Posts Tagged: ‘botnet’

Scam of the day – October 31, 2016 – Amazon phishing email

October 30, 2016 Posted by Steven Weisman, Esq.

A new phishing email is presently being circulated that attempts to lure you into clicking on links and provide personal information that can be used to make you a victim of identity theft.  Alternatively, merely by clicking on the links in some phishing emails, you may unwittingly download malware that will steal personal information from your computer or other device and use it to make you a victim of identity theft.  Even if you have the most updated versions of security software protecting your computer, laptop or smartphone you may not be protected from zero day exploits which is the name for the latest malware targeting vulnerabilities that have not yet been protected against by your security software.  It generally takes up to a month for the security software companies to provide patches for the latest strains of malware.

TIPS

In regard to this particular phishing email, there are a number of telltale signs that indicate that it is a scam.  Although the graphics are excellent, the email is not directed to you personally, but rather uses the generic salutation of “Dear Amazon.com Customer.”  In addition, there are numerous grammatical errors that could be attributable to the scammer possibly not having English as his or her primary language.  Also, the email address from which the email was sent was not from Amazon, but from an unrelated individual.  Most likely the email address used was that of another victim whose computer was hijacked and used as a part of a botnet to spread the phishing emails.  Of course, the best course of action is to never click on links or provide information in response to emails or text messages unless you have absolutely confirmed that the request is legitimate.  In this case, a quick telephone call to Amazon would have resulted in your quickly learning that the email was a scam.

Scam of the day – October 26, 2016 – How to protect yourself in the Internet of Things

October 25, 2016 Posted by Steven Weisman, Esq.

Distributed Denial of Service (DDoS) attacks against companies that temporarily shut down websites by flooding them with more traffic than they have the capacity to accommodate are nothing new, however, what was unusual about last week’s DDoS against Dyn a prominent Domain Name System (DNS) provider that hosted such popular sites as Amazon, Twitter, Spotify, Netflix and Paypal was that the botnet of hijacked devices used to launch the attack was not made up of hacked computers, but rather was made up of hacked devices such as smart televisions and webcams that make up the Internet of Things which are devices connected to the Internet that one would not generally think of as requiring security.   However, anything that  is connected to the Internet can be hacked and used to become a part of a botnet and therefore requires security precautions.

So what can you do to protect yourself from having your devices hacked and becoming part of a botnet?

TIPS

Your first line of defense is your router so it is important to change the default password with which your router came.  In addition, each of your Internet of Things devices should have its own distinct password.  Unfortunately, particularly for older devices that are a part of the Internet of Things, security was not built into these devices and they may not even be password enabled. Another helpful device is an Internet hub which is a a device that can control multiple Internet of Things devices through a single mobile app that utilizes dual factor authentication and encryption.  The manufacturers of these Internet hubs such as Samsung’s SmartThings also provide regular security updates.  Not all Internet of Things devices are hub certified which is why when buying an Internet of Things device, you should look for hub certification as an indication that the manufacturer is security conscious.

Finally, and perhaps of greatest importance in protecting yourself from becoming part of a botnet is to do what you already should be doing which is refraining from clicking on links or downloading attachments in emails that may contain the malware enabling a hacker to access first your computer and move through it to your entire network of Internet enabled devices.  Never click on links or download attachments unless you have absolutely confirmed they are legitimate.

Scam of the day – October 22, 2016 – Massive DDoS attack hits Eastern United States

October 21, 2016 Posted by Steven Weisman, Esq.

For a few hours yesterday many Internet users on the East Coast of the United States were unable to access some of the most popular destinations on the Internet including Amazon, Twitter, Spotify, Netflix and PayPal as a result of a massive Distributed Denial of Service (DDoS) attack on Dyn a prominent Domain Name System (DNS) provider that hosts the attacked companies’ websites.  Domain Name System providers permit you to type in a simple web address such as anycompany.com which then gets translated into the long, complicated numeric Internet address of the company and connects you to their website.  A DDoS occurs when the DNS provider gets flooded with an overwhelming amount of traffic which causes the website to shut down.  Often the traffic comes from an army of botnet computers which are computers of unsuspecting people that become infected and can be remotely used to send the huge amounts of communications necessary to cause a DDoS.  This problem has become magnified as the cybercriminals infiltrate and incorporate into their botnet not just computers, but also the myriad of devices that make up the burgeoning Internet of Things.  Anything that  is connected to the Internet can be hacked and used to become a part of a botnet.  Too often, many of these devices that make up the Internet of Things are poorly protected with weak passwords and are easily hacked.

While this particular DDoS was remedied after a few hours, the threat of DDoS attacks continues to increase.  Banks and other financial institutions have found themselves particularly targeted in the last year by DDoS attacks.  The potential for major disruption of the Internet by DDoS attacks is significant.

TIPS

While there is nothing that we as consumers can do to stop DDoS other than to maintain the security of our own computers and devices connected to the Internet to keep them from becoming a part of a botnet, there are a number of steps that companies should be taking to protect themselves from future DDoS attacks in addition to the regular Firewalls and routers configured as best they can be to reject malicious traffic including the use of load balancers to spread traffic across multiple servers within a network to create additional capacity to handle the traffic as well as cloud based programs to identify and divert malicious traffic.

Already we have seen the threats of DDoS attacks used to extort money from companies and the threat that DDoS attacks pose is increased because cybercriminals are now selling the malware necessary to carry out such attacks on the Dark Web which is that part of the Internet where cybercriminals do business.  In addition, cybercriminals can also rent the use of botnets on the Dark Web as well to assist them in carrying out their crimes.

Scam of the day – October 9, 2016 – Microsoft phishing email

October 8, 2016 Posted by Steven Weisman, Esq.

Phishing emails, by which scammers and identity thieves attempt to lure you into either clicking on links contained within the email which  download malware or providing personal information that will be used to make you a victim of identity theft, are nothing new.   They are a staple of identity thieves and scammers and with good reason because they work.  Reproduced below is a copy of a new phishing email presently circulating that appears to come from Microsoft on behalf of Outlook.  DO NOT CLICK ON THE LINKS.  Microsoft is a popular target for this type of phishing email because its products including Outlook are used by millions of people.  Like so many phishing emails, this one attempts to lure you into responding by making you think there is an emergency to which you must respond or your account will be deleted.   As phishing emails go, this one is pretty good.  It looks legitimate.  However, the email address from which it was sent is that of an individual totally unrelated to Microsoft and is most likely the address of an email account of someone whose email account was hacked and made a part of a botnet of computers used by scammers to send out phishing emails.   The grammar and spelling is good although there are a couple of minor capitalization mistakes and a missing comma.  Also, as so often is the case, the email is not directed to you by name.  It carries a professional looking photograph, but that is meaningless..

 

Your Services Agreement and Privacy Statement made clearer

Dear Outlook.com User.

we’re updating the Microsoft Services Agreement and the Microsoft Privacy Statement. We want to take this opportunity to notify you about these updates for your safety.
If you do not update your Microsoft account within 24 hours your account will be deactivated and deleted from our server and you will no longer have access to many of the outlook.com features for improved Conversations.
Take a minute to update your account for a faster, safer and full-featured Microsoft Outlook experience and to avoid your account being De-Activated. 

 
Update Your Account

Thank you for using Microsoft services.

Microsoft respects your privacy. To learn more, please read our Privacy Statement.

Microsoft Corporation
One Microsoft Way
Redmond, WA 98052

TIPS

There are a number of indications that this is not a legitimate email from Microsoft, but instead is a phishing email. Legitimate companies would specifically direct the email to you by your name. This one has a generic  “Dear Outlook.com User.” As with all phishing emails, two things can happen if you click on the links provided.  Either you will be sent to a legitimate looking, but phony webpage where you will be prompted to input personal information that will be used to make you a victim of identity theft or, even worse, merely by clicking on the link, you may download keystroke logging malware that will steal all of your personal information from your computer or smartphone and use it to make you a victim of identity theft.  If you receive an email like this and think it may possibly be legitimate, merely call Microsoft’s customer service department at 1-800 – 642-7676  where you can confirm that it is a scam, but make sure that you dial the telephone number correctly because scammers have been known to buy phone numbers that are just a digit off of the legitimate numbers for companies to trap you if you make a mistake in dialing the real number.

Scam of the day – June 24, 2016 – EMV chip card update

June 23, 2016 Posted by Steven Weisman, Esq.

It has been eight months since the mandate to the credit card companies and merchants to switch to the new EMV chip credit cards which generate a unique randomly generated code for each transaction that renders useless hacking retailers to steal credit card information as we have seen so many times in the past few years, most notably with Target in 2013.  Yet despite the October 1, 2015 deadline for merchants and credit card companies to switch to the new EMV chip credit cards in order to avoid liability for fraudulent credit card purchases, recent surveys indicate that only 70% of American credit card holders have EMV chip credit cards and less than 37% of merchants have adopted the new technology.  Many smaller retailers have made the decision not to switch to the new processing equipment required to process EMV chip credit cards because they have determined that the cost of updating and changing their card processing equipment is more expensive than they perceive their risk of potential liability for fraudulent card use while other retailers have updated their equipment, but have been delayed in having it become operative because it must be certified by each payment network, such as MasterCard and Visa, used by the merchant.  Some merchants have even sued MasterCard and Visa over the delays.

TIPS

The rules regarding the shifting of liability for fraudulent charges do not directly affect consumers, however, that does not mean that consumers can just ignore this matter.  Scammers are still taking advantage of the fact that 30% of Americans still have not received a new EMV chip card by emailing them posing as their credit card companies asking for information in order to process their new EMV chip cards. Unfortunately, people receiving these emails provide the personal information including their credit card number, which is then used to make fraudulent charges in the names of the scammers’ victims.

So how do you know as a consumer if you receive an email purporting to be from your credit card company that it is legitimate?

First check the address of the email sender.  If it appears to come from someone or some company wholly unrelated to your credit card issuer, it is a scam.  Many scammers use hijacked email accounts that become a part of a network of controlled computers referred to as a botnet to send out their emails so that it is difficult to trace the scams back to the scammer.

Merely because the email appears legitimate, is written in proper English and even carries the logo of your credit card company does not mean that it is legitimate.  It is easy to copy the logo of a company on to an email.  If you get an email from your real credit card company it will generally be addressed to you specifically by name rather than a generic greeting of “Dear Cardholder.”  In addition, legitimate emails to you will generally reference your account by including the last four digits of your account.  However, even paranoids have enemies so if you do get an email that appears legitimate, but you still have concerns, merely call the company at the number found on the back of your credit card to confirm that the email is legitimate. but make sure that you dial the number correctly because some enterprising scammers have bought telephone numbers that are quite similar to those of the legitimate customer service numbers for your credit card companies in order to snare people who have misdialed their credit card company.

Scam of the day – March 16, 2016 – New Chase phishing email

March 15, 2016 Posted by Steven Weisman, Esq.

Phishing emails, by which scammers and identity thieves attempt to lure you into either clicking on links contained within the email which will download malware or providing personal information that will be used to make you a victim of identity theft, are nothing new.   They are a staple of identity thieves and scammers and with good reason because they work.  Here is a copy of a new phishing email that appears to come from Chase bank that is presently circulating.  DO NOT CLICK ON THE LINK.  Like so many phishing emails, this one attempts to lure you into responding by making you think there is an emergency to which you must respond.

Dear Chase customer:

As part of our commitment to help keep your account secure, 
we have detected an irregular activity on your account and we are placing a hold on your account for your protection.
 

Please visit the confirmation of accounts system
www.chase.com

Please enter your information carefully


Sincerely, 

Chase Online Banking Team 

 

 

ABOUT THIS MESSAGE:

We sent this email from an unmonitored mailbox. Go to chase.com/CustomerService to find the best way to contact us.

Your privacy is important to us. See our online Security Center to learn how to protect your information. Chase Privacy Operations, PO Box 659752, San Antonio, TX 78265-9752.

© 2016 JPMorgan Chase Bank, N.A. Member FDIC

TIPS

There are a number of indications that this is not a legitimate email from Chase, but instead is a phishing email.  The email address from which it was sent has nothing to do with Chase, but most likely was from a hacked email account that is a part of a botnet of computers controlled remotely by the scammer.  In addition, legitimate credit card companies would refer to your specific account number in the email.  They also would not use the generic greeting “Dear Chase Customer,” but would rather specifically direct the email to you by your name.  As with all phishing emails, two things can happen if you click on the links provided.  Either you will be sent to a legitimate looking, but phony webpage where you will be prompted to input personal information that will be used to make you a victim of identity theft or, even worse, merely by clicking on the link, you will download keystroke logging malware that will steal all of your personal information from your computer and use it to make you a victim of identity theft.  If you receive an email like this and think it may possibly be legitimate, merely call the customer service number on the back of your credit card where you can confirm that it is a scam and make sure that you dial the telephone number correctly because scammers have been known to buy phone numbers that are just a digit off of the legitimate numbers for financial companies, such as Chase to trap you if you make a mistake in dialing the real number.

Scam of the day – February 24, 2016 – FTC settles with fake weight loss merchant

February 24, 2016 Posted by Steven Weisman, Esq.

How could Oprah ever steer you wrong?  I first reported to you last May about Sale Slash, a company that sold phony weight loss products such as Premium Green Coffee, Pure Garcinia Cambogia, Premium White Kidney Bean Extract, Pure Forskolin Extract and Pure Caralluma Fimbriata Extracts.  Last year the Federal Trade Commission (FTC) brought legal action against Sale Slash and a number of individuals involved with the scam.  Sale Slash sent spam emails, often from hacked email accounts of your friends who were made part of a botnet of computers sending out emails appearing to come from your friends with messages, such as “hi, Oprah says it’s excellent.”  The message would also have links to phony news sites with videos of phony celebrity endorsements.  Obviously, neither Oprah Winfrey nor your friend whose email was hacked endorsed these phony weight loss products.  Now the FTC has settled the lawsuit with Sale Slash and the other defendants, closing down the scam and requiring them to turn over approximately ten million dollars to the FTC to be returned to the victims of the scam.  As further details become available as to how you can make a claim if you were a victim, I will let you know.

TIPS

The truth is that there are no quick fixes when it comes to weight loss and you should be wary of any product that promises you can lose tremendous amounts of weight quickly without dieting or exercise.  You should also be wary of any weight loss product that is sold exclusively either over the Internet or through mail-order advertisements.  It is also important to remember that no cream that you rub in your skin can help you lose substantial weight and no product can block the absorption of fat or calories.  The best course of action when considering a weight loss product is to ask your physician about the effectiveness of a particular weight loss product or program before you reduce your wallet in an effort to reduce your waistline.

Scam of the day – December 31, 2015 – American Express phishing email scam

December 30, 2015 Posted by Steven Weisman, Esq.

Phishing emails, by which scammers and identity thieves attempt to lure you into either clicking on links  or downloading attachmentscontained within the email which will download malware or providing personal information that will be used to make you a victim of identity theft, are nothing new.  They are a staple of identity thieves and scammers and with good reason because they work.  Here is a copy of a new phishing email that appears to come from American Express that is presently circulating.  This particular one is not particularly convincing.   It does not address the person receiving the phishing email by name, but rather by the generic “Dear American Express User.”  In addition, as is common with many scams which often originate out of the country where English may not be the first language of the scammer, the grammar is not good.

“Dear American Express User,

During our server routine  update we noticed you enter wrong detail. We implore you

to download the attached file  to re-verify your details.

NOTE: You are strictly advised to match your information correctly to avoid service suspension.

Thank you for your continued Card Membership

Sincerely,

American Express Customer Care”

TIPS

An indication that this is a phishing email is that the email address from which it was sent had nothing to do with American Express, but most likely was from a computer that was part of a botnet of computers controlled remotely by the scammer.   As with all phishing emails, two things can happen if you click on the links or download the attachments provided.  Either you will be sent to a legitimate looking, but phony webpage where you will be prompted to input personal information that will be used to make you a victim of identity theft or, even worse, merely by clicking on the link, you will download keystroke logging malware that will steal all of your personal information from your computer and use it to make you a victim of identity theft.  If you receive an email like this and think it may possibly be legitimate, merely call American Express at the telephone number found on the back of your card and you will be able to confirm that it is a scam.

Scam of the day – October 1, 2015 – EMV smart chip card scams

October 1, 2015 Posted by Steven Weisman, Esq.

Scammers always are taking advantage of whatever current events are going on.  Today is the deadline for retailers and credit card issuing companies to switch over to using the new EMV credit cards containing a computer chip that creates and encrypts a new number every time the card is used.  Unlike credit cards in other parts of the world, American credit cards still mostly use magnetic strip technology that has been around since the 1960s in which personal information is contained on a magnetic strip on the back of the card.  When the information on this strip is stolen as through a hacking, the identity thief has access to the credit of the victim.  However in more than 80 other countries around the world, the magnetic strip card technology has been replaced with cards embedded with a microchip.  This technology is often referred to as EMV which stands for Europay, MasterCard and Visa, the originators of the card.  With EMV cards, the chip creates and encrypts a new number every time the card is used.  Thus hacking into the credit and debit card processing terminals used by the cardholder is a worthless exercise in trying to access the credit card or debit card.  For cost reasons, credit card companies and retailers have resisted updating the credit card system in the United States although changes in regulations in regard to liability for fraudulent credit card use will prompt credit card companies and retailers to switch to this technology.   Under these new rules, after October 1st if a retailer does not switch its card processing machines over to EMV card processing of sales, in the event of a data breach, the retailer will be held financially responsible for any losses incurred.  Previously, in the event of data breaches, it has generally been the credit card issuing banks that have been held responsible for such credit card fraud.

The October 1st deadline, however,  has not been met by many credit card issuers and retailers.  More than a billion credit and debit cards will have to be switched to the new EMV cards and only 120 million people have already received a new EMV card.  That number is expected to reach 600 million by the end of 2015.  Meanwhile, many retailers have not yet converted their card processing devices to accept the new EMV cards.  Since under the new regulation regarding liability in the event of credit card fraud, the liability passes to the party that is the least EMV compliant, there is much incentive for the credit card companies to issue new EMV cards and for retailers to convert their credit card processing equipment as soon as possible.

Ingenious scam artists, the only criminals we refer to as artists are taking advantage of the situation by contacting people by email posing as your credit card company and prompting you to either provide personal information in response to the email or click on a link in the email in order to update your account to get a new smart EMV chip card.  If you provide personal information to the scammer, you will end up becoming a victim of identity theft.  If you click on the link, you may also download keystroke logging malware that will steal your information from your computer or smartphone and use it to make you a victim of identity theft.

TIPS

So how do you know if you receive an email purporting to be from your credit card company if it is legitimate?

First check the address of the email sender.  If it appears to come from someone or some company wholly unrelated to your credit card issuer, it is a scam.  Many scammers use hijacked email accounts that become a part of a network of controlled computers referred to as a botnet to send out their emails so that it is difficult to trace the scams back to the scammer.

Merely because the email appears legitimate, is written in proper English and even carries the logo of your credit card company does not mean that it is legitimate.  It is easy to copy the logo of a company on to an email.  If you get an email from your real credit card company it will generally be addressed to you specifically by name rather than a generic greeting of “Dear Cardholder.”  In addition, the email to you will generally reference your account by including the last four digits of your account.  However, even paranoids have enemies so if you do get an email that appears legitimate, but you still have concerns, merely call the company at the number found on the back of your credit card to confirm that the email is legitimate.

Scam of the day – August 26, 2015 – Bank of America security message scam

August 26, 2015 Posted by Steven Weisman, Esq.

This is another phishing scam that is making the rounds these days.  It appears to be a legitimate email from Bank of America informing you that due to upgrades being done to the Bank of America computer systems, it is necessary for you to confirm personal account information in order to maintain your account.  Of course, if you click on the link contained in the email, you will only succeed in either unwittingly downloading keystroke logging malware that will steal your personal information from your computer and use it to make you a victim of identity theft or you will be sent to another website that prompts you to provide your personal information directly, which then wil be used to make you a victim of identity theft.  Either way you lose.  Here is a copy of the email presently being circulated:

“Member:

We need you to confirm your Bank of America account due to our new upgrading. It is mandatory that you confirm your details through our secure link below.

CONNECT
Thank you for your co-operation.
Bank of America Admin
Copyright © 2015 BOA Inc.”

TIPS

There are a number of ways to know that this is a phishing scam.  First of all, if you are not an account holder at Bank of America, you can rest assured that the email is a scam.  Unfortunately, there are so many people that are account holders at Bank of America, the scammers just send out the email in large numbers hoping to reach Bank of America account holders among the random people being sent the email.  The email address from which it is sent was not that of Bank of America, but rather that of a private individual whose email account was hacked, taken over and made part of a botnet to send these emails in large numbers.  Because you can never be sure whenever you receive an email that asks you to provide personal information whether it is legitimate or not, the best thing to do is to remember my motto, “trust me, you can’t trust anyone” and confirm whether it is legitimate or not by calling the real company, in this case Bank of America to learn whether or not the email is phony or not.  Chances are, you will be told that it is a scam.