Scam of the day – October 17, 2017 – New report discloses all wifi networks vulnerable to hacking

Yesterday, a Belgian researcher, Mathy Vanhoef made public his discovery from this past summer that the security protocol used to protect most wifi connections is vulnerable to hacking such that data formerly thought to be encrypted and protected could be hacked and that it was also possible for a cybercriminal to inject ransomware and other malware into websites visited through  compromised wifi connections.  If your device supports wifi, it is most likely affected.

The United States Computer Emergency Readiness team issued a warning yesterday that lists all of the systems affected.  Here is a link to that warning.

http://www.kb.cert.org/vuls/id/228519

As is often the case when discoveries of computer vulnerabilities are made, researchers notify the technology companies first to allow them time to come up with patches.  In this case, the technology companies were notified on August 28th about this problem.  Google has indicated that it expects to have a patch available “in the coming weeks.”  Microsoft has said, “we have released a security update to address this issue.  Customers who apply the update, or have automatic updates enabled, will be protected.”

TIPS

This is one instance where things may not be as bad as they initially appear.  Hackers exploiting the vulnerability would need to be physically close to the attacked device to accomplish an attack and connections to secure websites using HTTPS will still be safe.  Online banking and online shopping websites will generally use https technology which you can confirm by looking at the address line for the letter “s” after the initial http in the website address.  In addition, as I have long advised you, if you are going to use public wifi you should use Virtual Private Network (VPN) which is not affected by this vulnerability.

This discovery also emphasizes the importance of having your security patches and updates installed automatically or as soon as they are available.  I will update you on this situation as new information becomes available.

Scam of the day – October 7, 2017 – Accused Russian hacker to be extradited to the United States

Earlier this week, Spain’s highest court agreed to extradite Peter Levashov who was indicted last April by a federal grand jury on charges of fraud, identity theft and conspiracy.  Levashov who formerly served in the Russian army and also had  worked for Russian President Vladimir Putin’s United Russia Party is accused of operating a massive botnet of thousands of infected computers that he would rent out to other criminals to send computer viruses and malware.

A botnet is a network of computers that have been infected with malware that enables criminals to surreptitiously use these computers to send out all manner of malware including ransomware.  People whose computers become part of a botnet often unwittingly download the malware necessary to make their computer part of the botnet by clicking on a link in an infected phishing email.

TIPS

Many people are a part of botnets without even knowing it.  If you use Windows 10 you can find out if you are a part of a botnet by opening the Task Manager and see what programs are using your network.  If there is something you don’t recognize, you may be a part of a botnet.

Of course, the best course of action is to avoid ever becoming part of a botnet and the best way to do that is to avoid clicking on any links in any emails unless you have absolutely confirmed that the email is legitimate.  In addition, installing security software and keeping it up to date with the latest security patches is also a good practice and if your router is more than ten years old, it may not be providing sufficient protection from botnets.  Updating old routers can help avoid becoming a part of a botnet.

Scam of the day – October 6, 2017 – Network Solutions phishing scam

 

 The phishing email reproduced below is presently being circulated.  Network Solutions is a legitimate company that acts primarily as a website domain name registration company.  As phishing emails go, this one is very good containing good graphics and proper grammar.  As is generally the case with such phishing emails, it is an attempt to lure you into providing personal information, in this case by luring people into calling them for further information about the backing up of data.
1-888-793-7657
We’re updating your email service and need you to back up some of your information

Dear Customer,

We’re writing to let you know Network Solutions will be updating your email service platform over the next few months. This update will provide you with new features, improved capabilities and a new look for your dashboard.

We don’t anticipate any disruptions to your service. However, there is some stored data you will need to save and back up as we are unable to transfer it over. Specifically, your file storage, photos, notes and any contact distribution lists will need to be saved. Not saving these files will result in their loss.

You’ll receive an additional notice once the update is complete. If you have questions or concerns, please contact customer support at XXXXXXXXXXX.

Sincerely,
Network Solutions Customer Support

Connect With Us Twitter Google Plus Facebook YouTube
Please do not reply to this email. Replying to this email will not secure your services. Please review our Privacy Policy and our Service Agreement and any applicable supplemental service agreements for additional terms and conditions.©2017 by Network Solutions, LLC. All Rights Reserved. 12808 Gran Bay Parkway, West | Jacksonville, FL 32258
Network Solutions® is a Web.com Group, Inc. company.Network Solutions® and Web.com® are registered trademarks of Web.com Group, Inc. All other registered trademarks herein are the property of their respective owners.
TIPS
Whenever you get an email requesting personal information or asking you to click on links, you cannot be sure that it is legitimate until you have personally confirmed it by contacting the real company at a phone number or email address that you know is legitimate.  In this particular case, this email was forwarded to me by someone who did not have an account with Network Solutions so she knew it was a scam.  Clicking on links tainted with malware or providing personal information to a scammer can easily lead to identity theft.

Scam of the day – September 16, 2017 – New Adobe security updates

In July I told you that Adobe finally announced that it will be retiring its Adobe Flash software.  However, until that time, they are issuing new security updates and if you are  user of Adobe Flash, you absolutely should install the latest security patches, such as those just released by Adobe as indicated in a link below.

Flaws in Adobe Flash have been exploited by hackers and identity thieves against individuals, companies and government agencies including the U.S. State Department and the White House.  In 2010 Steve Jobs vociferously complained about its security and it has routinely been cited as being extremely vulnerable.  Despite security patch after security patch, new problems keep coming up.  According to security company, Symantec in 2015 80% of the newly discovered software vulnerabilities which can be exploited by malware created by cybercriminals involved Adobe Flash.

Microsoft already blocks Adobe Flash by default in its Edge browser due to security concerns.  Microsoft also blocks outdated versions of Adobe Flash from running in Internet Explorer on Windows 7.  If you use Windows 8.1, Windows 10 or Windows Server 2012R2, this will not affect you because these systems automatically install Adobe Flash security patches.  In addition, to Microsoft Google, Apple and Mozilla block Adobe Flash.   Apple has blocked Adobe Flash from iPhones since 2010.  If you have not already switched to alternative software to Adobe Flash, now is a good time to do so.

TIPS

If you are going to continue to use Adobe Flash, it is imperative that you update your software with the latest security patches when they are issued and here at Scamicide, we will inform you about security patches for Adobe Flash as soon as they are issued.

Here is a link to the latest security patches for Adobe Flash that have just been issued.

https://www.us-cert.gov/ncas/current-activity/2017/09/12/Adobe-Releases-Security-Updates

However, it may well be time for you to replace Adobe Flash to avoid future problems.

Here is a link to a website with alternative plugins you may wish to consider to replace Adobe Flash.

http://alternativeto.net/software/flash-player/

Scam of the day – September 12, 2017 – IRS warns tax professionals about new ransomware attack

The IRS has issued a warning to tax professionals about a new IRS themed ransomware attack presently being sent by email.  If someone were to click on the link in the email, ransomware would be downloaded that would encrypt and lock the information of the person falling for the scam leaving the victim facing the dilemma of having to pay a ransom in order to retrieve his or her computer data or face the threat of having the data destroyed.

Here is a copy of the email presently being circulated.  As phishing emails go, this one is not particularly convincing.  It is filled with grammatical and punctuation errors which often are a sign that the scam originated in a country where English is not the primary language.

IRS questionnaire text with IRS and Department of Justice logos

TIPS

The IRS does not initiate contact with taxpayers or tax professionals by email or text messages to request personal or financial information.  In addition, to avoid all kinds of malware including ransomware, you should never click on links in emails or text message unless you have confirmed that the email or text message is legitimate.  Specifically to protect yourself from ransomware, individuals as well as companies and government agencies should backup all data regularly and make sure that security software is constantly updated with the latest security patches.

Scam of the day – August 25, 2017 – New scam targeting tax professionals

There is a reason scam artists are the only criminals we refer to as artists. They can be incredibly good at what they do.  Unfortunately, what they do is try to con us and steal our money and identities.

This is a time of the year when many tax professionals are receiving updates of their tax preparation software from their software providers. Knowing this,  scammers are targeting CPAs and other tax professionals with phishing emails that appear to come from the tax professional’s software provider with the subject line indicating “Software Support Update.”  In these emails, the scammers tell their intended victims that they need to revalidate their login credentials.  The scammers provide a link to a phony website that looks like the software provider’s webpage, but is a fake.  If the tax professional falls for this scam and provides his or her login information, the scammers will use this information to access the victim’s account and get at their client’s confidential  information which can then be used for purposes of identity theft.

TIPS

While the email address from which the email is sent may in some circumstances look legitimate, upon close observation you will see that it is not really from your software provider and in some instances, the email will be sent from a botnet of hacked computers such that the email address sending the email is that of an individual totally unrelated to the software company.  In addition, no tax preparation software providers insert links in emails for their clients to validate passwords.  In addition, you should never click on any link unless you have absolutely verified that it is legitimate.  The risk of all kinds of malware including ransomware is too great.  If you are a tax professional and you receive such an email and think that it might be legitimate, you should contact your software provider by email or phone to confirm that this was a scam.

Scam of the day – August 16, 2017 – Hackers targeting hotel Wi-Fi

The security company Bitdefender has identified new tactics being used by a notorious hacking group known as DarkHotel to hack into the computers of hotel guests.  DarkHotel has been operating for about ten years now and until recently had been specifically targeting business travelers in order to gain access to their companies’ computers and the data contained therein. Recently , however, DarkHotel has expanded its targets to include political figures, as well.  DarkHotel has exploited vulnerabilities in hotel Wi-Fi to achieve its attacks.

A key element in the success of DarkHotel has been their successful use of spear phishing emails that have been used to lure unsuspecting victims into clicking on links and downloading malware.

TIPS

Whether you are a high profile business person, a politician or a regular citizen, spear phishing is one of the biggest threats to your security and well being.  Spear phishing emails or text messages are personally crafted emails or text messages that have been created using information about you, your job, your interests and other aspects of your life to lure you into clicking on a link and downloading malware.  Most of the major data breaches as well as personal data breaches have been initiated through phishing so the lesson is clear.  Trust me, you can’t trust anyone.  Never click on links in emails or text messages unless you have absolutely confirmed that they are legitimate.

Scam of the day – July 30. 2017 – AOL phishing scam

Millions of people still use AOL.  One reason is that you get greater email privacy when compared to some other email carriers. Due to its popularity, scammers and identity thieves often send out phishing emails that appear to come from AOL, such as the one reproduced below.  The logo and format of this particular email that is presently circulating is quite poor.  Compare it to the excellent counterfeit phishing email I included in the Scam of the Day for May 31, 2014.  This one comes from an email address that has no relation to the company, AOL.  Further, it is not directed to the recipient specifically by name.  Like many similar scams, this one works by luring you into clicking on a link in the email in order to resolve a problem.  However, if you click on the link, one of two things will happen.  You either will be prompted to provide information that will be used to make you a victim of identity theft or by clicking on the link you will unwittingly download a keystroke logging malware program that will steal all of the information from your computer and use it to make you a victim of identity theft.   Here is how the email appears.  DO NOT CLICK ON THE LINK:
“Dear Aol User
You can not send or receive new messages until you re-validate your mailbox.
To renew the mailbox,
Click below: Login&Complete
Thank you!
Webmail Administrator.”
TIPS
When AOL communicates with its customers about their accounts, they do so by AOL Certified Mail, which will appear as a blue envelope in your inbox and will have an official AOL Mail seal on the border of the email.  This particular email had neither and only had an easy to counterfeit AOL logo appear on the email.  Whenever you get an email, you cannot be sure of from whom it really comes.  Never click on a link unless you are absolutely sure that it is legitimate.  If you think the email might be legitimate, The best thing to do is to contact the real company that the email purports to be from at an address or phone number that you know is accurate in order to find out if the communication was legitimate or not. Remember, never click on links in emails unless you have confirmed that they are legitimate.

Scam of the day – July 17, 2017 – WWE data breach puts millions at risk of identity theft

The World Wrestling Entertainment (WWE) formerly known as the World Wrestling Federation (WWF) until it lost an intellectual property dispute with the World Wide Fund For Nature (WWF), is the popular company that promotes professional wrestling around the globe.  Recently it was disclosed that databases filled with personal information of users of its website were stored in an unprotected server making them accessible to anyone who came upon them.

The good news is that the compromised information did not include credit card information or passwords, which would have posed a tremendous threat of identity theft to the people whose information was stored in the unprotected servers.  However the bad news is that the type of information that was compromised included names, email addresses, ages and other information that could be used to formulate spear phishing emails that could be used to attack the victims of the data breach.

Spear phishing occurs when you receive an email or a text message intended to lure you into clicking on a malware infected link that can be used for purposes of identity theft, ransomware or other sinister purposes. What distinguishes spear phishing from mere phishing is that with spear phishing, the communications to you have been specifically tailored with personal information to trick you into trusting it.

TIPS

One lesson from this data breach is to remember that you are only as secure as the places that have your personal information with the weakest security.  Therefore limit the places to which you provide your personal information as best you can.  In addition, there is no law that requires you to provide accurate and truthful information when going to a website asking for your age or other personal information so you can make up information to provide in order to gain access to a particular website.

Another important lesson is to always be skeptical of any email or text message that you receive that asks you to click on a link.  You can never be sure it is legitimate so never click on a link until you have confirmed that the communication is legitimate.

Finally, remember to keep all of your electronic devices updated with the latest security software recognizing that even the newest updates will not protect you from new zero day defects that have not been seen previously.