Over 34 Million People subscribe to Xbox Game Pass

0
[ad_1]

Microsoft has finally released some new numbers on subscribers for Xbox Game Pass. After more than two years, Microsoft has announced that it has now surpassed 34 million subscribers. That’s up nearly 36% from the last number Microsoft gave in 2022, of around 25 million.

Previously, Microsoft Gaming CEO Phil Spencer admitted that he had been seeing growth slow for Xbox Game Pass on consoles, saying “I’ve seen growth slow down, mainly because at some point you’ve reached everybody on console that wants to subscribe.” Then Microsoft expanded Xbox Game Pass to PCs, and now we’re seeing growth once again. However, this isn’t a number that Microsoft touts routinely, so hard to really see how the growth is looking right now.

Microsoft has an ambitious goal of getting 100 million Xbox Game Pass subscribers by 2030. Obviously, they are still pretty far off from that right now, but the good news is, it’s only 2024. They’ve got six years to hit that goal. However, they are only a third of the way there.

This number means people aren’t flocking to Game Pass for Xbox Cloud Gaming on mobile devices

Xbox has really expanded Game Pass over the years, it’s not available on PC as well as mobile devices. But this 34 million number means that we aren’t seeing users flock to Game Pass for Xbox Cloud Gaming on mobile devices. It’s also reflective of the fact that Xbox Series S and X haven’t been selling as well as the PlayStation 5 and PS5 Slim.

Remember, that Microsoft’s goal isn’t to convert everyone into a Game Pass subscriber, instead, Spencer stated that “it’s a good business for us today, Game Pass, but in no way is there a plan that says ‘Okay, everybody needs to become a Game Pass subscriber.’”

Xbox Game Pass starts at $9.99 per month. So if everyone got the lowest tier plan, that’s $340 million per month Microsoft is making from just this one service.


[ad_2]
Source link

Google rolling out an “Android safe browsing” feature for apps on Galaxy and Pixel devices

0
[ad_1]
If you use a Samsung Galaxy or Google Pixel phone, you will now be able to benefit from a new “Android Safe Browsing” feature within your apps. This new tool is yet another Android security boost in Google’s arsenal against increasingly sneaky malware and phishing scams.
As explained by Android expert Mishaal Rahman on his post uncovering the feature, “Android Safe Browsing alerts you to security threats, like harmful links and webpages, when you browse within supported apps. For example, you might get an alert if you tap a link in your news app that would take you to a known phishing site.” Essentially, its function is to add a layer of protection when tapping on a web link within an app.

If I had to compare it to something, it would be like the warnings you get in the Chrome browser when you’re about to navigate to a dodgy link. Android Safe Browsing works similarly by tapping into Google’s extensive database of known threats. At the moment, no apps appear for me under supported apps, suggesting that — as per Mishaal’s observations — this requires apps to utilize the “SafetyNet” Safe Browsing API, which lets apps determine if a URL has been marked as a known threat by Google.

Image Source: Phone Arena

So far, this new feature has been spotted by navigating to Settings > Security & privacy > More security & privacy on Pixel devices and Settings > Security & Privacy on Samsung Galaxy devices. However, the roll-out seems to be phased and controlled by Google’s servers, which would explain why not everyone has it yet.

Although this seems like a feature every Android phone should get, it is currently unclear whether this will a Pixel and Galaxy exclusive. Right now it looks like most phones using Google Play Services should eventually get this update, not just specific devices, so exclusivity is hopefully not an issue.

[ad_2]
Source link

Android users can’t stop switching to the iPhone

0
[ad_1]

As much as Android users make fun of the iPhone for being late to certain features, specs, and technologies, they can’t help but switch to the iPhone in droves.

According to CIRP (Consumer Intelligence Research Partners, LLC), in 2023, 13% of all iPhone buyers in the US were switching from Android to iOS. Now, that is down from 2022, which had a record high of 15%. But that’s higher than 2021 and 2020 and matches the 2019 percentage.

It’s important to stress that this research is only based on the US market. Where the iPhone is actually powerful compared to the rest of the world. In the US, Apple enjoys a market share of just above 60%. Whereas, worldwide, that falls to just below 25%.

84ac1492 2aed 4b59 a3f9 ea7166b16542 1123x816

Why are so many Android users switching to iPhone?

While we can’t speak for those Android users switching to iPhones, I do have a bit of an anecdote here. I switched to the iPhone in 2020. The main reason why I did it was to check out the competition and try something new. I’ve been at Android Headlines and reviewed just about every significant flagship since 2012, so I wanted to try something different. And now it’s hard to go back.

Of course, part of that is by design. Apple’s so-called “walled garden”. Apple wants you to get used to its features and how well its ecosystem works together across multiple devices. And they also make it pretty tough to switch out of iOS.

Additionally, over the last few years, Apple has added quite a few features to iOS that Android users absolutely love. Like the App Library, while not perfect, it does allow you to not have every single app on your home screen. You can also make other apps default, like Google Maps instead of Apple Maps or Google Chrome instead of Safari (though every web browser is still basically Safari with a skin on top), among a few other things.

Obviously, there’s one other reason that we should mention here. And that’s iMessage. The blue bubble versus green bubble war has been alive and well here in the US for many years. Adults and teenagers get pressured into getting an iPhone so they will no longer be a green bubble on their friends’ iPhones and ruin the group chats. That is most likely the biggest reason for Android users switching to iPhones, though we’ll likely never know.


[ad_2]
Source link

Samsung’s February 2024 update lands on Galaxy S22 & A54

0
[ad_1]

Samsung may be making Galaxy S24 users wait longer for the first update, other eligible models are getting the February 2024 update quite fast. It has already updated over 20 Galaxy devices to the latest security patch. A few more are joining the party today. Namely, the Galaxy S22 series and Galaxy A54 are picking up the new security update. Samsung has also expanded the patch globally for the Galaxy S20, Galaxy Note 20, and Galaxy A53.

Galaxy S22 series grabs Samsung’s February 2024 update

As of this writing, the February 2024 security patch is available for the Galaxy S22 series in Europe. The devices are receiving the new update with the firmware build number S908BXXS7DXAC. A screenshot posted on X by @Tarunvats33 shows that the OTA (over the air) package weighs just over 255MB for the Ultra model. The OTA download file should weigh similarly for the other two Galaxy S22 models.

Samsung should soon bring this update to the Galaxy S22, Galaxy S22+, and Galaxy S22 Ultra in other markets, including the US. As the official changelog confirms, the latest firmware release for the 2022 flagship trio doesn’t contain anything more than this month’s security fixes. There are 69 security patches in total this month, including fixes for three critical Android OS vulnerabilities and eight Galaxy-specific vulnerabilities.

All of these fixes are also rolling out to the Galaxy A54. Once again, Samsung has begun the rollout in Europe, with a global release expected soon. Users in Europe are getting firmware version A546BXXS6BXA8 with the update. It is the same story as far as the changelog or content is concerned. The update doesn’t bring anything extra. Samsung may soon release One UI 6.1 for the Galaxy S22 and Galaxy A54 with a bunch of new features and improvements.

Wider rollout for the Galaxy S20, Note 20, and Galaxy A53

A few days back, Samsung released the February security patch for the Galaxy S20 series, Galaxy Note 20 series, and Galaxy A53 in the US. These devices are now getting the latest security updates in more markets, including Europe. The updates are available for both 4G/LTE and 5G models of the two 2020 flagship lineups (only 5G models were released in the US). It shouldn’t be long before the updates go global.

The Galaxy S20 and Galaxy Note 20 series won’t get Samsung’s One UI 6.1 update. These phones are done getting feature updates—they didn’t even receive Android 14. However, the Galaxy A53 still has a lot of life left in it. The 2022 premium mid-range phone arrived with Android 12 and will receive updates up to Android 16. It should pick up One UI 6.1 later this year.


[ad_2]
Source link

Comcast, Charter and others are worried about new Mega Sports Streaming Service

0
[ad_1]

Some of the biggest leaders in sports – Disney, Fox, and Warner Bros Discovery – announced a joint venture for a mega-sports streaming service earlier this month. Since that announcement, we’ve been hearing from Pay TV providers as well as local TV providers about what this new venture could mean for their business.

Last week, we heard from Gray TV that they were not too fond of the joint streaming service unless they were to get paid. Gray TV gave some pretty compelling reasons in their statement, too, like the fact that local sports are streamed via local channels and broadcasters pay for these broadcasts. For Disney, Fox, and WBD to take that away without any monetary compensation would result in job losses for local economies.

Now, larger Pay TV services like Comcast, Charter, and DirecTV are making their voices heard. The primary question the three have is whether they’ll be able to offer the same skinny bundle of linear networks that Disney, WBD, and Fox announced as part of this streaming service, which includes ABC, ESPN, ESPN2, TNT, TBS, Fox, FS1, and FS2, among a few other cable channels that showcase sports.

If Pay TV providers are able to offer a skinny bundle with these sports services to customers, then there’s likely to be little pushback. However, if they aren’t able to and have to carry these channels in their basic cable subscription, which will likely cost much more than the joint service, there’s going to be quite a bit of pushback.

Disney, Warner Bros Discovery, and Fox all rely on Pay TV for a bulk of their revenue

It’s doubtful that the joint sports streaming service will allow Pay TV providers to offer a competitive skinny bundle. The three companies get a majority of their revenue from Pay TV through these deals that they’ve struck with Pay TV providers. Disney, for example, forces Pay TV providers to carry all of their channels instead of just some. So YouTube TV would need to carry all 14 of Disney’s channels, versus just carrying the handful of ESPN channels – which cost the most to carry.

Obviously, some Pay TV providers can benefit indirectly from this new venture, but it would likely cause a lot more cable TV cancellations, which is kind of the point of this service. Sports streaming has been pretty lacking over the last few years. But for companies like Comcast and Charter, this would mean more broadband sales, as this streaming service is going to need high-speed internet. So not only more internet subscribers but more people paying for the higher-speed packages, which would bring in more profit for those companies.

It’s still in the early stages of this service, though it is expected to launch in the fall of 2024. So Disney, Warner Bros Discovery, and Fox are going to need to figure things out pretty quickly. This is likely expected to launch in time for the NBA and NHL 2024-25 seasons, which start around October.


[ad_2]
Source link

New TicTacToe Dropper Steals Data, Spreads Multiple Threats on Windows

0
[ad_1]

The new TicTacToe Dropper has been observed dropping additional threats onto Windows devices, including AgentTesla and LokiBot.

Fortinet’s FortiGuard Labs Threat Research Team has identified a group of malware droppers used in delivering final-stage payloads throughout 2023. The group is named ‘TicTacToe dropper’ due to a common Polish string, ‘Kolko_i_krzyzyk’, which translates to TicTacToe in English.

These droppers obfuscate final payloads during load and initial execution, including Leonem, AgentTesla, SnakeLogger, LokiBot, Remcos, RemLoader, Sabsik, Taskun, Androm and Upatre.

New TicTacToe Dropper Steals Data, Spreads Multiple Threats on Windows
Timeline (FortiGuard)

According to FortiGuard, the TicTacToe dropper has distributed multiple final-stage remote access tools (RATs) in the last 12 months and the final payloads feature several common characteristics, including multi-stage layered payloads, .NET executables/libraries, payload obfuscation using SmartAssembly software, DLL files nesting, and reflective loading.

In this campaign, malware executable is typically delivered via a .iso file, a technique often used to avoid detection by antivirus software and as a mark-of-the-web bypass technique. The executable contains multiple DLL file layers, which are extracted at runtime and loaded directly into memory.

TicTacToe Dropper Targets Windows

The medium severity level loader mainly affects Microsoft Windows platforms, potentially leading to compromised credentials and enabling further malicious activities, wrote Amey Gat and Mark Robson in FortiGuard’s blog post published on 14 February 2024.

Samples from early 2023 contained the strings TicTacToe, while later campaigns had different strings and different final-stage payloads. This suggests the tool is constantly developing and developers are trying to evade string-based analysis.

The first sample was a 32-bit executable called ‘ALco.exe’, which extracts and loads a.NET PE DLL file named ‘Hadval.dll’ or ‘stage2 payload’. The file is obfuscated with DeepSea version 4.1, causing unreadable function names and code flow obfuscation.

Use of de4dot tool

The de4dot tool, an open-source (GPLv3) .NET de-obfuscator and unpacker, utilized in the attack, successfully circumvents certain DeepSea obfuscation techniques, resulting in the de-obfuscation of a significant portion of the Hadval.dll file.

This file is responsible for extracting a gzip blob, which, upon decompression, unveils an additional 32-bit PE DLL file and another .NET library. The stage 3 payload, internally named ‘cruiser.dll’, is protected by SmartAssembly software.

The cruiser.dll file contained a class named ‘Munoz’ that creates a copy of the executable in the temp folder. The code from stage 3 extracts, loads, and executes the stage 4 payload from the bitmap object ‘dZAu’. Another DLL file, ‘Farinell2.dll’, is obfuscated with a custom obfuscator.

New TicTacToe Dropper Steals Data, Spreads Multiple Threats on Windows
Payload (FortiGuard)

AgentTesla

A separate TicTacToe dropper sample was earlier analyzed, which dropped AgentTesla, a well-known RAT. This 32-bit.NET executable used an identical technique to load code stored in the resource element of the file.

The stage 2 payload had the internal name ‘Pendulum.dll’ and the stage 3 payload had the name ‘cruiser.dll.’ The stage 3 payload extracted the stage 4 payload from the bitmap object ‘faLa’ with the final payload being AgentTesla.

For mitigating the threat, researchers believe hash-based detections are effective for known campaigns. However, a behaviour-based endpoint security tool is required for new campaigns given the dynamic nature of this malware. EDR technology like FortiEDR can effectively detect anomalous behaviour.

  1. Konni RAT Exploiting Word Docs to Steal Data from Windows
  2. Crypto Stealing PyPI Malware Hits Windows and Linux Users
  3. New JaskaGO Malware Targets Mac and Windows for Crypto
  4. New Windows Infostealer ‘ExelaStealer’ Being Sold on Dark Web
  5. Fake Bitwarden Password Manager Website Drops Windows ZenRAT

[ad_2]
Source link

OnePlus is investigating reports of OnePlus 12R not working on Verizon’s Network

0
[ad_1]

The OnePlus 12R officially became available yesterday, with pre-orders having arrived in the past few days. It’s a rather impressive phone; in fact, we called it “The Best $500 phone you can buy” in our review. But the phone isn’t the best if it can’t connect to your network.

We received a couple of tips today about the OnePlus 12R not being able to connect to Verizon’s network. Basically, some of the IMEI’s not being whitelisted for Verizon’s network since Verizon doesn’t sell the phone, but it does work on its network. We reached out to OnePlus for clarification:

“The OnePlus 12R is able to work with all major carriers and on all major 5G networks in the U.S., including Verizon. We are currently investigating unexpected cases that users may be having with Verizon’s network and are working with the carrier to resolve the issue as soon as possible.”

While it’s a nuisance for those who just got a shiny new phone and it can’t be used when there’s no WiFi right now, OnePlus is on it and working with Verizon to rectify the issue. Fingers crossed that the issue is fixed sooner rather than later.

OnePlus has invested heavily in making its phones compatible with all three US networks

Over the past couple of years, OnePlus has invested quite heavily in making sure that their phones all work on AT&T, T-Mobile, and Verizon at launch. So that issues like this don’t arise. But this was an unexpected issue for OnePlus, and they’re on top of it; that’s the good news.

The issue with Verizon is that all unlocked phones need to be certified to work on its network. The OnePlus 12R is certified for its network. However, it appears that some IMEIs were not added to its database and, therefore, cannot be activated on its network. This isn’t the first time we’ve seen this happen with Verizon; it has happened with other unlocked devices in the past. And is something to think about when buying an unlocked device to use on Verizon (especially on Visible, its own MVNO).


[ad_2]
Source link

Google unveils Gemini 1.5 with an insane context window

0
[ad_1]

Google recently released Gemini, its most powerful AI model. It swiftly overtook the role of Google’s flagship AI model, replacing Bard completely. While Gemini is only two months old, Google has introduced us to Gemini 1.5, the next generation in the company’s AI tech.

If you’ve been under a rock for the past couple of weeks, then you’ll need a little refresher. Google Bard is gone; the company replaced it with Gemini. You can access it through the website and through the official app. Also, if you’re looking for a more advanced version of the model, you can try out Gemini Advanced. This is the chatbot that uses the Gemini Ultra model.

So, with Bard gone, it looks like Google has its sights set on replacing Google Assistant eventually. We’re not sure when this is going to happen, but we’re already seeing signs of this happening. For example, you can now use the Gemini app as a replacement for the Google Assistant on your phone.

Google introduced Gemini 1.5 with an insane context window

Being the 1.5 version of Gemini, you can expect an experience much more powerful than version 1.0. The company announced this new model through a Google blog post. Both the CEO of Google (Sundar Pichai) and the CEO of Google DeepMind (Demis Hassabis) explained why Gemini 1.5 is superior to the first model.

What’s a context window? What are tokens?

Before hopping into what makes this iteration more powerful, here’s a refresher on context windows and tokens. A token is a bit of information that can be processed by a model. It could be a section of a word, a bit of audio, a bit of a video, or a bit of an image. For example, a word as simple as “Toaster” is made up of a handful of tokens.

A model can only understand a certain number of tokens at a time. The number of tokens a model can understand at a time is called the context window. The larger the context window, the larger your query can be.

Say, you paste your college report into Gemini to summarize, and your report is 2,000 words long, (let’s just say that equates to 5,000 tokens). As long as the context window is larger than 5,000 tokens, then Gemini can understand every bit of information in your report.

Gemini 1.5 could have a tremendous context window

The most significant change is the massive context window. The company is rolling out Gemini 1.5 Pro for early testing, and it has an impressive context window of 128,000 tokens. To put that into perspective, Gemini 1.0 has a context window of 32,000. That’s 4x as many tokens.

It doesn’t stop there, as a small group of testers will gain access to a version of Gemini 1.5 with a context window of up to 1 million tokens. With a window like that, you can feed it a 700,000-word novel, 30,000 lines of code, 11 hours of audio, or an hour of video, and it will understand every bit of it. With that many tokens, you can fit the first four books of Stephen King’s Dark Tower series into it. That’s more than 609,000 words and 2,000 pages.

Google even said that it had tested up to 10 million tokens internally, but that won’t be making it to the public anytime soon. In any case, it’s great to see that Google is pushing the envelope with AI technology so far and so quickly.

Other improvements

Along with the increased context window, you can expect other improvements like better reasoning, better learning skills, better ethics, and many more. The blog post goes into much more detail. So, if you’re an AI enthusiast, then you’ll want to read the blog post. It dives into more of what’s powering this AI model.

Read the blog post


[ad_2]
Source link

Analyse Phishing Attack with ANY.RUN Threat Intelligence Lookup

0
[ad_1]

An advanced phishing attack typically involves sophisticated tactics such as compelling email and website replicas that are often tailored to specific targets.

These attacks may use social engineering techniques to manipulate victims into revealing sensitive information and installing malware.

Cybersecurity researchers at ANY.RUN recently unveiled a proper guide to analyzing an advanced phishing attack with Threat Intelligence Lookup.

ANY.RUN Threat Intelligence Lookup provides contextual search online and via API. We index and analyze data from millions of public interactive analytical sessions, or “tasks,” that our community of over 300,000 academics and 300 organizations performs in the ANY.RUN sandbox.

Technical Analysis

Multitudes of opportunities can be unlocked with the help of this new tool that helps maximize threat intelligence. The search capabilities of this new tool enhance the search abilities and provide precise security incident responses.

The online Threat Intel Lookup service of ANY.RUN with API access scans millions of community tasks which links the isolated indicators to specific threats for your security team.

Search results

Even with the help of Threat Intel Lookup, you can also check the new IP in logs. Besides this, it also enables us to find sandbox matches fast, often naming malware families and providing related data like ports, URLs, and hashes.

Document
ANY.RUN Threat Intelligence Lookup

Threat Intelligence Lookup centralized repository of millions of IOCs extracted from ANY.RUN’s extensive database of interactive malware analysis sessions. ANY.RUN Threat Intelligence: Search for linked IOCs using over 30 fields .

How to Explain a Strange Command Line

In an event, the employee alerted security of a phishing attempt, which opened a suspicious Office attachment that enabled Macros, which triggered the alarm.

While examining the IDR logs, cybersecurity analysts discovered the highlighted PowerShell process with $codigo. Analysts without Threat Intelligence Lookup might search online, wasting time.

Searching ‘ImagePath:powershell’ AND ‘CommandLine:$codigo’ reveals multiple $codigo-related command lines. The events tab shows ‘stegocampaign’ tags that suggest a possible cyberattack.

Moreover, cybersecurity researchers affirmed that they are progressing aggressively, but they still need more refinement to their search.

IDR logs hint at a suspicious connection on port 2404, which is uncommon in their network.

The updated search reveals fewer tasks which is mostly tied to Remcos malware, a notorious Remote Access Trojan often utilizing PowerShell. 

Finding the Family of Malware

Researchers are making progress, but they still need to fine-tune their search. Based on the information from the IDR logs, it appears that a machine that is potentially infected is connected to port 2404. This port is not commonly used in our network infrastructure.

Threat Intelligence Lookup uncovers malicious IPs linked to the tasks that aid in further investigating malware behavior.

Confirm Remcos’ presence by merging the network rule name with the IP (RuleName: remcos AND DestinationIp: 107.172.31.178). While the ANY.RUN’s Threat Intelligence Lookup entrusts cybersecurity analysts,. 

Utilizing IP Address for Investigating Remcos

 Write a query combining a network rule name with the IP address associated with port 2404. In addition, researchers narrow down the search to display tasks from the past week. This is how it will appear: Rule name: “remcos” and destination IP: “107.172.31.178”

The example above shows one way that ANY.RUN’s Threat Intelligence Lookup can be very useful for cybersecurity experts.

Currently, it’s offering a trial with 20 search queries for existing Searcher plans or above clients. However, you can reach ANY.RUN for customer plans and subscriptions.


[ad_2]
Source link

Massive utility scam campaign spreads via online ads

0
[ad_1]

For many households, energy costs represent a significant part of their overall budget. And when customers want to discuss their bills or look for ways to save money, scammers are just a phone call away.

Enter the utility scam, where crooks pretend to be your utility company so they can threaten and extort as much money from you as they can.

This scam has been going on for years and usually starts with an unexpected phone call and, in some cases, a visit to your door. Obviously the phone call side of the scam is much more scalable and means the scam can be done from overseas.

However, criminals know that victims are more likely to be tricked if they were the ones who initiated the call. In a recent investigation, we discovered a prolific campaign of fraudulent ads shown to users via Google searches. To give an idea of scale, the number of ads we found exceeds what we have found in previous malvertising cases.

This blog post has two purposes: the first one is to draw awareness to this problem by showing how it works. Secondly, we’ve collected and shared as many ads and fake sites as we could in the hope that action will be taken, with hopefully some cost for the scammers.

Fraudulent utility scam ads

The scam begins when a user searches for keywords related to their energy bill. The ads are shown to mobile devices only, which makes sense given how often people use their phones. Also, the ads are geolocated, so that they are relevant to the user’s location.

We found 28 advertisers with over 300 ads, most of them registered by individuals from Pakistan. We have also seen legitimate but hacked advertiser accounts belonging to US entities that were abused. We didn’t investigate further into the whereabouts and identities of the scammers, but we should note that Pakistan is a possible location.

In most cases, tapping on the ad will not open a new website, but instead will prompt you to dial a phone number. This is exactly what the crooks want as many people will have no idea that an ad approved by Google could possibly be fraudulent.

The utility scam often works by threatening and scaring victims into making poor decisions. An unpaid bill, or an offer that is too good to be true and must be accepted immediately are some of their tactics. Once you’ve made that phone call, you’re already in their hands and very close to losing a significant amount of money.

The scammers may even redirect you to their website to “prove” that they are legitimate. Those sites are often credible enough for a victim to feel like they are doing the right thing, but that couldn’t be further from the truth.

Large scamming infrastructure

The crooks have registered dozens of different domains names and built templates that appear related to energy or utility savings. The sites are quite simple and consist of one main page with some customer-centric text and one or multiple phone numbers.

We can usually deduce they are fraudulent by looking up their registration date as well as connecting them with search ads.

However, that might not be enough to have them suspended without going through the whole process of calling the scammers, recording the interaction and showing that evidence. This type of investigation requires time and resources to be done properly. Perhaps one of the many scambaiters out there will look into it in the future.

In the meantime, we have tracked and reported as many domains as we could to the relevant registrars in the hope that some may take action and suspend them.

Keep your identity and money safe from scammers

This scam is widespread, and so our advice right now is to avoid clicking on any ad from search as the malicious ads largely outnumber the legitimate ones. You can tell it’s an ad as it will be labelled “Sponsored” or “Ad”.

Here are some additional tips:

  • Watch out for a sense of urgency. Scammers will often threaten to cut your power immediately. This and similar scare tactics are meant to pressure you into making hasty decisions. Take the time to look things up or speak to a friend before you do anything.
  • Never disclose personal details over the phone without being absolutely certain you are talking to the right person. If in doubt, hang up the phone and look for the official phone number from your energy company, perhaps from a past bill. Do not trust any phone number that appears on an online ad.
  • Beware requests for money transfers or prepaid cards. These are a huge sign you are dealing with criminals. Again, take your time to think it over even if just for a few hours. Scammers tend to be so impatient they will make all sorts of claims to act right now, which should be a dead giveaway.
  • Contact your bank immediately if you think you’ve been scammed and wired money,. Change all your passwords and add a notice with your utility company that someone may attempt to impersonate you.
  • Report the scam to the proper authorities, which may be the FTC.

Malwarebytes protection

Malwarebytes is working with its partners to go after these scammers. We also provide protection if you are using our iOS app via the ad blocking feature which will disable search ads and other ads that may be targeting you.

Indicators of Compromise

Google advertiser accounts

Phone numbers

888[-]960[-]3984
888[-]315[-]9188
888[-]715[-]1808
888[-]873[-]0295
888[-]317[-]0580
888[-]316[-]0466
888[-]983[-]0288
888[-]439[-]0639
888[-]312[-]2983
844[-]967[-]9649
855[-]200[-]3417
888[-]842[-]0793
888[-]207[-]3713
833[-]435[-]0029
888[-]494[-]4956

888[-]928[-]6404
888[-]374[-]1693
888[-]834[-]1050
888[-]497[-]3560
888[-]960[-]2303
888[-]430[-]0128
800[-]353[-]5613
888[-]407[-]1004
855[-]216[-]2411
844[-]679[-]7635
888[-]483[-]2851
888[-]657[-]2401
888[-]580[-]0106
888[-]326[-]7299
888[-]870[-]2661

888[-]203[-]1692
855[-]428[-]7345
888[-]641[-]0108
888[-]960[-]0688
888[-]347[-]7462
888[-]448[-]0550
888[-]834[-]0998
888[-]470[-]8496
888[-]554[-]0461
855[-]980[-]1080
888[-]539[-]0722
866[-]685[-]0355
888[-]715[-]1806
888[-]960[-]2550
888[-]641[-]0096
888[-]996[-]5133

Scammer domains

360billingservices[.]com
aadigital[.]online
citrexsolutions[.]co
digitelcare[.]com
eco-designs[.]store
economical-deals[.]co
electricenergybundle[.]com
electricenergyservice[.]com
electricpowerdeal[.]com
energpaybill[.]com

energybilling[.]net
energybillservice[.]online
energycredits[.]online
energyhelpcenter[.]com
energypayment[.]shop
energypoweroffer[.]com
globalenergysolutionz[.]com
homeutilityservices[.]com
makeabillpayment[.]com
paysenergy[.]online

powerelectricoffers[.]com
qasmic[.]com
rebornsolutions[.]co
telecombilling[.]us
telecomcredits[.]us
thepowerpayllc[.]org
uenergyproviders[.]store
utilitybillsolution[.]site
utilitybillspayments[.]org
utilitydiscounts[.]store
utilityservices[.]us


We don’t just report on phone security—we provide it

Cybersecurity risks should never spread beyond a headline. Keep threats off your mobile devices by downloading Malwarebytes for iOS, and Malwarebytes for Android today.


[ad_2]
Source link