Category Archives: Scams

Why phishing education has never been more critical to your business

Our cyber defenses are becoming stronger and stronger every year. Even the smallest companies can now deploy advanced anti-malware and intrusion detections tools that were, until recently, only within the reach of larger enterprises. Today, sandboxed behavior detection and machine-learning/artificial intelligence powered security services make it easy for organizations of any size to crack down on even the most sophisticated malware. Users are still the weakest link But as our network perimeter and endpoint security … More

The post Why phishing education has never been more critical to your business appeared first on Help Net Security.

Phishing targeting SaaS and webmail services increased to 36% of all phishing attacks

Users of Software-as-a-Service (SaaS) and webmail services are being targeted with increasing frequency, according to the APWG Q1 2019 Phishing Activity Trends Report. The category became the biggest target in Q1, accounting for 36 percent of all phishing attacks, for the first time eclipsing the payment-services category which suffered 27 percent of attacks recorded in the quarter. Online SaaS applications have become fundamental business tools, since they are convenient to use and cost-effective. SaaS services … More

The post Phishing targeting SaaS and webmail services increased to 36% of all phishing attacks appeared first on Help Net Security.

Amazon Is Losing the War on Fraudulent Sellers

Excellent article on fraudulent seller tactics on Amazon.

The most prominent black hat companies for US Amazon sellers offer ways to manipulate Amazon's ranking system to promote products, protect accounts from disciplinary actions, and crush competitors. Sometimes, these black hat companies bribe corporate Amazon employees to leak information from the company's wiki pages and business reports, which they then resell to marketplace sellers for steep prices. One black hat company charges as much as $10,000 a month to help Amazon sellers appear at the top of product search results. Other tactics to promote sellers' products include removing negative reviews from product pages and exploiting technical loopholes on Amazon's site to lift products' overall sales rankings.

[...]

AmzPandora's services ranged from small tasks to more ambitious strategies to rank a product higher using Amazon's algorithm. While it was online, it offered to ping internal contacts at Amazon for $500 to get information about why a seller's account had been suspended, as well as advice on how to appeal the suspension. For $300, the company promised to remove an unspecified number of negative reviews on a listing within three to seven days, which would help increase the overall star rating for a product. For $1.50, the company offered a service to fool the algorithm into believing a product had been added to a shopper's cart or wish list by writing a super URL. And for $1,200, an Amazon seller could purchase a "frequently bought together" spot on another marketplace product's page that would appear for two weeks, which AmzPandora promised would lead to a 10% increase in sales.

This was a good article on this from last year. (My blog post.)

Amazon has a real problem here, primarily because trust in the system is paramount to Amazon's success. As much as they need to crack down on fraudulent sellers, they really want articles like these to not be written.

Slashdot thread. Boing Boing post.