InfoSecBulletin Cybersecurity for mankind
Meta launched the Threads app earlier this month as a competitor to Twitter, and it has already been downloaded over 100 million times.
In just 24 hours, over 700 fake domain names have been created as scammers are attempting to make a profit by copying the popular social media site.
Eight New ICS Advisories released by CISA
Authority Denies
Hacker claim ransomware attack on Indonesia’s state bank BRI
London-based company “Builder.ai” reportedly exposed 1.2 TB data
(CVE-2024-12727, CVE-2024-12728, CVE-2024-12729)
Sophos resolved 3 critical vulnerabilities in Firewall
“Workshop on Cybersecurity Awareness and Needs Analysis” held at BBTA
CVE-2023-48788
Kaspersky reveals active exploitation of Fortinet Vulnerability
U.S. Weighs Ban on Chinese-Made Router TP-Link: WSJ reports
Daily Security Update Dated: 18.12.2024
CISA released best practices to secure Microsoft 365 Cloud environments
Data breach! Ireland fines Meta $264 million, Australia $50m
Cybersecurity analyst Veriti has made a shocking discovery. On July 9th, they identified hundreds of fake URLs that led to potentially harmful websites.
“As the popularity of Meta’s Threads app continues to rise, attackers are capitalizing on the excitement to carry out malicious activities,” said Veriti. “By creating many suspicious domains, they aim to deceive users and distribute malware.”
Considering this, websites with themes like Threads, such as “Threadsapk[.]download” (a site suspected of phishing) or “Threadsappz[.]com” (which claims to have an Android version of the app), should be shunned like a digital pandemic.
“Users should exercise caution, as this download is not sourced from the official App Store or Google Play,” said Veriti. “Instead, it redirects to an external source — in this case, a Google Drive, where the APK [Android format] file can be downloaded. Such downloads from untrusted sources can pose significant security risks, including the potential for malware infection.”
ALSO READ:
Other suspicious domain names to watch out for include whatisthreads[.]com, socialthreads[.]store, threadsapp[.]shop, threadsl[.]com, and threadsinstagram[.]app — which appears to be trying to leverage fellow Meta platform Instagram as well.
Veriti urges early adopters of Threads to exercise due caution at all times and only download it from trusted sources.
Only download Threads app from authorized app stores like Google Play or Apple App Store to ensure you have the real version.
Consumers should avoid clicking on links from unverified sources, such as unknown email addresses or unfamiliar websites. Doing so might result in being sent to harmful websites or deceiving the user into downloading malware.
If someone gets caught in a scam, they are at risk of having their identity stolen. This may lead to more scams that try to trick them into giving away their money. It is important to beware of phishing attempts and other social engineering tactics that scammers may use to steal personal information. By staying cautious, it is possible to prevent future scams and protect oneself from financial fraud.
Veriti advises people to check if a website’s domain name is legitimate before visiting any website associated with Threads.
“Be wary of domains that have spelling variations or lookalikes designed to deceive users,” said Veriti.
