Scammers pretending to be Microsoft had help from US executives

A pop-up appears on your computer, warning of a virus. You call the "Microsoft technician" in the pop-up message, and they explain that they need remote access to fix it. Most of us know this script by now. It's a scam, operated by people intent on siphoning money from your account. A court case...

PayPal closes loophole that let scammers send real emails with fake purchase notices

After an investigation by BleepingComputer, PayPal closed a loophole that allowed scammers to send emails from the legitimate [email protected] email address. Following reports from people who received emails claiming an automatic payment had been cancelled, BleepingComputer found that...

New Tech Support Scam Uses Microsoft Logo to Fake Browser Lock, Steal Data

The Cofense Phishing Defense Centre warns of a new tech support scam using Microsoft’s brand to lock browsers and steal data. Learn how the attack uses fake 'payment lures' and urgent security alerts to trick victims into calling a fraudulent support number...

EUVD-2024-18206

Malicious code in bioql PyPI...

EUVD-2024-18205

Malicious code in bioql PyPI...

SAMSUNG WLAN AP WEA453e 安全漏洞

The SAMSUNG WLAN AP WEA453e is a wireless LAN access point from Samsung South Korea. A security vulnerability exists in the SAMSUNG WLAN AP WEA453e prior to version 5.2.4.T1, which stems from improper validation of inputs to the Tech Support diagnostic function, which could lead to remote command...

CBI Shuts Down £390K U.K. Tech Support Scam, Arrests Key Operatives in Noida Call Center

India's Central Bureau of Investigation CBI has announced that it has taken steps to dismantle what it said was a transnational cybercrime syndicate that carried out "sophisticated" tech support scams targeting citizens of Australia and the United Kingdom. The fraudulent scheme is estimated to ha...

Scammers hijack websites of Bank of America, Netflix, Microsoft, and more to insert fake phone number

The examples in this post are actual fraud attempts found by Malwarebytes Senior Director of Research, Jérôme Segura. Cybercriminals frequently use fake search engine listings to take advantage of our trust in popular brands, and then scam us. It often starts, as with so many attacks, with a...

Microsoft Helps CBI Dismantle Indian Call Centers Behind Japanese Tech Support Scam

India's Central Bureau of Investigation CBI has revealed that it has arrested six individuals and dismantled two illegal call centers that were found to be engaging in a sophisticated transnational tech support scam targeting Japanese citizens. The law enforcement agency said it conducted...

CVE-2024-20491

A vulnerability in a logging function of Cisco Nexus Dashboard Insights could allow an attacker with access to a tech support file to view sensitive information. This vulnerability exists because remote controller credentials are recorded in an internal log that is stored in the tech support file...

CVE-2024-20490

A vulnerability in a logging function of Cisco Nexus Dashboard Fabric Controller NDFC and Cisco Nexus Dashboard Orchestrator NDO could allow an attacker with access to a tech support file to view sensitive information. This vulnerability exists because HTTP proxy credentials could be recorded in ...

Google Chrome will use AI to block tech support scam websites

Google has expressed plans to use Artificial Intelligence AI to stop tech support scams in Chrome. With the launch of Chrome version 137, Google plans to use the on-device Gemini Nano large language model LLM to recognize and block tech support scams. Users already have the ability to chose...

Google Rolls Out On-Device AI Protections to Detect Scams in Chrome and Android

Google on Thursday announced it's rolling out new artificial intelligence AI-powered countermeasures to combat scams across Chrome, Search, and Android. The tech giant said it will begin using Gemini Nano, its on-device large language model LLM, to improve Safe Browsing in Chrome 137 on desktops...

A week in security (December 2 – December 8)

Last week on Malwarebytes Labs: Europol takes down criminal data hub Manson Market in busy month for law enforcement Americans urged to use encrypted messaging after large, ongoing cyberattack Crypto’s rising value likely to bring new wave of scams AI chatbot provider exposes 346,000 customer...

Repeat offenders drive bulk of tech support scams via Google Ads

Of all the different kinds of malicious search ads we track, those related to customer service are by far the most common. Brands such as PayPal, eBay, Apple or Netflix are among the most coveted ones as they tend to drive a lot of online searches. Tech support scammers are leveraging Google ads ...

Printer problems? Beware the bogus help

Anyone who has ever used a printer likely has had a frustrating experience at some point. There always seems to be some kind of issue with the software not responding, paper getting jammed or one of many other possible failures. When people need help, they often turn to Google and now AI to look...

Large eBay malvertising campaign leads to scams

Tech support scammers are targeting eBay customers in the U.S. via fraudulent Google ads. In a few separate searches, we were able to identify multiple Sponsored results that were created from at least four different advertiser accounts. While most of those ads clearly looked fake, they appeared...

CVE-2024-20491

A vulnerability in a logging function of Cisco Nexus Dashboard Insights could allow an attacker with access to a tech support file to view sensitive information. This vulnerability exists because remote controller credentials are recorded in an internal log that is stored in the tech support file...

CVE-2024-20490

A vulnerability in a logging function of Cisco Nexus Dashboard Fabric Controller NDFC and Cisco Nexus Dashboard Orchestrator NDO could allow an attacker with access to a tech support file to view sensitive information. This vulnerability exists because HTTP proxy credentials could be recorded in ...

CVE-2024-20491

A vulnerability in a logging function of Cisco Nexus Dashboard Insights could allow an attacker with access to a tech support file to view sensitive information. This vulnerability exists because remote controller credentials are recorded in an internal log that is stored in the tech support file...