Monday, March 8, 2021
  • CyGlass and Ingram Micro Cloud Join Forces to Address Growing Cybersecurity Market in Australia and New Zealand
  • International Women’s Day: UbU and Lead Like a Girl
  • Securing Software Supply Chains and Dependency Confusion – An Industry Perspective
  • StrikeForce Announces Commercial Availability of Video Conferencing Platform SafeVchat™ to Protect the Hybrid-Workforce From Hackers and Data Breaches
  • Recognizing the Women of Cequence Security

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming
    • On-Demand
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
  • Library
  • Related Sites
    • MediaOps Inc.
    • DevOps.com
    • Container Journal
    • Digital Anarchist
    • SweetCode.io
  • Media Kit

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
Security Bloggers Network 

Home » Security Bloggers Network » Beware of the New Way Crooks Can Drain Your Credit Card Account

Beware of the New Way Crooks Can Drain Your Credit Card Account

by Tripwire Guest Authors on September 6, 2018

This article describes one of the recent frauds used by cybercriminals to steal funds from people’s credit cards. Unfortunately, it is a simple one to pull off, so peruse the details below and make sure you don’t get on the hook.

The malicious logic in a nutshell

The malefactors use a legit remote access tool for mobile devices called AirDroid. They try to dupe as many people as possible into installing the app and authenticating with credentials provided by the attackers. The main target audience is 25 year-olds and up. The idea is to transfer money from a card by sending a specific text message to a short number on behalf of the victim. While this service number varies for different banks, regular Google search helps find it in the blink of an eye.

Dissecting the hoax

The hackers download the above-mentioned AirDroid app and install it on their PC. Before that, they create a Gmail account test_user_air_droid@gmail.com and set a password test123.

Then they announce a recruitment for the position of an application tester. It doesn’t take any particular skills to qualify for the “job” – those hired will only need to install the app and test how it works. The payment is 40-60 USD, depending on how long the testing will last. 50% of the amount is paid in advance. The criminals’ objective is to recruit as many people as possible by posting ads on various boards and social networks. There tend to be a lot of people who get interested in this pseudo job because the offer appears to be a lure.

In response to the applicants’ messages, the rogues will provide the following information:

Hello and thank you for contacting us! The app is called AirDroid, it’s officially approved by Google Play and has been (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Tripwire Guest Authors. Read the original post at: https://www.tripwire.com/state-of-security/featured/crooks-drain-your-credit-card-account/

September 6, 2018September 6, 2018 Tripwire Guest Authors AirDroid, Cybercriminal, Featured Articles, opsec
  • ← British Airways Customer Data Stolen in Website and Mobile App Hack
  • Zero-day Threats: Has Detection Become Deception? →

TechStrong TV – Live

Watch latest episodes and shows

Subscribe to our Newsletters

Get breaking news, free eBooks and upcoming events delivered to your inbox.
  • View Security Boulevard Privacy Policy

Most Read on the Boulevard

Chinese Exchange Hack: At Best, Microsoft is Incompetent
A Close Call Prompts Security Reassessment
Zero-Trust in a Trusting World
Okta Acquisition of Auth0 Signals DevSecOps Shift Left
HIPAA Security Requirements: What They Really Mean
Three Top Russian Cybercrime Forums Hacked
Active/Active Multi-Region Systems on Steroids With Serverless
7 Lessons Learned From SMB Cybersecurity Leaders
Gender diversity in cybersecurity, the key to getting ahead of hackers?
The March IronNet Threat Intelligence Brief

Upcoming Webinars

Tue 09

Zero Trust Journey – A Security Leader’s Story

March 9 @ 11:00 am - 12:00 pm
Mon 15

Don’t Get Attached to Your Attachment!

March 15 @ 9:00 am - 10:00 am
Mon 15

Managing Security in a Decentralized World

March 15 @ 1:00 pm - 2:00 pm
Wed 17

API Security: Everything You Need to Know To Protect Your APIs

March 17 @ 1:00 pm - 2:00 pm
Mon 22

The Main Application Security Technologies to Adopt in 2021

March 22 @ 1:00 pm - 2:00 pm
Tue 30

Application Security in the Rapid Digital Transformation Age

March 30 @ 1:00 pm - 2:00 pm
Wed 31

The Anatomy of an Account Takeover Attack

March 31 @ 3:00 pm - 4:00 pm
Apr 01

Pharma Drama: An Interactive Crisis Simulation of an Insider Threat

April 1 @ 11:00 am - 12:00 pm

More Webinars

Download Free eBook

7 Must-Read eBooks for Security Professionals

Recent Security Boulevard Chats

  • Cloud, DevSecOps and Network Security, All Together?
  • Security-as-Code with Tim Jefferson, Barracuda Networks
  • ASRTM with Rohit Sethi, Security Compass
  • Deception: Art or Science, Ofer Israeli, Illusive Networks
  • Tips to Secure IoT and Connected Systems w/ DigiCert

Industry Spotlight

3 Hiking Principles That Made Me a Better CISO
CISO Suite Cybersecurity Industry Spotlight Security Boulevard (Original) 

3 Hiking Principles That Made Me a Better CISO

March 8, 2021 Jack Hamm | 8 hours ago 0
Decentralizing Cloud Security Management
Cloud Security Cybersecurity Governance, Risk & Compliance Industry Spotlight Security Awareness Security Boulevard (Original) 

Decentralizing Cloud Security Management

March 5, 2021 Michael Salleo | 3 days ago 0
A Close Call Prompts Security Reassessment
Application Security Cybersecurity Data Security Industry Spotlight Malware Security Boulevard (Original) 

A Close Call Prompts Security Reassessment

March 4, 2021 Rui Ribeiro | 4 days ago 0

Top Stories

Chinese Exchange Hack: At Best, Microsoft is Incompetent
Analytics & Intelligence Application Security Cloud Security Cybersecurity Data Security Featured Identity & Access Incident Response Network Security News Security Boulevard (Original) Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

Chinese Exchange Hack: At Best, Microsoft is Incompetent

March 4, 2021 Richi Jennings | 3 days ago 0
Unknown Hacker Grabs Gab’s Data, DDoSecrets Doesn’t Leak it
Analytics & Intelligence Application Security Cloud Security Cyberlaw Cybersecurity Data Security Featured Governance, Risk & Compliance Incident Response Network Security News Security Boulevard (Original) Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

Unknown Hacker Grabs Gab’s Data, DDoSecrets Doesn’t Leak it

March 2, 2021 Richi Jennings | Mar 02 0
‘Dangerous’ RCE in VMware: Patch, or the Puppy Gets It
Analytics & Intelligence Application Security Cloud Security Cybersecurity Data Security DevOps Featured Identity & Access Incident Response Network Security News Security Boulevard (Original) Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

‘Dangerous’ RCE in VMware: Patch, or the Puppy Gets It

February 26, 2021 Richi Jennings | Feb 26 0

Security Humor

via   the respected information security capabilities of   Robert M. Lee     & the superlative illustration talents of   Jeff Haas   at   Little Bobby Comics

Robert M. Lee’s & Jeff Haas’ Little Bobby Comics – ‘WEEK 319’

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: info@securityboulevard.com

Useful Links

  • About
  • Media Kit
  • Sponsors Info
  • Copyright
  • TOS
  • Privacy Policy
  • DMCA Compliance Statement

Other Mediaops Sites

  • Container Journal
  • DevOps.com
  • DevOps Connect
  • DevOps Institute
Copyright © 2021 MediaOps Inc. All rights reserved.
Our website uses cookies. By continuing to browse the website you are agreeing to our use of cookies. For more information on how we use cookies and how you can disable them, please read our Privacy Policy.