• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   fraud

Physical Theft Meets Cybercrime: The Illicit Business of Selling Stolen Apple Devices

  • Posted on:November 14, 2017 at 4:05 am
  • Posted in:Malware, Mobile, Social
  • Author:
    Trend Micro Forward-Looking Threat Research Team
0

Online scams and physical crimes are known to intersect. In an incident last May, we uncovered a modus operandi and the tools they can use to break open iCloud accounts to unlock stolen iPhones. Further research into their crossover revealed how deep it runs. There’s actually a sizeable global market for stolen mobile phones—and by extension, iCloud fraud. From Ireland and the U.K. to India, Argentina, and the U.S., the demand for unlocking services for stolen phones is staggering: last year, stolen iPhones were sold in Eastern European countries for as much as US$2,100. In the U.S. 23,000 iPhones from the Miami International Airport, valued at $6.7 million, were stolen last year.

The fraudsters’ attack chain is relatively straightforward. They spoof an email or SMS from Apple notifying victims that their device has been found. The eager victim, wanting their phone back, clicks on the link that will compromise their iCloud credentials, which is then reused to unlock the stolen device. The thieves will then subcontract third-party iCloud phishing services to unlock the devices. These Apple iCloud phishers run their business using a set of cybercriminal tools that include MagicApp, Applekit, and Find My iPhone (FMI.php) framework to automate iCloud unlocks in order to resell the device in underground and gray markets.

Read More
Tags: ApplefraudiCloud FraudiphonephishingPhysical CrimeTheft

Card “Verification” Now Offered “As a Service” by Brazilian Cybercriminals

  • Posted on:February 29, 2016 at 12:01 am
  • Posted in:Deep Web
  • Author:
    Trend Micro Forward-Looking Threat Research Team
0

We highlighted in our Brazil underground report how rampantĀ credit card fraud is in Latin America. One key step in this process is card verification – i.e., checking that the cards work. We’veĀ found a new service called CheckerCC that was meant to help make this easier.Ā This is the first time that this capability has been offered ā€œas a serviceā€ in Brazil, with access sold for a monthly R$100 fee (approximately US$25). The person behind this service is believed to be a teenager fromĀ SĆ£o Paulo, Brazil.

Read More
Tags: Brazilcard verificationcybercrimefraud

Change of Supplier Fraud: How Cybercriminals Earned Millions Using a $35 Malware

  • Posted on:June 25, 2015 at 1:51 am
  • Posted in:Malware, Targeted Attacks
  • Author:
    Lord Alfred Remorin (Senior Threat Researcher)
0

In our recent research, Piercing the HawkEye, we uncovered various ways cybercriminals were able to exploit information they gathered from monitoring victims’ mailboxes in order to steal money from businesses. One of the examples we shared, the “change of supplier” fraud, was one of the most notable, as this type of scheme has been known…

Read More
Tags: change of supplierfraudhawkeyeMalwarescams

Banker Summons You to Court

  • Posted on:July 24, 2008 at 1:19 pm
  • Posted in:Malware, Spam
  • Author:
    Carolyn Guevarra (Technical Communications)
0

For the longest time now, Brazilian banking Web sites have been one of the favorite targets of malware criminals for stealing sensitive banking information from users. These spyware Trojans are usually coupled with spam emails with various, and quite clever, social engineering techniques to trick users into divulging such data. From the latest headlines to…

Read More
Tags: Banco BrasilbankeCardfraudMinistry of JusticeNossa Caixaspyware

Security Predictions for 2020

  • Cybersecurity in 2020 will be viewed through many lenses — from differing attacker motivations and cybercriminal arsenal to technological developments and global threat intelligence — only so defenders can keep up with the broad range of threats.
    Read our security predictions for 2020.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

Sorry. No data so far.

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, ę—„ęœ¬, ėŒ€ķ•œėÆ¼źµ­, å°ē£
  • Latin America Region (LAR): Brasil, MĆ©xico
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Ɩsterreich / Schweiz, Italia, Š Š¾ŃŃŠøŃ, EspaƱa, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.