If you’ve ever owned a domain name, the chances are good that at some point you’ve received a snail mail letter which appears to be a bill for a domain or website-related services. In reality, these misleading missives try to trick people into paying for useless services they never ordered, don’t need, and probably will never receive. Here’s a look at the most recent incarnation of this scam — DomainNetworks — and some clues about who may be behind it.
Back in April 2015, I tweeted about receiving a letter via snail mail suggesting the search engine rankings for a domain registered in my name would suffer if I didn’t pay a bill for some kind of dubious-looking service I’d never heard of. But it wasn’t until the past week that it become clear how many organizations — including towns, cities and political campaigns — actually have fallen for this brazen scam.
For the second time since Aug. 2013, online retailer NoMoreRack.com has hired a computer forensics team after being notified by Discover about a potential breach of customer card data, KrebsOnSecurity has learned.
Nearly every time I write about a small to mid-sized business that has lost hundreds of thousands of dollars after falling victim to a malicious software attack, readers ask how the perpetrators broke through the victim organization’s defenses, and which type of malware paved the way. Normally, victim companies don’t know or disclose that information, so to get a better idea, I’ve put together a rough profile of the top daily email-based malware attacks over the past month.