News

The Twelve Frauds of Christmas – Payment Diversion Fraud

James Hubner Gary Warner Payment Diversion Fraud is a type of fraud where criminals target an individual to divert payments to criminal-controlled bank accounts.  This is typically accomplished through Business Email Compromise (BEC) which targets companies via their email communications in order to obtain financial gain or company information. Phishing emails related to BEC scams…
Read More

The Twelve Frauds of Christmas – Online Shopping Fraud

Robin J. Pugh Online Shopping continues to be a fast-growing sector for retailers across the globe.  In the US, sales during the period known as Cyber Week or Cyber 5 – the period from Thanksgiving through Cyber Monday – reached $35.3 billion in revenue, which exceeded projections by almost $500 million, according to digital research…
Read More

The Twelve Frauds of Christmas – SMS Fraud

Clarence Tillery & Gary Warner The phone rings. You pick it up and see that it’s a number closely resembling yours. Maybe even so close that you mistake it for a family member. Good thing you answered it because they’ve been trying to reach you about your car’s extended warranty. Unwanted nuisance, sales and fraudulent…
Read More

The Twelve Frauds of Christmas – Pet Fraud

Gary Warner & Cameron Stirner “Pet fraud” refers to internet scammers capitalizing on people using online resources to shop for a pet. The scammers will use advertisements that are often too good to be true to attract potential buyers. Once a victim has been lured into purchasing a pet from a fraudulent vendor, the fraudster…
Read More

Remote Control Phishing by Telephone

An increasingly prevalent trend being used by fraud actors operating from Indian Call Centers is to send emails claiming that a charge is about to be debited from your account and that to stop the charge, a telephone number should be called.  We’ve seen these recently imitating Amazon, Paypal, and Geek Squad.  Today at 2:09…
Read More

FEMA Fraud

Hurricane Ian Leads to Predictable FEMA Fraud Threat Actors (TAs) are ready to take advantage of vulnerabilities as disasters strike and populations become more susceptible to potential fraud. A wave of actors was ready to take advantage of the FEMA disaster assistance program that was released 28SEP2022 after Hurricane Ian hit Florida. Not only have…
Read More

OTP Bots

INTRODUCTION DarkTower recently identified and has been monitoring the use of OTP bots, available forpurchase in high-traffic Telegram fraud Group Chats. FINDINGS DarkTower identified several OTP bots circulating. The bots can be used to circumvent Two-Factor Authentication by sending false requestsdisguised as legitimate requests. The bots are primarily sold and operated through Telegram. INVESTIGATION OTP…
Read More

RedLine Stealer

INTRODUCTION A list of RedLine Stealer configurations was found on 19SEP2021 on Twitter, showing hashes, C2_proxy, and the encryption key. RedLine Stealer is a MaaS (Malware as a Service) found in forums and markets for sale. FINDINGS RedLine Stealer was first seen in 2020 and currently has active subscribers. RedLine Stealer is being sold as…
Read More

Fraud Indicator: Dot Variant Email Aliases

INTRODUCTION AND RECOMMENDATION On 14MAY2021, Abidemi Rufai, a pandemic unemployment scammer from Lekki, Nigeria, was arrested at JFK airport as he attempted to leave the country.  In the DOJ press release about the event we learned that he had “used variations of a single e-mail address in a manner intended to evade automatic detection by…
Read More