CyberSecurityBoard
Sponsor Register Login

Microsoft: Storm-0539 Group Behind a Surge of Gift Card Scams

With the holiday season well underway, a threat group with a history of gift card scams is ramping up its efforts, according to Microsoft.
The group has been around since at least late 2021, with Microsoft noting last month that Storm-0539 is a financially motivated group that typically targets retailers for such gift card schemes.
In the latest phishing campaigns, Microsoft researchers wrote that the bad actors use URLs that, if clicked on by the target, lead to adversary-in-the-middle pages through which they steal credentials and session tokens.
With those in hand, Storm-0539 attackers can register their own devices that will receive secondary authentication prompts, allowing them to bypass multifactor authentication protections and gaining persistence in the victim's environment by using the fully compromised identity, the researchers wrote.
Along with the gift card scams, the threat group also access other information, from email and contact lists to network configurations, which can be used in later attacks against the same organizations.
Gift card scams have long been a threat to retailers and consumers.
The U.S. Federal Trade Commission earlier this year warned consumers about such schemes and gave tips for avoiding and reporting them.
There are a number of different stories that bad actors will tell potential victims, including saying they're from a government agency like the IRS or Social Security Administration, or from tech support from a company like Apple or Microsoft saying there's a problem with the victim's computer, the agency wrote.
They also may say they're a family member or friend in an emergency, that the victim has won a prize, or that they're from a utilities company.
They ask the victim for money after chatting on a dating website.
Threat actors will record information like the card and associated pin numbers of gift cards that have not yet been bought.
Scammers also may take gift cards off the shelves and take them somewhere else, putting decoy items in their place, according to USA Today.
After getting the information from the gift cards, they put the cards they tampered with back on the shelves and wait for people to buy them.


This Cyber News was published on securityboulevard.com. Publication date: Mon, 18 Dec 2023 15:43:04 +0000


Cyber News related to Microsoft: Storm-0539 Group Behind a Surge of Gift Card Scams

Microsoft: Storm-0539 Group Behind a Surge of Gift Card Scams - With the holiday season well underway, a threat group with a history of gift card scams is ramping up its efforts, according to Microsoft. The group has been around since at least late 2021, with Microsoft noting last month that Storm-0539 is a ...
1 year ago Securityboulevard.com
FBI warns of gift card fraud ring targeting retail companies - The FBI warned retail companies in the United States that a financially motivated hacking group has been targeting employees in their gift card departments in phishing attacks since at least January 2024. Tracked as Storm-0539, this hacking group ...
7 months ago Bleepingcomputer.com
9 online scams to watch out for this holiday season - By being aware of these common online scams and taking precautions, you can protect yourself and your family from becoming victims this holiday season. The holiday season is upon us, and that means it's time to start shopping for gifts. It's not just ...
1 year ago Blog.avast.com
Microsoft Targets Threat Group Behind Fake Accounts - Microsoft seized parts of the infrastructure of a prolific Vietnam-based threat group that the IT giant said was responsible for creating as many as 750 million fraudulent Microsoft accounts that were then sold to other bad actors and used to launch ...
1 year ago Securityboulevard.com
Financially motivated threat actors misusing App Installer - Since mid-November 2023, Microsoft Threat Intelligence has observed threat actors, including financially motivated actors like Storm-0569, Storm-1113, Sangria Tempest, and Storm-1674, utilizing the ms-appinstaller URI scheme to distribute malware. In ...
11 months ago Microsoft.com
Christmas scams: Attacks to be aware of this holiday season - Now, not only has the victim been charged for this fake item, but the cyber criminal now has access to all their credit card information. Now more than ever, Christmas shopping is done online - and, of course, cyber criminals are going to take ...
1 year ago Securityboulevard.com
Unravelling Retirement Banking Scams and How To Protect Yourself - In the labyrinth of financial scams, one of the most insidious is the retirement banking scam. According to the FBI, in 2020 alone, financial scams targeting seniors netted more than $1 billion. It's a quiet crisis that we need to address, and ...
11 months ago Hackread.com
Microsoft disrupts credentials marketplace, warns of gift card fraud, OAuth abuse - After a relatively quiet final Patch Tuesday of 2023, Microsoft published warnings this week about the potential for gift card fraud and hackers abusing a popular authentication technology. Alongside the warnings, Microsoft said it recently used a ...
1 year ago Therecord.media
Apple Settles Lawsuit iTunes Gift Card Scam - Agreement reached with Apple to settle a lawsuit that alleged it knowingly let scammers exploit iTunes gift cards, and kept stolen funds. Apple in the new year has sought to rid itself of another legal claim, after it reportedly agreed to settle a ...
11 months ago Silicon.co.uk
Holiday Threats Surge as Christmas-Themed Scams Explode - As the winter holidays approach, malicious spammers have ramped up their efforts, flooding inboxes with a surge of unsolicited emails and Christmas-themed scams, according to a Bitdefender report. Key findings indicated a steady rise in ...
11 months ago Securityboulevard.com
Business Email Compromise Scams: Prevention and Response - We will also highlight red flags to watch out for in suspicious emails, emphasizing the importance of implementing robust email authentication methods and comprehensive employee training programs to enhance awareness and response capabilities. BEC ...
11 months ago Securityzap.com
How Criminals Are Leveraging AI to Create Convincing Scams - Cybercriminals create far more sophisticated scams with generative AI than traditional phishing scams. According to Visa research, scammers are fooling even the savviest internet users by launching pig butchering, inheritance, humanitarian relief ...
6 months ago Tripwire.com
Is Your Online Store Hacked in a Carding Attack? - Hackers are plotting to benefit from the generosity of Halloween, Thanksgiving, and Christmas shoppers using carding attacks as we gear up for the holiday season shopping. Online companies selling products or services are struggling with the growing ...
1 year ago Cybersecuritynews.com
Best of 2023: Why is everyone getting hacked on Facebook? - Importantly, phishing relies on the victim trusting the scammer and taking an action - like clicking a link or sending bank account information - in order for the scammer to get what they want. It's not your imagination - social media scams really ...
1 year ago Securityboulevard.com
US Agencies Urged to Patch Ivanti VPNs That Are Actively Being Hacked - New findings from the cryptocurrency tracing firm Chainalysis show how stablecoins that are tied to the value of the US dollar were instrumental in cryptocurrency-based scams and sanctions evasion last year. The US Federal Trade Commission reached a ...
11 months ago Wired.com
Microsoft Disrupts Cybercrime Service That Created 750 Million Fraudulent Accounts - Microsoft on Wednesday announced the disruption of Storm-1152, a cybercrime-as-a-service ecosystem that created 750 million fraudulent Microsoft accounts in support of phishing, identity theft, and other schemes. The CaaS is believed to have made ...
1 year ago Securityweek.com
Most scammed items for this Christmas season - As the festive season is just a couple of days ahead, the joy of giving and receiving is accompanied by an unfortunate increase in scams targeting unsuspecting holiday shoppers. Scammers are adept at exploiting the spirit of generosity and the rush ...
1 year ago Cybersecurity-insiders.com
Microsoft Incident Response lessons on preventing cloud identity compromise - Microsoft Incident Response is often engaged in cases where organizations have lost control of their Microsoft Entra ID tenant, due to a combination of misconfiguration, administrative oversight, exclusions to security policies, or insufficient ...
1 year ago Microsoft.com
Microsoft Shuts Down a Criminal Ring Responsible for Creating Over 750 Million Fake Accounts - Microsoft Corp. has shut down a cybercrime group's US-based infrastructure, which created more than 750 million fake accounts across the company's services. Microsoft carried out the takedown with the support of Arkose Labs Inc., a venture-backed ...
1 year ago Cysecurity.news
Microsoft Disabled App Installer Abused by Hackers - Threat actors, particularly those with financial motivations, have been observed spreading malware via the ms-appinstaller URI scheme. As a result of this activity, Microsoft has disabled the ms-appinstaller protocol handler by default. The ...
11 months ago Cybersecuritynews.com
Key Group uses leaked builders of ransomware and wipers | Securelist - The first discovered sample of Key Group, the Xorist ransomware, established persistence in the system by changing file extension associations. The .huis_bn extension added to encrypted files in the early versions of Key Group samples, Xorist and ...
2 months ago Securelist.com
UK to block all Social Media Scams - Starting May 2024, residents of the United Kingdom can breathe a sigh of relief, as social media platforms operating in the country have collectively committed to combating a range of scams on their respective networks. This includes everything from ...
1 year ago Cybersecurity-insiders.com
Netcraft Report Surfaces Spike in Online Healthcare Product Scams - A report published today by Netcraft, a provider of cybersecurity services, finds the volume of online scams relating to healthcare that are emanating from inexpensive top-level domains is spiking-accounting for as much as 60% of daily domain ...
11 months ago Securityboulevard.com
Preventing Credit Card Fraud with PoS Malware: How Prilex Blocks Contactless Payments - New versions of the Prilex point-of-sale malware can block secure, NFC-enabled contactless credit card transactions, forcing consumers to insert credit cards that are then stolen by the malware. On a payment terminal, contactless transactions use NFC ...
1 year ago Bleepingcomputer.com
How Microsoft's cybercrime unit has evolved to combat increased threats - Governments and the tech industry around the world have been scrambling in recent years to curb the rise of online scamming and cybercrime. Even with progress on digital defenses, enforcement, and deterrence, the ransomware attacks, business email ...
1 year ago Packetstormsecurity.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)