Scam of the day – February 17, 2015 – Billion dollar international bank hacking

Russian cybersecurity company, Kasperky Lab issued a report yesterday disclosing what may well be the biggest bank hacking in history.  The hacking of more than 100 banks in the United States, Japan, Switzerland, the Netherlands and primarily Russia was accomplished by a criminal group called the Carbanak cybergang composed of Russians, Chinese and Europeans who through advanced malware installed on the computers of the targeted banks permitted the hackers to infiltrate the computers of the banks’ employees in charge of cash transfer systems and ATMs.  They then installed a remote access tool (RAT) on these employees’ computers that enabled the hackers to see everything done on these employees’ computers with the goal of mimicking the look of legitimate transactions when the hackers activated electronic transactions and programmed ATMs to dispense money at specific times to steal as much as a billion dollars over the last two years.


As of today, no bank has admitted that it was one of the affected banks.  This makes fighting similar attacks more difficult, which is one reason President Obama has recently been advocating for a law to mandate public disclosure of such security breaches by financial institutions.  An important aspect to this hacking that has been often overlooked in some early reporting of the story is that although the malware used to perpetrate this crime is amazingly sophisticated, the planting of the sophisticated malware into the computers of the targeted banks was accomplished by old-fashioned phishing emails that lured the bank employees to click on infected link.  Everyone including companies, governments and private individuals have got to do a better job of not clicking on links no matter how legitimate they may appear until you have confirmed that they are indeed legitimate. Remember my motto, “trust me, you can’t trust anyone.”

Scam of the day – November 28, 2014 – Hotel Wifi threat

A targeted threat against high level government and business leaders while staying in upscale hotels was exposed by security company Kaspersky Lab recently.  The attack starts with a breach of the particular hotel’s Wifi network and the installation of malware even before the targeted guest arrives at the hotel.  When the hotel guest connects to the hotel’s Wifi system by logging in using his last name and room number, the hackers are alerted and then send a pop-up alert regarding a necessary software update that needs to be clicked on and downloaded.   The pop-up looks legitimate.  In this particular group of targeted attacks, which Kaspersky has deemed “Darkhotel” the pop-up was for an update to Adobe Flash player, although it could be an update for any other program.  The pop-up of course is phony and when the unwary victim clicks on the link, he downloads malware that enables the hacker to steal information from the victim’s laptop or other device.  In this case, the information sought is for corporate espionage, but others using the same tactic could just as well use the technique to gather personal information for purposes of identity theft.


You can never be sure of the security of Wifi whether it is at a coffee shop or a hotel.  A good option is to use a Virtual Private Network (VPN) to get an encrypted communication mode whenever you use Wifi.  It is important to be skeptical of any prompt to click on anything when you are on Wifi or anywhere else for that matter.  Don’t click on links in emails, text messages or pop-ups unless you have confirmed that they are legitimate.  In the case of software updates, it is a simple matter to check with the particular company at its website rather than click on a pop-up if you want to make sure that the update is legitimate.  Even if an update is being offered by the company, you are better off accessing it through their website rather than a pop-up which may be just a counterfeit pop-up sent to you by an identity thief.

Scam of the day – December 19, 2013 – Playstation 4 and Xbox One targeted by hackers

Computer security company Kaspersky Lab recently disclosed that it had found that hackers have been targeting the new Playstation 4 and Xbox One gaming consoles in large numbers.  However, owners of these two systems are not alone.  According to Kaspersky, there are an estimated  34,000 cyber attacks on gaming systems each day through the world.  The country with the largest number of gaming cyber attacks is Spain wtih Poland a relatively close second.  The hackers are after gamers’ usernames and password which they then sell on the black market.  This also poses a larger problem of identity theft for hacked gamers due to the fact that too many people use the same usernames and passwords for multiple accounts, putting their security in jeopardy if that information falls into the hands of an adept identity thief.


As with so many  instances of hacking, the way that hackers gain access to your smartphone, computer, laptop or gaming console is through phishing techniques that lure people into downloading tainted attachments or clicking on infected links.  As I constantly remind you, never click on links or download attachments unless you are absolutely sure that they are legitimate and even if they appear to come in a text or an email from someone you trust, your friend’s smartphone or email account could have been hacked so it appears a message containing a link or an attachment is coming from someone you trust when in fact, it is coming from an identity thief or hacker who has infected the link or attachment with keystroke logging malware that will steal the information from your computer, smartphone or other device and make you a victim of identity theft.

Scam of the day – February 17, 2013 – Facebook hacked – the lesson for us all

Facebook has announced that its internal computer network has been hacked in what it described as a “sophisticated attack.  According to Facebook, users of Facebook did not have their data compromised – this time.  As I have warned you over and over again, your security is only as good as the security of the weakest place that holds information about you, which is why it is important to limit the information held by companies and others with which you do business to the minimum that they need.  The hacking of Facebook occurred when a Facebook employee went to the website of an app developer with which Facebook does business.  The app developer had unwittingly been hacked through the use of the Java program and when the Facebook employee went to the website of the app developer, the computer virus was passed on to Facebook.  This might be particularly disturbing to some people because Facebook uses, and was using at the time of its security breach, the latest security software programs, which did not protect Facebook from the hacking.  As I have told you previously, unfortunately, the makers of computer security software are always behind the hackers.  It has been estimated that when a new virus is developed only about 5% of security software programs are effective at first.  Generally, the computer security software companies take about a month to catch up with the new viruses.


There are a few lessons for us all from this security breach.  According to the computer security company, Kaspersky Lab, Java is a dangerous program constantly exploited by hackers.  According to Kaspersky, Java software was the culprit in about half of all cyber attacks in 2012.  On January 12, 2013 I passed on a warning from the Department of Homeland Security warning people to disable Java due to serious security threats.  Five days later on January 17th I provided you with a link to remedy for that particularly vulnerability.  However, problems with Java continue to occur and some computer security experts suggest that you disable Java and not use it in order  to protect yourself.  I will discuss this in more detail in future Scams of the Day.  The particular problem with Java that led to the hacking of Facebook has been fixed, but it is likely that Java will be attacked again.  Another tip that you must follow is to make sure that your computer security software is constantly updated.  I will provide you with particular warnings and updates, but you should make sure that your security software is always current.  People who do not do so are easy targets for identity thieves.