Latest news with #Whois
Yahoo
19 hours ago
- Business
- Yahoo
Scammers pulling double-whammy credit card schemes
WXIN/WTTV – Like the old saying goes: fool me once, shame on you; fool me twice, shame on me. And that's exactly what some scammers are trying to do with fake websites designed to steal not one but at least two of your credit cards. Not only is A.I. making it easier for criminals to make websites that look like legitimate shopping sites, according to Scamicide, it's making it easier for them to get even greedier. Crooks who make copycat websites often try to get victims to enter credit card information, thinking they're making a purchase. When the victim enters the card information, thinking they're buying something, the scammer simply keeps the information and starts making purchases of their own or sells the info to someone else. However, one card isn't enough for some bad guys, according to Scamicide. In some cases, when you try to use your credit card, the site might say it was declined and you need to try another card. If you do, you've now turned over two credit cards to the bad guys. Experts point out that even if a website comes up high in an internet search, the scammers may have paid for that high position or tricked the search engine into pushing it toward the top. Scamicide says if you plan to make a purchase on a website, make sure the web address starts with https. The 's' is important because it means your communication on the site is encrypted and most copycat sites aren't. Also, if the domain name doesn't seem at all related to the company name, that's a sign of a possible fake. There are also several websites where you can enter a web address and see if it checks out as legitimate or not. Google Safe Browsing Transparency Report allows you to type in the web address and see if Google thinks it's a scam. You can also use a site called Whois to see who owns a particular website and how long it's been registered online. If you think you're shopping on a popular website like Amazon or Best Buy, but the search shows the site has only been around for four months and it's owned by someone in India, it's a fake site. Copyright 2025 Nexstar Media, Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.
Hindustan Times
28-05-2025
- Hindustan Times
Researcher claims to have found massive illegal database hosting emails, passwords and other sensitive information
A cybersecurity researcher claimed to have found a publicly exposed database containing 184,162,718 unique login and password credentials, totalling a massive 47.42 GB of raw data. The researcher, Jeremiah Fowler, reported his findings to last week and claimed that the database hosting critical data was itself not protected by a password. Fowler claimed that he saw 'thousands of files that included emails, usernames, passwords, and the URL links to the login or authorisation for the accounts.' The database reportedly contained login credentials of numerous applications and services, including email providers, Microsoft, Facebook, Instagram, Snapchat, Roblox and many other websites. Also read | Hackers steal advertising agency's data, demand ransom in Bitcoins The researcher claimed that the database's Whois information, which can be used to identify the registrant (owner) of a domain and their contact details, was 'private' and there seemed to be 'no verifiable method' to identify the real owner of the illegal database. Folwer alleged that the hosting provider of the database refused to disclose their customer's information, and hence he could not establish if such large volumes of data was gathered for legitimate research purposes or exposed due to oversight. According to the report, Fowler could also not establish how long the database was exposed or if anyone gained access to it. 'The records exhibit multiple signs that the exposed data was harvested by some type of infostealer malware,' he wrote. The researcher claimed that he does not know how such large volumes of data was collected, but stated that cybercriminals deploy a range of methods to deploy the malware and steal sensitive information. Also read | Russian hackers target Western firms shipping aid to Ukraine, US intelligence says Folwer also contacted several individuals using emails listed in the illegal database and claimed to have received confirmation from them that the illegal database contained 'their accurate and valid passwords.' He recommended users to be aware of sensitive information stored in their accounts and regularly delete 'old, sensitive emails that contain PII, financial documents or any other important files.' To guard against potential cyberattacks, Fowler urged users to change passwords annually and use unique and hard-to-guess passwords for every account. He also suggested activating two-factor-authentication and considering using password managers among other measures.
Yahoo
20-05-2025
- Business
- Yahoo
Posts falsely claim South Africa has imposed new rules for reporting cash withdrawals
'The war on cash,' begins a Facebook post published on May 5, 2025. 'From 10 May 2025, all major SA banks will implement a new regulatory rule re card withdrawals.' Shared more than 240 times, the post further claims that 'if you withdraw more than a specified amount using your bank card, your transaction details will be automatically reported to SARS'. SARS stands for the South African Revenue Service. The post includes a screenshot of a table purportedly showing the various withdrawal amounts that automatically trigger notification to SARS for each of South Africa's banks, ranging from R3,000 to R10,000 a day (approximately $166 to $553). The same claim was shared on other platforms, including Facebook, Instagram, and LinkedIn. Other posts and blogs claimed the new rules would take effect on June 15, 2025. But the claims are false. A keyword search found no credible reporting of the claim, but it appears to be linked to this blog article from May 2, 2025: 'SARS Big Bank Alert! Withdraw Over This Limit After 10 May and SARS Will Be Notified Instantly'. The article comes from a website designed to look like an African-focused news blog, the domain of which – ' – appears in the false Facebook post. AFP Fact Check used Whois and ICANN domain lookups and found the blog's URL was registered on May 2, 2025 – the same date as the article – with a listed address and phone number based in Iceland. A Google search of the address shows it was the subject of a 2024 New York Times report about Withheld for Privacy, an internet privacy service established by Namecheap, which hosts some of the internet's 'sketchiest websites' (archived here). The NYT report stated Iceland has emerged as a global hub for dubious websites, largely due to its strong privacy laws. Other stories published on the website also appear questionable, most with clickbait headlines about South Africa. The South African Reserve Bank, the country's central bank, refuted the claim on Facebook (archived here). 'The article claiming that a 'New Card Withdrawal Rule' will take effect on 10 May 2025 — requiring banks to report card withdrawals over R10,000 to SARS — is false,' it said. The SARB statement added that 'no such rule' had been issued, nor was there 'a new directive' announcing a requirement for 'automatic SARS reporting for large card withdrawals'. The bank urged the public to verify financial news on official SARB or SARS platforms. Contacted by AFP Fact Check, South Africa's Financial Intelligence Centre (FIC) reiterated this in an email on May 14, 2025, saying it has not made any recent 'announcements or regulatory changes on this subject'. The FIC said, in this instance, the Prudential Authority of the South African Reserve Bank (SARB) would have communicated such a change. The FIC said by law, 'cash received or paid out to a client above the threshold of R49,999.99 (approximately $2,800) must be reported by the accountable institution to the FIC'. The FIC's primary role is to protect the integrity of the country's financial system; it was established to identify proceeds of crime, to track the financing of terrorism, and to combat money laundering.
AFP
20-05-2025
- Business
- AFP
Posts falsely claim South Africa has imposed new rules for reporting cash withdrawals
'The war on cash,' begins a Facebook post published on May 5, 2025. 'From 10 May 2025, all major SA banks will implement a new regulatory rule re card withdrawals.' Shared more than 240 times, the post further claims that 'if you withdraw more than a specified amount using your bank card, your transaction details will be automatically reported to SARS'. SARS stands for the South African Revenue Service. The post includes a screenshot of a table purportedly showing the various withdrawal amounts that automatically trigger notification to SARS for each of South Africa's banks, ranging from R3,000 to R10,000 a day (approximately $166 to $553). Image Screenshot of the false Facebook post, published on May 5, 2025 The same claim was shared on other platforms, including Facebook, Instagram, and LinkedIn. Other posts and blogs claimed the new rules would take effect on June 15, 2025. But the claims are false. Dodgy web domain A keyword search found no credible reporting of the claim, but it appears to be linked to this blog article from May 2, 2025: 'SARS Big Bank Alert! Withdraw Over This Limit After 10 May and SARS Will Be Notified Instantly'. The article comes from a website designed to look like an African-focused news blog, the domain of which – ' – appears in the false Facebook post. AFP Fact Check used Whois and ICANN domain lookups and found the blog's URL was registered on May 2, 2025 – the same date as the article – with a listed address and phone number based in Iceland. Image Screenshot of the domain registration information A Google search of the address shows it was the subject of a 2024 New York Times report about Withheld for Privacy, an internet privacy service established by Namecheap, which hosts some of the internet's 'sketchiest websites' (archived here). The NYT report stated Iceland has emerged as a global hub for dubious websites, largely due to its strong privacy laws. Other stories published on the website also appear questionable, most with clickbait headlines about South Africa. Image Headlines taken from the website registered in Iceland 'No new directive' The South African Reserve Bank, the country's central bank, refuted the claim on Facebook (archived here). 'The article claiming that a 'New Card Withdrawal Rule' will take effect on 10 May 2025 — requiring banks to report card withdrawals over R10,000 to SARS — is false,' it said. The SARB statement added that 'no such rule' had been issued, nor was there 'a new directive' announcing a requirement for 'automatic SARS reporting for large card withdrawals'. The bank urged the public to verify financial news on official SARB or SARS platforms. Contacted by AFP Fact Check, South Africa's Financial Intelligence Centre (FIC) reiterated this in an email on May 14, 2025, saying it has not made any recent 'announcements or regulatory changes on this subject'. The FIC said, in this instance, the Prudential Authority of the South African Reserve Bank (SARB) would have communicated such a change. The FIC said by law, 'cash received or paid out to a client above the threshold of R49,999.99 (approximately $2,800) must be reported by the accountable institution to the FIC'. Image Screenshot of the FIC reporting obligations The FIC's primary role is to protect the integrity of the country's financial system; it was established to identify proceeds of crime, to track the financing of terrorism, and to combat money laundering.
Yahoo
24-04-2025
- Business
- Yahoo
It's official: Meta's Threads is using 'Threads.com' domain name
Threads, Meta's alternative to X, formerly Twitter, had almost everything it needed to succeed. It's backed by one of the biggest of the Big Tech companies. It's directly integrated with Instagram, the mega popular photo sharing app. With all its powers combined, Threads was able to grow to 100 million users in just 5 days. However, there was one crucial element that the platform was missing: A 'dot com' domain name. But, as of April 24, Meta has solved Threads' URL problem. now officially points users to the web version of the Threads platform. "Today, we're moving from to Meta said in an announcement posted on the company blog alongside feature updates to the platform. As Elon Musk continues to put his unique stamp on X, many liberal users are seeking out new social media homes. X competitors like Bluesky and Threads appear to have won out as the official Twitter replacements, although neither have come close to achieving critical mass. Threads finally using as its official URL won't beat out X alone, but studies have shown that internet users still use and trust .com domain names more than any other domain extension. This move from to will only help the platform. Threads originally launched in July 2023 strictly as a mobile app. One month later, Threads rolled out the web version of the social media platform. However, Threads on the web was previously located at Why? At the time, Meta simply did not own the dot-com domain. Plenty of users went to when Meta launched the platform. However, users who visited the URL were then directed to a website for a startup company that was building a Slack alternative called Threads — not exactly an ideal user experience. Unsurprisingly, the Slack alternative unfortunately named Threads later noted that it received acquisition interest from Meta. The following year, the startup announced that Shopify had acquired the company. Then, in September 2024, tech outlets noticed that the ownership information listed in the Whois domain records for pointed to a new owner — Meta. It's unclear how much Meta paid for the domain name, but on Thursday, the company made official.
