Subject: I found a malicious Chrome extension on my system – here’s how and what I did next
Source: ZDNET
https://www.zdnet.com/article/i-found-a-malicious-chrome-extension-on-my-system-heres-how-and-what-i-did-next/
When Chrome flagged an extension for malware, it triggered hours of cleanup. Learn how to check your extensions, clear malware, and keep your browser secure for the future.
Well, that wasn’t fun. Last week, Ars Technica ran a report about 33 Chrome extensions that have been found to have malware. And yeah, yesterday I found that I had one of them installed.
You can read the Ars article for a list to check yourself. One seemed familiar: Reader Mode. It was intended to clear a page of all non-text to make it more readable, like Safari’s Reader Mode. I haven’t run it for quite some time, but the name was familiar.
I went to my 3-dot menu in Chrome, then Extensions, then Manage Extensions. And there it was, right at the top of the page: “This extension contains malware.” Fortunately, the extension was switched off, but I have no idea when it became infected or whether it did any damage to the Chrome installs on my Macs or Windows machines.
See Also: The best secure browsers for privacy
Source: Krebs on Security
https://krebsonsecurity.com/2025/01/a-day-in-the-life-of-a-prolific-voice-phishing-crew/
Besieged by scammers seeking to phish user accounts over the telephone, Apple and Google frequently caution that they will never reach out unbidden to users this way. However, new details about the internal operations of a prolific voice phishing gang show the group routinely abuses legitimate services at Apple and Google to force a variety of outbound communications to their users, including emails, automated phone calls and system-level messages sent to all signed-in devices.KrebsOnSecurity recently told the saga of a cryptocurrency investor named Tony who was robbed of more than $4.7 million in an elaborate voice phishing attack. In Tony’s ordeal, the crooks appear to have initially contacted him via Google Assistant, an AI-based service that can engage in two-way conversations. The phishers also abused legitimate Google services to send Tony an email from google.com, and to send a Google account recovery prompt to all of his signed-in devices.
Today’s story pivots off of Tony’s heist and new details shared by a scammer to explain how these voice phishing groups are abusing a legitimate Apple telephone support line to generate “account confirmation” message prompts from Apple to their customers.
Source: The Markup
https://themarkup.org/gentle-january/2024/01/29/lie-about-your-birthday
Getting presents on your birthday can be really fun. So I can understand if, when companies have asked you for your date of birth (so they can send you something special on your special day!), you shrugged and thought, “eh, what’s the harm,” and handed your data over.
But your birth date, like your phone number (get a burner number), is personal information that scammers can use to steal your identity or target you for fraud. Think back: How many times have you been asked to verify your date of birth in serious situations, like when recovering your login from your bank, or getting your medical information from your doctor office?
Is getting free stuff on your birthday worth taking that risk? For me, the answer is no.
That’s why I lie about my birthday on the Internet.
Now, there’s an art to this, so here are some general rules and tips.
…
On a more serious note, a tip for anyone looking to do more to protect their privacy is to be generally resistant toward giving out any personal information. For example, my dentist doesn’t need to know my social security number. Even if the front desk asks for it on the intake form, I don’t fill out information I don’t think they need. If you ever see something on a form that you feel hesitant to give out, don’t. Ask why the office or person or company needs that information from you. Or just ignore it until you’re asked for it directly, and then ask them why they need it.
…
NB: pick a date that makes you at least 21+ y.o.
Subject: Experian Conducted ‘Sham Investigations’ Into Errors in Its Credit Reports
Source: Gizmodo
https://www.bespacific.com/experian-conducted-sham-investigations-into-errors-in-its-credit-reports/
Gizmodo: “Experian has routinely provided inaccurate information in credit reports that help determine whether consumers are approved for loans, jobs, or housing and failed to properly investigate or correct errors when consumers disputed the mistakes, according to a lawsuit filed Tuesday by the Consumer Financial Protection Bureau. CFPB data shows that last year the agency received 352,760 complaints from consumers about incorrect information appearing on their Experian credit reports, slightly less than the other two major credit bureaus. Consumers sent the agency 361,534 complaints about errors in Equifax reports and 378,538 complaints about errors in TransUnion reports. “When consumers disputed errors on their credit reports..
Filed: https://gizmodo.com/tech/crime
—
Abstracted from beSpacific
Copyright © 2025 beSpacific, All rights reserved.