Verbase Is A Search Startup Using ‘No Ads’ To Lure Users To Fire Its Crowdsourced Engines
5 stars based on
64 reviews
Last week, Facebook deleted almost groups totaling more thanmembers. The groups were mostly closed — requiring approval from group administrators before outsiders could view the day-to-day postings of group members. Selling everything from stolen credit cards, identities and hacked accounts to services that help automate things like spamming, phishing and denial-of-service attacks for hire.
To its credit, Facebook deleted the groups within just a few hours of KrebsOnSecurity sharing via email a spreadsheet detailing each group, which concluded that the average length of time the groups had been active on Facebook was two years. But I suspect that the company took this extraordinary step mainly because I informed them that I intended to write about the proliferation of cybercrime-based groups on Facebook. That story, Deleted Facebook Cybercrime Groups hadMembersended with a statement from Facebook promising to crack down on such activity and instructing users on how to report groups that violate it its community standards.
Roughly two days later I received a series replies saying that Facebook had reviewed my reports but that none of the groups were found to have violated its standards. Perhaps I should give Facebook the benefit of the doubt: In any case, one thing seems clear: InKrebsOnSecurity exposed a network of phony Web sites and fake online reviews that funneled those seeking help for drug and alcohol addiction toward rehab centers that were secretly affiliated with the Church of Scientology.
Not long after the story ran, that network of bogus reviews disappeared from the Web. The listing on Craigslist. Assistants are cautioned not to create more than two listings per street address, but otherwise to use any U.
Although the current Web site registration records from registrar giant Godaddy obscure the information for the current owner of seorehabs[dot]com, a historic WHOIS search via DomainTools shows the site was also registered by John Harvey and TopSeek in Harvey did not respond to requests for comment. DomainTools previously was an advertiser on KrebsOnSecurity]. Their Wiki entry documents multiple cases of accidental deaths at Narconon facilities, where some addicts reportedly died from overdoses of vitamins or neglect.
The Internal Revenue Service has been urging tax preparation firms to step up their cybersecurity efforts this year, warning that identity thieves and hackers increasingly are targeting certified public accountants CPAs in a bid to siphon oodles of sensitive personal and financial data on taxpayers.
This is the story of a CPA in New Jersey whose compromise by malware led to identity theft and phony tax refund requests filed on behalf of his clients. This particular malware is not terribly sophisticated, but nevertheless is quite effective. It not only grabs any data the victim submits into Web-based forms, but also captures any typing — including backspaces and typos as we can see in the screenshot below.
Whoever was running this scheme had all victim information uploaded to a site that was protected from data scraping by search engines, but the site itself did not require any form of authentication to view data harvested from victim PCs.
Instead, John composed and distributed to his clients a form letter about their rejected returns, and another letter that clients could use to alert the IRS and New Jersey tax authorities of suspected identity fraud.
How good are you at telling the difference between domain names you know and trust and impostor or look-alike domains? For example, how does your browser interpret the following domain? Despite appearances, it is most certainly not the actual domain for software firm CA Technologies formerly Computer Associates Intl Inc. Go ahead and click on the link above or cut-and-paste it into a browser address bar. What the fake ca. A browser certificate ordered from Comodo allows it to include the green lock https: Internationalized domain names IDNs allow domain names to be registered in non-Latin letters RFCprovided the domain is all in the same language; trying to mix two different IDNs in the same name causes the domain registries to reject the registration attempt.
As you can imagine, the potential opportunity for impersonation and abuse are great with IDNs. Holden also was able to register a valid SSL encryption certificate for https: Patrick Reames had no idea why Amazon. Reames is a credited author on Amazon by way of several commodity industry books, although none of them made anywhere near the amount Amazon is reporting to the Internal Revenue Service.
Nor does he have a personal account with Createspace. That word is in quotations because the publication appears to be little more than computer-generated text, almost like the gibberish one might find in a spam email. Amazon refuses to issue a corrected or provide me with any information I can use to determine where or how they were remitting the royalties.
But the fraudster evidently had, and that was apparently enough to convince Amazon that the imposter was him. Newtek Business Services Corp. NEWT], a Web services conglomerate that operates more thanbusiness Web sites and some 40, managed technology accounts, had several of its core domain names stolen over the weekend.
In reality, three of their core domains were hijacked by a Vietnamese hacker, who replaced the login page many Newtek customers used to remotely manage their Web sites webcontrolcenter[dot]com with a live Web chat service.
As a result, Newtek customers seeking answers to why their Web sites no longer resolved correctly ended up chatting with the hijacker instead. The PHP Web chat client that the intruder installed on Webcontrolcenter[dot]com, a domain that many Newtek customers used to manage their Web sites with the company.
It is imperative that you do not communicate or provide any sensitive data at these locations. Domain hijacking is not a new problem, but it can be potentially devastating to the victim organization. In control of a hijacked domain, a malicious attacker could seamlessly conduct phishing attacks to steal personal information, or use the domain to foist malicious software on visitors.
Newtek is not just a large Web hosting firm: It aims to be a one-stop shop for almost any online service a small business might need. Potentially more punishing, the flaw let anyone paying with bitcoin reap many times the authorized bitcoin refund amount on any canceled Overstock orders.
In JanuaryOverstock. As a result of the change, Coinbase customers with balances of bitcoin at the time of the fork were given an equal amount of bitcoin cash stored by Coinbase. However, there is a significant price difference between the two currencies: During the checkout process for those paying by bitcoin, Overstock.
The solar lights I purchased from Overstock. After indicating I wished to pay for the lamps in bitcoin, the site produced a payment invoice instructing me to send exactly 0.
The site responded that the payment was complete. Within a few seconds I received an email from Overstock congratulating me on my purchase and stating that the items would be shipped shortly. Crypto-currency alchemy at last! So I cancelled the order. To my surprise, the system refunded my purchase in bitcoin, not bitcoin cash! Consider the implications here: A dishonest customer could have used this bug to make ridiculous sums of bitcoin in a very short period of time.
Critics of unregulated virtual currencies like Bitcoin have long argued that the core utility of these payment systems lies in facilitating illicit commerce, such as buying drugs or stolen credit cards and identities. But recent spikes in the price of Bitcoin — and the fees associated with moving funds into and out of it — have conspired to make Bitcoin a less useful and desirable payment method for many crooks engaged in these activities.
This has made Bitcoin far less attractive for conducting small-dollar transactions for more on this shift, see this Dec. As a result, several major underground markets that traffic in stolen digital goods are now urging customers to deposit funds in alternative virtual currencies, such as Litecoin. Those who continue to pay for these commodities in Bitcoin not only face far higher fees, but also are held to higher minimum deposit amounts.
Past stories here have explored the myriad criminal uses of a hacked computerthe various ways that your inbox can be spliced and diced to help cybercrooks ply their trade, and the value of a hacked company.
Back then, most of the stolen credentials that a botmaster might have in his possession typically went unused or unsold aside from the occasional bank login that led to a juicy high-value account. Indeed, these plentiful commodities held by the botmaster for the most part were simply not a super profitable line of business and so went largely wasted, like bits of digital detritus left on the cutting room floor. But oh, how times have changed! With dozens of sites in the underground now competing to purchase and resell credentials for a variety of online locations, it has never been easier for a botmaster to earn a handsome living based solely on the sale of stolen usernames and passwords alone.
If the old adage about a picture being worth a thousand words is true, the one directly below is priceless because it illustrates just how profitable the credential resale business has become.
This screen shot shows the earnings panel of a crook who sells stolen credentials for hundreds of Web sites to a dark web service that resells them. This botmaster only gets paid when someone buys one of his credentials. Bear in mind that this botmaster only makes money based on consignment: The only reason a source of mine was able to share it with me was because this particular seller re-used the same email address and password across multiple unrelated cybercrime services].
The phantom firms often cluster around fake listings created in Google Maps — complete with numerous five-star reviews, pictures, phone numbers and Web site links. The problem is that calls to any of these phony companies are routed back to the same crooked SEO entity that created them. That marketer in turn sells the customer lead to one of several companies that have agreed in advance to buy such business leads.
As a result, many consumers think they are dealing with one company when they call, yet end up being serviced by a completely unrelated firm that may not have to worry about maintaining a reputation for quality and fair customer service. These services include but are not limited to locksmiths, windshield replacement services, garage door repair and replacement technicians, carpet cleaning and other services that consumers very often call for immediate service.
That became apparent after I spent just a few hours with Bryan Seelythe guy who literally wrote the definitive book on fake Internet reviews. Perhaps best known for a stunt in which he used fake Google Maps listings to intercept calls destined for the FBI and U. Secret ServiceSeely knows a thing or two about this industry: Untilhe worked for an SEO firm that helped to develop and spread some of the same fake online reviews that he is now helping to clean up.
Ron Hubbard regarding substance abuse treatment and addiction. The Wiki entry documents multiple cases of accidental deaths at Narconon facilities, where some addicts reportedly died from overdoses of vitamins or neglect:.
Seely said he learned that the drug rehab industry was overrun with SEO firms when he began researching rehab centers in Seattle for a family friend who was struggling with substance abuse and addiction issues. As documented in this Youtube videoSeely called the toll-free number in the Drug Rehab Seattle listing, and was transferred to a hotline that took down his name, number and insurance information and promised an immediate call back. Within minutes, Seely said, he received a call from a woman who said she represented a Seattle treatment center but was vague about the background of the organization itself.
A little digging showed that the treatment center was run by Narconon. Follow me on Twitter. Join me on Facebook. Krebs on Security In-depth security news and investigation. The payment invoice I received from Overstock. The Wiki entry documents multiple cases of accidental deaths at Narconon facilities, where some addicts reportedly died from overdoses of vitamins or neglect: Your email account may be worth far more than you imagine.