ESET researchers discovered a new Android Trojan using a novel Accessibility-abusing technique that targets the official PayPal app, and is capable of bypassing PayPal’s two-factor authentication. There is a new Trojan preying on Android users, and it has some nasty tricks up its sleeve. First detected by ESET in November 2018, the malware combines the … More Android Trojan steals money from PayPal accounts even with 2FA on
The suspect is believed to have carried out the scam on no fewer than six executives in the Bay Area, albeit ultimately with varying success. A 21-year-old man from New York is facing charges over the alleged theft of $1 million from a Silicon Valley executive after taking control of his phone number in a … More New Yorker accused of stealing $1m from Silicon Valley executive via SIM swap
The move is part of a three-pronged plan that is intended to bolster user trust and safety on the photo-sharing platform. Instagram has announced that its users will soon be able to secure their accounts with third-party authentication apps. Prior to the announcement of this much-anticipated change, the photo-sharing platform supported only SMS-based two-factor authentication (2FA). Text … More Instagram expands 2FA and account verification
The company has learned the hard way that there are better ways to deliver two-factor authentication than via text messages. Reddit has announced that a hacker has broken into some of its systems and accessed some user data, including an old database backup copy containing user credentials, email addresses, and messages. Additionally, the breach affected … More Reddit reveals breach as attacker circumvents staff’s 2FA
Not unlike the Irish Revenue scams, that we’ve covered extensively, UK’s Her Majesty’s Revenue & Customs (HMRC) is “consistently the most abused government brand”, according to the National Cyber Security Centre (NCSC). The United Kingdom’s tax collection authority, Her Majesty’s Revenue & Customs (HMRC), initiated the removal of as many as 20,750 websites masquerading as the … More Britain’s tax authority reports takedown of record 20,000 fake sites
The scam circulated through WhatsApp aimed at users in Brazil claiming that Nike will give away the jersey that the team will wear at FIFA World Cup Russia 2018. With ten days to go before the FIFA World Cup begins in Russia, cybercriminals are trying to take advantage of the event by tricking people into providing personal … More False contest to win jersey of the Brazilian team found on WhatsApp
From time to time, our readers raise questions or issues related to topics that concern, or simply interest them. One such issue was brought up recently by a Twitter user, who asked us: “Do you have any posts discussing the risk to banks when people use their cell phone inside them, ignoring the security guards?” … More What are the risks of allowing people to use their smartphone at the bank?