Latest Posts - page 2

  • 7 Oct 2020 • 7 min read

    Bitcoin Up – Binary Options Scam from YouTube

    I watch YouTube more frequently due to COVID-19 and I found these pesky Dick Smith ads soliciting a get-rich-quick scheme popping up recently. The ads are illustrated with a photo of the Aussie entrepreneur himself claiming that everyone can become a millionaire within a matter of months. So what is this scam about and who runs the YouTube campaign?

    Read more
  • 22 Sep 2020 • 3 min read

    What Service NSW has to do with Russia?

    One interesting offshoot of researching .gov.au websites running outside Australia was an odd service running from Russia. How the Service NSW – a website offering government services online – ended up associating with a Russian datacentre?

    Read more
  • 21 Sep 2020 • 5 min read

    The risk of Australian Government services hosted overseas

    In this article, we are hunting for websites under the .gov.au domain hosted outside Australia. We explain why it is a risk of running services associated with the Australian Government overseas and how things are changing.

    Read more
  • 3 Jul 2020 • 5 min read

    Roku fake activation scams: How do they work?

    New Roku and other streaming device users beware. These scammers are running a large network of lookalike websites tricking into paying “activation” or “set-up” fees for something coming free of charges.

    How do these scams work? What Roku scam websites belong to the same circle of scammers? Read on to find out.

    Read more
  • 3 Jun 2020 • 4 min read

    Australian OSINT Public Data Sources

    I wanted to write this since I competed in the National Missing Persons Hackathon in Sydney last October. For those who are unfamiliar with the concept, the competition was the first-ever nationwide Missing Persons CTF. As the police receive more than 38,000 missing persons report each year and there are circa 2,600 long term missing persons in Australia, the noble intention was helping the authorities find missing persons by providing as many leads as possible.

    Although there are plenty of write-ups about the tools used and practices followed on these OSINT competitions, most of them are revolving around the United States.

    In the following article, I summarised the various Australian public data sources I found useful in the Missing Persons competition. The list of the data sources below is a non-comprehensive list with a heavy bias (e.g. NSW-focussed).

    Read more
  • 1 Jun 2020 • 5 min read

    Muni Hosting: A safe haven for phishing and credit card fraud

    Muni Hosting is a boutique bulletproof server hosting provider knee-deep in running phishing scams, SIM swapping attacks and bank fraud. My latest research takes an attempt at mapping the scale of the operation and identify the perpetrator behind these illegal acts.

    Read more

Subscribe via RSS