@ljrk@lexd0g I think forcing people to learn actual encryption and tech would be better...
Whilst Passkeys can't be phished once established, the whole TOFU setup OR Key Custody issues still exist until it's setup.
And considering how hard it is to convince people to exercise proper ITsec and encrypt their shit see [#PGP/MIME on #eMail] I think forcing people to learn absolute basics will work far better.
An Ottawa woman is warning people who are selling their vehicle to be wary of scammers who try to lure sellers into purchasing vehicle history reports through fraudulent websites in order to obtain their credit card information.Ellen Thompson says she was encouraged by the large number of responses to an ad she posted on AutoTrader to sell her son's 2011 Honda CR-Z.
"The first day I was inundated with interested people and I thought 'Oh, this is crazy,'" says Thompson. "I couldn't even keep up to the interest."
Thompson had already paid for a vehicle history report for the pending sale, but she estimates nine out of every 10 text messages she received from potential buyers led to the same request for a vehicle history report from a different company.
Started to collect art #scammers on #Twitter in a list a while back in order to spot them easier.
I used to bother reporting them but eventually gave up since they rarely if ever get banned. Checking the list its up to 184. Unfortunately I can't share the list in an easy way, as the site lacks exporting tools and making a private list public, the users will immediately block, removing them.
Since joining mastodon last year I've only come across one scammer here. #artscam#scambots#scam
This novel method came up the other day. Someone made a google photos album and is sharing it out to people. They may be the owner of that google account or it was made via a compromised account. Either case, they are appealing to the thirsty and hope you contact them further.
Less of these are trying to immediately get you to buy into something. They want details about you. They wanna match up information and after three different fake accounts chat with you, they may have enough information to sell to someone who will then pretend to be you and maybe steal your accounts or money or take out credit.
You can always tell these people because no matter what you say, they will try to keep talking to you. Something seemingly innocent like talking about your day will slowly reveal important details they can sell. And the people who they sell this too are trained to take from you. Social engineering sucks, but it's a job now that people with time and a need for money can do and in the end you are just a paycheck.
I hate to say it, but there's a long running #donation#scam campaign regarding #lgbtq people in the #kakuma camp in #Kenya. I was contacted privately in the typical fashion (just "hi") by @ mawa@mastodon.world. Don't fall for it. If you want to help with the real dire situation, the attached reddit link has information and true donation links.
If you encounter #scammers, please #report them. And please #boost this for more awareness. https://www.reddit.com/r/lgbt/comments/wacwlw/regarding_kakuma_camp/
📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #42/2023 is out! It includes the following and much more:
➝ 🔓 👀 Tracking Unauthorized Access to #Okta's Support System
➝ 🔓 🇯🇵 #Casio discloses #databreach impacting customers in 149 countries
➝ 🔓 🧬 Hacker leaks millions more #23andMe user records on #cybercrime forum
➝ 🔓 🇨🇳 D-Link confirms data breach after employee #phishing attack
➝ 🔓 💰 #Equifax Fined $13.5 Million Over 2017 Data Breach
➝ 🇺🇦 🧹 Ukrainian activists hack Trigona #ransomware gang, wipe servers
➝ 🇺🇸 🇰🇵 FBI: Thousands of Remote IT Workers Sent Wages to #NorthKorea to Help Fund Weapons Program
➝ 🇮🇳 ☁️ #India targets #Microsoft, #Amazon tech support #scammers in nationwide crackdown
➝ 🇵🇸 🇮🇷 #Hamas-linked app offers window into cyber infrastructure, possible links to Iran
➝ 👮🏻♂️ 🥷🏻 Police seize #RagnarLocker leak site
➝ 🇰🇵 North Korean Hackers Exploiting Recent #TeamCity Vulnerability
➝ 🇨🇳 🇷🇺 #China replaces #Russia as top #cyberthreat
➝ 🇺🇦 📡 CERT-UA Reports: 11 Ukrainian Telecom Providers Hit by Cyberattacks
➝ 🇫🇷 🇪🇸 #France frees the two biggest Spanish hackers
➝ 🇺🇸 ⚓️ Ex-Navy IT head gets 5 years for selling people’s data on #darkweb
➝ 🇨🇭 🗳️ #Switzerland’s e-voting system has predictable implementation blunder
➝ 🔓 🏭 Critical Vulnerabilities Expose #Weintek HMIs to Attacks
➝ 🔓 🏭 #Milesight Industrial Router #Vulnerability Possibly Exploited in Attacks
➝ 🦠 🇻🇳 Fake #Corsair job offers on #LinkedIn push #DarkGate malware
➝ 🦠 Google-hosted #malvertising leads to fake #Keepass site that looks genuine
➝ 🦠 💬 #Discord still a hotbed of #malware activity — Now APTs join the fun
➝ 🦠 🕵🏻♂️ SpyNote: Beware of This Android #Trojan that Records Audio and Phone Calls
➝ 🛍️ 🦠 #Android will now scan sideloaded apps for malware at install time
➝ 💬 🔐 #WhatsApp#passkeys on the way, but as usual, for Android first
➝ 🇷🇺 🗂️ Pro-Russian Hackers Exploiting Recent #WinRAR Vulnerability in New Campaign
➝ 🗓️ ❌ Signal Pours Cold Water on Zero-Day Exploit Rumors
➝ 🔓 💥 #Cisco warns of new #IOS XE #zeroday actively exploited in attacks
📚 This week's recommended reading is: "RTFM: Red Team Field Manual v2" by Ben Clark and Nicholas Downer
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️
A New Tool Helps Artists Thwart AI—With a Middle Finger.
Kudurru, the new tool from the creator of Have I Been Trained?, can help artists block web scrapers and even “poison” the scraping by sending back the wrong image. #scams#scam#scammers#spam#cybersecurity#data #artists#creators#scraping
GENEVA (29 August 2023) – Hundreds of thousands of people are being forcibly engaged by organised criminal gangs into online criminality in Southeast Asia - from romance-investment scams and crypto fraud to illegal gambling - a report issued today by the UN Human Rights Office shows.
I really fail to understand why scamming websites can't be shut down and shutdown quickly. Wilko is being used for the latest one now, so take care. I hope Karma does it's thing to #scammers,# fraudsters etc. Glad I didn't order the air-fryer! #Mastodon#Fediverse
Periodic reminder that if you ditch the zero-trust part, if you admit that trust matters even a tiny bit, you can ditch the consensus algorithm and run the entire blockchain exercise on one shitty five year old Android phone. A firstgen raspberry pi would be overkill. Seven transactions per second wouldn’t have stretched a 486 on dial-up in 1996 and the whole stack is an embarrassment.
@bhawthorne@mhoye yeah, but you'd have the same issue with a credit card terminal and payment provider: Needing to hope you don't end up wuth #scammers and #fraudsters like #wirecard..
Also #PaymentProcessors are way more expensive and even if you don't want to deal with exchanging #Monero :monero: yourself, there are #PaymentProviders that do offer you to direcrpy convert that and take all the risks at the same rares, so there's that...
So my car got smashed into while it was parked, and the front was totalled (the folks responsible did leave their info). Then the fucking tow driver didn't take it to the body shop as he was supposed to. Instead he took it to a storage facility in fucking Pacifica so he could charge me storage fees. Do not ever, EVER use John's Towing (my insurance company chose them, and they will be getting an earful). #SF#BayArea#scammers
I've taken to replying to the discord etsy scammers asking if I want advertising and SEO support for my etsy page with a link to said page followed by buy something or I block you instantly. haven't gotten a single reply yet.
Hundreds of thousands trafficked to work as online scammers in SE Asia, says UN report (www.ohchr.org)
GENEVA (29 August 2023) – Hundreds of thousands of people are being forcibly engaged by organised criminal gangs into online criminality in Southeast Asia - from romance-investment scams and crypto fraud to illegal gambling - a report issued today by the UN Human Rights Office shows.