
Phishing

China-based SMS Phishing Triad Pivots to Banks – Krebs on Security
China-based purveyors of SMS phishing kits are enjoying remarkable success converting phished payment card data into mobile wallets from Apple and Google. Until recently, the so-called “Smishing Triad” mainly impersonated toll road operators and shipping companies. But experts say these groups are now directly targeting customers of international financial institutions, while dramatically expanding their cybercrime…

Arrests in Tap-to-Pay Scheme Powered by Phishing – Krebs on Security
Authorities in at least two U.S. states last week independently announced arrests of Chinese nationals accused of perpetrating a novel form of tap-to-pay fraud using mobile devices. Details released by authorities so far indicate the mobile wallets being used by the scammers were created through online phishing scams, and that the accused were relying on…

Scalable Vector Graphics files pose a novel phishing threat
Criminals who conduct phishing attacks over email have ramped up their abuse of a new threat vector designed to bypass existing anti-spam and anti-phishing protection: The use of a graphics file format called SVG. The attacks, which begin with email messages that have .svg file attachments, started to spread late last year, and have ramped…

FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang – Krebs on Security
The FBI and authorities in The Netherlands this week seized dozens of servers and domains for a hugely popular spam and malware dissemination service operating out of Pakistan. The proprietors of the service, who use the collective nickname “The Manipulaters,” have been the subject of three stories published here since 2015. The FBI said the…

A Day in the Life of a Prolific Voice Phishing Crew – Krebs on Security
Besieged by scammers seeking to phish user accounts over the telephone, Apple and Google frequently caution that they will never reach out unbidden to users this way. However, new details about the internal operations of a prolific voice phishing gang show the group routinely abuses legitimate services at Apple and Google to force a variety…

Phishing platform Rockstar 2FA trips, and “FlowerStorm” picks up the pieces
Editor’s note: Sophos MDR’s Johua Rawles, Mark Parsons, Jordon Olness, and Colin Cowie contributed to this report. One of the Internet’s most prolific cybercrime-as-a-service operations recently suffered a setback: In November, Sophos MDR noticed that detections for the Rockstar2FA “phishing-as-a-service”(PaaS) platform had suddenly gone quiet. Based on telemetry gathered by Sophos MDR, it appears…