Scam of the day – September 19, 2014 – FBI says every sector of government has been hacked

September 18, 2014 Posted by Steven Weisman, Esq.

Testifying before Congress recently, Robert Anderson, the executive assistant director of the FBI’s Criminal, Cyber Response and Services branch said that every sector of the federal government has been hacked and those agencies that believe they have not been hacked have merely not yet discovered that they had been hacked.  The hacking and data stealing from government agencies and private companies as exemplified by the Target data breach of last year present a major threat to the United States.  The hacking is done, Anderson testified, by four unrelated groups who he described as “spies, transnational organized criminals, terrorists and hacktivist groups.” Corporate espionage by which companies both domestic and foreign steal business secrets is a major problem as well.  An example of this is found in the recent indictments of Chinese hackers for stealing American companies business secrets.  Anderson further testified that “The bottom line is, we’re losing a lot of data, money and innovation.”  That is the bad news.

TIPS

The good news is that the government is making a concerted effort to combat this threat.  Anderson told Congress that the government is “engaging in an unprecedented level of collaboration” with businesses and international law organizations to fight this threat.  In July the Senate Intelligence Committee voted 12-3 to approve the “Cybersecurity Information Sharing Act” which would permit the government, technology and manufacturing companies to better share information in an effort to protect both companies and the government from cyberattacks.  Some privacy advocates have been critical of the proposal, but with proper safeguards, this bill should be passed to enhance the ability to fight hackers.

Scam of the day – September 17, 2014 – JP Morgan data breach update

September 17, 2014 Posted by Steven Weisman, Esq.

In August I first told you about the hacking of banking giant J.P. Morgan and as many as four other banks.   Investigators believe the hacking was the work of sophisticated hackers from Eastern Europe.  Some are theorizing that the hacking was sponsored by the Russian government.  Much sensitive data was compromised and stolen as a result of the hacking although to date none of the million customer accounts compromised have suffered any loss or fraudulent activity.  Investigators are now saying that the breach was limited to names, addresses and phone numbers.  The initial investigation appears to be focusing on the exploitation of computer programs used by a J.P. Morgan employee to work from a remote location.  This type of exploitation of remote desktop software such as Microsoft’s Remote Desktop, Apple’s Remote Desktop, Chrome’s Remote Desktop, Splashtop, Pulseway and LogMein that enable the convenience of logging into a company’s computers from an off site location has proven to be a major security flaw that has been continually exploited in company after company for quite a while going back to Target’s hacking last year to the recent UPS hacking.  I have warned people about this flaw for sometime and the FBI has warned American businesses to watch for this.

TIPS

Banks are a frequent target of cyberattacks and American banks have generally done a good job in recent years in protecting data, however, as this latest hacking shows, more needs to be done, particularly in regard to the particular type of malware used in this attack which may be or be similar to the “Backoff” malware I have been warning about.  As for we as consumers, there is little we can do other than to carefully monitor all of our accounts, only use credit cards rather than debit cards for retail purchases and limit the amount of personal information you provide to any company or governmental agency with which you do business.  This will not be the last major hacking exploiting this flaw to occur.

Scam of the day – September 16, 2014 – Latest security updates from the Department of Homeland Security

September 15, 2014 Posted by Steven Weisman, Esq.

Constant updating of the software we all use with the latest security patches and updates is a critical part of avoiding scams and identity theft threats.  Whenever new security updates and patches are issued, we provide access to these so that you can update your software to provide better security on your computers, smartphones, laptops and other electronic devices.  Updating your software with the latest security patches and updates as soon as possible is important because identity thieves and scammers are always finding and exploiting vulnerabilities in the software that we all use.  Delay in updating your software could lead to disastrous results.  However, it is also important to be sure that you are downloading legitimate patches and updates rather than being tricked by an identity thief or scammer into downloading malware under the guise of downloading a security patch or update.  That is why we provide links to the necessary patches and updates as provided by the Department of Homeland Security and the companies directly.  Today’s updates include important security patches for Adobe software including the Adobe Flash Player, Google Chrome and Internet Explorer.

TIPS

Here are the links to the latest security updates as issued by the Department of Homeland Security: https://www.us-cert.gov/ncas/bulletins/SB14-258

Scam of the day – September 15, 2014 – ISIS cyberthreat

September 14, 2014 Posted by Steven Weisman, Esq.

Recently on the anniversary of the September 11th attacks on America, former Vice Chairman of the 9/11 Commission, Lee Hamilton commented that while the terrorist group ISIS represents a serious threat to the security of the United States, a greater threat may be posed by a cyber attack on the United States through hacking of our infrastructure including government agencies, banks, transportation systems and energy companies.  The unfortunate truth, however is that ISIS already is looking to expand its attacks against America to cyberspace.   ISIS is well funded and has already proven adept at using social media as a recruiting tool and posting professionally produced videos on YouTube.  British hacker Abu Hussain Al Britani, also known as Junaid Hussein is an ISIS member who is, according to intelligence sources, attempting to recruit hackers into ISIS  Al Britani was jailed in 2012 for hacking into the personal email account of former British Prime Minister, Tony Blair.

TIPS

The development of cyber-warfare capabilities by ISIS is not to be taken lightly and hopefully, the United States as well as Britain and other countries joining in the battle against ISIS are actively working as a part of their anti-ISIS strategy to degrade their cyber capabilities as well as their military capabilities.  Interestingly, there already are groups already taking cyber action against ISIS.  Among these groups are the international secret group of hackers known as Anonymous as well as the Syrian Electronic Army, a group which has, itself, hacked American institutions such as the New York Times.  However, the Syrian Electronic Army supports the regime of Syrian president Bashar al-Assad, which is an enemy of ISIS and so for once, the United States and the Syrian Electronic Army have a common enemy.

Scam of the day – September 14, 2014 – Gmail passwords being sold on the blackmarket

September 13, 2014 Posted by Steven Weisman, Esq.

Reports have surfaced that hackers have made available approximately five million Gmail passwords along with associated Gmail addresses on black market websites used by identity thieves.  This may be related to the recent disclosure of the greatest data theft in history which I reported to you about on August 7th in which a Russian gang stole 1.2 billion user names and passwords along with 500 million email addresses.  If you are a user of Gmail, this news can appear to be extremely threatening, but the truth is not quite so bad.  In fact, the passwords in many instances have turned out to be passwords for other accounts of the Gmail account holders and that these passwords were obtained, not from hacking Gmail, but by hacking other accounts.  As a result of their investigation, Google has determined that less than 2% were working Gmail passwords.  Google has already acted to secure those affected accounts and contacting those people affected and advised them to change their passwords.  In response to this situation, Google has set up a new service called Account Checkup by which you can check to see if someone has logged on to your account.

TIPS

The good news is that if you have a Gmail account, it is unlikely that your Gmail password has been compromised, however the bad news is that some other password of yours has been compromised and you are in danger of identity theft.  The important thing for everyone is to have separate complex passwords for all of your accounts and to change them on a regular basis, such as every six months.  For more information about how to create complex, but easy to remember passwords, I suggest that you pick up a copy of my new book, “Identity Theft Alert.”  On the right side of this page is a link to the book on Amazon.  Where possible, you should also consider two-factor authentication for additional protection.

Scam of the day – September 13, 2014 – Iggy Azalea sex tape

September 13, 2014 Posted by Steven Weisman, Esq.

Iggy Azalea, the popular, young Australian rapper is at the center of a controversy regarding the existence or non-existence of a sex tape.  Steven Hirsch of the adult film company Vivid Entertainment which has released numerous other celebrity sex tapes says that he has obtained such a video, while Azalea now admits that the video may indeed be legitimate after initially denying that it was genuine.  Meanwhile, to no one’s surprise supposed leaks of the tape are purportedly turning up on the Internet where the curious can put themselves in serious risk of identity theft by clicking on links in emails, text messages or social media postings promising to take you to the purported tape.  Other times, you may find yourself being prompted online to update your video capabilities on your computer or other electronic in order to view the video.  Again, this is just a ruse to lure you into downloading dangerous keystroke logging malware that will steal information from your computer and use it to turn you into a victim of identity theft.

TIPS

Without even getting into the question of the morality and ethics of looking for material such as this or the stolen videos of Jennifer Lawrence, Kate Upton and other celebrities, the truth is that you cannot trust any text message, email, social media posting that promises you such tantalizing material.  The chances are just too great that by clicking on any of these links or downloading attachments you will be downloading malware that will be used to steal your identity.  As for websites that turn up on Google and other search engines promising to provide you with these videos, scammers are adept at manipulating the algorithms used by search engines to rank websites so that although you may think you are looking at a legitimate website, you are not.  It is also important to remember that even if you have kept your anti-malware and anti-virus software up to date, that is of little consolation since these security software programs are always at least a month behind the latest malware and viruses.  If you need to satisfy your curiosity for gossipy material, stick to legitimate websites such as www.tmz.com.

Scam of the day – September 12, 2014 – Latest Home Depot developments

September 12, 2014 Posted by Steven Weisman, Esq.

The Home Depot hacking, which could well end up to be the largest commercial data breach in history continues to evolve.  The latest developments involve those people who unwisely used their debit cards for making purchases at Home Depot stores.  Although Home Depot attempted to comfort those people who used debit cards at their stores by telling them that no PINs were among the data stolen, banks are already reporting a large increase in fraudulent ATM withdrawals using those compromised debit cards.  So how could this happen?  Unfortunately, armed with the debit card number, the full name of the card holder, the city, state and zip code where the card was used, enterprising identity thieves are able to gain access to the Social Security numbers and birth dates of those customers.  They are then able to call automated systems at the banks issuing the cards and change the PIN.  Most of these systems will allow the caller to be able to change PINs if the caller passes three of five security checks including the customer’s date of birth and the last four digits of the customer’s Social Security number and the card’s expiration date.  These can be obtained by identity thieves and we are now seeing hundreds of thousands of dollars already emptied from the bank accounts of people who used their debit cards to shop at Home Depot.  This same problem occurred following the Target data breach last Fall.

TIPS

First and foremost, DO NOT USE DEBIT CARDS FOR RETAIL PURCHASES.  I can’t say this too often or too loudly.  The risk to your financial well being is just too great, particularly with more and more retailers being hit with the same data breaches that have happened at Target, Home Depot and many other stores.  This will continue to happen as cyber security experts still have not come up with a viable solution to the threat posed by the hackers behind these data breaches.  When making purchases, use your credit card where the risk is only one of inconvenience in having to get a new card if your card is part of a data breach.  Meanwhile banks have got to recognize that their present system of allowing people to change PINs by phone with information easily obtained by identity thieves is not effective and the system must change.

Scam of the day – September 11, 2014 – Important Home Depot update

September 11, 2014 Posted by Steven Weisman, Esq.

Home Depot has not confirmed what we knew all along, namely that they had been hit by a massive data breach that may involve as many as sixty million Home Depot customers going back to April 1, 2014.  The hacking of Home Depot followed the same pattern that we first saw in the hacking of Target last year, which was the first in what is already a long line of data breaches including, but not limited to Neiman Marcus, P.F. Chang’s, Goodwill and U.P.S.  As usual, due to the effectiveness of the malware used by what is probably the same Eastern European hackers, it was not Home Depot that first discovered the data breach, but rather banks monitoring credit card usage that were able to find a common denominator in fraudulent use of credit cards and trace it back to Home Depot.  The hackers who accomplished the Home Depot data breach are now selling the stolen credit and debit card information on black market websites in large batches.  Interestingly, along with the credit card numbers and debit card numbers, the hackers also are selling the state and zip code for the particular cards.  This enables the hackers to defeat some fraud detection programs that pick up charges made from areas far from the home of the card holder.   The identity thieves buying the card information can either buy card information for cards in their area and use them there or use them online.

Home Depot has announced that it is providing a year’s free credit monitoring through All Clear ID.  The offer is being made to Home Depot customers who used their credit or debit cards at Home Depot between April 1, 2014 and September 9, 2014.  If you wish to enroll, you can either go to Home Depot’s website www.HomeDepot.com or All Clear ID’s special website www.homedepot.allclearid.com.   It is very important to note that many people will be receiving emails, texts and phone messages purporting to be from Home Depot providing links to supposedly help you apply for the credit monitoring.  Many people will also be called on the phone and asked  by purported representatives of Home Depot for personal information including credit card information in order to enroll in the credit monitoring program.   These emails and text messages are scams designed to get you to download keystroke logging malware that will steal all of your information from your computer to make you a victim of identity theft while the calls are from scammers seeking to have you provide them the information they need to make you a victim of identity theft.

TIPS

Don’t click on links in emails or text messages promising to help you enroll in the free credit monitoring program.  You can’t be sure that the emails or text messages are legitimate.  Don’t provide personal information including credit card information over the phone to anyone you have not called unless you are absolutely sure that they are legitimate.  Instead go directly to the Home Depot website, www.homedepot.com or All Clear ID’s special website for Home Depot hacking victims, www.homedepot.allclearid.com where you can sign up for the credit monitoring service.  The malware used by the Home Depot hackers is still being used against many other companies and we can expect more and more data breaches in the future.  To protect yourself, do not use your debit card for purchases.  Use a credit card  for purchases and monitor your card usage regularly for indications of fraud.

Scam of the day – September 10, 2014 – Latest software security updates from the Department of Homeland Security

September 10, 2014 Posted by Steven Weisman, Esq.

Constant updating of the software we all use with the latest security patches and updates is a critical part of avoiding scams and identity theft threats.  Whenever new security updates and patches are issued, we provide access to these so that you can update your software to provide better security on your computers, smartphones, laptops and other electronic devices.  Updating your software with the latest security patches and updates as soon as possible is important because identity thieves and scammers are always finding and exploiting vulnerabilities in the software that we all use.  Delay in updating your software could lead to disastrous results.  However, it is also important to be sure that you are downloading legitimate patches and updates rather than being tricked by an identity thief or scammer into downloading malware under the guise of downloading a security patch or update.  That is why we provide links to the necessary patches and updates as provided by the Department of Homeland Security and the companies directly.  Today’s updates include important security patches for Windows and Internet Explorer.

TIPS

Here are the links to the latest security updates as issued by the Department of Homeland Security: https://www.us-cert.gov/ncas/current-activity/2014/09/09/Microsoft-Releases-September-2014-Security-Bulletin

Scam of the day – September 9, 2014 – Nigerian gangs use Craigslist for scams

September 9, 2014 Posted by Steven Weisman, Esq.

In a paper to be presented later this month at the IEEE eCrime Research Summit in Birmingham, Alabama researchers Damon McCoy and Jackie Jones of George Mason University will disclose how they uncovered a group of five Nigerian gangs, who with the cooperation of accomplices in the United States re using Craigslist advertisements to scam people selling goods on Craigslist.  The method used by these gangs is one that I have warned you about many times in the past.  It starts when the scammers answer a legitimate advertisement and then send what appears to be a certified check in excess of the amount owed for the purchase.  The scammer then asks that the goods be sent to an address in the United States and the money from the certified check in excess of the purchase price be wired by Western Union to a person designated by the scammer in the United States.  Of course, the check is a forgery, albeit an often excellent forgery.  Sometimes the victims think they are being prudent by waiting a few days for the funds to be deemed available by their bank without realizing that they are only receiving provisional credit for the funds represented by the check and that once the check bounces and determined to be a forgery, the amount of the check is removed from the victim’s account who now has lost not just the money wired to the scammer, but also the goods that they have already shipped.

TIPS

Craiglist can work well if you take proper precautions.  The primary rule if you are a seller is to never accept any payment other than cash in a face to face meeting at which the item is exchanged for the cash.  Phony certified checks in excess of the purchase amount is a common scam, however, you should never accept any check.  Banks will appear to clear a check after a few days and it will look like the funds have been deposited into your account, but you have only received temporary, provisional credit which, once the check proves to be counterfeit will be removed from your account.