SIM swap scams are one of the most damaging and high-profile scams in the modern era. To be clear, SIM swap today may be also referred to as port-out scam, SIM splitting, simjacking and SIM swapping. This article aims to further explore this scam and the methods of prevention. Accordingly, the article is divided into […]
Phishing is one of the most prevalent social engineering scams in the internet era. This article attempts to present contemporary impact of phishing, it’s variations, some interesting trends ThreatMark discovered in 2020; and finally present a direction on how to prevent phishing scams. Accordingly, we’ll present this complex topic through following sections: Short Phishing Definition […]
In the last couple of days, we have noticed that the trend of abusing Google App Engine to host phishing sites had made its way into Europe. The attacker does not seem to be limited to any specific bank. We have detected and mitigated phishing sites targeting multiple banks in CEE. Based on our research […]
Recently we’ve seen an increase in all types of frauds that attempt to misuse the user information for malicious means. Previously we wrote about how hackers are using Coronavirus fears to steal money through phishing and malware-based attacks. Similarly, vishing attacks are on the rise and we’ve reported several vishing vectors in action. These are […]
From personal to business – trust is essential for any healthy and prosperous relationship. And losing it is detrimental. Similarly, safety is an inherent human need. Jeopardizing it is devastating. No one in the world likes to be disappointed, used, or feel unsafe. Simply, in all aspects of our lives, we shouldn’t gamble with trust […]
The Turkish banking regulator announced a new regulation with one audacious goal: to create a robust protection measure to prevent fraud in the online world with a strong accent on innovation in the area of unauthorized and fraudulent transactions. Similarities with PSD2 Legislation A new regulation published by Banking Regulation And Supervision Agency (BDDK) is […]
In the previous part of this article, we covered different banking malware families and the most common ways, how you might get infected by malware and what are the consequences.
Let’s look at the current financial malware trends and outlook for the future.
Another powerful weapon lays in the hands of fraudsters. A dangerous Android vulnerability dubbed StrandHogg allows a malicious application to pose as a legitimate one for malicious purposes. Unlike a legitimate application, however, the sole goal of the StrandHogg malware is to wreak havoc by stealing credentials, recording phone calls or stealing the personal data […]
Since 2017, the security community started to register a new type of attack emerging from standard overlays. In this attack vector, the malicious application utilizes old-fashioned clickjacking, to gain even more powerful permission – AccessibilityService API. This attack is still valid and widely used. This attack is nicknamed “Cloak & Dagger” and can be used […]
ThreatMark s.r.o. was supported by CzechInvest as part of the Start-up Support Project, Key Activities of CzechStarter, implemented from the Marketing Program, Priority Axis 2 „Development of Entrepreneurship and Competitiveness of Small and Medium-Sized Enterprises“ within the Operational Program Enterprise and Innovation for Competitiveness.