This alert may not be shared outside your organization, Do Not Repost or send, place on other websites, List servers, or send to others via email, including other associations or parties.  Members and Law enforcement use only. Contact us for any permissions.  To do otherwise will result in the loss of membership.

Complete Story
 

07/31/2019

Crooks Sell Credentials Using Combolists-as-a-Service Model

BleepingComputer

Cybercriminals are now using a combolists-as-a-service model to sell credential collections to other crooks, which will later use them as part of large scale malicious account takeover attacks targetting both individuals and organizations.

Account takeovers are the result of successful credential stuffing attacks which allow attackers to use credentials obtained from security breaches they orchestrated or from other cybercriminals to try and gain access to accounts registered on other sites.

This specific type of attack uses automatically injects credentials until they are matched to an existing account on the targeted site, which the bad actor can then hijack and use it for his own purposes. 

Read more....

Printer-Friendly Version


Resources

Alerts

The FRPA alert system distinguishes us from other groups by gathering and providing information to law enforcement, retailers AND financial institutions.

more information
Resources

Resources

Your electronic library to help in fighting financial fraud for all of our partners.

more information