Reading Time: ~ 2 min.

Deepfake BEC Scam 

A new variant of the well-known BEC scam has implemented a feature that has yet to be used in an email scam: voice fraud. Using an extremely accurate deepfake voice of a company’s CEO, scammers were able to successfully convince another company to wire $250,000 with the promise of a quick return. Unfortunately, that transfer was quickly spread out through a number of countries, leaving investigators with very little clue as to the identity of the scammers.  

Yves Rocher Data Leak 

customer databases belonging to French retailer Yves Rocher were found to be publicly available
by researchers who discovered the records of over 2.5 million customers. In
addition to the personal data, the details for over 6 million transactions, and
internal Yves Rocher information were grouped with the exposed database. The
internal data could be a major opportunity for any competitors to obtain
some crucial footings in the marketplace.  

German Mastercard

recently learned of a data breach that was affecting nearly 90,000
German Mastercard holders that are part of their members loyalty program.
Nearly half of the exposed email addresses have already been compromised in
previous data breaches, according to Have I Been Pwned, though the affected
customers should still update their credentials. Fortunately, this breach only
affected the loyalty program members rather than the entirety of Mastercard’s
world-wide client base.  

Ransomware Wave
Hits US 

on from a summer full of ransomware attacks on US cities comes a streak of 13
new attacks that range from the East Coast to the West Coast. Sadly, several of
the victims have already paid out some portion of the demanded ransoms, with
some insurance companies even attempting to negotiate with the attackers for a
lower payout. With this streak, the total number of ransomware attacks in the
US in 2019 is up to 149, 20% of which involved educational institutions.   

UK Travel Agency

A UK-based travel agency has recently fallen victim to a
data breach that could affect over 200,000 of their customers. The main leak
included audio files for the affected customers confirming travel and payment
plans, as the travel firm completes their deals over the phone. The audio files
appear to have bene publicly available for a span of nearly 3 years, but
quickly secured the sensitive information once they were informed of its
current status.  

The post Cyber News Rundown: Deepfake Voice Fraud appeared first on Webroot Blog.