Retail | SC Media

Retail

Credential stuffing attack focuses on glasses retailer Warby Parker

Warby Parker on Thursday disclosed that roughly 198,000 of its customers may have been affected by a credential stuffing attack targeting the eyeglass retail chain. According to a company press release, an unknown cybercriminal actor has been attempting to access Warby Parker customer accounts by leveraging usernames and passwords that were previously stolen from other…

$30 RAT, WinSpy, involved in two phishing campaigns

Dozens of companies impersonated in evolving ‘Three Questions Quiz’ scam

There’s no question about it: the “Three Questions Quiz” is a scam, regardless of which legitimate brand it’s attempting to imitate. Indeed, a new blog post from Akamai Technologies identifies 78 unique brands impersonated over the past year by this well-established online phishing scheme, in which victims are tricked into giving away personal information to…

Flowers

Bloom is off the rose: Canadian 1-800-FLOWERS operation discloses four-year breach

The Canadian retail operations of 1-800-FLOWERS has disclosed a four-year data breach affecting customers who purchased goods on its website, warning that payment card data was exposed. The company 1873349 Ontario, Inc., which owns www.1800Flowers.ca, acknowledged the incident in a breach notification to impacted consumers, which was filed with the California attorney general’s office on Nov. 30.…

Consumers willing to be fleeced for the right Cyber Monday deal

The official start of the holiday shopping is here and even though cybersecurity firms are issuing warnings to help protect online shoppers many consumers may ignore safety advice if it stops them from saving money. A variety of scams have already been spotted, with cybercriminals creating fake store websites, launching shopping-related phishing campaigns and running…

Amazon Logo

Amazon website glitch exposes customer data

Amazon customer service reportedly sent an unknown number of customers an email today, warning that a technical error on its website had exposed their data. Details on incident are scant, as Amazon’s disclosure was rather vague in details, according to several outlets that covered the development. “Hello, We’re contacting you to let you know that…

The many faces of Magecart: Report profiles groups behind card-skimming threat

Magecart, the e-commerce payment card-skimming threat that has recently victimized Ticketmaster, British Airways, Newegg and other notable companies, is primarily comprised of six major active cybercriminal groups, according to a new joint research report. All of these groups use a version the same skimmer toolset, but they rely on different strategies and in some cases have…

Next post in Cybercrime