Chinese criminal software 'Darcula' tricking consumers
10 months ago
- #online-scams
- #phishing
- #cybersecurity
- Peter Davis was scammed via a fake Crust Pizza website, losing $570.93 to a company called Soax Ltd London.
- ANZ initially refused to refund the money as the transaction was authenticated via 'Verified by Visa' and approved through the ANZ Plus app.
- Davis later successfully disputed the charge by claiming 'payment made, but goods not received' and was refunded by Soax Ltd.
- Google listed the scam website as a top search result but denied any association with ads for the domain.
- Scammers used 'Darcula V3', a Chinese phishing-as-a-service tool, to clone legitimate websites and evade detection.
- Darcula uses generative AI to mimic real websites and targets services like postal, banking, couriers, and telcos globally.
- Phishing attacks via RCS and iMessage bypass SMS firewalls, making them harder to block.
- Passkey protection is recommended as a secure authentication method to prevent fake website scams.