Reply to post: Re: So

The curious sudden rise of free US election 'net security guardians

Crazy Operations Guy

Re: So

The two-factor authentication scam had victims register with the scam's website (Purporting to be the IRS / FBI / ICE / etc). As part of registration, it used a legitimate two-factor authentication system and asked to 'help secure your account' to lend the scam credence. The scams were fairly similar, tey'd start with "You are being investigated by <agency>, log into <website> and register with case <number> to respond to the accusations and view your case file" then when they register, they are asked to add enable two-factor-authentication 'for their protection'. The scam would then keep going on and on asking for more and more money for 'processing fees' and 'filing fees' and 'fines'. Pretty much a standard 419 scam except rather than a Nigerian Prince, it is a Federal Agent and instead of money they promise, its either not being arrested or deported.

For the Israeli certificate on a fake Saudi Arabian bank website it was a matter of a fake website that used all the logos of the real one, but the URL was slightly wrong (in this case used an 'n' instead of an 'r' in the url). The website even had an EV certificate that used the correct name of the bank i the verified owner, and for all intents and purposes looked like the real bank's website. The thing even functioned just like the real bank (Every action was 'passed through' to the real bank's website). The thing that really tipped me off was that the EV certificate was signed by a certificate authority based out of Israel and has a history of working with Mossad, western intelligence agencies and malware mercenaries like the Equation Group.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2022