Before adding and sharing your Fraud Alert please check to see if a similar alert has already been posted, thank you:


Senator Calls For Use Of DMARC To Curb Govt.-Related Phishing …

Fraud Alert:

In a letter sent Tuesday to the Department of Homeland Security, Sen. Ron Wyden (D-OR) called for federal agencies to implement stricter controls on e-mail that would prevent hackers from impersonating email addresses of federal agencies.

Wyden called for the use of an email protocol called Domain-based Message Authentication, Reporting and Conformance (DMARC). The protocol can be used to filter or block spoofed emails that use a real domain address but are sent from a third-parties such as an attacker.

“I write to ask you to take immediate steps to ensure that hackers cannot send emails that impersonate federal agencies,” Wyden wrote. “The threat posed by criminals and foreign governments impersonating U.S. government agencies is real.”

It’s estimated that that only two percent of the government’s 1,300 domains, such as FTC.gov and FDIC.gov, use DMARC to block spoofed emails, according to Global Cyber Alliance, an organization that promotes DMARC as an industry standard.

DMARC wards off email spoofing, which is central to most phishing attacks. The premise behind DMARC is that it checks email against both the Domain Keys Identified Mail and Sender Policy Framework validation systems. If a message satisfies these checks it is sent through to the recipient, otherwise it’s quarantined or blocked.

In 2016, the Internal Revenue Services reported a 400 percent increase in attempts by criminals to impersonate the agency through phishing, Wyden said. In the letter, Wyden cited a case where a phishing campaign sent emails purporting to come from the Defense Security Service, part of the U.S. Department of Defense, but were instead part of a phishing ploy.

“Most government agencies have not deployed DMARC in a blocking capacity,” said Philip Reitinger, president and CEO of Global Cyber Alliance. “The federal government is not alone. There is a lot of work to be done across government and industry.”

In his letter (PDF), Wyden notes that the British government recently implemented the DMARC protocol and has already seen it shore up its email security.

“Government-wide implementation of DMARC has had a huge impact in the United Kingdom. In 2016, the U.K. required all government agencies to enable DMARC. As a result, the U.K.’s tax agency has stated that it reduced the number of phishing emails purporting to come from that agency by a staggering 300 million messages in one year,” he wrote.

Wyden is calling for the DHS to add DMARC scanning of federal agency systems as part of its existing Cyber Hygiene program. He is also calling for General Services Administration to create a central repository for DMARC reports across all government agencies in order to shine a brighter light on who is attempting to impersonate U.S. government agencies.

Last year, Google adopted the DMARC protocol for its web-based email. The move followed similar initiatives from Yahoo and AOL; Yahoo moved its mail services to DMARC in November 2015.

Phishing remains a constant and viable threat, not only from cybercriminals interested in fraud and financial crime, but also in targeted attacks by criminal and nation-state attackers.

Article source: https://threatpost.com/senator-calls-for-use-of-dmarc-to-curb-phishing/126931/




Did National Public Radio Suppress an Interview With Milo Yiannopoulos?

Fraud Alert:

On 18 July 2017, alt-right commentator Milo Yiannopoulos claimed that National Public Radio had suppressed an interview he conducted with a Connecticut NPR member station, simply because he spoke too reasonably and articulately for their liking. … [Continue reading]




Skimming and Fraud

Fraud Alert:

Today's Fraud News from around the world: Skimming and Fraud: Skimming is a type of ATM and debit fraud which involves criminals installing devices inside and/or onto the outside of ATM and point-of purchase ...: Google Alert - Fraud … [Continue reading]




Google rolls out new protections against phishing plugins – The Verge

Fraud Alert:

Google is making it even harder to accidentally install a malicious plugin. Today, the company announced new changes to the way Google services handle plugins, adding new warnings for users and a more involved verification system for apps. The result … [Continue reading]




Did DJ Khaled Break a Horse’s Back By Riding on it?

Fraud Alert:

CLAIM DJ Khaled broke a horse's back while riding on it, causing the horse to be put down. FALSE RATING … [Continue reading]




Former attorney given 2-year prison sentence for mail fraud

Fraud Alert:

Today's Fraud News from around the world: Former attorney given 2-year prison sentence for mail fraud: SCRANTON, Pa. (AP) — A former Pennsylvania attorney who defrauded dozens of homeowners out of more than $ 69000 has been sentenced to … [Continue reading]




Wombat Security Releases Securing Your Email – Fundamental Anti-Phishing Training Series

Fraud Alert:

The Securing Your Email – Fundamental series expands Wombat's already industry-leading anti-phishing training library, and has been added as a featured option within the Anti-Phishing Training Suite. To enable targeted and timely training, ThreatSim® … [Continue reading]




Fox News Banned in Canada?

Fraud Alert:

CLAIM The Fox News Channel has been banned in Canada because they report false information FALSE RATING FALSE ORIGIN … [Continue reading]




Silicon Valley man sentenced in blackjack fraud case

Fraud Alert:

Today's Fraud News from around the world: Silicon Valley man sentenced in blackjack fraud case: A Santa Clara County man who pleaded no contest to embezzling more than $ 400,000 from his former high school classmates and gambling the ...: … [Continue reading]




Why we keep falling for online phishing scams and downloading viruses

Fraud Alert:

Why do so many of us fall prey to phishing attacks and online scams? We hear warnings about the dangers of opening untrusted files and cautionary tales of the repercussions of falling for nefarious internet hoaxes. And yet, the problem persists. … [Continue reading]




Clinton/Lynch Pilot Breaks His Silence on What Was Said?

Fraud Alert:

CLAIM Pilot Dimitri Noonan revealed information about a secret meeting between Bill Clinton, Loretta Lynch, and Paul Ryan. FALSE RATING … [Continue reading]




EU's anti-fraud agency opens Garda college probe

Fraud Alert:

Today's Fraud News from around the world: EU's anti-fraud agency opens Garda college probe: The EU's anti-fraud agency has opened a formal investigation into the Garda college, which is likely to include interviews with key gardaí … [Continue reading]




No one thinks they’ll fall for a phishing attempt at work — until they do

Fraud Alert:

xEmbedxShareCLOSE Con artists are using social media and other tricks to send phishing emails that look legitimate -- or even look like they're coming from a co-worker or your CEO. Susan Tompor/Detroit Free PressBuy PhotoDug Song, left and … [Continue reading]




CIA Agent Confesses on Deathbed: ‘We Blew Up WTC7 on 9/11’?

Fraud Alert:

CLAIM A dying CIA agent confessed to blowing up WTC Building 7 on 9/11 through controlled demolition. FALSE RATING … [Continue reading]




CIA Agent Confesses on Deathbed: ‘We Blew Up WTC7 on 9/11’?

Fraud Alert:

CLAIM A dying CIA agent confessed to blowing up WTC Building 7 on 9/11 through controlled demolition. FALSE RATING … [Continue reading]