#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

call spoofing | Breaking Cybersecurity News | The Hacker News

U.K. Fraudster Behind iSpoof Scam Receives 13-Year Jail Term for Cyber Crimes

U.K. Fraudster Behind iSpoof Scam Receives 13-Year Jail Term for Cyber Crimes

May 22, 2023 Cyber Crime / Hacking
A U.K. national responsible for his role as the administrator of the now-defunct  iSpoof  online phone number spoofing service has been sentenced to 13 years and 4 months in prison. Tejay Fletcher, 35, of Western Gateway, London, was awarded the sentence on May 18, 2023. He  pleaded guilty  last month to a number of cyber offenses, including facilitating fraud and possessing and transferring criminal property. iSpoof , which was available as a paid service, allowed fraudsters to mask their phone numbers and masquerade as representatives from banks, tax offices, and other official bodies to defraud victims. The help desk scam purported to warn targets of suspicious activity on their accounts and tricked them into disclosing sensitive financial information or transferring money to accounts under the threat actor's control. According to the U.K. Metropolitan Police, the criminals assumed false identities as representatives of various banks such as Barclays, Santander, HSBC, Lloy
U.K. Police Arrest 142 in Global Crackdown on 'iSpoof' Phone Spoofing Service

U.K. Police Arrest 142 in Global Crackdown on 'iSpoof' Phone Spoofing Service

Nov 25, 2022
A coordinated law enforcement effort has dismantled an online phone number spoofing service called  iSpoof  and arrested 142 individuals linked to the operation. The websites, ispoof[.]me and ispoof[.]cc, allowed the crooks to "impersonate trusted corporations or contacts to access sensitive information from victims," Europol  said  in a press statement. Worldwide losses exceeded €115 million ($ 119.8 million), with over 200,000 potential victims believed to have been directly targeted through iSpoof in the U.K. alone, the Metropolitan Police  noted .  Among the 142 people arrested is the administrator of the website, who was apprehended in the U.K. on November 6, 2022. The website and its server were subsequently seized and taken offline two days later by Ukrainian and U.S. agencies. Per the National Police Corps, the helpdesk fraud  allowed  registered subscribers on the online portal to mask their phone numbers and make calls impersonating banks, retail companies, an
How Nation-State Actors Target Your Business: New Research Exposes Major SaaS Vulnerabilities

How Nation-State Actors Target Your Business: New Research Exposes Major SaaS Vulnerabilities

Feb 15, 2024SaaS Security / Risk Management
With many of the highly publicized 2023 cyber attacks revolving around one or more SaaS applications, SaaS has become a cause for genuine concern in many boardroom discussions. More so than ever, considering that GenAI applications are, in fact, SaaS applications. Wing Security (Wing), a SaaS security company, conducted an analysis of 493 SaaS-using companies in Q4 of 2023.  Their study reveals  how companies use SaaS today, and the wide variety of threats that result from that usage. This unique analysis provides rare and important insights into the breadth and depth of SaaS-related risks, but also provides practical tips to mitigate them and ensure SaaS can be widely used without compromising security posture.  The TL;DR Version Of SaaS Security 2023 brought some now infamous examples of malicious players leveraging or directly targeting SaaS, including the North Korean group UNC4899, 0ktapus ransomware group, and Russian Midnight Blizzard APT, which targeted well-known organizat
New 4G LTE Network Attacks Let Hackers Spy, Track, Spoof and Spam

New 4G LTE Network Attacks Let Hackers Spy, Track, Spoof and Spam

Mar 05, 2018
Security researchers have discovered a set of severe vulnerabilities in 4G LTE protocol that could be exploited to spy on user phone calls and text messages, send fake emergency alerts, spoof location of the device and even knock devices entirely offline. A new research paper [ PDF ] recently published by researchers at Purdue University and the University of Iowa details 10 new cyber attacks against the 4G LTE wireless data communications technology for mobile devices and data terminals. The attacks exploit design weaknesses in three key protocol procedures of the 4G LTE network known as attach, detach, and paging. Unlike many previous research, these aren't just theoretical attacks. The researchers employed a systematic model-based adversarial testing approach, which they called LTEInspector , and were able to test 8 of the 10 attacks in a real testbed using SIM cards from four large US carriers. Authentication Synchronization Failure Attack Traceability Attack Nu
cyber security

Are You Vulnerable to Third-Party Breaches Through Interconnected SaaS Apps?

websiteWing SecuritySaaS Security / Risk Management
Protect against cascading risks by identifying and mitigating app2app and third-party SaaS vulnerabilities.
Cybersecurity Resources