LinkedIn becomes a goldmine of cybercrime
Adobe Stock

LinkedIn becomes a goldmine of cybercrime

Nethone’s Fraud Intelligence (FI) delivers first-hand Darknet insights about the digital fraud risks your platforms face. Our fraud intelligence team proactively seeks out all fraud schemes that might harm your business.


By subscribing to this newsletter, you can keep up-to-date with the latest new in the world of the dark web and learn how to safeguard your business using advanced anti-fraud measures.?


In the April edition of the Fraud Intelligence Report, we dive into the world of fake social media accounts, massive bot attacks and data abuses. Don't be complacent and become a fraud victim – stay ahead of the curve and subscribe today.?


From emerging scams to new trends in fraud, we keep you informed:

  • A Growing Goldmine: Your LinkedIn Data Abused For Cybercrime
  • Tech (non)support: Scammers pose as Meta on 3,200-plus fake profiles in Facebook account takeover ploy
  • Grand Account Theft: Group-IB uncovers over 600 hijacked Instagram accounts used to spread financial phishing in Indonesia
  • Darknet Summary: Sanctions evasion is a threat to all merchants and banks
  • How criminals obtain stolen credit cards
  • Tax Fraud on the Darknet and Deep Web: 2023 Update
  • The Weak Link: Recent Supply Chain Attacks Examined
  • Deepfakes and AI: Ready for Cybercrime Prime Time?
  • 2023 Ransomware Attacks: First-Quarter Highlights



Social Media Fraud

A Growing Goldmine: Your LinkedIn Data Abused For Cybercrime

Trend Micro's recent article highlights the increasing abuse of LinkedIn data by cybercriminals for various nefarious activities. The platform's extensive professional data, including employment history, connections, and personal details, has become a goldmine for attackers, who exploit this information for phishing, social engineering, and targeted attacks. Cybercriminals utilise the data to create convincing fake profiles, impersonate executives, and establish trust with potential victims. The article underscores the importance of exercising caution when sharing information on social media platforms and staying vigilant against potential cyber threats.

Read more:

https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/a-growing-goldmine-your-linkedin-data-abused-for-cybercrime



Tech (non)support: Scammers pose as Meta on 3,200-plus fake profiles in Facebook account takeover ploy

Group-IB, a global cybersecurity firm, has uncovered a large-scale meta-phishing campaign targeting Facebook's Meta Platforms Inc. users. Cybercriminals have employed a sophisticated method of impersonating the company's employees to gain unauthorised access to user accounts and spread malware. By exploiting the trust of victims and leveraging social engineering techniques, the attackers have been able to evade traditional security measures, raising concerns about the growing complexity and effectiveness of phishing campaigns in the digital age.

Read more:

https://www.group-ib.com/media-center/press-releases/meta-phishing-campaign/



Grand Account Theft: Group-IB uncovers over 600 hijacked Instagram accounts used to spread financial phishing in Indonesia

Global cybersecurity firm Group-IB has discovered a widespread Instagram scam affecting Indonesian users, with over 20,000 victims falling prey to cyber criminals. The scammers utilised a variety of schemes, such as celebrity giveaways, account verification, and password reset requests, to lure users into providing their login credentials. Once the attackers gained access, they monetised the victims' accounts by selling or using them to spread further scams. Group-IB warns that the growing popularity of social media platforms has made them attractive targets for cybercriminals, and urges users to be cautious when interacting with unknown accounts or clicking on suspicious links.

Read more:

https://www.group-ib.com/media-center/press-releases/instagram-scam-indonesia/



Darknet environment

Darknet Summary: Sanctions evasion is a threat to all merchants and banks

Sanctions have proven largely successful in denting the Russian economy and impacting its effectiveness in waging war. On the other hand, cybersecurity researchers at Recorded Futures highlight that ongoing sanctions evasion has allowed Russian cybercriminals and even regular citizens to bypass these measures by using the dark web and a few tricks. The result is that eCommerce merchants and banks are being fooled into aiding Russian sanctions evasion - something that could lead to them falling under secondary sanctions.

Nethone’s Intelligence Specialist Micha? Barba? helps explain how Russian sanctions evasion is being committed and how to prevent your businesses from suffering from both financial and legal fallout.

Listen to the podcast:

https://nethone.com/podcasts/sanctions-evasion-is-a-threat-to-merchants-and-banks?utm_source=linkedin&utm_medium=organic&utm_campaign=fnip



How criminals obtain stolen credit cards

Nethone’s Intelligence Specialist, Micha? Barba? , has shared an insightful comment regarding the sale of corporate logins on the dark web. Cybercriminals are offering unauthorized access to various businesses' internal systems and networks at alarmingly low prices. The post highlights the importance of implementing strong security measures to protect corporate data and intellectual property. Organisations are urged to ensure the use of unique and robust passwords, adopt multi-factor authentication, and regularly monitor their digital assets to mitigate the risks associated with these cyber threats.

Read more:

https://www.dhirubhai.net/posts/michalbarbas2_darkweb-nethone-activity-7047233128851025920-8Oyc?utm_source=share&utm_medium=member_desktop



Tax Fraud on the Darknet and Deep Web: 2023 Update

DarkOwl's latest blog post delves into the growing issue of tax fraud during the 2023 tax season, offering examples of how cybercriminals are exploiting personal information to conduct illicit activities. Taxpayers are at risk of identity theft, fraudulent tax return filings, and scams related to stimulus checks, as attackers utilize the dark web to buy and sell stolen data. The article emphasizes the need for individuals to safeguard their personal information, remain cautious when interacting with emails and phone calls claiming to be from tax agencies, and report any suspicious activity to help combat this rising cyber threat.

Read more:?

https://www.darkowl.com/blog-content/2023-tax-fraud-examples/



Fraud Activity

The Weak Link: Recent Supply Chain Attacks Examined

In this article, the author focuses on third-party cyber attacks and the recent spike in “third-party breached and update tampering attacks”. These assaults represent a form of supply chain attack, which targets suppliers or vendors that offer products or services to an organisation. As part of their service provision, these suppliers or vendors might have access to the organisation's network or systems. Attackers can take advantage of this access to obtain unauthorised entry to sensitive data or undermine essential systems.

The article discusses recent supply chain attacks and how they can be prevented. It explains that supply chain attacks can occur through various methods, such as stealing login credentials, tampering with software or firmware, stealing sensitive data, and launching denial of service attacks. The latest examples of these attacks are the SolarWinds attack and the Kaseya ransomware attack.

Read more:

https://cyberint.com/blog/research/recent-supply-chain-attacks-examined/



Deepfakes and AI: Ready for Cybercrime Prime Time?

Intel471's article provides an in-depth analysis of the increasing prominence of deepfakes and AI technologies in the realm of cybercrime. As these technologies become more advanced and accessible, cybercriminals are leveraging them for various illicit activities, such as spreading disinformation, impersonating individuals, and committing fraud. The article highlights the potential threats posed by these rapidly evolving technologies, emphasising the importance of staying informed about their development and implementing appropriate security measures to mitigate the risks associated with their criminal use.

Read more:

https://intel471.com/blog/deepfakes-and-ai-ready-for-cybercrime-prime-time



2023 Ransomware Attacks: First-Quarter Highlights

The article from ReliaQuest's blog provides insights into ransomware attacks to have occurred in Q1 2023. The report discusses the most important ransomware-related events that took place during this period, including the surge in double-extortion ransomware groups, the rise in healthcare industry attacks, and the significant seizure of servers of the "Hive" ransomware gang by the FBI. It also provides intelligence on the most active ransomware groups, their TTPs and victimology, and recommendations for organisations to protect themselves from these threats.?

Read more:

https://www.reliaquest.com/blog/2023-ransomware-attacks-q1/?



If you are interested in first-hand Darknet insights to warn you in real-time whether you are on fraudsters’ radar. Go to nethone.com

We can spot the warning signs ??

Jonathan Spedale

Analyste fraude / Enquêteur

1 年

Attention, les faux comptes ne servent pas uniquement à des fins criminelles. Beaucoup de services de renseignements, de particuliers et d'experts indépendants spécialisés dans la lutte contre la fraude, ainsi que des passionnés d'Osint, sont obligés de créer des profils afin de garantir leur sécurité ??

要查看或添加评论,请登录

社区洞察

其他会员也浏览了