Week Ending: 24th December - A Roundup in I.T. & Tech News

Back to Blog

Merry Christmas! It’s our last round up of 2021 today, and we’re sure everyone is ready to get the festivities started. Before you log off for a well-earned break, take 5 to catch up on what’s been going on in the world of tech and I.T.

This week we look at how Meta is cracking down on phishing scams that use its trademark, how scammers have netted $7.7 billion worth of cryptocurrency this year and the sharing of 585 million passwords by the UK government with Have I Been Pwned.

Let’s get you up to speed.

Meta cracks down on phishing scams that use its trademark

It has been announced this week that Meta is taking legal action against scammers who impersonated it’s trademark platforms – Facebook, WhatsApp and Instagram to conduct a phishing scam.

Meta claims that over the last two years alleged “actors” have created 39,000 websites in an attempt to replicate their services and subsequently deceiving users and collect their login details.

The scammers allegedly used a relay service called Ngrok to send internet traffic to phony login pages they created, while concealing their identity and location. Those who then clicked the phishing link were sent to a login page that resembled either Facebook, Instagram or WhatsApp and were asked to input their login details.

A spokesperson from Meta stated:

“By creating and disseminating URLs for the Phishing Websites, Defendants falsely represented themselves to be Facebook, Messenger, Instagram, or WhatsApp, without Plaintiffs’ authorization. Plaintiffs were adversely affected by Defendants’ phishing scheme and suffered, without limitation, damage to their brands and reputations, harm to their users.”

Read more on the story here.

Scammers net $7.7 billion worth of cryptocurrency in 2021

According to a new report published this week, criminals grabbed around $7.7 billion worth of cryptocurrency from their targets in 2021. This is an 81% increase in losses compared to the statistics released in 2020.

The report, which has been released as part of a preview of Blockchain analysis firm Chainanalysis’s “2022 Crypto Crime Report”, revealed startling details about the devastation cybercriminals managed to cause during 2021.

According to the report, $1.1 billion of the overall $7.7 billion was related to one particular scam which targeted users in Russia and Ukraine.

The report also confirmed that cryptocurrency-based crimes posed “one of the biggest threats to cryptocurrency’s continued adoption.”

The report goes in to a lot more detail on the scams which have taken place over the last 12 months, but the main takeaway they provide from the report is to avoid new tokens that haven’t yet undergone a code audit. They also stressed that

“Investors should remain aware of tokens that lack publicly known materials, which guarantees the legitimacy of a project. These include white paper, websites, and tokens created by individuals without using their real names.”

Read more on the report here.

UK government shares 585 million passwords with Have I Been Pwned

Have I Been Pwned, the website that allows Internet users to check whether their personal data has been compromised by data breaches has announced this week that the UK’s National Crime Agency (NCA) has shared a staggering 585 million stolen passwords with them.

Of the 585 million shared, 225 million were new passwords the company hadn’t seen before.

The NCA told Have I Been Pwnd founder, Troy Hunt that these passwords were “found at a cloud storage location that belonged to a UK business and was used by unidentified actors to store compromised login data.”

The credentials came from multiple data breaches, and their storage on a UK business’s cloud storage meant that they were accessible to third parties "to commit further fraud or cyber offences."

Hunt said in a blog post this week that “there were already 613 million passwords in the live Pwned Passwords service, so the NCA contribution represented a significant increase in size.”

He added that, “the data would definitely help more people know that their credentials have already been compromised, enabling them to take appropriate steps to secure their accounts.”

Find out more or to see if your passwords have been compromised here.

Those were some of this week’s biggest stories in I.T. and tech, but if you want more content, follow us across our four social media channels.