Possible Phishing
on: hxxps[:]//enlineaaaaa33[.]z13[.]web[.]core[.]windows[.]net
Analysis at: https://urldna.io/scan/689bcb8a3b7750000a1212e9
#cybersecurity #phishing #infosec #urldna #scam #infosec

In case you were unaware of that particular scam, "Domain Name Scams Are Alive And Well, Thank You" https://nxdomain.no/~peter/domain_name_scams_are_alive_and_well_thank_you.html (tracked https://bsdly.blogspot.com/2016/03/domain-name-scams-are-alive-and-well.html) #dns #domainnamescam #cndomains #chinaname #chinanetname #scam #china #cybercrime

(I repost when one of those scam messages actually reaches a mailbox I read)

This site for sore eyes, plus the fact that they just made sign up for some passkey which will almost certainly lock me out of my account someday without recourse makes me think it's time to migrate away from aws

Possible Phishing
on: hxxps[:]//jvm2122[.]webmo[.]fr/frd/739f3fc/Sign_in[.]php
Analysis at: https://urldna.io/scan/689b50da3b77500010f3b9d9
#cybersecurity #phishing #infosec #urldna #scam #infosec

Last week we released the first of a three part VexTrio origin story. The second part is now available. This research includes more than 200 open source references to help others validate the results and start their own investigations.

As of Tuesday, August 5th, all of those links were valid and all went directly to open material …. so anything that is gone, or social media that is now closed… welp, that's the actors, not us. Feel free to report missing things in this thread. :)

The second part of this story focuses on the VexTrio activities that extend beyond their well-known traffic distribution systems (TDS). Enjoy.

#dns #threatintel #scam #tds #infoblox #spam #cybercrime #cybersecurity #infosec #malware

https://blogs.infoblox.com/threat-intelligence/vextrio-unmasked-a-legacy-of-spam-and-homegrown-scams/

The Guardian, from yesterday: The scam hunter who got scammed https://www.theguardian.com/lifeandstyle/2025/aug/08/experience-scam-hunter-who-got-scammed @TheGuardian #Facebook #Meta #scam #cybersecurity #infosec

The original story is from last week, but worth noting again. The crooks pretended to be reps from Chase, calling to report an account compromise. If you get one of those, hang up and call the bank directly. The extra effort could be a life-saver.

Bitdefender (promo included): Good Morning Britain Correspondent Noel Phillips Loses Life Savings in Elaborate Phone Scam. How Can Your Stay Safe https://www.bitdefender.com/en-us/blog/hotforsecurity/good-morning-britain-correspondent-noel-phillips-loses-life-savings-in-elaborate-phone-scam-how-can-your-stay-safe #cybersecurity #Infosec #scam

That “Amazon Safety Recall” message may well be a scam https://www.malwarebytes.com/blog/news/2025/08/that-amazon-safety-recall-message-may-well-be-a-scam #amazon #Recall #Scams #News #scam #text

How long do you reckon before advanced fee fraud scammers start to include “age verification” requests?

It’s very much of the moment, so I’m expecting within a month…

How to Protect Yourself From Portable Point-of-Sale Scams

https://www.wired.com/story/portable-pos-thefts-how-to-protect-yourself-from-scams/

Three Ghanaian men extradited to the US over $100M fraud involving romance scams and business email compromise targeting individuals and companies.

Read: https://hackread.com/ghanaian-nationals-extradite-us-bec-romance-scams/

Cryptocurrency theft through a program that victims need to run to allegedly profit from a bug in crypto exchange

A cryptocurrency theft scam distributed on platforms like Pastebin uses social engineering to trick victims into running malicious JavaScript code disguised as a "crypto exchange profit exploit,". The malware manipulates the displayed web page content to show fake 37% profits while redirecting victims' cryptocurrency to attackers' wallets.

**Never trust "secret profit methods" or anyone claiming to share money-making exploits - if someone really found a way to make 37% profit, they'd use it themselves, not share it. Never run unknown JavaScript code or programs from random sources, especially ones promising easy profits.**
#cybersecurity #infosec #scam #phishing #activescam
https://beyondmachines.net/event_details/cryptocurrency-theft-through-a-program-that-victims-need-to-run-to-allegedly-profit-from-a-bug-in-crypto-exchange-u-i-5-3-9/gD2P6Ple2L

A general warning to the #AmWriting community: There is a new type of #scammer active on #Facebook, and I have reason to believe that they are active on #Mastodon as well.

These scammers pretend that they are famous authors, and claim that they want to "assist you on your writing journey". Which is odd - why would "famous authors" want to start a new account just to help other authors, instead of their own works?

No doubt this approach is intended to get you to spend lots of money on some "consulting service" which will get you "additional sales and reviews". So be aware, and be deeply suspicious of anyone contacting you out of the blue who pretends to be a famous author.

#Scammer #scam #writing #WritersCoffeeClub #WordWeavers #ScribesAndMakers
#PennedPossibilities #WritingCommunity

#Scammers Panic After Massive #Virus Attack

https://www.youtube.com/watch?v=s2w32jYinAA

Last night after a nice evening in the beer garden of #Telakka in #Tampere we had our 1st experience "being ripped off as tourists".
We took a #taxi home, and they seemed to have manipulated the taxameter. A trip that should have cost around 25 Euro (9,50 Start fee +1,29 per km for 11 km) clocked up 50 Euros on the taxameter. The driver spoke not much English, and kept repeating that we should have checked the rates before boarding. Didn't know this type of #scam yet.

Die große VPN-Lüge. Tipps zum Thema hier: https://www.youtube.com/watch?v=1opKW6X88og #vpn #scam #privacy

Nigerian man extradited from France to US over hacking, ID theft & multimillion-dollar fraud. FBI says he spearphished tax firms to steal data for bogus returns & disaster-relief claims.

Read: https://hackread.com/nigerian-extradited-france-us-hacking-fraud-allegations/

I have finally understood what it is about traditional publishing that so disgusts (a strong word, but accurate) me:

Traditional publishing contracts are presented as group projects in which the author is expected to do all the work, and produce all the results, for everyone else to benefit from.

(I always hated group projects, because any given group houses at least one lazy bastard who does nothing with little-to-no consequence. In publishing, being a lazy, parasitical bastard seems to be the rule rather than the exception.)

If I do all the work, I reap all the benefits (such as they are).

Eine besonders raffinierte Phishing-E-Mail, die auf den ersten Blick wie eine legitime Nachricht von Netflix erscheint, entpuppt sich bei genauerer Analyse als professionell gestalteter Betrugsversuch. Im Beitrag nehmen wir die technischen und inhaltlichen Merkmale dieser E-Mail unter die Lupe und zeigen auf, woran man solche Angriffe erkennt – und wie man sich schützt.

https://teufelswerk.net/vorsicht-phishing-gefaelschte-netflix-mail-im-umlauf-erneuern-sie-ihr-netflix-abonnement/