Posts Tagged: ‘botnet’

Scam of the day – August 26, 2014 – Sony PlayStation Network hacked

August 26, 2014 Posted by Steven Weisman, Esq.

Over the past weekend, Sony’s PlayStation Network was hacked and taken offline by a group of hackers identified as Lizard Squad.  The PlayStation Network is used by 53 million gamers around the world to play games with other people in a virtual environment.  The PlayStation Network was brought down by a simple, but still effective tactic called a distributed denial of service attack (DDOS) by which  hackers utilize a botnet to overwhelm and clog the network with artificially high traffic.  A botnet, as you may remember is brought about when hackers infiltrate the computers of unwary users and take over those computers, using them to send malware, spam or other harmful material.  Often the people whose computers are part of this botnet of what is often called zombie computers are not even aware that their computers are being used for these purposes.  In this case, all that Sony suffered was a minor embarrassment, however in 2011 the PlayStation Network was hacked and the personal information including credit card information of 77 million people was stolen.

TIPS

Although this particular hacking of Sony did not result in the personal information of any users of the Sony PlayStation Network being compromised, the security of Sony and the other online gaming network companies remains vulnerable.  It is for this reason that you should limit, as much as possible the personal information that you provide these companies to protect yourself in the event of a data breach.  Also, do not leave your credit card number on file with any company as a convenience.  Provide the number anew each time you use it online at any company so that it is not stored by the company and vulnerable to a data breach.  Also, as I constantly remind you, never use your debit card for any retail purchases.  Limit its use to ATMs.

Scam of the day – June 4, 2014 – Justice Department halts massive hacking scheme

June 4, 2014 Posted by Steven Weisman, Esq.

Earlier this week, the Department of Justice revealed that it had broken a massive hacking scheme and taken over the computer servers that spread two major types of malware about which I have warned you previously.   The two types of malware are GameOverZeus and Cryptolocker.  GameOverZeus steals banking information from victims’ computer which the hackers then used to empty their victims’ bank accounts.  Cryptolocker is a particularly insidious type of malware that when installed on the victim’s computer encrypts all of the data contained on the computer.  After the encryption was accomplished, the criminals then notified the victim that their data would be destroyed unless a ransom payment was made.  This type of malware, has, appropriately been deemed ransomware.  Law enforcement officials estimate that as much as 100 million dollars was stolen by the gang operating these malware programs through a botnet.  Members of the gang included Russians, Ukrainians and British criminals.  Through the joint efforts of the FBI and law enforcement agencies in ten other countries, the computer servers of the hackers were seized and the alleged ringleader of the group, Russian Evgeniy Bogachev was indicted.  American authorities are in contact with Russian authorities to have Bogachev extradited to the United States for trial.

TIPS

This story is important for many reasons.  Certainly is not only good to see law enforcement cracking criminal hacking crimes, but also seeing international cooperation in the law enforcement effort.  However, ultimately, law enforcement is not going to be able to prevent you from becoming a victim of hackers seeking to steal from you through the use of malware such as GameOverZeus and Cryptolocker.  Instead the burden of protecting you from these attacks falls on all of us individually.  In all cases, these malware programs ultimately found their way to their victims’ computers when the victims invited them in by clicking on tainted links in emails or downloaded tainted attachments from phishing emails.  The first line of defense is not to ever click on emails or download attachments unless you are absolutely sure that they are legitimate.  You should also make sure that you have constantly updated anti-virus software and anti-malware software on all of your electronic devices.

The United States Department of Homeland Security has  issued a warning about the GameOverZeus malware that contains links to a number of effective anti-malware programs that can help protect your computer and other electronic devices from infection and remove the infection if it occurs.  Here is a link to that warning which, in turn, contains a link to the anti-malware software programs: https://www.us-cert.gov/ncas/alerts/TA14-150A

Scam of the day – May 31, 2014 – AOL customer support scam

May 31, 2014 Posted by Steven Weisman, Esq.

Millions of people still use AOL and so scammers and identity thieves will often send out phishing emails that appear to come from AOL, such as the one reproduced below.  The logo and format of this particular email that is presently circulating is a good counterfeit, however, the repeated faulty grammar is a strong indication that this is a scam.  Like many similar scams, this one works by luring you into clicking on a link in the email in order to resolve an emergency.  However, if you click on the link, one of two things will happen.  You either will be prompted to provide information that will be used to make you a victim of identity theft or by clicking on the link you will unwittingly download a keystroke logging malware program that will steal all of the information from your computer and use it to make you a victim of identity theft.  This particular email appears to be signed by Bud Rosenthal, who actually is an AOL officer, however, the email address from which it is sent is that of a student at a university whose email has been hijacked and made a part of a botnet of zombie computers used to send out the scam emails.  Here is how the email appears.  DO NOT CLICK ON THE LINK:

 

 

AOL
Due to the recent signed in of your Account from an unknown location, you are advice toClick here to confirm the validity of your  AOL® Online Account.Thanks once again for choosing our service.

Bud Rosenthal
Bud Rosenthal, AOL Membership Group CEO

Privacy Policy | Customer Support
©2014 AOL, Inc. All Rights Reserved.

 TIPS

There are numerous reasons not to trust this email.  The email address from which it was sent has no relation to AOL.  It is not addressed to you personally.  It contains faulty grammar.  It is an obvious phishing email and its only purpose is to lure you into either providing personal information or downloading malware.  As I have warned you many times, never click on links or download attachments unless you are absolutely sure that the email is legitimate.  In this case, if you even had a slight thought that it might be legitimate, all you would have to do is to call the real AOL to learn that this was a phishing scam.

Scam of the day – March 14, 2014 – New Citibank email scam

March 14, 2014 Posted by Steven Weisman, Esq.

Today’s Scam of the day comes from my own email.  Citibank is a popular bank with more than 200 million customers throughout the world, therefore identity thieves can feel pretty confident that when they send out an email blast that many of the people receiving the email will, in fact, be Citibank customers.  This particular scam email follows a familiar pattern.   It presents what would be a reasonable reason for responding by clicking on the link; in this case it is to add security features to your account to help prevent the very types of identity theft that this scam is actually attempting to perpetrate.  It looks pretty official and the message doesn’t even have grammatical or spelling errors.  However it is a total scam.  If you click on the link in these types of scams one of two things will happen.  Either you will be sent to a phony but official looking website where you will be prompted to provide personal information that will end up being used to make you a victim of identity theft or merely by clicking on the link, you will download keystroke logging malware programs that will steal the information from your computer or other device and use that information to make you a victim of identity theft.  This identity theft tactic is called phishing.

Here is the email that I received.  DO NOT CLICK ON THE LINK.

“Dear Esteemed Customer,
We have added extra security to your Citi account to prevent identity   theft on your account.To secure your Citi account, click the link below:
http://cstr-grasses.erdi.or.th/Myaccount_Citibank_login
Note: You need to login using your email address and password to access   before you can access the secured Citi network.
Best regards,   Citi Customer Service”

TIPS

Regardless of how official an email or a text message may appear, you should never click on any links or download any attachments unless you are absolutely sure that it is legitimate.  In the case of this particular email, it was sent from an address that was not an email address of Citibank which was a sure indication that it was a scam.  Rather, it was sent from a computer address hacked into a botnet of compromised computers so that the identity thieves can send out phony emails that are difficult to trace back to the criminals.  However, even an email originating from a legitimate looking email address, can be merely a phony email.  In this particular case, if you have any thought that it might be legitimate, you should call or email Citibank at a telephone number or email address that you know is legitimate to confirm that it is a scam.  Also, make sure that you keep your anti-malware and anti-virus software up to date on all of your electronic devices.

 

Scam of the day – January 7, 2014 – Latest AOL scam

January 7, 2014 Posted by Steven Weisman, Esq.

Phishing scams often take the form of emails that you receive that appear to be legitimate and require you to click on a link contained in the email for various reasons which also may appear legitimate.  However, in the case of phishing emails, if you click on the link, you will only succeed in doing one of two things, both of which are bad.  In one type of email, you will be taken to another page where you will be prompted to provide personal information which will then be used to make you a victim of identity theft.  The second bad thing that can happen if you click on a link in a phishing email is that by clicking on the link, you will unwittingly download keystroke logging malware that can steal all of the information from your computer, laptop, smartphone, tablet or other device and use that information to make you a victim of identity theft.

Here is a phishing email that is presently being sent that purports to be from America Online (AOL), but it is not.  It is a phishing scam.  DO NOT CLICK ON THE LINK.

AOL HELP.

Your two incoming mails were placed on pending status due to the recent upgrade to our database,
In order to receive the messages Click here to login and wait for responds from Aol Team.
We apologies for any inconvenience and appreciate your understanding.
Regards, Aol Team.

TIPS

There are a couple of telltale signs that this is a scam.  People receiving this email do not have their name appear in the salutation and if you click on the details section of your email, you will see that the email did not come from AOL, but instead came from a botnet which is a network of zombie computers taken over by hackers to spread this type of material.  Check the archives of Scamicide or “50 Ways to Protect Your Identity in a Digital Age” for more information about botnets.

In any event, as I have told you many times, even if you think the email is legitimate, you should never click on a link in an email unless you are absolutely sure that it is, in fact, legitimate.  Because you can never be sure who is actually sending you an email, if you are an AOL subscriber who has the slightest thought that this email might be legitimate, call AOL at a customer service number that you know is accurate to confirm that it is merely a scam.

Scam of the day – June 16, 2013 – Ameriprise phishing scam

June 16, 2013 Posted by Steven Weisman, Esq.

Once again, I had to go no further than my own email box to find today’s “scam of the day.”  In my email today was an email that purported to be from Ameriprise, the online brokerage and financial planning company.  As you can see in the email which is reproduced below, I was invited to click on a link to receive a “secured message” about an important matter supposedly affecting my account.  This is a scam.   DO NOT CLICK ON THE LINKS IN THE EMAIL COPIED BELOW.   Phishing is the name for the scam in which you receive an email that appears to be legitimate and attempts to lure you to a tainted website or to download a tainted link.  The email is not from Ameriprise and if you click on the links you will either be taken to a phony Ameriprise website and prompted to provide personal information that will lead to your becoming a victim of identity theft or you will, when you click on the link, unknowingly download a keystroke logging malware program that will steal information from your computer and make you a victim of identity theft.  This particular email is not a very professional attempt, however, to scam me.  The email address from which it came is from a personal aol account and probably not the account of the identity thief, but an account that had been hijacked as a part of a botnet by the identity thief.  For more information about botnets and how they work, you can either check out my book “50 Ways to Protect Your Identity in a Digital Age” or go to the list of topics on the right side of the scamicide opening page and scroll down to the topic of botnets for some cursory information about how they work and how to avoid them.  In addition, the email salutation reads “Dear Customer.”  It does not even use my name.  Finally there is no logo or other appearance that the email is from the real Ameriprise.

“Dear Customer,
There is an important message regarding your account with www.ameriprise.com, please sign in to our secured message center at our website www.ameriprise.com, sign in and view the secured message we have for you, the message will be stored in the secured message center for 48hours after which it will no longer be available. We bring you messages like this to bring to your attention to updates, to protect your account from unauthorized usage and secure your account anytime we notice usual activities in your account. so please take a few minutes to log into your account at www.ameriprise.com and read  the messages .
Thank you.

www.ameriprise.com”

TIPS

Never click on links unless you are absolutely sure that they are legitimate.  Unfortunately, anytime you receive an email with a link, you cannot trust it because even if it is from someone whom you trust, their email account may have been hacked and the email is actually being sent by an identity thief posing as a friend or a company with which you do business.  The best course of action if you think the email may be legitimate is to call the real person or company to confirm whether or not the email is legitimate.  Also, make sure that your security software and anti-malware software are installed and kept up to date on all of your electronic devices.

If you receive any phishing emails, please send copies of them to me and we will feature them in Scamicide to warn others.  Remember, we are all in this together.

Scam of the day – May 10, 2013 – Hackers attack on banks and credit unions fails – this time

May 10, 2013 Posted by Steven Weisman, Esq.

The hacking group Anonymous had reportedly targeted 130 banks and credit unions for a disruptive Distributed Denial of Service  (DDoS) attack on Tuesday, May 7th, but the attack failed to substantially materialize.  In a DDoS attack, large numbers of computers, remotely controlled by hackers as a BotNet, flood the websites of particular businesses or governmental agencies and shut them down because the websites are unable to handle the huge number of hits on the website.  Tuesday’s attack pretty much failed to materialize.  Although approximately 600 sites were shut down, few of these were inside the United States and if such an attack was indeed made against American governmental agencies, banks and credit unions, the attack was successfully defended.  But this is not to say that business and government have found a way to stop hacking into their computers.  In fact, the attack may not have occurred at all.  It may have merely been a subterfuge to see what the response would be by governmental agencies and businesses.  Additionally, although DDoS attacks are a nuisance, they are rarely more than that, however, larger more insidious attacks may occur while efforts are being focused against repelling the DDoS attack.

TIPS

Large and small businesses are and will continue to be targets for hackers.  If you operate such a business you must take necessary security steps to protect your business from hackers.  As for we, the public, we should do what we can to protect ourselves.  Limit the information available about you at companies with which you do business so if they are hacked, you are not in danger of having your personal information used to make you a victim of identity theft.  Also make sure that you have backup records for all financial dealings and accounts that you have with companies with which you do business so that if an attack either accesses your account or deletes data, you have records that show what you have.  For more information about how to protect yourself, I urge you to consider purchasing my book “50 Ways to Protect Your Identity in a Digital Age” which you can get from Amazon at a reduced price merely by clicking on the link of the book on the right hand side of the front page of Scamicide.

Scam of the day – May 1, 2013 – Denial of Service attacks

May 1, 2013 Posted by Steven Weisman, Esq.

Distributed Denial of Service (DDos) is the name for a tactic that has increasingly been used by hackers against major financial institutions.  Most recently, online broker Charles Schwab & Co. was disabled and inaccessible by its customers for more than an hour because of such an attack.  Earlier in April, American Express and Wells Fargo were victims of such an attack and, in a major attack a few months ago, the websites of JP Morgan Chase, Bank of America, Citibank and Sun Trust all were temporarily shut down due to a DDoS attack.  A DDos attack is accomplished when a website is flooded with nuisance requests from tens of thousands of computers all being controlled by a single controlling computer.  This network of computer is called a BotNet.  Regular readers of Scamicide are familiar with the term BotNet which has also been called Zombie computers and refers to a network of infected computers that are infected by hackers and then controlled by the hackers to send out their viruses and other malware.  The attacked websites are not able to handle the huge volume of computer hits, which results in the affected website being closed down.  It is thought that many, if not all of these recent DDoS attacks have originated from the same hackers in Eastern Europe and there is concern that this is just the beginning of major computer attacks against American financial institutions.

TIPS

So what does this mean to you?  Although both the government and the private sector are working hard to defend DDoS attacks and, in fact, are making progress in doing so,it can be expected that these and even more sophisticated attacks will be coming against our financial institutions including banks and brokerage houses in which you have money and investments.  You can’t just put your head in the sand, but you can prepare yourself for such attacks.  Make sure that you have backup records of your financial accounts on computer discs rather than just on your hard drive which can be accessed or even destroyed by hackers.  You also can use USB  flash drives and external hard drives.  You can also store information in the cloud, but that brings a range of different security issues.  You also may wish to keep readily accessible paper records of your accounts, but make sure that you keep them secure in your home.  Even friends and family members have been known to steal such documents for identity theft purposes.  Finally, you may wish to inquire of all companies with which you do business as to how they maintain both the security of their records from attack and their online presence.