurant website, the fake QR codes takes them to a fake website designed to mimic the real account and have the customer divulge personal data.

QR-Phishing

Quishing is a mashup of QR codes and email phishing. The fraudsters embed a malicious QR code into a legitimate-looking email. A recent example of a quishing attack was a Microsoft Office 365 phishing campaign that used QR codes to steal log-in credentials. Researchers identified spoof Office 365 emails that offered access to missed voicemail messages by scanning a QR code. Scanning the QR code took the user to a fake Office 365 page, which requested credentials to gain access to the message.

QR codes are also being used in various regular scam types, such as tax scams. The UK tax department, HMRC, recently added support for QR codes on their website. However, fraudsters have now used this new feature as a basis for a new QR code tax phishing scam. The spoof HMRC email asks the recipient to scan the code to pay overdue tax. The QR code takes the taxpayer to a spoof site where their financial information is then stolen.

QRL Jacking

This is an older version of the more recent Quishing scam, but one that has phishing implications. QR codes are very convenient for users, and some companies have extended this convenience to their log-in systems, where users scan a QR code to log-in to an account. In QRL Jacking, an attacker navigates to a legitimate site, initiating a session and generating the QR code to log in. The attackers then capture this QR code (for example, using screen scraping) and places this legitimate QR code on a spoof site.

The attacker then uses spear-phishing to target an individual, tricking them into going to the spoof site. The target then uses the captured QR code to log-in; this logs into the original session, thus logging the attacker into the legitimate account. This scam is more challenging to carry out as it is time-sensitive; however, it will be worth the effort if this is a high-value or sensitive account.

QR crypto scams

QR codes are often used to make it more convenient to download a legitimate app. However, they can be used to encourage people to download malicious apps, including crypto-wallets. For example, the QR crypto-quishing scam involves capturing persistent consent (prior authorization) to use the wallet; this allows the fraudster to drain the wallets of cryptocurrency.

Drive-by-QR Code Phishing

Drive-by-downloads of malware are one of the most insidious forms of malware infection. A person must land on an infected site, and a flaw in any software they use can open the door to malware infection. QR code phishers take advantage of drive-by-download opportunities by sending phishing emails with QR codes that take the recipient to an infected website: one scan of the code and their mobile device may become infected with a trojan.

Ways to Prevent QR Code Phishing:

QR codes are one method in a long line of phishers’ favorites. No matter what technology comes along, fraudsters will find a way to exploit it if it is popular. Moreover, a single-point solution cannot capture all possible cyber-attack scenarios. Clever attack chains require a creative response, comprising a mix of security awareness training with advanced AI-enabled spam and content filers.

  1. Know your stuff: Education is key, use behavior-based security awareness training to limit the risks. If you’re worried about your working information, ensure that you include QR code phishing templates in your simulated phishing exercises so employees understand what these phishing emails look like and the different methods used to steal credentials and other data.
  2. Use a DNS filter: This will break the phishing cycle by stopping users from navigating to a malicious website. The DNS filter creates a ‘blocklist’ of URLs, using a dynamic system based on a “threat corpora”, based on the data from millions of subscribers. These data are used to train Machine Learning algorithms. The result is that even emerging malicious URLs are spotted and added to the blocklist.
  3. Apply email filters: Email filters such as SpamTitan use multiple mechanisms to catch difficult-to-detect phishing messages. These mechanisms include advanced AI-based algorithms to spot difficult-to-detect spam.

Instagram friends help me out scam to be very careful of.

There is no shortage of scams out there today and each day we see several hit the news, however one I got today was something new to me and very clever almost fell for it until i noticed some things happening in the thread then I rang the person in question and played the scammer along for the ride and things quickly slowed down. Yes I went further than I should have but my Instagram has 2FA but they still tried their hand however Instagram got in there before them which was a good move and good to see.

By the message thread you can see this person thought he had me roped in and was getting inpatient, Instagram has no service allowing your friend to help you out but these clowns thought they did, this was news though earlier this year stating they are testing such a feature buy way of letting you select two friends seen below is a sample of what we are talking about here.

Quote – Source

Leaning on your friend’s help to access your account

To help people who have lost access to their accounts, we’re testing a way for people to ask their friends to confirm their identity and regain access to their account. We will have more to share about this feature soon. THIS IS NOT YET A FEATURE>> BE VERY AWARE..

Below is the messages I had got from Facebook Instagram and the conversation I had after I thought something was not quite right here and made that phone call and the user was not aware either until the phone call then their phone started hopping messages.. They begin with stating they have a new phone, click on images to enlarge and have a read.

In turn what will happen here is you will get a message with a link and then you copy and past it back to the person on the Instagram account in their private message and here is where they will try login to your account, but after stringing this lad along today I began to throw up some logic by stating you do not live In Nigeria You do not have network issues and then when asked where do you live is where it all fell apart.

In short this could easily catch people out and perhaps not a good move for Instagram going forward just now anyway but it has been touted as a feature which has not been rolled out to users and a good attempt to try take over your account and you know what comes after that. If you ever receive such a message, it would be better to run the details on a people finder free lookup site to verify the identity of the person before replying anything.