Scam of the day – August 6, 2017 – Hero hacker who stopped Wannacry arrested on malware charges

Say it ain’t so!  It was just a few weeks ago that Marcus Hutchins, a cybersecurity researcher for Kryptos Logic was being hailed as a hero for his discovery of the kill-switch used to stop the spread of the dangerous WannaCry ransomware malware attack that infected millions of computers around the world.  Now, however, Hutchins has been arrested by the FBI on federal charges related to the creation and distribution of the Kronos banking malware that when surreptitiously installed on victims’ computers allowed the cybercriminals to steal login information and data that enabled the cybercriminals to hack into their victims’ bank accounts.

Federal authorities allege that Hutchins created the software and then, in keeping with the present business plan used by many cybercriminals sold the malware for thousands of dollars to other criminals on websites on the Dark Web, where criminals buy and sell criminal information and products.

TIPS

It should not be overlooked that Hutchins has only been charged with these crimes and has a presumption of innocence.  A lesson for all of us is to remember that malware such as both the Wannacry ransomware and the Kronos banking malware are generally downloaded on to the computers, smart phones and other electronic devices of their victims when the victims click on links in infected emails or text messages.  Trust me, you can’t trust anyone.  Never click on any links unless in you have absolutely confirmed that they are legitimate.

Scam of the day – April 22, 2017 – Russian cybercriminal sentenced to 27 years in prison

In a stunning development, Russian citizen Roman Seleznev, the son of a Russian legislator close to Vladimir Putin, was sentenced to 27 years in prison for being the mastermind behind massive credit card hacking attacks in which he stole millions of credit card numbers and sold them on the Dark Web to other cybercriminals.  Prosecutors estimated that the financial loss due to Seleznev’s crimes were a minimum of 170 million dollars and could be as high as a billion dollars.  Seleznev’s crimes were made easier by the predominant use of magnetic strip credit cards at the time he was committing his crimes rather than the harder to steal chip credit cards largely now used.

Russian hackers dominate much of international cybercrime, but are permitted to commit their crimes with impunity in Russia so long as they do not attack Russian targets.  In addition, Russia does not extradite indicted Russian hackers.  Seleznev was arrested when he made the mistake of taking a vacation in the Maldives in 2014 where he was arrested with the help of Maldivian police and turned over to American authorities.

TIPS

International cooperation is an essential element in combating cybercrimes.  Much of the world is beginning to cooperate in this endeavor, but the absence of Russia in this effort is notable.

As for all of us as consumers, the best things we can do are to be vigilant and follow the precautions we constantly tell you about here at Scamicide.com, such as using your chip credit card whenever possible and refraining from using your debit card except at ATMs.

Scam of the day – December 20, 2016 – Hacker convicted of selling stolen bank accounts on the Dark Web

Recently, Aaron James Glende, a hacker known a IcyEagle was convicted of hacking into the bank accounts of eleven Sun Trust customers and selling their account information on the Dark Web for $229.99 per account.  Each of these accounts had balances of between $250,000 and $500,000.  He also stole thirty-two accounts with balances of between $100 and $300 which he sold for $9.99 for each account.  Glende was sentenced to four years and two months in prison.

The Dark Web is that part of the Internet where criminals buy and sell stolen goods and data as well as malware and other cybercriminal tools.

TIPS

The information stolen by Glende included usernames and passwords for online banking accounts.  In order to protect yourself from becoming a victim of a similar theft, you should use a complex password, a security question the answer to which cannot be guessed or obtained through research and use strong software security programs on all of your electronic devices.  It is also important to keep your security software updated with the latest security patches.  Also, never provide your personal information including passwords in response to emails unless you have absolutely confirmed that the email or text message is legitimate.  Too often, messages seeking this information are just phishing scams designed to trick you into turning over this information to an identity thief.

Here is an image of Glende’s account on the Dark Web site Alpha Bay.

AlphaBay portal

Scam of the day – October 22, 2016 – Massive DDoS attack hits Eastern United States

For a few hours yesterday many Internet users on the East Coast of the United States were unable to access some of the most popular destinations on the Internet including Amazon, Twitter, Spotify, Netflix and PayPal as a result of a massive Distributed Denial of Service (DDoS) attack on Dyn a prominent Domain Name System (DNS) provider that hosts the attacked companies’ websites.  Domain Name System providers permit you to type in a simple web address such as anycompany.com which then gets translated into the long, complicated numeric Internet address of the company and connects you to their website.  A DDoS occurs when the DNS provider gets flooded with an overwhelming amount of traffic which causes the website to shut down.  Often the traffic comes from an army of botnet computers which are computers of unsuspecting people that become infected and can be remotely used to send the huge amounts of communications necessary to cause a DDoS.  This problem has become magnified as the cybercriminals infiltrate and incorporate into their botnet not just computers, but also the myriad of devices that make up the burgeoning Internet of Things.  Anything that  is connected to the Internet can be hacked and used to become a part of a botnet.  Too often, many of these devices that make up the Internet of Things are poorly protected with weak passwords and are easily hacked.

While this particular DDoS was remedied after a few hours, the threat of DDoS attacks continues to increase.  Banks and other financial institutions have found themselves particularly targeted in the last year by DDoS attacks.  The potential for major disruption of the Internet by DDoS attacks is significant.

TIPS

While there is nothing that we as consumers can do to stop DDoS other than to maintain the security of our own computers and devices connected to the Internet to keep them from becoming a part of a botnet, there are a number of steps that companies should be taking to protect themselves from future DDoS attacks in addition to the regular Firewalls and routers configured as best they can be to reject malicious traffic including the use of load balancers to spread traffic across multiple servers within a network to create additional capacity to handle the traffic as well as cloud based programs to identify and divert malicious traffic.

Already we have seen the threats of DDoS attacks used to extort money from companies and the threat that DDoS attacks pose is increased because cybercriminals are now selling the malware necessary to carry out such attacks on the Dark Web which is that part of the Internet where cybercriminals do business.  In addition, cybercriminals can also rent the use of botnets on the Dark Web as well to assist them in carrying out their crimes.

Scam of the day – October 13, 2016 – Vera Bradley stores hacked

Luggage and handbag manufacturer, Vera Bradley announced yesterday that its retail stores suffered a data breach in which credit card numbers, customer names, card expiration dates and verification codes for customers who used credit and debit cards at its stores between July 25th and September 23rd were stolen by criminals who hacked into the company’s payment processing equipment.  Vera Bradley was notified of the data breach by law enforcement on September 15th.  Generally, breaches like this are discovered when a pattern for stolen credit cards being sold on the Dark Web where criminals buy and sell stolen credit cards indicates a common source or when the card issuing banks notice a pattern of fraudulent use traceable back to a single common denominator, namely the victims all shopped at a particular store.  Vera Bradley could have avoided this data breach had it switched over to EMV chip cards instead of continuing to use the old-style magnetic strip credit cards which are so much more susceptible to theft through data breaches.

Unlike most companies that suffer such data breaches, Vera Bradley is not offering free credit monitoring at this time.

TIPS

If you were a customer at a Vera Bradley store between July 25th and September 23rd, you should go online right away to monitor use of your credit card or debit card.  It is a good policy not to use your debit card for retail purchases because you have less protection under the law for unauthorized use.  Further, even if you report fraudulent use of your debit card immediately to your bank, your bank account to which the card is tied will be frozen and inaccessible to you while the bank investigates the matter.  Use your EMV chip card whenever possible and even if you were not a shopper at Vera Bradley, you should regularly monitor your credit card statement online so that you can discover any fraudulent use early.  Finally, be wary of any emails or text messages you may get that appear to be from Vera Bradley that require you to provide personal information.  Scammers often take advantage of data breaches such as this to send phishing emails to lure people into providing personal information they can use to make you a victim of identity theft.

For more information about Vera Bradley, you can go directly to its website at http://www.verabradley.com/

Scam of the day – August 28, 2016 – Russian hacker convicted of massive credit card theft

Two years ago, I first told you about the arrest of Russian hacker Roman Seleznev who this week was convicted of hacking into small businesses accross the United States including many pizza parlors, stealing credit card information and selling it on the Dark Web to other cybercriminals.  He even had a website in which he instructed would-be cyberciminals about how to use the stolen credit cards.   Seleznev has been incarcerated while awaiting trial for two years and faces a sentence of up to forty years in prison.

TIPS

What does this conviction mean to you and me?  It is more of a reminder of how large the problem is.  Hacking into retailers at point of sale terminals in stores has become a relatively easy task to accomplish and not only is it easy to accomplish, it does not even have to be done at the store.  It can be done totally over the Internet by hackers anywhere in the world.   Although the EMV smart card chip technology mandated for retailers and credit card companies in October of 2015 prevents attacks such as those of Seleznev from being effective, many retailers have still chosen not to comply with the regulations which are trade group regulations and not a government mandate.  Therefore, the most prudent thing for you to do when shopping at a company that does not use your EMV chip card is to first, refrain from using your debit card for retail purchases so that your bank account is not at risk in a hacking attack  It is important to remember that the rules protecting you from liability for fraudulent use of a debit card are not as strong as those that protect you from liability for fraudulent use of your credit card  You also should monitor your credit card’s use regularly to discover any fraudulent use as early as possible.

This story is also a good example that the risk of data breaches is a risk to small businesses as well as large businesses.  Often small businesses are targeted by hackers as the low hanging fruit because they have not taken proper security steps.

Scam of the day – November 10, 2015 – Comcast freezes 200,000 compromised accounts

Cable and telecommunications company Comcast, which has approximately 28 million customers took the unusual step of freezing the accounts of 200,000 of its customers yesterday upon becoming aware that these particular customers had their personal information including email addresses and passwords being sold on the black market to identity thieves.  The black market used by cybercriminals to sell stolen personal information to other cybercriminals is often referred to as the dark web, which can only be accessed through the use of special software.  Similar to the hacking of accounts at British telecom company Vodafone about which I reported to you last week, in this instance it was not Comcast that suffered a data breach, but rather other companies from which the cybercriminals got the email addresses and passwords and then were attempting to sell them to be used to hack into the victims’ Comcast accounts because the victims used the same passwords at multiple websites.  Using the same password at multiple websites and accounts is a very bad practice and makes you much more vulnerable to identity theft because if your security is compromised at one company with poor security, your security at important accounts, such as your bank is endangered.

Comcast is now requiring the 200,000 affected customers to change their passwords before they can have access to their accounts again.

TIPS

The primary lesson here is that you should always use a separate and unique password for each of your online accounts.  Many people fail to do so out of a concern about remembering a large number of different passwords, but this does not have to be the case.  There is a simple way to make your passwords strong.   Start off by taking a phrase that is easy to remember, such as “IDon’tLikePasswords.” This can be the basic element of all your passwords. Then for added security add a few symbols, so it reads, for example, IDon’tLikePasswords!!!. This is a strong password that is long and combines small letters, capital letters and symbols. Now all you need to do is to adapt that basic password for each of your accounts to make it unique for each account. For example, you could adapt this for your Amazon account by adding “Ama” at the end of the basic password making your Amazon password IDon’tLikePasswords!!!Ama. That is a strong password that is easy to remember.