Action against criminal website that offered ‘spoofing’ services to fraudsters: 142 arrests (Europol)

Europol: Action against criminal website that offered ‘spoofing’ services to fraudsters: 142 arrests. “Judicial and law enforcement authorities in Europe, Australia, the United States, Ukraine, and Canada have taken down a website that allowed fraudsters to impersonate trusted corporations or contacts to access sensitive information from victims, a type of cybercrime known as ‘spoofing’. The website is believed to have caused an estimated worldwide loss in excess of GBP 100 million (EUR 115 million).”

Krebs on Security: Experian, You Have Some Explaining to Do

Krebs on Security: Experian, You Have Some Explaining to Do. “Twice in the past month KrebsOnSecurity has heard from readers who had their accounts at big-three credit bureau Experian hacked and updated with a new email address that wasn’t theirs…. Research suggests identity thieves were able to hijack the accounts simply by signing up for new accounts at Experian using the victim’s personal information and a different email address.”

CNN: Here’s how North Korean operatives are trying to infiltrate US crypto firms

CNN: Here’s how North Korean operatives are trying to infiltrate US crypto firms. “North Korean government-backed hackers have stolen the equivalent of billions of dollars in recent years by raiding cryptocurrency exchanges, according to the United Nations…. Now, US federal investigators are publicly warning about a key pillar of the North Korean strategy, in which the regime places operatives in tech jobs throughout the information technology industry.”

The Conversation: Email scams are getting more personal – they even fool cybersecurity experts

The Conversation: Email scams are getting more personal – they even fool cybersecurity experts. “The infamous ‘prince of Nigeria’ emails are falling out of fashion. Instead, scammers are scouring social media, especially business-related ones like LinkedIn, to target people with tailored messages. The strength of a relationship between two people can be measured by inspecting their posts and comments to each other.”

Engadget: YouTube introduces new tools to battle comment spam and account imitators

Engadget: YouTube introduces new tools to battle comment spam and account imitators. “YouTube is enacting more measures in its battle to cut down on comment spam and channel impersonation. Creators now have access to a new setting for comments in YouTube Studio. They’ll be able to select an ‘increase strictness’ option. YouTube says this builds on the ‘hold potentially inappropriate comments for review’ setting and will reduce the number of spam and identity abuse comments.”

Security Boulevard: How to Prevent and Respond to Social Media Impersonations

Security Boulevard: How to Prevent and Respond to Social Media Impersonations. “Social media impersonations have become a very popular tactic to deploy online scams. Cybercriminals, fraudsters, and identity thieves alike pose as a trusted figure, such as a celebrity, corporate executive, or a well-known high-net worth individual, to try and trick unsuspecting people into taking an action, such as wiring money or sharing login credentials.”

BBC: YouTube accused of not tackling Musk Bitcoin scam streams

BBC: YouTube accused of not tackling Musk Bitcoin scam streams. “YouTube is being criticised for failing to tackle a network of cyber-criminals streaming fake Elon Musk videos to scam viewers. The criminals are hijacking YouTube accounts and using the videos to promote bogus cryptocurrency giveaways. BBC News found dozens of these streams being watched by tens of thousands of people over four days this month.”

TorrentFreak: Bogus DMCA Notices Sent to Google By Fake Google….To Protect Google?

TorrentFreak: Bogus DMCA Notices Sent to Google By Fake Google….To Protect Google?. “If the title of this article has caused any confusion, please direct any blame towards the architects of some of the most absurd DMCA abuses of recent times. People with an apparent interest in delisting Android APK sites are sending bogus DMCA notices in Google’s name, ostensibly to protect Google’s rights. Who are they sending them to? Google, of course.”

Ukraine war: The stolen faces used to promote Vladimir Putin (BBC)

BBC: Ukraine war: The stolen faces used to promote Vladimir Putin. “Indian influencer ER Yamini has never tweeted in her life – she prefers to cultivate her big fan bases on Instagram and YouTube. But in early March, a Twitter account using her picture tweeted: ‘#IStandWithPutin. True Friendship’ accompanied by a video showing two men hugging – one representing India, the other, Russia. Yamini says she doesn’t support either country in the Russia-Ukraine war, and worries about her fans.”

Krebs on Security: DEA Investigating Breach of Law Enforcement Data Portal

Krebs On Security: DEA Investigating Breach of Law Enforcement Data Portal. “The U.S. Drug Enforcement Administration (DEA) says it is investigating reports that hackers gained unauthorized access to an agency portal that taps into 16 different federal law enforcement databases. KrebsOnSecurity has learned the alleged compromise is tied to a cybercrime and online harassment community that routinely impersonates police and government officials to harvest personal information on their targets.”