Deepfake BEC Scam 

A new variant of the well-known BEC scam has implemented a feature that has yet to be used in an email scam: voice fraud. Using an extremely accurate deepfake voice of a company’s CEO, scammers were able to successfully convince another company to wire $250,000 with the promise of a quick return. Unfortunately, that transfer was quickly spread out through a number of countries, leaving investigators with very little clue as to the identity of the scammers.  

Yves Rocher Data Leak 

The customer databases belonging to French retailer Yves Rocher were found to be publicly available by researchers who discovered the records of over 2.5 million customers. In addition to the personal data, the details for over 6 million transactions, and internal Yves Rocher information were grouped with the exposed database. The internal data could be a major opportunity for any competitors to obtain some crucial footings in the marketplace.  

German Mastercard Breach 

Officials recently learned of a data breach that was affecting nearly 90,000 German Mastercard holders that are part of their members loyalty program. Nearly half of the exposed email addresses have already been compromised in previous data breaches, according to Have I Been Pwned, though the affected customers should still update their credentials. Fortunately, this breach only affected the loyalty program members rather than the entirety of Mastercard’s world-wide client base.  

Ransomware Wave Hits US 

Continuing on from a summer full of ransomware attacks on US cities comes a streak of 13 new attacks that range from the East Coast to the West Coast. Sadly, several of the victims have already paid out some portion of the demanded ransoms, with some insurance companies even attempting to negotiate with the attackers for a lower payout. With this streak, the total number of ransomware attacks in the US in 2019 is up to 149, 20% of which involved educational institutions.   

UK Travel Agency Breach 

A UK-based travel agency has recently fallen victim to a data breach that could affect over 200,000 of their customers. The main leak included audio files for the affected customers confirming travel and payment plans, as the travel firm completes their deals over the phone. The audio files appear to have bene publicly available for a span of nearly 3 years, but quickly secured the sensitive information once they were informed of its current status.  

Connor Madsen

About the Author

Connor Madsen

Threat Research Analyst

As a Threat Research Analyst, Connor is tasked with discovering and identifying new malware variants, as well as testing current samples to ensure efficacy. Don’t miss the latest security news from around the world in his weekly Cyber News Rundown blog.

Share This