• FrankonFraud
  • Posts
  • Deepfake BEC Scams on the Rise: Millions Lost in Zoom Call Schemes

Deepfake BEC Scams on the Rise: Millions Lost in Zoom Call Schemes

Author

Frank McKenna
June 04, 2024

Hey, fraud guys and gals 👋 

I am off to Dallas this week, delivering presentations on AI and Auto Loan Fraud at several events, so maybe I will see some of you in person.

Let’s get to the top news of the week!

  • Scamburger Helpers —Two executives from Epsilon, a data broker with information on 250 million Americans, were convicted of selling data to scammers for years so the scammers could target people most likely to fall for it. During the trial, it was determined they knew they were helping scammers and did it anyway.

  • Fraudster Fighter - Remember Billy McFarland, the Fyre Festival fraudster? Apparently, he is knocking people out of karate matches now. Should we get him at the Fraud Fight Club next year?

  • Bag o Cash - Shockingly, a juror received a bag filled with $120,000 in cash dropped off at her home if she would agree to rig a massive fraud case and acquit the defendants.

  • Big Comeback— First-party fraud is making a comeback in banking and lending. Hear from the experts on what concerns them.

  • Uber to The Bank - Tech scammers told an 86-year-old lady she needed to go to the bank and get $10,000 to pay them. When she said she didn’t drive, they sent an Uber to her house to take her there.

  • Unredacted Mess—As reported by Seamus Hughes, a staggering 22,000 fully exposed SSNs were discovered in court filings from a sample of just a few days, raising questions about whether courts are violating people’s privacy and data.

  • Nigerian Swipes Graceland - A Nigerian identity thief attempted a daring takeover of Graceland by filing a fictitious $3.8M unpaid debt on the property to force it into foreclosure.

  • The face that launched 1,000 Scams - Sabrina Nichole, is likely one of the most popular faces for catfishes in the world. She says 90% of her DMs are people asking for their money back.

  • Fraud Zombie Army - Yunhe Wang commandeered 19 million IP addresses and computers worldwide (yours could be one) to assist fraudsters and criminals in hiding their activity. These zombie computers helped facilitate billions in fraud.

Again. Another DeepFake BEC Call, Scammers Score Millions

Another staggering BEC Deepfake out of Hong Kong was reported last week, and it’s eerily similar in so many ways to a previous attack reported just weeks ago.

A Hong Kong employee was convinced to send $4 million to several different bank accounts after attending a Zoom call with many familiar faces from her company, including the London-based CFO.

They’re Here. Deepfake BEC Zoom Calls Are A Real Deal

Another deepfake BEC attack is raising concerns that a major threat is developing. This one uses Zoom calls to convince employees to send wire transfers.

Report - Is A Breach Wave Unfolding At SnowFlake?

9,000 companies, including TicketMaster and Santander, use Snowflake to house sensitive customer data. As you know, both those companies revealed massive data breaches last week. But the real damage may just be unfolding as another seven companies also announced breaches through Snowflake including:

  • Advance Auto Parts

  • Allstate

  • Anheuser-Busch

  • Mitsubishi

  • Neiman Marcus

  • Progressive

  • State Farm

Hudson Cook, an Israeli CyberSecurity company, claims in a now-deleted blog post that an employee of Snowflake may have had their credentials compromised by malware in 2023. Hackers were able to infiltrate the databases of at least 400 different companies, and the employee’s credentials are even shown in the post.

Snowflake says that is not the case and that the employee’s credentials were just for a demo system. They cite all the breaches that occurred due to poor security controls for their customers.

The Ticketmaster Data Breach May Be Just the Beginning

Data breaches at Ticketmaster and financial services company Santander have been linked to attacks against cloud provider Snowflake. Researchers fear more breaches will soon be uncovered.

Jermaine Thirkield was gunned down, the victim of a brutal murder in Columbus, Georgia.

Weeks later, a Navy Fed Employee, Steven Verrett, was caught on surveillance video depositing over $800,000 in checks stolen from the main into Thirkfields account. But it didn’t stop there; Verrett reportedly took out a car loan in his name, too.

Navy Fed Employee Stole Murdered Man’s Identity

Steven Verrett, an employee of Navy Federal Credit Union, has been arrested and charged with 15 counts of fraud and related offenses that involved the identity of a murdered man.

Check Washer Steals Checks Nationwide, Raps About It, Gets Arrested

HunnidK wanted to be a YouTube influencer, so he set off in his car, vlogging his daily life in different cities across the US and posting videos on his YouTube channel.

However, he was apparently stealing checks from the mail, washing them, and depositing them in various bank accounts to fund his US tour. He was arrested this week, and they are using this evidence against him, in which he raps about his fraudcapades.

Deep In A Scammer Spell- She Won’t Stop, So Court Files Injunction

70-year-old Holly Locke can’t stop helping her scammer boyfriend from Ghana. She defied a cease-and-desist order she agreed to back in 2022 after Postal Inspectors informed her she was part of a romance scam and acting as a money mule.

Since then, she has received money from other scam victims, forwarding it to her scammy boyfriend, who appears to have a lock on her heart. This month, the court filed an injunction forcing her to stop.

She Is Deep In A Scammers Spell

Holly Locke Can’t Stop Helping Her Romance Scammer

The Rise and Fall of a Homegrown Terrorist Who Wanted To Hack For Isis

Hacker Jibreel Pratt from Detroit seemed like an ordinary guy from Detroit, but deep down, he hid a dark secret. He aspired to bring new technical expertise to ISIS, vowing to become their technical arm and cyberhacker.

His main objective was to steal cryptocurrency on behalf of the terrorist organization to help them buy weapons and carry out their evil activities.

Detroit Hacker Pledged Allegiance To ISIS

He wanted to be their technical arm and cyberhacker, stealing crypto

She Bled Him Dry; He Still Longs For Her

The Wall Street Journal gives a blow-by-blow storyline of how a 75-year-old man was scammed on Linkedin by a Pig Butcherer. She bled him dry and left him on the brink of suicide.

This expose is interesting, providing screenshots of conversations that lured him into falling in love. He still longs for her, even after she has ghosted him.

She Hooked Me’: How an Online Scam Cost a Senior Citizen His Life’s Savings

She convinced him she was a rich young Chinese immigrant looking for love.

MasterCard Fills In The Blanks With Gen AI

American Banker provided insight into how Mastercard is using Generative AI to alert issuers to compromised card numbers. Apparently, Gen AI is very good at filling in the blanks by augmenting partial card numbers from breaches and even providing missing card numbers that were probably compromised.

Where's the stolen card? Generative AI can find it

The technology is adept at working with partial account numbers and other shreds of data to alert banks of ongoing and potential crime, the network contends.

They Faked A CyberAttack!

Graham Cluley reveals how one popular website faked a cybersecurity attack. It’s one of the most bonkers “attacks” of all time.

That’s all the news and trends for the week. Have an amazing week and happy fraud hunting y’all 🕵️