Scam of the day – May 17, 2017 – Pirates held for ransom

Although the headline may seem a little odd, what it is referring to is another data breach at a major Hollywood movie studio, in this case Disney, where the latest sequel in the successful Pirates of the Caribbean movie series has apparently been stolen through a data breach and the hacker is demanding a ransom which Disney is refusing to pay.  If the ransom is not paid, the hacker has indicated he will release the movie online in advance of the Theatrical release date of May 26th.

This latest incident comes on the heels of the hacker known as thedarkoverlord,  posting nine episodes of the popular Netflix original series, “Orange is the New Black on a publicly available file a few weeks ago as I reported to you on Scamicide at the time.  This type of extortion can only be expected to grow as hackers attack the weakest links in movie and television program development.

TIPS

If the movie is posted online I strongly urge you not to download it.  In addition to the morality and ethics of not participating and encouraging this type of crime, you also run the risk of downloading various types of malware including ransomware and keystroke logging malware that can lead to your becoming a victim of identity theft if you go to these rogue websites.

Scam of the day – May 16, 2017 – Louisiana churches targeted by scammers

I have long been warning you about the Business Email Compromise scam which is costing unwary companies including Amazon and Facebook a billion dollars in just the last year according to the U.S. Secret Service.  At its essence the scam  most often involves a business receiving an email that appears to come from a corporate officer or someone with which the company does business requesting a payment be wired for an apparent legitimate bill or purpose.  Now the threat is spreading to churches. Louisiana’s Bossier Financial Crimes Task Force is warning churches that the scam has been used to victimize local churches that have received what appear to be emails from their pastors asking them to wire money to accounts and people named in the emails.  In these particular instances in Louisiana, the emails come from email addresses that appear at first glance to be that of the pastors, but a closer inspection will disclose that it is coming from a different email provider than the pastor uses.

TIPS

The Business Email Compromise scam is being used effectively against businesses, but as indicated by the attacks on the Louisiana churches, its use is spreading to churches and can be expected to spread further to being used to target other organizations and even individuals.  The key to protecting yourself, your company or your organization from this scam is to first be skeptical whenever you get a request to wire money because once money has been wired, it is gone forever which is why it is a favorite method of payment for scammers.  The second thing that we all should do is to confirm the legitimacy of any payment request before making payments of any kind.

Scam of the day – May 15, 2017 – Macs being hit with malware attacks

What’s up Doc? More precisely, it should be What’s up Dok for our purposes because Dok is the name of what has been described by security company CheckPoint as the first “major scale” malware specifically targeting all versions of the macOS that when downloaded on to your computer can enable the hacker to take control of your system.

Dok is delivered, as so many strains of malware are, as a zip file attached to a phishing email that you are lured into downloading.

While the Windows operating system is still the prime target of malware creating hackers, attacks on Macs are dramatically increasing.   According to a report by McAfee Labs, attacks targeting Macs increased last year by 744%.  Where formerly, Mac users could feel safer than Windows users as to their susceptibility to malware attacks, Mac users can no longer afford to be complacent in regard to their computer security.

TIPS

The single best thing you can do to protect yourself from these types of malware attacks is to follow the rule of never clicking on links or downloading attachments from anyone until you have confirmed that they are legitimate.

Scam of the day – May 14, 2017 – Important security updates

Constant updating of the software we all use with the latest security patches and updates is a critical part of avoiding scams and identity theft threats. as we have seen with the massive ransomware attack of Friday. Whenever new security updates and patches are issued, we provide access to these so that you can update your software to provide better security on your computers, smartphones, laptops and other electronic devices.  Updating your software with the latest security patches and updates as soon as possible is important because identity thieves and scammers are always finding and exploiting vulnerabilities in the software that we all use.  Delay in updating your software could lead to disastrous results.  However, it is also important to be sure that you are downloading legitimate patches and updates rather than being tricked by an identity thief or scammer into downloading malware under the guise of downloading a security patch or update.  This has been a particular busy week for security updates including updates for Microsoft, Mozilla, Google Chrome and, of course, Adobe Flash.

TIPS

Here are links to these important security patches.

https://technet.microsoft.com/en-us/library/security/4022344.aspx

https://www.us-cert.gov/ncas/current-activity/2017/05/05/Mozilla-Releases-Security-Updates

https://chromereleases.googleblog.com/2017/05/stable-channel-update-for-desktop.html

https://www.us-cert.gov/ncas/current-activity/2017/05/09/Adobe-Releases-Security-Updates

As I have indicated previously many times, it may well be time for you to consider replacing Adobe Flash to avoid future problems with this useful, but outdated and vulnerable software.

Some alternative plugins you may wish to consider to replace Adobe Flash include  GNU Gnash, and Silverlight.  Silverlight can be downloaded free directly from the Microsoft at this link: https://www.microsoft.com/silverlight/

while GNU Gnash can be downloaded free at this link: http://www.gnu.org/software/gnash/

 

May 13, 2017 – Urgent update about massive ransomware attack

Yesterday a massive ransomware attack targeted computers in seventy-four countries including the United States, the United Kingdom, Russia, China, Spain, France and India.   The strain of ransomware used is called WannaCrypt and it was developed to take advantage of a Microsoft Windows Operating System flaw called EternalBlue which was made public by hackers of the National Security Agency.   This ransomware is available in 28 languages.

This is a problem that should not have happened for many reasons.  The particular Microsoft vulnerability that this ransomware exploits has been patched, but some companies, government agencies and individuals had not yet installed the patches when they had become available recently.  In addition, many of the affected computers were using outdated Windows operating systems, such as Windows XP which are no longer regularly updated with new security patches.  These older unsupported systems should not be used by anyone.  Microsoft has taken the unprecedented step of providing security patches for these unsupported systems now in addition to its already issued security updates for presently supported Microsoft programs.  Here is a link to an important memo from Microsoft with links to free security updates if you are still using one of those older operating systems.

Customer Guidance for WannaCrypt attacks

TIPS

This ransomware attack was primarily launched using phishing emails to lure unsuspecting people into clicking on links or downloading attachments tainted with the Wannacrypt ransomware.  As I am constantly reminding you, never click on links or download attachments until you have confirmed that they are legitimate.

You also should update all of your electronic devices with the latest security updates and patches as soon as they become available, preferably automatically.

As for protecting yourself specifically from ransomware, you should back up all of your data in at least two different platforms, such as in the Cloud and on a portable hard drive. Companies and agencies which can afford to do this, should also use Whitelisting software which prevents the installation of any unauthorized computer software programs.

Unfortunately, this is not going to be the last time that you learn about this type of story.

Scam of the day – May 13, 2017 – Air Force invites white hat hackers

Beginning May 15th white hat hackers can enroll in the “Hack the Air Force” event sponsored by the U.S. Air Force, which will be managed by HackerOne which operates numerous white hat hacking programs for many major companies and the United States government.  White hat hackers from the United States, the UK, Canada, Australia and New Zealand are eligible to participate in this program under which the Air Force will pay a bounty for vulnerabilities identified.  In a previous “Hack the Pentagon” program $75,000 in prizes was paid out to successful white hat hackers.

For many companies and government agencies, bug bounty programs such as this are a valuable way to obtain critical information necessary to increase their computer security.

TIPS

If you are interested in registering for the “Hack the Air Force” program, you can register by going to the website of HackerOne at this link after May 15th  https://www.hackerone.com/resources/hack-learn-earn

The actual competition will start on May 30th.

Scam of the day – May 12, 2017 – Mother’s Day scams

Every day is Scam Day and Mother’s Day is no exception.  Although for many of us, Mother’s Day is an opportunity to show our mothers how much we love and appreciate them, for scam artists, the only criminals we refer to as artists, it is yet another opportunity to scam people.  One common Mother’s Day scam involves an email that you get offering Mother’s Day gifts such as flowers, jewelry, shoes or clothing at tremendously discounted prices.  All you need to do is to click on a link to order online.  The problem is that many of these offers are indeed scams.  If you click on the link, one of two things can happen and both are bad.  Sometimes the link will take you to an order form where you provide your credit card information, but never get anything in return.  Instead your credit card information is used to make you a victim of identity theft.  Even worse is the other possibility which is by clicking on the link, you will unwittingly download a keystroke logging malware program that will steal all of the personal information stored on your computer and use that information to make you a victim of identity theft.

Also, be careful when making online purchases.  Merely because a website offering great prices may be highly listed on Google or other search engines does not mean that it is legitimate.  All it means is that the scammers know how to manipulate the positioning of their website in a Google search.  Check out any company with which you may not be familiar with the Better Business Bureau or even Google the company’s name with the word “scam” added to the search and see what you come up with.  Even if you are dealing with a legitimate online company, make sure that your communications are encrypted when you are sending personal information or credit card information.  The easy way to do this is to look to see if the beginning of the web address of the company changes when you go to the page to input this information from “http” to “https” indicating that your data is being encrypted.  And of course, don’t use your debit card for retail purchases either online or in a brick and mortar store because you have less protection from fraud with a debit card than a credit card.

Finally, another Mother’s Day involves e-cards which are great, particularly for those of us who forget to get a Mother’s Day card until the last minute.  However, identity thieves will send emails purporting to contain a link to an electronic Mother’s Day card, but instead download that dangerous keystroke logging malware that I described above.

TIPS

It is always dangerous to buy anything online from any store or company with which you are not familiar.  Check out the company with the Better Business Bureau, your state’s Attorney General, the Federal Trade Commission or just do a Google search to see if the company is legitimate.  Even then you are better off going directly to the company rather than dealing with a company through an email that may just be a forgery of an email from a legitimate company.  As always, if  the offer you receive sounds too good to be true, it usually is.  As for e-cards, never open an e card unless it specifically indicates who sent the card.  Phony e cards will not indicate the name of the sender.

Scam of the day – May 11, 2017 – Bed Bath and Beyond coupon scam

Bed Bath and Beyond is the latest company to be used as a lure by scammers through phony coupons appearing on your Facebook page.  The Coupon, reproduced below promises a $75 dollar discount for Mother’s Day, but don’t click on it.  If you click on it, your are prompted to provide information to a survey in order to receive your coupon, but there is no coupon and the information you provide may be used to make you a victim of identity theft.

Bed Bath & Beyond warns customers about Mother’s Day coupon scam

TIPS

No company could cover the cost of giving away vast numbers of $75 coupons although sometimes participants in legitimate surveys are promised a chance to win a coupon in a drawing.  Facebook is a favorite venue for scammers to use for this type of scam because often unwary victims will unwittingly share the scam with their friends.  If you have doubts about the legitimacy of a coupon, the best place to go is to the company’s website to see what real coupons are being offered.  For Bed Bath and Beyond you can also call their customer service number of 1-800- GO-BEYOND to confirm the legitimacy of any their coupons.

Scam of the day – May 10, 2017 – Hacker pleads guilty to 6.5 million dollar scam

Obinna Obioha, a Nigerian citizen has recently pleaded guilty in federal court to hacking into the computers of American businesses around the country and stealing information that enabled him to scam the companies out of an estimated 6.5 million dollars.

While in Nigeria, Obioha used phishing emails to hack into the computers of companies around the world including the United States.  Through his monitoring of the email accounts of employees of the targeted companies, Obioha was able to recognize when commercial transactions were about to occur, at which time he would then send an email to the company from an email address just slightly different from that of a company with which his targeted company did business.  Posing as a regular business partner of his targeted company, the phony email would be used to send a phony invoice and instructions to wire the payment funds to bank accounts controlled by Obioha and his cohorts.  Obioha admitted successfully perpetrating this scam at least fifty times between January and September of 2016.  Obioha was arrested after flying to New York from Nigeria in October of 2016 and has been in custody since then.  He is now awaiting sentencing.

TIPS

Companies large and small are increasingly falling for this scam.  In order to avoid this scam, companies should be particularly wary of requests for wire transfers made by email. Wire transfers are the preferred method of payment of scammers because of the impossibility of getting the money back once it has been sent.  Verification protocols for wire transfers and other bill payments should be instituted including, dual factor authentication when appropriate.  Companies should also consider the amount of information that is available about them and their employees that can be used by scammers to perpetrate this crime.  They also should have strict rules regarding company information included on employee social media accounts that can be exploited for “spear phishing” emails which play a large part in this scam. Finally, employees should be specifically educated about this scam in order to be on the lookout for it.

Scam of the day – May 9, 2017 – Is there a link between autism spectrum traits and cybercriminals?

For quite a while it has been suspected that there is a link between people with Asperger’s syndrome and others Autism spectrum disorders and cybercrime.  This was highlighted by the arrest of British citizen Lori Love who is charged with having hacked the Federal Reserve, the US Army, the Department of Defense, NASA and the FBI.  Love’s extradition to the United States to face charges related to these cybercrimes was approved by a British court and is presently on appeal in Britain.

While law enforcement have long believed there was a connection between cybercrime and Autism, there has been no scientific research in this area until now.  The University of Bath’s Centre for Applied Autism, the cybercrime unit of Britain’s National Crime Agency and the charity Research Autism have begun a joint study to determine whether there is a connection between autism and cybercrime.

TIPS

The researchers hope to come up with a better understanding of the motivations and characteristics of cybercriminals in general in order to use this information to identify people at risk of becoming cybercriminals to enable law enforcement and social agencies to act to prevent people, particularly vulnerable people on the Autism spectrum from becoming cybercriminals.  Anecdotal evidence has tended to indicate that individuals with Asperger’s syndrome have been exploited for cybercrime purposes by criminals recognizing their computer skills that could be funneled into hacking and other computer crimes.