Internet Security Week – Issue 128

In the 128th edition of Internet Security Week , the rise of Vishing scams, malware-free cyberattacks, the fake invoice scam, and more.

News

Vishing | Growth in scams puts Interpol on alert

Voice phishing scams (voice phishing or vishing) are becoming an increasingly serious threat worldwide, even raising concerns at Interpol. Even though the agency has stepped up its crackdown on this type of criminal strategy, the risk of falling victim to vishing has reached unprecedented levels.

By Kaique Lima on Canaltech

Cyberattacks without malware?

Recently, news emerged about the activities of the Luna Moth group, which specializes in corporate data theft and blackmail. The big difference with Luna Moth is that they obtain information without using malware.

By Anastasia Starikova in Kaspersky Daily

Fake invoice: criminals impersonate an operator to spread the Grandoreiro Trojan

Although this new campaign is even more complex because it distributes malware and not just sends a fake invoice for victims to pay, it is possible to recognize a series of signs that clearly indicate this is a scam.

By Daniel Cunha Barbosa in We Live Security

Spanish research agency still recovering after ransomware attack last month

Spain's National Research Council (CSIC) was hit last month by a ransomware attack that is now attributed to Russian hackers.

By Ionut Ilascu in Bleeping Computer

TSE launches action against hackers after report warns of attacks on the eve of elections

Alerted by a technical group dedicated to information security, the Superior Electoral Court (TSE) is working on the possibility of a hacker attack on the eve of the October elections. Given the global scenario of "increasing threats," the Electoral Court has been implementing measures to protect the electoral system in Brasília and in regional courts.

By Vinícius Valfré in UOL

Criminals use malicious PDFs to spread malware; learn how to protect yourself

Lightweight and secure, PDF is a popular file format, used to upload everything from resumes submitted by job seekers to electricity bills for those who opted to receive them via email. However, the reliance on this format has been exploited by cybercriminals to spread malware.

By Kaique Lima on Canaltech

A half-billion-dollar crypto-theft

We often write about scams that promise mountains of gold, when in reality the opposite happens, and victims end up with empty pockets. Similarly, cybercriminals can get their hands on the money of entire companies by exploiting the greed and negligence of their employees.

By Leonid Grustniy in Kaspersky Daily

Criminals attack delivery apps to steal credit card data in the US

Criminals stole credit card data from more than 300 restaurants in targeted attacks on three food delivery apps.

By Juan Manuel Harán in We Live Security

Wolf in Sheep's Clothing: How Malware Fools Users and Antiviruses

One of the main methods malware distributors use to infect devices is to trick people into downloading and running malicious files, and malware authors use a variety of tricks to achieve this.

By Bill Toulas at Bleeping Computer