Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Vendor email compromise is a troubling new trend in which fraudsters use hijacked employee email accounts to target not just one company, but entire supply chain ecosystems. [Read More]
Bed Bath & Beyond says the accounts of less than 1% of its customers have been hacked in an attack that involved credentials obtained from third-party breaches and password reuse. [Read More]
U.S. fast-food restaurant chain Krystal is investigating a payment card breach that appears to impact at least 200 of its locations. [Read More]
Malwarebytes has found sufficient evidence to suggest that Magecart 5 is really the APT group known as Carbanak. [Read More]
Fake checkra1n iOS jailbreak used as part of a sophisticated click fraud scheme that could pave the way for far more malicious actions. [Read More]
Anthony Tyler Nashatka, aka psycho, appeared in a US federal court on charges related to his involvement in a scheme aimed at defrauding victims of at least $1.4 million in cryptocurrency. [Read More]
Magecart hackers have been gathering sensitive information from thousands of online shops after compromising top ecommerce platform and service provider Volusion. [Read More]
A citizen of Singapore has been charged in the United States for a large-scale cryptocurrency mining operation performed using stolen identity and credit card information. [Read More]
Iranian Foreign Minister Mohammad Javad Zarif is denying his country would interfere with the upcoming U.S. presidential election and says his government doesn’t have a preference in the race. [Read More]
A large number of spam messages recently sent by the same botnet were observed featuring randomized headers and even different templates, with some emails resembling phishing. [Read More]

FEATURES, INSIGHTS // Fraud & Identity Theft

rss icon

Gant Redmon's picture
When it comes to cybercrime, the police really can’t and aren’t going to protect residents of your town. The same goes for all towns and cities. Unless you’re talking a high six-figure theft, it's unlikely an officer will be assigned to your case.
Gant Redmon's picture
The holiday season is a time of giving. But savvy security and technology professionals such as yourselves know, both during the holidays and year-round, that not all giving is good.
Alan Wlasuk's picture
No more fertile ground for security breaches exists in the United States than our colleges and universities. A higher education student database is an identity thief’s dream come true.
Idan Aharoni's picture
Cooperation in the underground economy could enable a fraudster in Russia who masters the art of phishing to team up with another fraudster who already has the infrastructure of cashing out compromised online banking accounts of US banks.
Noa Bar-Yosef's picture
Companies are increasingly seeing the benefits of using social technologies both for internal and external purposes. What is the security impact of this trend? What should security teams think about?
Idan Aharoni's picture
To maximize profits, fraudsters need to do a lot of learning. They can either learn techniques of areas they haven't focused on yet, learn better techniques in the field they already specialize in, or learn new cover stories to improve the techniques they already use.
Idan Aharoni's picture
The worlds of counter terrorism and fraud prevention should increase their ties. Systems that are already implemented in one world may be applied to the other. Solution providers and policy makers from both worlds need to meet up and share ideas, thoughts and experience for the benefit of both.
Idan Aharoni's picture
A bank that will fail to give fraud departments the power to make the necessary changes to its internal processes, may end up in a situation where everyone knows how and why fraudsters are stealing money from their bank – yet nothing can be done to stop it.
Robert Vamosi's picture
Some newer POS systems in the US have built-in authentication systems designed to protect merchants against the addition of fraudulent PIN pads. Should PCI now require retail businesses to upgrade to newer and better technology?
Idan Aharoni's picture
Unlike real-world dumpster diving, "electronic dumpster diving" can enable cybercriminals to access all the documents currently held by the user, not just those that were thrown away.