Ok, this is a thing for anyone still on the xtwitter.

“Ads featuring fake CBC articles have inundated the social media platform X in recent weeks. The ads are designed to lure Canadians into a sophisticated scam that uses Russian internet infrastructure, CBC News has found. 

CBC News' visual investigations unit has investigated both the internet infrastructure behind the ads — leading from a Barrie, Ont., provider, to the Netherlands, to Russia — as well as the spoofed accounts from local businesses sharing the ads.”

https://www.cbc.ca/news/canada/cbc-ads-fake-investment-scheme-1.7439812

#disinformation #CBC #Fraud #Fakes #Advertising #Spoofed

Are You Being '#Spoofed'? This Specific Type Of #Scam Is Hard To Catch.

https://www.huffpost.com/entry/spoofing-scam-url-emails_l_66cc97e8e4b09c9ffeaf1006

In the years since, many #DNS attacks have been created.

One example is DNS cache poisoning, where the attacker exploits flaws of DNS resolvers & make them cache incorrect IP addresses, causing clients to connect to #malicious hosts.

This reveals one vulnerability of DNS: it is unauthenticated.

Traditional DNS clients today have no way to validate answers, so they can easily be #spoofed.

#NetworkSecurity

@Edent This response by #Barclays does almost nothing to help #security, in fact it's a free "suckers list" for scammers to use as #spoofed caller ID

The simplest message to customers is to use ONE reception number, and repeat it in every text, popup, webpage, and ask customers to protect themselves by adding it to their contacts and ALWAYS presume you are talking to a criminal unless you called that number

There is no other practical advice that works

Todays #suspect #domain is from 19 april 2024, an email that is spoofing #amazon #prime #amazonPrime

As of today, it still has no detection - and is still live:
https://app.checkphish.ai/public/insights/1713806776250/7f0f2f2d384e0da22037a74ba6633adfcd31cc8d172a636851333348d96ffeb8
https://urlscan.io/result/6907e24d-1bc3-46b6-ab68-073343e0bec3/
https://urlquery.net/report/18423af4-1c07-4f61-9d26-9ab52b12f8c3
https://pulsedive.com/indicator/?ioc=aHR0cHM6Ly9kb2NzLmdvb2dsZS5jb20vZHJhd2luZ3MvZC8xTTJfdDNvaElIaUs2NHNySFBKdUdRdkpjRmYzcVo0Vzd0QzFQT0Y5X1Vady9wcmV2aWV3&active=1
https://www.virustotal.com/gui/url/7f0f2f2d384e0da22037a74ba6633adfcd31cc8d172a636851333348d96ffeb8/detection

#malicious #url #spoof #spoofed #spammers #scammers #malicious #suspectfiles
#malware #triage
#spam #infosec #infomantionSecurity #virustotal #urlquery #checkphish #pulsedive
#phishing #phish #IOC #_ioc

Author of spoof story shared by Greg Abbott calls him one of ‘dumbest people in the country’

https://www.theguardian.com/us-news/2023/jul/17/greg-abbott-spoof-story-garth-brooks-author-dumb?CMP=Share_iOSApp_Other #GregAbbott #spoofed

#infosec

#Hackers often use this clever trick to take you to #phishing sites — can you spot it?

These #spoofed URLs look quite similar to legitimate ones at first glance.

Which one of these is real?

• www.citibank.com
• www.citibɑnk.com

How to stay safe from spoofed URLs: https://www.tomsguide.com/news/hackers-often-use-this-clever-trick-to-take-you-to-phishing-sites-can-you-spot-it

In the short time I've been in the #Mastodon #Fediverse so far, I've talked a lot about how #DMARC can help prevent #spoofed #emails from being delivered to their targets, in light of a wave of Mastodon-themed phishing. That made me wonder, "How many Mastodon instances have a DMARC record on their domain? How many of those are set up to properly?" For their own security Users should join servers with an enforced DMARC policy, and instance admins should enforce DMARC on their domains to protect users and attract a security conscious userbase.

I wrote a script that queries instances.social for the 1000 top Mastodon instances based on the number of active users, feeds that list to #checkdmarc to query for, parse, and validate DMARC #DNS records. Here are the results.

https://github.com/seanthegeek/mastodon-dmarc-survey

As of earlier today, 148 instances with a combined 295, 975 active users had an enforced DMARC policy (p=quarantine or p=reject). 113 instances with a combined 168,965 active users have deployed a monitor only policy, 3 instances with a combined 577 active users have an invalid DMARC record, and 113 instances with a combined 486,972 active users don't have any DMARC record.

As I looked through the list of instances, I noticed that infosec.exchange is now the 7th largest Mastodon instance on the public internet, with 18,328 active users (and counting. Thanks @jerry!

#Infosec #InformationSecuriy #phish #phishing #spoofing #adminsofmastodon #OpenSource #OpenSourceSoftware #FLOSS #Python #CLI #API