Scam of the day – August 16, 2017 – Hackers targeting hotel Wi-Fi

The security company Bitdefender has identified new tactics being used by a notorious hacking group known as DarkHotel to hack into the computers of hotel guests.  DarkHotel has been operating for about ten years now and until recently had been specifically targeting business travelers in order to gain access to their companies’ computers and the data contained therein. Recently , however, DarkHotel has expanded its targets to include political figures, as well.  DarkHotel has exploited vulnerabilities in hotel Wi-Fi to achieve its attacks.

A key element in the success of DarkHotel has been their successful use of spear phishing emails that have been used to lure unsuspecting victims into clicking on links and downloading malware.

TIPS

Whether you are a high profile business person, a politician or a regular citizen, spear phishing is one of the biggest threats to your security and well being.  Spear phishing emails or text messages are personally crafted emails or text messages that have been created using information about you, your job, your interests and other aspects of your life to lure you into clicking on a link and downloading malware.  Most of the major data breaches as well as personal data breaches have been initiated through phishing so the lesson is clear.  Trust me, you can’t trust anyone.  Never click on links in emails or text messages unless you have absolutely confirmed that they are legitimate.

Scam of the day – November 23, 2013 – Phony LinkedIn job postings

LinkedIn is a popular social media website used by business professionals to network with other professionals.  More than 225 million people around the world are members of LinkedIn.  LinkedIn is used by these people to get ideas, explore opportunities and even to list job postings.  Anything with 200 million members is attractive to scam artists so it is not surprising that scammers are constantly trying and often successful in posting phony job offers despite the best efforts of LinkedIn to recognize and take down these phony ads.  Bitdefender, which is a maker of anti-malware software recently exposed a phony job advertisement placed by a recruiter who used the name Annabella Erica.  Scammers had managed to infiltrate and put her profile into the legitimate LinkedIn group Global Jobs Network, which has 167,000 members.   Scammers put these phony ads on LinkedIn and other social media in order to gather personal information which is then exploited for purposes of identity theft.  Other times the phony ads will contain links that if clicked upon will automatically download keystroke logging malware which can steal all of the information from your computer and lead to your becoming a victim of identity theft.

TIPS

The best place to look for a helping hand is at the end of your own arm.  Although LinkedIn and other websites that carry job postings try to identify and either prevent or remove phony ads from appearing on their websites, you cannot depend on these companies to fully protect you.  Certainly a little skepticism helps when you see a job posting for a job that sounds too good to be true.  In that case you should fully investigate the company before providing any information and should never click on any links or download any attachments until you have done sufficient research to make sure that the job offering is legitimate.  In addition, you should make sure that you not only have a good Firewall, anti-virus and anti malware software installed on your electronic devices, but that you keep this security software up to date with the latest patches and updates to help insure your protection.