Chinese-Speaking Cybercrime Group Hijacks IIS Servers for SEO Fraud
Cisco Talos has identified a Chinese-speaking cybercrime group that targets high-value Internet Information Services (IIS) for SEO fraud
Stay informed on the latest in information security with updates on fraud prevention, detection techniques, and cyber fraud trends.
Search across headline titles and summaries.
Background for this topic.
Fraud is intentional deception used to obtain money, access, information, or another unfair benefit. In information security, the term commonly covers digitally enabled schemes such as phishing, account takeover, payment fraud, business email compromise, and misuse of stolen identities or credentials. The defining feature is deceptive use of systems, accounts, or data—not merely a technical failure.
Security teams should treat fraud as both an identity and transaction-risk problem. Relevant controls include phishing-resistant authentication, least-privilege access, payment and account-change verification, and monitoring for unusual login or transaction patterns. Personal and financial data require appropriate privacy protections because exposed data can support impersonation even when passwords are not compromised. Investigation must preserve authentication, email, endpoint, and transaction records so organizations can contain unauthorized access, reverse or block fraudulent activity where possible, notify affected parties, and improve controls based on the attack path.
Cisco Talos has identified a Chinese-speaking cybercrime group that targets high-value Internet Information Services (IIS) for SEO fraud
The NCA warns that house buyers could face losses of over £80,000 from a type of BEC called payment diversion fraud