Clik here to view.
Business Email Compromise (#BEC) Email Forwarding In Action
DarkTower President Robin Pugh was chatting with a friend who is the VP of Operations for her family business. She mentioned as an aside that their email had been hacked, and of course, Robin’s...
View ArticleClik here to view.
'Tis the Season for SCAMS!
A recent project that DarkTower worked on was related to fraudulent marketplaces offering too-good-to-be-true deals on electronics. DarkTower's CEO Robin Pugh took those lessons and applied them to a...
View ArticleClik here to view.
Facebook's Transparency Report: (Expert) Supervised Machine Learning Works!
Last summer the BBC technology program "Click" came to visit the lab for a special called "Can Technology Solve the Opioid Crisis?" One of the points we stressed with @NickKwek was that when we report...
View ArticleClik here to view.
Air Peace CEO charged with millions in money laundering re-buying planes he...
The Department of Justice announced last week that they were indicting the CEO of Air Peace for bank fraud and money laundering. I had some difficulty finding the indictments for this case on PACER....
View ArticleClik here to view.
Backdoored Phishing Kits are still popular
What did you do for the holidays? If you're a cybercrime geek you probably took advantage of some of the extra time on your hands to investigate some new phishing sites, right?Jone Fredrick is the...
View ArticleIranian APT Group Overview
Today the Birmingham InfraGard Chapter and the Alabama ISSA held a joint meeting featuring a presentation from the Cybersecurity & Infrastructure Security Administration, part of DHS that was...
View ArticleClik here to view.
How does a government censor the Internet? A rare peek from Jammu and Kashmir
From time to time we hear that a totalitarian government has locked down Internet access for a part or all of their country. Normally, that is about all we hear about the situation. In the case of...
View ArticleClik here to view.
The Guardian helpfully provides Privacy Policies for the 577 Companies with...
(May I start by saying that this article isn't really about The Guardian. The fact that I am using them as an example is because I find them to be a wonderfully informative newspaper. A similar...
View ArticleClik here to view.
IC3.gov 2019 Internet Crime Report: Its All About that BEC
For years I have been encouraging people to report their instances of Cybercrime to the FBI's Internet Crime & Complaint Center, IC3.gov. Based on the number of reports, people are finally doing...
View ArticleClik here to view.
What sites is Trickbot targeting?
Its been a while since we decoded Trickbot configs to see what banks and organizations were being actively targeted. While recently most of the news about Trickbot has been how it drops the Ryuk...
View ArticleClik here to view.
CAUCE Spamfighters Rally Against Corona Health Fraud Affiliate programs
My email box is full of Coronavirus / COVID-19 frauds and scams. I have Corona malware disguised as product catalogs. I have fake World Health Organization emails asking me to donate my Bitcoin to...
View ArticleClik here to view.
Following Putin Order, FSB Cracks Down on Russian Credit Card Marketplaces
Earlier this week I was chatting with one of the top experts on Russian Cybercrime (who has asked to remain anonymous here). We were discussing the news that was released on 24MAR2020 that the FSB had...
View ArticleCovid-19 / CoronaVirus Domains: a looming threat?
I mentioned previously that CAUCE is watching for spammers who want to commit fraud or make a quick buck pumping out spam for fake products. (See:  CAUCE Spamfighters Rally Against Corona Health Fraud...
View ArticleClik here to view.
Map It. Zap It. Covid-19 and Rural America #GoodCovidDomains
This post may seem off-topic for my regular cybercrime and cyber security readers, but these are unusual times. Regular readers know that part of what my team at the UAB Computer Forensics Research Lab...
View ArticleClik here to view.
SEC Suspends CoronaVirus Stock Pump-n-Dump Scammers
Last month we shared information on the blog about spam-driven affiliate programs who were selling a variety of shady "anti-Coronavirus" products, including immunity oils, masks, disinfectants, and...
View ArticleClik here to view.
Scam Everything - Opioids, NetFlix, Phish, Covid Charities, and Government...
There's a famous line in the movie Jerry McGuire where Tom Cruise's character says "Show me the Money!"Â In online investigations, I prefer the line "Show me the Data!" This morning I was doing just...
View ArticleClik here to view.
More Covid Charity Scammers (hosted by Shinjiru Technologies AS45839)
Last week we shared information about a particularly interesting cluster of scams that focus on their shared use of a set of nameservers where all of the related content seems to be criminal in nature....
View ArticleClik here to view.
College Students Beware
by Robin PughPresident, DarkTowerFraudsters are always quick to leverage a crisis for the purposes of cybercrime, and COVID19 has created a new target demographic of 14 million college students.  As...
View ArticleClik here to view.
Nigerian Scam Spree stopped by Alert Bank Employees
" If you watch criminal press releases you may be noticing the same trend we are -- career criminals are getting busted when they mess with COVID-19 Fraud. Consider the case of Nosayamen Iyalekhue and...
View ArticleClik here to view.
Hushpuppi and Mr.Woodbery, BEC scammers: Welcome to Chicago!
There are quite a few West African scammers who try to explain away their wealth by claiming they are a "bitcoin entrepreneur" or "real estate investor" when in fact they conduct Business Email...
View Article