Justice Department indicts 80 individuals in a massive business email scam bust – gpgmail


The Justice Department have indicted dozens of individuals accused of their involvement in a massive business email scam and money laundering scheme.

Thom Mrozek, a spokesperson for the U.S. Attorneys Office for the Central District of California, confirmed more than a dozen individuals had been arrested during raids on Thursday — mostly in the Los Angeles area. A total of 80 defendants are allegedly involved in the scheme.

News of the early-morning raids were first reported by ABC7 in Los Angeles.

The 145-page indictment, unsealed Thursday, said the 80 named individuals are charged with conspiracy to commit mail and bank fraud, as well as aggravated identity theft and money laundering.

Most of the individuals alleged to be involved in the scheme are based in Nigeria, said the spokesperson.

But it’s not immediately known if the Nigerian nationals will be extradited to the U.S., however a treaty exists between the two nations making extraditions possible.

U.S. Attorney Nicola Hanna said the case was part of an ongoing effort to protect citizens and businesses from email scams.

“Today, we have taken a major step to disrupt criminal networks that use [business email scam] schemes, romance scams and other frauds to fleece victims,” he said. “This indictment sends a message that we will identify perpetrators — no matter where they reside — and we will cut off the flow of ill-gotten gains.”

These business email compromise scams rely partly on deception and in some cases hacking. Scammers send specially crafted spearphishing emails to their targets in order to trick them into turning over sensitive information about the company, such as sending employee W-2 tax documents so scammers can generate fraudulent refunds, or tricking an employee into making wire transfers to bank accounts controlled by the scammers. More often than not, the scammers use spoofing techniques to impersonate a senior executive over email to trick the unsuspecting victim, or hack into the email account of the person they are impersonating.

The FBI says these impersonation attacks have cost consumers and businesses more than $3 billion since 2015.

Valentine Iro, 31, and Chukwudi Christogunus Igbokwe, 38, both Nigerian nationals and residents of California, are accused of running the operation, said prosecutors.

The alleged fraudsters are accused of carrying out several hundred “overt” acts of fraud against over a dozen victims, generating millions of dollars worth of fraud over several months. In some cases the fraudsters would hack into the email accounts of the person they were trying to impersonate to try to trick a victim into wiring money from a business into the fraudster’s bank account.

Iro and Igbokwe were “essentially brokers” of fraudulent bank accounts, prosecutors allege, by fielding requests for bank account information and laundering the money obtained from victims. The two lead defendants are accused of taking a cut of the stolen money. They then allegedly used illicit money exchanges to launder the money.

Several bank accounts run by the fraudsters contained over $40 million in stolen funds.

The FBI said the agency has seem a large increase in the number of business email scams in the past year targeting small and large businesses, as well as non-profits.


10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something

StockX admits ‘suspicious activity’ led to resetting passwords without warning – gpgmail


StockX, a popular site for buying and selling sneakers and other apparel, has admitted it reset customer passwords after it was “alerted to suspicious activity” on its site, despite telling users it was a result of “system updates.”

“We recently completed system updates on the StockX platform,” said the email to customers sent to gpgmail on Thursday. The email provided a link to a password reset page but said nothing more.

The company was only last month valued at over $1 billion after a $110 million fundraise.

Companies reset passwords all the time for various reasons. Some security teams obtain lists of previously breached passwords that make their way online, scramble them in the same format that the company stores passwords, and find matches. By triggering the reset, it prevents passwords stolen from other sites from being used against one of a company’s own customers. In less than desirable circumstances, passwords are reset following a data breach.

But the company admitted it was not “system updates” as it had told its customers.

“StockX was recently alerted to suspicious activity potentially involving our platform,” said StockX spokesperson Katy Cockrel. “Out of an abundance of caution, we implemented a security update and proactively asked our community to update their account passwords.”

“We are continuing to investigate,” said the spokesperson.

The password reset email sent by StockX on Thursday. (Image: supplied)

We asked several follow-up questions — including who alerted StockX to the suspicious activity, if any customer data was compromised, and why it misrepresented the reason for the password reset. We’ll have more when we know it.

Throughout the day customers were tweeting screenshots of the email, worried that their accounts had been compromised. Others questioned whether the email was genuine or if it was part of a phishing attack.

“Did they get hacked, find out somehow, and then to cover it up send out that email and ask for a password change?” one of the affected customers told gpgmail.

Customers were given no prior warning of the password reset.

StockX founder Josh Luber kept with the company’s line, telling a customer in a tweet that the password reset was “legit” but did not respond to users asking why.

StockX tweeted back to several customers with a boilerplate response: “The password reset email you received is legitimate and came from our team,” and to contact the support email with any questions. We did just that — from our gpgmail email address — and heard nothing back hours later.

Security experts expressed doubt that a company would reset passwords over a “systems update” as StockX had claimed.

Security researcher John Wethington said it is “rare” to see security overhauls that require password resets. “You wouldn’t just send out a random email about it,” he said. Jake Williams, founder of Rendition Infosec, said it was “bad communication” in any case.

Several took to Twitter to criticize StockX for its handling of the password reset.

One customer called the email “fishy,” another called it “suspicious,” and another called on the company to explain why they had to reset passwords in this unorthodox way. Another said in a tweet that he asked StockX twice but “refused to provide an answer.”

“Guess I’m closing my account,” he said.

Read more:
Slack resets user passwords after 2015 data breach
Capital One breach also hit other major companies, say researchers
An exposed password let a hacker access internal Comodo files
Security lapse exposed weak points on Honda’s internal network
Cryptocurrency loan site YouHodler exposed unencrypted user credit cards and transactions




10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something

Google’s Titan security keys come to Japan, Canada, France and the UK – gpgmail


Google today announced that its Titan Security Key kits are now available in Canada, France, Japan and the UK. Until now, these keys, which come in a kit with a Bluetooth key and a standard USB-A dongle, were only available in the U.S.

The keys provide an extra layer of security on top of your regular login credentials. They provide a second authentication factor to keep your account safe and replace more low-tech two-factor authentication systems like authentication apps or SMS messages. When you use those methods, you still have to type the code into a form, after all. That’s all good and well until you end up on a well-designed phishing page. Then, somebody could easily intercept your code and quickly reuse it to breach your account — and getting a second factor over SMS isn’t exactly a great idea to begin with, but that’s a different story.

Authentication keys use a number of cryptographic techniques to ensure that you are on a legitimate site and aren’t being phished. All of this, of course, only works on sites that support hardware security keys, though that number continues to grow.

The launch of Google’s Titan keys came as a bit of a surprise, given that Google had long had a good relationship with Yubico and previously provided all of its employees with that company’s keys. The original batch of keys also featured a security bug in the Bluetooth key. That bug was hard to exploit, but nonetheless, Google offered free replacements to all Titan Key owners.

In the U.S., the Titan Key kit sells for $50. In Canada, it’ll go for $65 CAD. In France, it’ll be €55, while in the UK it’ll retail for £50 and in Japan for ¥6,000. Free delivery is included.

 


10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something

Bellingcat journalists targeted by failed phishing attempt – gpgmail


Investigative news site Bellingcat has confirmed several of its staff were targeted by an attempted phishing attack on their ProtonMail accounts, which the journalists and the email provider say failed.

“Yet again, Bellingcat finds itself targeted by cyber attacks, almost certainly linked to our work on Russia,” wrote Eliot Higgins, founder of the investigative news site in a tweet. “I guess one way to measure our impact is how frequently agents of the Russian Federation try to attack it, be it their hackers, trolls, or media.”

News emerged that a small number of ProtonMail email accounts were targeted this week — several of which belonged to Bellingcat’s researchers who work on projects related to activities by the Russian government. A phishing email purportedly from ProtonMail itself asked users to change their email account passwords or generate new encryption keys through a similarly-named domain set up by the attackers. Records show the fake site was registered anonymously, according to an analysis by security researchers.

In a statement, ProtonMail said the phishing attacks “did not succeed” and denied that its systems or user accounts had been hacked or compromised.

“The most practical way to obtain email data from a ProtonMail user’s inbox is by compromising the user, as opposed to trying to compromise the service itself,” said ProtonMail’s chief executive Andy Yen. “For this reason, the attackers opted for a phishing campaign that targeted the journalists directly.”

Yen said the attackers tried to exploit an unpatched flaw in third-party software used by ProtonMail, which has yet to be fixed or disclosed by the software maker.

“This vulnerability, however, is not widely known and indicates a higher level of sophistication on the part of the attackers,” said Yen.

It’s not known conclusively who was behind the attack. However, both Bellingcat and ProtonMail said they believe certain tactics and indicators of the attack may point to hackers associated with the Russian government. For instance, the attack’s targets were Bellingcat’s researchers working on the ongoing investigation into the downing of flight MH17 by Russian forces and the use of a nerve agent in a targeted killing in the U.K.

Higgins said in a tweet that this week’s attempted attack likely targeted “in the tens” of people unlike earlier attacks attributed to the Russian government-backed hacker group, known as APT 28 or Fancy Bear.

Bellingcat in the past year has gained critical acclaim for its investigations into the Russian government, uncovering the names of the alleged Russian operatives behind the suspected missile attack that blew up Malaysian airliner MH17 in 2014. The research team also discovered the names of the Russian operatives who were since accused of poisoning former Russian intelligence agent Sergei Skripal and his daughter Yulia in a nerve agent attack in Salisbury, U.K. in 2018.

The researchers use open-source intelligence and information gathering where police, law enforcement and intelligence agencies often fail.

It’s not the first time that hackers have targeted Bellingcat. Its researchers were targeted several times in 2016 and 2017 following the breach on the Democratic National Committee which saw thousands of internal emails stolen and published online.

A phone call to the Russian consulate in New York requesting comment was not returned.




10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something