She was careful online, but this Toronto teen was still targeted with deepfake porn

This is an interesting problem, since anyone, anywhere in the world can create nude deepfakes of anyone else, using any (fully clothed) photo as a starting point. In #Canada at least distributing these images of children is a crime, as they are child pornography, but in this case it was not distributed, just emailed to the victim as part of what may have been a #phishing scheme. It looks like police did nothing from what the story says.

You might get the police to act if the image was of a child and it was posted online and they can identify who did it and the person is in the same country, otherwise forget it. Overall I suspect that police are not going to be effective in these cases. Our national facility, Cybertip.ca received complaints about 4,000 of sexually explicit deepfakes in the past year, so I doubt they took any action. It does seem from the article that there is nothing that can be done to prevent this, and hard as it may be, the best course is probably just to treat it like a scam phone call and ignore it.

I suspect we are going to see a lot more of this, particularly if it upsets people. Also this seems to be something that is going to victimize younger people far more than old people. There might yet be some advantage to getting old.

#CBC #News #internet #AI #deepfake #deepfakes

Voice Phishing: Diese Android-Malware lässt dich mit Hackern telefonieren

#malware #phishing #android

Je reçois moult tentatives de #phishing par émail et remplis scrupuleusement chacunes d'entre elles de fausses données personnelles, avec les numéros de téléphones d'entreprises de harcellement publicitaire et des numéros de #cartesbancaires farfelus. Je devrais aussi y rentrer l'adresse d'entreprises scélérates mais j'ai la flemme de chercher

NHS email accounts hijacked for phishing campaign | Computer Weekly

More than 130 NHS email accounts were hijacked for a credential harvesting phishing operation targeting Microsoft users, although true scope of the attack is unknown.

During the phishing campaign – which started in October 2021 and escalated dramatically in March 2022 – cloud-based security platform Inky detected 1,157 phishing emails originating from #NHSMail, which was migrated from an on-premise installation to #Microsoft Exchange Online in February 2021.

All of the #phishing emails passed email authentication for nhs.net, and were sent from two IP addresses used by the NHS, which confirmed that the two addresses were relays within the mail system used for a large number of accounts

https://www.computerweekly.com/news/252516702/NHS-email-accounts-hijacked-for-phishing-campaign

#security #cyberattack #NHS #PrivatisationFail

The Internet is sometimes an evil place ...

#meme #malware #Phishing #email #evil #nerd #humor #just4fun

Getting phishing accounts from an address in Israel!

It is just hilarious that they sent a message about an administrative offer using an email address from the "mkm-haifa.co.il" site!

#spam #Israel #France #phishing #yahoo #email

Ukraine bans #Telegram on #military, govt devices over #security risks

source: https://www.bleepingcomputer.com/news/security/ukraine-bans-telegram-on-military-govt-devices-over-security-risks/

Ukrainian officials representing the country's Security Service and the General Staff of the Armed Forces also warned that #Russia "actively" uses Telegram for cyberattacks, #phishing, #malware distribution, and coordinating #missile strikes.

This is not a revolutionary realization. It would be interesting to know whether the Russian secret service has also infiltrated servers in order to expose users and monitor them specifically.

#news #cybersecurity #messenger #communication #internet #spy #problem #surveillance #Ukraine #warfare #attack #cybercrime #war #fake #disinformation #propaganda

Achtung Abzocke! Was du über Betrugsmaschen im Zahlungsverkehr wissen musst

#fakenews #phishing #onlinepayment

Achtung Abzocke! Was du über Betrugsmaschen im Zahlungsverkehr wissen musst

Beim Shoppen im Internet lauern viele Fallen. Denn Kriminelle erfinden immer neue Methoden, um dir das Geld aus der Tasche zu ziehen.

Von Ransomware bis Phishing: Wie sinnvoll ist eine Cyberversicherung wirklich?

#phishing

Cyberversicherungen: Wie schützen sie bei Cybercrime?

Das müssen Privatpersonen und Unternehmen bei Policen gegen Ransomware-Attacken, Phishing und Social Engineering beachten.

Amazon-Prime-Kunden im Visier: Mit dieser Masche wollen Betrüger an euer Geld

#amazonprime #phishing #amazon

Amazon-Prime-Kunden im Visier: Mit dieser Masche wollen Betrüger an euer Geld

Immer wieder nutzen Cyberkriminelle große Unternehmen, in deren Namen sie angeblich ihre Opfer anschreiben.

Victim proves how to easily steal someone’s FNB bank payment card details and buy a tank of petrol in South Africa

This is actually not a very difficult hack, but what is really critical is to NEVER click on links that arrive by e-mail or SMS. Rather, note any reference/tracking number and go independently to the website via your browser and check it out if you think it may be genuine.

The SA Post Office parcel attack is an old one, and as far I know the post office does not do payments online as the payment is made at the desk when receiving the parcel.

The phishing attack may appear to be something genuine, especially if you are waiting for a parcel, but that is exactly how people are being caught out (even those who are pretty tech-savvy—it catches people in those few seconds before their guard is up).

I got a phishing attack attempt just today from a courier company and when I checked the tracking number on their website, it says the shipment has not yet been created. On their website is also a warning notice about phishing attempt scams.

If you do use virtual bank cards, you should set the daily and monthly limits to just what is needed, and often you can deactivate/activate them just when needed.

See mybroadband.co.za/news/securit…
#Blog, #phishing, #southafrica, #technology

Achtung vor #Phishing bei #Netcup

https :// customercontrolpanel.netcupgmbh.com/12021/login.php

ist eine Phisher-Seite!

#Twitter’s Clumsy Pivot to X.com Is a Gift to Phishers

source: https://krebsonsecurity.com/2024/04/twitters-clumsy-pivot-to-x-com-is-a-gift-to-phishers/

Those include carfatwitter.com, which Twitter/X truncated to carfax.com when the domain appeared in user messages or tweets. Visiting this domain currently displays a message that begins, “Are you serious, X Corp?”

#internet #fail #security #phishing #cybersecurity #twitter #news

Un mail de phishing cible les utilisateurs de Proton Mail, soyez vigilants !

24 fevrier 2024

https://www.numerama.com/cyberguerre/1635768-un-nouveau-mail-de-phishing-cible-les-utilisateurs-de-proton-mail-soyez-vigilants.html

Je vous conseille de faire comme moi : j'ai sauvegardé puis imprimé la capture d'écran du faux site imitant la page d'accès à Protonmail, et je la garde toujours sous le coude...

#Protonmail #alerte #phishing #mail #cybersécurité

Un mail de phishing cible les utilisateurs de Proton Mail, soyez vigilants

Un faux message de mise à jour vise les utilisateurs de la messagerie sécurisée Proton Mail. Prudence si vous recevez un tel mail dans votre boîte aux

So sehr ihr aus :-)

<p style=3D"margin: 0px 0px 16px;">Um die offene Ford=
erung einzusehen und zu begleichen, bitten wir Sie, sich =C3=BCber den=
 folgenden Link bei der SCHUFA anzumelden: <a href=3D"https://bitly.ne=
t/3Vvxl9l">https://www.schufa.de/s4b-registrierungseite.jsp</a></p>

Lustig ist, in der text/plain-Variante, bei deren Darstellung Thunderbird syntakisch korrekte Links ungefragt ebenfalls als Links anbietet, würde man tatsächlich bei der Schufa landen - keine Ahnung, ob es die Seite da tatsächlich gibt. Wenn ich die Schufa wäre ...

Tatsächlich kommt die Phishing-Mail von einem Host aus dem IP-Range von Amazon AWS.

#phishing #mail #fischersfritzefischtfrischefische #schufa #amazonaws

Date: Wed, 10 Jan 2024 06:34:14 -0600
From: BnkIDNorge <bnkidnorge\@gmail.com>
To: *******@*******.***
Subject: Valider dataene dine

Ja, den går vi på...

Er forøvrig ekstremt mye av denne typen phishing svindler nå. Får du epost som utgir seg for å være fra BankID, Vipps, Spotify, Netflix, OnePark eller andre som ikke vanligvis sender deg epost, så vær på vakt. Det er i alle tilfeller bedre å slette enn å gå i fella!

#phishing #svindel #norsk #infosec

This Week in Security: Terrapin, Seized Unseized, and Autospill

#computerhacks #hackadaycolumns #news #securityhacks #autospill #phishing #terrapin #hackaday
posted by pod_feeder_v2

This Week In Security: Terrapin, Seized Unseized, And Autospill

There’s a new SSH vulnerability, Terrapin (pdf paper), and it’s got the potential to be nasty — but only in an extremely limited circumstance. To understand the problem, we have t…

Benutzt hier jemand WordPress?

Es scheint gerade großangelegtes Phishing im Namen des »WordPress Security Team« zu geben, um Leute dazu zu bewegen, Plugins mit Schadsoftware für ihr Blog/ihre Website zu installieren. Bitte auf gar keinen Fall darauf reinfallen!

Wer sich ein bisschen schwer mit dem Lesen englischsprachiger Texte tut: Ich habe für »Unser täglich Spam« den Kern ins Deutsche übelsetzt.

#Spam #Phishing #Security #WordPress #Schadsoftware #Malware #Warnung

Alert: WordPress Security Team Impersonation Scams

The WordPress Security Team is aware of multiple ongoing phishing scams impersonating both the “WordPress team” and the “WordPress Security Team“ in an attempt to convince administrators to install…

Ich weiß nicht, ob hier jemand davon betroffen ist, aber im Moment laufen Phishingmails für Kunden von HostEurope herum. Bitte nicht darauf reinfallen! | #Spam #Phishing #Blah #HostEurope

Phishingadvarsel: Autopay*ONEPARK refusjon

Denne kan være litt verdt å være obs på, siden mange bruker disse appene, og det kan være vanskelig å holde styr på hvor man har parkert til enhver tid, kan det være lett å bite på. Men får du en epost som utgir seg fra å være fra "Autopay & ONEPARK" og som hevder du må klikke på en knapp for å få refundert penger de ved en feil har trukket fra betalingskortet ditt, så er det en svindel.---

Date: Thu, 12 Oct 2023 18:00:41 -0600
From: Autopay & ONEPARK \<contact@premlike.com>
To: *****@*****.***
Subject: Autopay*ONEPARK refusjon

Kjære kunde,

Vi skriver til deg for å informere deg om et problem som vi har blitt gjort 
oppmerksom på i forbindelse med betalinger som nylig er gjort til 
Autopay*ONEPARK.

Vi har fått vite at på grunn av en teknisk feil ble kontoen din utilsiktet 
belastet tre ganger for en nylig gjennomført transaksjon, noe som resulterte i 
en ekstra kostnad på 355 kr. Vi beklager denne ulempen og forsøker å løse 
problemet raskt ved å refundere de overskytende kostnadene.

For å starte refusjonsprosessen, vennligst klikk på knappen nedenfor:

[Start refusjonen]

Når du klikker på knappen, blir du sendt til vår sikre side for 
refusjonsbekreftelse. Der kan du følge trinnene for å gi eventuelle nødvendige 
detaljer og bekrefte refusjonsforespørselen.

Hvis du har spørsmål eller trenger ytterligere assistanse, nøl ikke med å 
kontakte vårt kundestøtteteam på 555-99-888.

Vi beklager igjen for eventuelle ulemper dette måtte ha forårsaket og 
setter pris på din raske samarbeid for å løse denne saken.

Din tilfredshet er av største betydning for oss, og vi er forpliktet til å 
sikre en rask løsning.

Takk for din forståelse og samarbeid.

Med vennlig hilsen,

Både avsenderadresse og telefonnummeret burde være greie merker på at dette er svindel, men om man ikke ser så nøye etter kan det være lett å gå i baret.

Som alltid, vær obs! Ikke klikk på lenker i epost eller sms med mindre du er helt sikker på at de er legitime. Sjekk alltid avsenderadresser, og se gjerne etter andre spor som kan antyde en svindel også.

#phishing #svindel #autopay #onepark #norge #norsk