U-HACKED: NEW U-HAUL SCAM: A cybercriminal gang known as “Com” is using hacked U-Haul employee accounts to access customer data for hacking and doxing, according to a report by 404 Media. The gang, which operates through platforms like Telegram and Discord, has been linked to crimes such as burglary, home invasion, and data theft.
By compromising U-Haul employee login credentials, gang members gain access to sensitive customer information, which they use for social engineering schemes to hack more valuable accounts, like social media or internet service provider accounts. The group obtains these credentials through phishing tools like “Suite,” which targets corporate login pages.
U-Haul has unfortunately suffered several data breaches in recent years, including a 2022 hack that exposed the personal information of 67,000 customers. Despite repeated security incidents, the company has not responded to requests for comment from 404 Media.
Com’s methods reflect a growing trend of cyber-criminals collaborating with real-world criminals. Reports show that digital hackers are increasingly partnering with home invaders to physically threaten victims and steal cryptocurrency wallets, further blending online crime with real-world attacks.
Experts warn that these cyber-physical partnerships are dangerous, as criminals can leverage stolen personal information to escalate attacks from digital theft to physical threats. The U-Haul breaches are part of a larger pattern of vulnerabilities that criminals continue to exploit.
Individuals are urged to be cautious with their personal data and aware of phishing tactics that target corporate employees, as these attacks are becoming increasingly sophisticated and impactful. Read more on how to protect yourself here.
Story courtesy of Gizmodo.