Latest news with #SilentPush
Forbes
6 hours ago
- Business
- Forbes
Do Not Shop Any Online Sales Or Discounts Until You Check This
Be careful before you shop. If you shop online, then you will be inundated with special offers, discounts and seasonal sales. Clicking through will take you to websites where you can buy with ease. But this is a scammer's paradise as bargain hunters search out the best prices. And now organized criminal gangs have a global ecosystem that's ready to steal your money. This attack works through thousands of dangerous websites, stealing credit card or PayPal details as soon as they're entered. Worse, these websites look like they're from major brands, including Apple, Wayfair, Michael Kors, Wrangler Jeans and others. The warning comes from Silent Push, which says attacks likely originate from Chinese cybercriminals, which have built 'multiple phishing websites spoofing well-known retailers,' and have abused 'online payment services such as MasterCard, PayPal, and Visa, as well as payment security techniques such as Google Pay.' Just as with the text message attacks now sweeping across the U.S., Chinese organized criminal gangs haver built an entire attack ecosystem and infrastructure which they can either operate themselves or sell or rent to others to target different geographies. 'Our team has found thousands of domains spoofing various payment and retail brands in connection to this campaign, including: PayPal, Apple, Wayfair, Lane Bryant, Brooks Brothers, Taylor Made, Hermes, REI, Duluth Trading, Omaha Steaks, Michael Kors, and many, many more peddling everything from luxury watches to garage doors.' Fake website 'brooksbrothersofficial[.]com' Unlike other attacks, these websites 'don't appear to actually process transactions or purchases, but instead steal credit card information entered on a (fake) payment page.' You will be pushed to these websites through marketplace ads or links in social media, but it could just as easily leverage SEO poisoning for specific product searches. These are examples of the kind of website that could be included in these attacks: But there are many thousands of domains, with similarly crafted URLs that include enough of the keywords you might expect, or use subtle misspellings or special characters to look like a genuine .com website address. It's always dangerous to shop on any websites accessed via a link, unless you're very sure where that link had come from. Recent reports have shown how easy it is to fake marketplace ads, so they're certainly best avoided. Fake website 'omahasteaksb ox[.]com' If you do shop from a link, then check two things: It's harder now to check website imagery and wording for mistakes — you can blame AI. Perfect replicas of websites, products, wording and imagery are now easy to create. These threat actors can also scrape legitimate websites for actual content. The FBI says 'check each website's URL to make sure it's legitimate and secure. A site you're buying from should have https in the web address.' 'Despite many sites being taken down by both hosts and defenders," Silent Push says, "thousands remain active as of June 2025. In the face of these types of scaled-up, persistent threats, traditional methods appear unable to hold back the tide.'
Forbes
11-06-2025
- Business
- Forbes
Chrome, Safari, Edge Warning—Do Not Use Any Website On This List
Do not use any of these websites. This threat is not new — but it's still dangerous. Users of all popular browsers are warned that a raft of malicious website domains are now targeting shoppers looking for online discounts on products from some of the world's most popular brands. The warning is from Silent Push, which has 'uncovered a massive 'fake marketplace' campaign.' Dubbed 'GhostVendors,' it works through 'online ads that impersonate dozens of major brands and spoof actual products on thousands of fraudulent websites.' The security researchers found more than 4,000 domains, and warn 'this is a significant threat targeting social networks, major brands, advertising companies, and consumers worldwide.' The attack starts with 'malicious Facebook Marketplace ads' which direct shoppers to its websites. Then the attackers stop the ad campaigns, which 'delete all traces of them from the Meta Ad Library.' All the current attacks making headlines, whether unpaid tolls, fake DMV notices, undelivered packages or phantom discounts rely on this mass registration of domains. Many of these last a day or less, sometimes only minutes. Once a domain is flagged it's blocked, but those few minutes or hours are enough for a hard and fast campaign. Then a fresh domain is pulled from the shelves, and they quickly go again. While users can enable safe browsing protections that will help flag malicious sites, most of these still rely on blacklists. AI updates will try to catch threats in real-time, but it's still early days for those upgrades. Meantime, the usual rules apply. Do not shop via links in messages of any kind, access brands only through usual channels, and above all, remember ads for discounts that seem to be too good to be true are exactly that. Malicious ads Silent Push says 'this campaign appears to focus on impersonating brands that buy large amounts of online ads — many of the impersonated brands are huge and well-known for purchasing significant quantities of ads. In contrast, other brands being impersonated are smaller ones that mostly use online sales processes.' The list of brands being impersonated ie extensive: 'Amazon, Costco, Bath & Body Works, Nordstrom, Saks Fifth Avenue, Lowes, L.L. Bean, Tommy Bahama, Rolex, Brooks Running, Birkenstock, Crocs, Skechers, Total Wine, Omaha Steaks, Instacart, Duluth Trading, Advance Auto Parts, Party City, Dollar General, Tractor Supply, Joann, Big Lots, Orvis, Alo Yoga, On Running, Tom Ford Beauty, Rebecca Minkoff, Yankee Candle, Hoka, Thrive Market, Vionic Shoes, Rock Bottom Golf, Vuori Clothing, Goyard, Icebreaker Clothing, NOBULL Sportswear, Alpha Industries, Volcom, Kizik Shoes, Vessi Shoes, Mammut Outdoor Gear, Buffalo Games & Puzzles, Ravensburger Puzzles, Fast Growing Trees, Gurney's Seed and Nursery, Vivobarefoot, KaDeWe, Palmetto State Armory, Natural Life, Luke's Lobster, Cousins Maine Lobster, White Oak Pastures, Seven Sons Farm, Arcade1Up Gaming, EGO Power+ Tools, Cobble Hill Puzzles, Popflex, Argos UK, Huk Clothing, 44 Farms, Tyner Pond Farm, Pipers Farms, Rebel Sport, The Woobles Crochet, Massimo Dutti, and GE Appliances.' Malicious websites The detailed explanation of the exploitation of Meta's marketplace highlights the sophistication of the attack, but as ever the outcomes remain the same. 'Multiple variations of these types of scams exist, but the end goal for each is typically quick cash-outs. Most of these networks abuse large numbers of domains due to the speed with which social networks and other sources respond and block their sites.' Here is a list of some of the domains caught in the act. It's not complete, but will give you a sense of what you're looking for. Use the list as a guide, and don't shop on any of these websites or any websites similar to this list. General Retail & Department Stores Home Improvement & Specialty Retail Footwear Brands Activewear & Athletic Apparel Fashion & Luxury Brands Outdoor & Sporting Goods Food & Grocery Farm & Garden Home & Hobbies Silent Push warns 'web shop and fake marketplace scams a prolific global threat to social networks, advertising networks, major brands, and the consumers who are unfortunate enough to encounter them. It's clear that many different threat actors launch these marketplace scams, and yet, fortunately, many reuse page and server templates to facilitate the speed of their deployments.' Whatever browser you're using, do not trust that these threats will be caught by the browser or blocked by any other software on your device. Do not take any risks.
Tom's Guide
10-06-2025
- Business
- Tom's Guide
These 'great' deals on Facebook are not from Amazon, Rolex or Nordstrom – they're from a network of scammers
If you've recently been tempted by a great looking advertisement on Facebook, keep scrolling. According to Cybernews, a large network of more than 4,000 domains have been impersonating dozens of popular brands in order to run fake ads across the social media site in order to tempt visitors to check out their scam websites. The aim of these threat actors is to steal money, or payment details, or both. Threat analysts at Silent Push have dubbed these scammers 'GhostVendors' because they've discovered a way to circumvent Meta's policy in order to cover their tracks. According to the researchers, the threat actors run their scam ads through Facebook Marketplace ads. 'Meta's policy dictates that any other types of ads are only saved while those ads are part of active campaigns.' That means that once the fake campaign ends, all proof of the scams vanish. Like any other 'too good to be true' style scam, the ones in this network of thousands of websites promote very, very low prices on popular products in order to tempt victims and unwary online shoppers. Silent Push found the threat actors to be impersonating high profile brands like Amazon, Costco, Lowe's, Crocs, Duluth Trading, Tractor Supply, Thrive Market, Yankee Candle, EGO Power+ Tools and more. The example given by Cybernews is an ad for Milwaukee Tools under the name 'Milaeke' that offers a toolbox for a price of $129 under the domain name wuurkf[.]com. Other ads will use keywords like 'clearance' or 'holiday celebration sale' in order to make a deal seem tempting or temporary so that shoppers will act quickly. The researchers at Silent Push say the threat actors can use a domain generated algorithm (DGA) to clone templates and reproduce the offers quickly to set up dozens of fake copies for various products across categories. Honestly, though it may sound tempting, most of your shopping just shouldn't be happening on social media in the first place. Even if you do see something that looks too good to pass up, your best bet is to note the name of the company and then independently visit their website in a web browser that you've opened yourself, and before you buy, you should first look for reviews and ratings from the Better Business Bureau or similar sites. Get instant access to breaking news, the hottest reviews, great deals and helpful tips. If you're buying something second hand, try to only pay cash or through a payment app like Venmo once you've received the item. If you're purchasing something that's being mailed, try to use a credit card and make sure to get a shipping number. That way, you can do a chargeback if you don't receive the item or get something that isn't at all like its description in the original listing. Remember, if it sounds too good to be true, it probably is, and if an ad or social media post is trying to tempt you with a limited time offer, a countdown or some other form of pressure, it's suspicious at best. You can protect yourself as well by making sure you have one of the best identity theft protection services which will monitor your accounts for signs of fraud and other red flags, and one of the best antivirus software solutions which are also on the lookout out for suspicious websites, malicious behavior and of course, malware.
Korea Herald
22-05-2025
- Business
- Korea Herald
Silent Push Launches Chrome Extension, Providing New Controls and Quick Access to Critical Data to Preemptively Stop Attacks
New, strategic integration partnerships available that enhance capabilities and empower SOC, IR and CTI teams SINGAPORE, May 22, 2025 /PRNewswire/ -- Silent Push, a leading preemptive cybersecurity intelligence company, announced today the launch of its new Google Chrome Extension, providing immediate access to information about indicators discovered through a user's browser and new controls to action on them. As part of the company's continuing efforts to level up security teams' cyber defenses, Silent Push introduces new integration partner Filigran - the developer of OpenCTI. Silent Push partnerships, including ThreatConnect continue to improve the customer experience and enhance company-wide security stacks with enriched data from the Silent Push platform. Simone Filiaggi, Sr. Threat Intelligence Analyst at Box, said: "The Silent Push Chrome Extension makes it a lot easier to access actionable, and high-quality threat intelligence. It's easy to use and improves our ability to detect and respond to threats including quick pivots into the Silent Push platform for a deep dive into adversary infrastructure." Ken Bagnall, CEO and Co-Founder of Silent Push, said: "We are committed to providing our customers with the solutions and resources they need to protect themselves from an attack and maintain business resilience. "Our Chrome Extension is bidirectional and makes it easier and faster to action. It acts as an integration into any of your SaaS platforms. By working directly in your browser through our extension, security teams now have the power to pivot control anywhere on the Internet. Through our integration partnerships and upcoming Abuse Reporting service, we are strengthening our capabilities and commitment so that security teams have the resources they need to identify adversary infrastructure before an attack is launched," Ken Bagnall said. Jan Johansen, SVP Global Alliances, Filigran, the developer of OpenCTI said: "As a new integration partner, our joint customers will benefit from our better together offering of leading threat intelligence from Silent Push leveraged through our OpenCTI platform featuring comprehensive visualizations and analytic tools. This is the best of both worlds to fully enable security teams to protect their organization." Andrew Pendargast, Chief Product Officer, ThreatConnect, said: "Our long-standing integration partnership with Silent Push enables our joint customers to further their journey towards a fully threat and risk-informed cyber defense. The new Chrome Extension, which offers defenders a far faster time to detect emerging threats, is a great example of the innovation the industry has come to expect from Silent Push." Traditional IOC-based security models are such a reactive approach that limit security teams from proactively stopping an attack that is yet to launch. Attackers are faster, more automated and increasingly leverage modern techniques to evade detection. A more modern approach is needed. Indicators of Future Attack (IOFA)™– only available from Silent Push–replace the traditional model providing an cyber early warning system. And, now with its Chrome Extension, Silent Push empowers Incident Response, Threat Intelligence and SOC teams to swiftly act and protect their organization with preemptive technology accessible with a simple click. Currently, the Silent Push Chrome Extension is available to enterprise customers only and downloaded here within the Chrome Web Store. About Silent Push Silent Push is a preemptive cybersecurity intelligence company. It is the first and only solution to provide a complete view of emerging threat infrastructure in real-time, exposing malicious intent through its Indicators Of Future Attack™ (IOFA™) data to enable security teams to proactively block hidden threats and avoid loss. The Silent Push standalone platform is also available via API integrating with any number of security tools, including SIEM & XDR, SOAR, TIP, and OSINT providing automated enrichment and actionable intelligence. Customers include some of the world's largest enterprises within the Fortune 500 and government agencies. Free community edition LinkedIn and X.
Yahoo
22-05-2025
- Business
- Yahoo
Silent Push Launches Chrome Extension, Providing New Controls and Quick Access to Critical Data to Preemptively Stop Attacks
New, strategic integration partnerships available that enhance capabilities and empower SOC, IR and CTI teams SINGAPORE, May 22, 2025 /PRNewswire/ -- Silent Push, a leading preemptive cybersecurity intelligence company, announced today the launch of its new Google Chrome Extension, providing immediate access to information about indicators discovered through a user's browser and new controls to action on them. As part of the company's continuing efforts to level up security teams' cyber defenses, Silent Push introduces new integration partner Filigran - the developer of OpenCTI. Silent Push partnerships, including ThreatConnect continue to improve the customer experience and enhance company-wide security stacks with enriched data from the Silent Push platform. Simone Filiaggi, Sr. Threat Intelligence Analyst at Box, said: "The Silent Push Chrome Extension makes it a lot easier to access actionable, and high-quality threat intelligence. It's easy to use and improves our ability to detect and respond to threats including quick pivots into the Silent Push platform for a deep dive into adversary infrastructure." Ken Bagnall, CEO and Co-Founder of Silent Push, said: "We are committed to providing our customers with the solutions and resources they need to protect themselves from an attack and maintain business resilience. "Our Chrome Extension is bidirectional and makes it easier and faster to action. It acts as an integration into any of your SaaS platforms. By working directly in your browser through our extension, security teams now have the power to pivot control anywhere on the Internet. Through our integration partnerships and upcoming Abuse Reporting service, we are strengthening our capabilities and commitment so that security teams have the resources they need to identify adversary infrastructure before an attack is launched," Ken Bagnall said. Jan Johansen, SVP Global Alliances, Filigran, the developer of OpenCTI said: "As a new integration partner, our joint customers will benefit from our better together offering of leading threat intelligence from Silent Push leveraged through our OpenCTI platform featuring comprehensive visualizations and analytic tools. This is the best of both worlds to fully enable security teams to protect their organization." Andrew Pendargast, Chief Product Officer, ThreatConnect, said: "Our long-standing integration partnership with Silent Push enables our joint customers to further their journey towards a fully threat and risk-informed cyber defense. The new Chrome Extension, which offers defenders a far faster time to detect emerging threats, is a great example of the innovation the industry has come to expect from Silent Push." Traditional IOC-based security models are such a reactive approach that limit security teams from proactively stopping an attack that is yet to launch. Attackers are faster, more automated and increasingly leverage modern techniques to evade detection. A more modern approach is needed. Indicators of Future Attack (IOFA)™–only available from Silent Push–replace the traditional model providing an cyber early warning system. And, now with its Chrome Extension, Silent Push empowers Incident Response, Threat Intelligence and SOC teams to swiftly act and protect their organization with preemptive technology accessible with a simple click. Currently, the Silent Push Chrome Extension is available to enterprise customers only and downloaded here within the Chrome Web Store. About Silent Push Silent Push is a preemptive cybersecurity intelligence company. It is the first and only solution to provide a complete view of emerging threat infrastructure in real-time, exposing malicious intent through its Indicators Of Future Attack™ (IOFA™) data to enable security teams to proactively block hidden threats and avoid loss. The Silent Push standalone platform is also available via API integrating with any number of security tools, including SIEM & XDR, SOAR, TIP, and OSINT providing automated enrichment and actionable intelligence. Customers include some of the world's largest enterprises within the Fortune 500 and government agencies. Free community edition is available. For more information, visit or follow on LinkedIn and X. View original content to download multimedia: SOURCE Silent Push Sign in to access your portfolio
