Hackers Send Mail as Google.com; Hackers Impersonate Banks on Android Phones; Fake PDF Converters Spreading Malware… and More!
Every day, we scan the tech world for interesting news, sometimes from outside the tech world. Every Thursday, we feature news articles that grabbed our attention over the past week. We hope you find this week’s ‘Thursday Newsbytes’ informative and interesting!
Beware, hackers can apparently now send phishing emails from “no-reply@google.com”
Researchers discover a rather elaborate scheme
Researchers have discovered a clever and elaborate phishing scheme that abused Google’s services to trick people into giving away their credentials for the platform.
Lead developer of the Ethereum Name Service, Nick Johnson, recently received an email that seemed to have come from no-reply@google.com. The email said that law enforcement subpoenaed Google for content found in his Google Account.
He said that the email looked legitimate, and that it was very difficult to spot that it’s actually fake. He believes less technical users might very easily fall for the trick.
DKIM signed
Apparently, the crooks would first create a Google account for me@domain. Then, they would create a Google OAuth app, and put the entire phishing message (about the fake subpoena) in the name field.
Then, they would grant themselves access to the email address in Google Workspace.
Google would then send a notification email to the me@domain account, but since the phishing message was in the name field, it would cover the entire screen.
Scrolling to the bottom of the email message would show clear signs that something was amiss…
Hackers are impersonating banks to infect your Android phone with credit card-stealing malware
Hackers love using malware to go after your credit card details but a new malware-as-a-service platform makes it incredibly easy for them to use these stolen cards in person at stores and even at ATMs.
As reported by BleepingComputer, SuperCard X is the platform in question and it’s currently being used to target the best Android phones via NFC relay attacks. With your credit card details in hand, the hackers behind this campaign then use them to make small transactions and withdrawals at ATMs to avoid having them flagged as fraudulent.
Discovered by the mobile security firm Cleafy, SuperCard X bears a lot of similarities to the NGate malware I covered last summer. It too uses contactless cards to commit fraud by taking over a vulnerable device’s NFC capabilities….
Cybercriminals are using fake PDF converters to install powerful malware on victims’ systems, experts have warned.
Research from CloudSEK found attackers are cloning popular file conversion websites like pdfcandy.com – replicating its logo and brand elements – in order to trick users into downloading malicious software.
CloudSEK says these fake sites look almost identical to the real ones. When someone tries to convert a file, the page shows a fake loading screen and then prompts for a CAPTCHA verification. Instead of just confirming the user is human, this step leads to an instruction to run a PowerShell command. Following the command downloads a zip file containing malware known as ArechClient2, part of the SectopRAT family of information stealers.
Collecting personal data, and worse
The malware uses a number of hidden methods to infect the system. It spawns normal Windows processes to hide its activity and begins collecting browser passwords, crypto wallet information, and other sensitive data. Once the malware is active, it can quietly send stolen information back to the attackers, CloudSEK reports.
The FBI has already warned that online file converters are becoming a popular way for criminals to spread their malware…
Microsoft is trying to convince Windows 10 users that TPM 2.0 is worth the upgrade
Despite Windows 10 losing support in October of this year, it’s still the most popular version of Microsoft’s operating system. Granted, the gap between the user bases of Windows 10 and Windows 11 is rapidly narrowing, with Statcounter claiming that 54.2% of Windows machines use Windows 10, compared to 42.69% for Windows 11; however, it’s still large enough to be worth analyzing.
So, why do you think Windows 10 still holds onto its crown as the most used operating system in the Microsoft sphere? In my opinion, it’s Windows 11’s TPM 2.0 requirement that prevents people from making the upgrade. It seems Microsoft agrees, as the company has posted a lengthy discussion highlighting all the benefits TPM 2.0 can bring.
As spotted by Neowin, Microsoft has recently posted a blog post covering TPM and its benefits. It’s seemingly aimed at trying to convince people to make the jump and upgrade their CPU to a TPM 2.0-compatible model, which is likely a huge roadblock preventing people from making the move over to Windows 11.
Here’s how Microsoft explains TPM 2.0’s role in Windows 11…
It’s not every day a stranger insists on handing you a $20 bill you didn’t drop. But for Sarah — whose last name has been withheld, as reported by Fox LA — that’s exactly what happened on an ordinary Wednesday afternoon at a Ralphs grocery store in Van Nuys.
“He came much closer to me and was kind of pushing the $20 into my wallet,” Sarah recalled. “I said, ‘No, I don’t think I did.’”
At first, it could have been a strange but harmless mix-up. That is, until Sarah noticed the man was suddenly joined by a woman — both of them following her to her car, pressing the cash on her with unsettling persistence. What felt like an awkward moment quickly turned into a coordinated scam. When Sarah checked her wallet, her cash was intact, but her debit card was gone.
Within 30 minutes, the thieves had made multiple withdrawals from Sarah and her daughter, Jennifer’s bank account from a Chase branch.
Unfortunately, Sarah and Jennifer aren’t alone. Distraction scams have been popping up across the country. Here’s how to spot the red flags.
Be on the lookout
Distraction scams don’t come with flashing red lights, they come with kindness and confusion. These types of scams are built on flustering you just enough to make you vulnerable. This involves a stranger creating a diversion — like insisting you dropped a $20 bill — while an accomplice steals something like your wallet or debit card…
Thanks for reading this week’s Thursday Newbytes. We hope these articles were informative, interesting, fun, and helpful.
