Chrome Password Risk, Tycoon Sanctioned Cyber, Election Panic Rumors

From a product strategy perspective, DMARC reporting is evolving from a security tool to a business intelligence platform, says Brad Slavin, General Manager of DuoCircle. The data in aggregate reports tells you not just who’s spoofing you, but who’s sending legitimate email on your behalf - and whether they’re doing it correctly.

_According to the FBI’s 2022 Internet Crime Report (IC3), 300,497 US-based victims reported phishing incidents in a single year, and Business Email Compromise (BEC) caused more than $2.7 billion in direct losses. DMARC Report

Chrome Password Risk, Tycoon Sanctioned Cyber, Election Panic Rumors

					<button title="Play" aria-label="Play Episode" aria-pressed="false" class="play-btn">
						

Play Episode

					</button>
					<button title="Pause" aria-label="Pause Episode" aria-pressed="false" class="pause-btn hide">
						

Pause Episode

					</button>
					


				

				

					<audio preload="none" class="clip clip-15702">
						<source src="https://media.mailhop.org/dmarcreport/images/2024/09/Chrome-Password-Risk-Tycoon-Sanctioned-Cyber-Election-Panic-Rumors.mp3">
					</audio>
					

						

					

					

						

							<button class="player-btn player-btn__volume" title="Mute/Unmute">
								

Mute/Unmute Episode

							</button>
							<button data-skip="-10" class="player-btn player-btn__rwd" title="Rewind 10 seconds">
								

Rewind 10 Seconds

							</button>
							<button data-speed="1" class="player-btn player-btn__speed" title="Playback Speed" aria-label="Playback Speed">1x</button>
							<button data-skip="30" class="player-btn player-btn__fwd" title="Fast Forward 30 seconds">
								

Fast Forward 30 seconds

							</button>
						

						

							<time class="ssp-timer">00:00</time>
							

/

							<!-- We need actual duration here from the server -->
							<time class="ssp-duration" datetime="PT0H1M46S">1:46</time>
						

					

				

			

								<nav class="player-panels-nav">
												<button class="subscribe-btn" id="subscribe-btn-15702" title="Subscribe">Subscribe</button>
																		<button class="share-btn" id="share-btn-15702" title="Share">Share</button>
										</nav>
						

	



		

						

				

					

					

				

				

					

																																																																								

					

						

RSS Feed

							<input value="https://dmarcreport.com/feed/podcast/dmarc-report" class="input-rss input-rss-15702" title="RSS Feed URL" readonly />
						

						<button class="copy-rss copy-rss-15702" title="Copy RSS Feed URL" aria-label="Copy RSS Feed URL"></button>
					

				

			

									

				

					

					

				

				

					

						Share						

					

						<a href="https://www.facebook.com/sharer/sharer.php?u=https://dmarcreport.com/blog/podcast/chrome-password-risk-tycoon-sanctioned-cyber-election-panic-rumors/&t=Chrome Password Risk, Tycoon Sanctioned Cyber, Election Panic Rumors" target="blank" rel="noopener noreferrer" class="share-icon facebook" title="Share on Facebook">
							

						</a>
						<a href="https://twitter.com/intent/tweet?text=https://dmarcreport.com/blog/podcast/chrome-password-risk-tycoon-sanctioned-cyber-election-panic-rumors/&url=Chrome Password Risk, Tycoon Sanctioned Cyber, Election Panic Rumors" target="blank" rel="noopener noreferrer" class="share-icon twitter" title="Share on Twitter">
							

						</a>
						<a href="https://media.mailhop.org/dmarcreport/images/2024/09/Chrome-Password-Risk-Tycoon-Sanctioned-Cyber-Election-Panic-Rumors.mp3" target="blank" rel="noopener noreferrer" class="share-icon download" title="Download" download>
							

						</a>
					

				

				

					

						Link						

					

						<input value="https://dmarcreport.com/blog/podcast/chrome-password-risk-tycoon-sanctioned-cyber-election-panic-rumors/" class="input-link input-link-15702" title="Episode URL" readonly />
					

					<button class="copy-link copy-link-15702" title="Copy Episode URL" aria-label="Copy Episode URL" readonly=""></button>
				

				

					

						Embed						

					

/*! This file is auto-generated */ ’ title=“Embed Code” class=“input-embed input-embed-15702” readonly/>

					<button class="copy-embed copy-embed-15702" title="Copy Embed Code" aria-label="Copy Embed Code"></button>
				

			

				

Hello again! We are back with the third edition of the month, and this time, we have got some super juicy details. We are sure you must be eager to learn about the latest cybersecurity events going on across the globe. The highlight of the week is a group of hackers who are forcing Chrome users to hand over their Google passwords. Next is the news about a Cambodian businessman who has been sanctioned by the US Treasury Department. Lastly, we will conclude today’s edition by discussing a group of threat actors who are trying to bring a bad reputation to the US election infrastructure.

Let’s get started!

Hey, Chrome users! Your Google password may be at risk

A group of hackers has recently started targeting Chrome users. They have devised a new hack that compels Chrome users to hand over their Google passwords. The hackers do so by locking the users in ‘Kiosk mode.’

The threat actors use a type of malware called StealC to prevent Chrome users from exiting the full screen. They do so by disabling two main keys- F11 and Esc. Now Chrome users, when stuck on a fake Google page, can be tricked into typing in their Google account credentials.

The ultimate goal of this attack is to access the Google passwords of these victims. Next, the threat actors can then leverage the passwords for different malicious activities such as unauthorized access to financial and personal data, identity theft and so on.

Experts recommend Chrome users stay vigilant while using the internet. If you are unable to close the browser window, do not panic. Also, avoid entering your personal details even if prompted to do so. Keeping yourself educated about ongoing cybersecurity scams and having a robust cybersecurity mechanism in place helps greatly. Also, using two-factor authentication and keeping your **software regularly updated can prevent such cyberattacks in the future.

To **protect your domain from phishing attacks similar to the Chrome password scam, ensure your email security by implementing SPF, DKIM, and DMARC to verify email authenticity and prevent unauthorized access.

Cambodian business tycoon sanctioned for cyber trafficking

A business tycoon based in Cambodia has been sanctioned by the **US Treasury Department for running a forced labor trafficking scheme. The businessman allegedly lured helpless workers and pretended to help them with respectable jobs. He also targeted those unfortunate ones who had been illegally trafficked to Cambodia from nearby countries.

The moment these workers got recruited, the tycoon and his team confiscated their **documents and forced them to indulge in illegal cyber fraud and scams.

The Cambodian tycoon threatened, exploited, and used other forms of human rights abuse to compel and control the workers . There are reports of the victims being tortured with electric shocks and manhandled. Two victims had allegedly jumped to death from **O-Smach Resort as well.

The ultimate goal of the sanction is to disrupt the illegal operations going around and **create a sense of awareness against cyber labor trafficking. At present, cyber labor trafficking is gradually developing into a global problem that is closely associated with human exploitation and organized crime.

With these sanctions, the US is trying to combat issues like cybercrimes and human trafficking. Also, the nature of such crimes hints towards the staggering risk of **eventual overlapping of technology and exploitation. The ultimate effectiveness of these sanctions heavily depends on the cooperation of other nations.

Threat actors are trying to create panic and confusion by spreading rumors about US election infrastructure

At present, threat actors are trying to spread rumors and create chaos among voters by targeting US election infrastructure. CISA (Cybersecurity and Infrastructure Security Agency) and FBI, on the other hand, are working together to spread awareness among voters against the misinformation.

As per the agencies, the ultimate goal of the miscreants is to influence **public opinion and impact people’s trust in US democracy. The threat actors managed to access voter registration data and deliberately used the same to spread false rumors about weakening election infrastructure.

The agencies have assured the public that accessing voter registration details in no way indicates a compromise to the election ecosystem. They also clarified that voter registration data can also be accessed publicly. Both the authorities have no information regarding any kind of cyberattack on US election infrastructure. There have been no instances of alterations in the voter registration information. Also, no eligible voter has been prevented from casting their vote.

Authorities have advised voters not to believe the misinformation.

In a sensitive time like this, people are requested to stay cyber-educated and follow election guidelines and protocols in order to avoid any unnecessary instance of chaos and confusion. The top-tier agencies like the FBI and CISA have also been trying to nab the miscreants who are behind this major attack on US democracy.