Meta

March 31, 2022

Fake Emergency Search Warrants Draw Scrutiny from Capitol Hill

This post was originally published on this siteOn Tuesday, KrebsOnSecurity warned that hackers increasingly are using compromised government and police department email accounts to obtain sensitive customer data from mobile providers, ISPs and social media companies. Today, one of the U.S. Senate’s most tech-savvy lawmakers said he was troubled by the report and is now asking technology companies and federal agencies for information about the frequency of such schemes. At issue are forged “emergency data requests,” (EDRs) sent through hacked police or government agency email accounts. Tech companies usually require a search warrant or subpoena before providing customer or user […]
April 27, 2022

Fighting Fake EDRs With ‘Credit Ratings’ for Police

This post was originally published on this siteWhen KrebsOnSecurity recently explored how cybercriminals were using hacked email accounts at police departments worldwide to obtain warrantless Emergency Data Requests (EDRs) from social media firms and technology providers, many security experts called it a fundamentally unfixable problem. But don’t tell that to Matt Donahue, a former FBI agent who recently quit the agency to launch a startup that aims to help tech companies do a better job screening out phony law enforcement data requests — in part by assigning trustworthiness or “credit ratings” to law enforcement authorities worldwide. A sample Kodex dashboard. […]
March 7, 2023

Sued by Meta, Freenom Halts Domain Registrations

This post was originally published on this siteThe domain name registrar Freenom, whose free domain names have long been a draw for spammers and phishers, has stopped allowing new domain name registrations. The move comes just days after the Dutch registrar was sued by Meta, which alleges the company ignores abuse complaints about phishing websites while monetizing traffic to those abusive domains. Freenom’s website features a message saying it is not currently allowing new registrations. Freenom is the domain name registry service provider for five so-called “country code top level domains” (ccTLDs), including .cf for the Central African Republic; .ga […]
May 26, 2023

Phishing Domains Tanked After Meta Sued Freenom

This post was originally published on this siteThe number of phishing websites tied to domain name registrar Freenom dropped precipitously in the months surrounding a recent lawsuit from social networking giant Meta, which alleged the free domain name provider has a long history of ignoring abuse complaints about phishing websites while monetizing traffic to those abusive domains. The volume of phishing websites registered through Freenom dropped considerably since the registrar was sued by Meta. Image: Interisle Consulting. Freenom is the domain name registry service provider for five so-called “country code top level domains” (ccTLDs), including .cf for the Central African […]