27 matches found
Insights into the clustering and reuse of phone numbers in scam emails
Cisco Talos has recently started to collect and gather intelligence around phone numbers within emails as an additional indicator of compromise IOC. In this blog, we discuss new insights into in-the-wild phone number reuse in scam emails. According to Talos' observations, the ease of API-driven...
Aegis: Towards Governance, Integrity, and Security of AI Voice Agents
With the rapid advancement and adoption of Audio Large Language Models ALLMs, voice agents are now being deployed in high-stakes domains such as banking, customer service, and IT support. However, their vulnerabilities to adversarial misuse still remain unexplored. While prior work has examined...
WoofLocker Toolkit Hides Malicious Codes in Images to Run Tech Support Scams
Cybersecurity researchers have detailed an updated version of an advanced fingerprinting and redirection toolkit called WoofLocker that's engineered to conduct tech support scams. The sophisticated traffic redirection scheme was first documented by Malwarebytes in January 2020, leveraging...
Cyber Police of Ukraine Busted Phishing Gang Responsible for $4.33 Million Scam
The Cyber Police of Ukraine, in collaboration with law enforcement officials from Czechia, has arrested several members of a cybercriminal gang that set up phishing sites to target European users. Two of the apprehended affiliates are believed to be organizers, with 10 others detained in other...
Europol Busts Crypto Fraud Call Centers
By Deeba Ahmed The operation took place all over Europe including Serbia, Bulgaria, Germany, and Cyprus. This is a post from HackRead.com Read the original post: Europol Busts Crypto Fraud Call Centers...
Luna Moth Gang Invests in Call Centers to Target Businesses with Callback Phishing Campaigns
The Luna Moth campaign has extorted hundreds of thousands of dollars from several victims in the legal and retail sectors. The attacks are notable for employing a technique called callback phishing or telephone-oriented attack delivery TOAD, wherein the victims are social engineered into making a...
Evolution of BazarCall Social Engineering Tactics
Evolution of BazarCall Social Engineering Tactics By Daksh Kapur · October 6, 2022 What is BazarCall? As nicely defined in this article by Microsoft: BazarCall campaigns forgo malicious links or attachments in email messages in favor of phone numbers that recipients are misled into calling. It’s ...
U.S. Authorities Charge 6 Indian Call Centers Scamming Thousands of Americans
A number of India-based call centers and their directors have been indicted for their alleged role in placing tens of millions of scam calls aimed at defrauding thousands of American consumers. The indictment charged Manu Chawla, Sushil Sachdeva, Nitin Kumar Wadwani, Swarndeep Singh, Dinesh Manoh...
Crooks using phony call centers to spread ransomware via BazaCall attacks
By Deeba Ahmed In BazaCall, a "vishing-like" method is used in which victims are told to call a particular phone number or their subscription will expire. This is a post from HackRead.com Read the original post: Crooks using phony call centers to spread ransomware via BazaCall attacks...
Phony Call Centers Tricking Users Into Installing Ransomware and Data-Stealers
An ongoing malicious campaign that employs phony call centers has been found to trick victims into downloading malware capable of data exfiltration as well as deploying ransomware on infected systems. The attacks — dubbed "BazaCall" — eschew traditional social engineering techniques that rely on...
BazaCall: Phony call centers lead to exfiltration and ransomware
Our continued investigation into BazaCall campaigns, those that use fraudulent call centers that trick unsuspecting users into downloading the BazaLoader malware, shows that this threat is more dangerous than what’s been discussed publicly in other security blogs and covered by the media. Apart...
BazaCall: Phony call centers lead to exfiltration and ransomware
Our continued investigation into BazaCall campaigns, those that use fraudulent call centers that trick unsuspecting users into downloading the BazaLoader malware, shows that this threat is more dangerous than what’s been discussed publicly in other security blogs and covered by the media. Apart...
NCH Axon PBX Cross-Site Scripting Vulnerability (CNVD-2021-55885)
NCH Axon PBX is a set of virtual telephone switch software used in business environments. The software is primarily used to manage telephone call centers and implements the functionality of a telephone switch in software.A cross-site scripting vulnerability exists in NCH Axon PBX, which stems fro...
NCH Axon PBX Cross-Site Scripting Vulnerability (CNVD-2021-55882)
NCH Axon PBX is a set of virtual telephone switch software used in commercial environments. The software is primarily used to manage telephone call centers and implements the functionality of a telephone switch in software.A cross-site scripting vulnerability exists in NCH Axon PBX, which stems...
NCH Axon PBX Cross-Site Scripting Vulnerability (CNVD-2021-55888)
NCH Axon PBX is a set of virtual telephone switch software used in commercial environments. The software is primarily used to manage telephone call centers and implements the functionality of a telephone switch in software.A cross-site scripting vulnerability exists in NCH Axon PBX, which stems...
Details of a Computer Banking Scam
This is a longish video that describes a profitable computer banking scam thats run out of call centers in places like India. Theres a lot of fluff about glitterbombs and the like, but the details are interesting. The scammers convince the victims to give them remote access to their computers, an...
TDoS Attacks Take Aim at Emergency Services
Telephony denial-of-service TDoS attacks, which affect the availability and readiness of call centers, are hitting critical first-responder facilities, according to the Federal Bureau of Investigation FBI. A TDoS attack is designed to prevent incoming and outgoing calls, by flooding a target with...
Dutch Insider Attack on COVID-19 Data
Insider data theft: Dutch police have arrested two individuals on Friday for allegedly selling data from the Dutch health ministrys COVID-19 systems on the criminal underground. … According to Verlaan, the two suspects worked in DDG call centers, where they had access to official Dutch government...
Indian National Gets 20-Year Jail in United States for Running Scam Call Centers
An Indian national on Monday was sentenced to 20 years in prison in the Southern District of Texas for operating and funding India-based call centers that defrauded US victims out of millions of dollars between 2013 and 2016. Hitesh Madhubhai Patel aka Hitesh Hinglaj, who hails from the city of...
RevenueWire to pay $6.7 million to settle FTC charges
What can you do as a scammer when no legitimate payment provider wants to process your payments anymore? Or, what if you are growing sick and tired of these same payment providers reimbursing disgruntled customers who claim that your products didn't fix computers, like—you know—you said they woul...