Investment scams and AI – a match made in heaven? Online investment scams are a big money spinner for criminals, accounting for $4.6B of losses in the US. With the explosion of interest in artificial intelligence (AI) following the release of OpenAI’s ChatGPT in late 2022, it was perhaps inevitable that criminals would look… Read More »
Advance fee fraud campaigns are using generative AI in both text and video to speed up responses, evade filters, and make scams more convincing. Large Language Models and other forms of Generative AI (GenAI) promise to make many people more productive, and cybercriminals are no exception. Fraudsters are using GenAI to enhance all kinds of… Read More »
Chinese-language Phishing-as-a-Service platform ‘darcula’ targets organizations in 100+ countries with sophisticated techniques using more than 20,000 phishing domains ‘darcula’ [sic] is a new, sophisticated Phishing-as-a-Service (PhaaS) platform used on more than 20,000 phishing domains that provide cyber criminals with easy access to branded phishing campaigns. Rather than the more typical PHP, the platform uses many… Read More »
In the March 2024 survey we received responses from 1,090,117,902 sites across 271,804,260 domains and 12,627,575 web-facing computers. This reflects an increase of 3.2 million sites, 662,534 domains, and 138,322 web-facing computers. OpenResty experienced the largest gain of 3.0 million sites (+2.87%) this month, and now accounts for 9.73% (+0.24pp) of sites seen by Netcraft.… Read More »
A staggering 12.6 million domains on TLDs controlled by Freenom (.tk, .cf and .gq) have been shut down and no longer resolve, leading to a significant reduction in the number of websites hosted by Cloudflare. The disappearance of these websites was spotted during our monthly Web Server Survey and represents a 98.7% drop from the… Read More »
Online investment scams are a global, growing, and uniquely pernicious threat. In newly released data, the Federal Trade Commission attributed more than $4.6 billion of US fraud losses in 2023 to investment scams, more than any other fraud category, and a 21% increase in 2022. The FBI’s 2023 Internet Crime Report notes that investment scams… Read More »
Ahead of the EU’s Digital Market Act forcing Apple’s hand to permit alternative app download options, is the amount of malware in the existing grey-market for sideloading iPhone apps a portent for things to come? Or has Apple’s approach, despite its controversy, hit the right balance to keep iPhone users secure? On 7th March, the… Read More »
In the February 2024 survey we received responses from 1,086,916,398 sites across 271,141,726 domains and 12,489,253 web-facing computers. This reflects an increase of 7.8 million sites, 694,270 domains, and 151,543 web-facing computers. OpenResty made the largest gain of 4.7 million sites (+4.79%) this month. It now accounts for 9.49% (+0.37pp) of sites seen by Netcraft.… Read More »
Netcraft has recently observed that criminals abused SendGrid’s services to launch a phishing campaign impersonating SendGrid itself. The well-known provider, now owned by Twillio, makes sending emails at scale simple and flexible. In addition to scale, the promise of high deliverability and feature-rich tools make Sendgrid a sought-after service for legitimate businesses and a likely… Read More »
Criminals can now deploy phishing sites on any type of web server, even when commonly used server-side technologies such as PHP are not supported. Phishing kits are predominantly implemented in PHP, as this provides the server-side functionality required to store and transmit stolen credentials without publicly revealing where they are being sent. PHP is a… Read More »