Posts Tagged: ‘Malware’

Scam of the day – February 28, 2015 – Carnegie Mellon phishing scam

February 28, 2015 Posted by Steven Weisman, Esq.

Carnegie Mellon University is one of the country’s foremost universities in various areas of technology, but that does not mean that Carnegie Mellon employees are any better than anyone else at recognizing phishing emails.  Phishing remains the primary way that many major data breaches are initiated when employees of a company receive a legitimate appearing email that prompts the person receiving the email to click on a link under various guises.  Unfortunately, what happens in many instances is that by clicking on the link, malware becomes installed that enables the hacker to steal information and data from the computer data banks of the company.  This simple technique was how the Sony hacking and the recent billion dollar hacking of a hundred banks around the world was accomplished.  Another way that phishing works is by luring the victims to enter their usernames and passwords into legitimate appearing communications thus providing that information to hackers and identity thieves.   That is what happened to an undetermined number of Carnegie Mellon employees who  were lured into providing their log-in information when they responded to an email entitled “Your Salary Raise Information.”

TIPS

This phishing scam is particularly noteworthy because it once again shows that sophisticated, technologically savvy people can fall for the lures of phishing emails, which is why everyone should always be skeptical before responding to any email or text message that requires you to provide personal information or click on a link.  In either situation, you can never be sure when you receive an email or text message that the communication is legitimate.  So along with maintaining the latest security software on your electronic devices, it is important to make it a habit to never to provide personal information or click on links in response to text messages or emails until you have absolutely confirmed that the communication is legitimate.

Scam of the day – February 12, 2015 – Anthem hacking lawsuits filed

February 11, 2015 Posted by Steven Weisman, Esq.

Although the disclosure of the hacking and data breach at Anthem, the country’s second largest health insurance company was only disclosed eight days ago, the first lawsuits alleging negligence on the part of Anthem in failing to take proper steps to protect the personal data on the as many as 80 million Anthem customers were filed in Indiana, California, Alabama and Georgia.  It now appears that the actual hacking was first detected by Anthem on January 27th, but started as early as December 10th.  Once again, as is the pattern with so many major data breaches, it appears that the hackers gained access to Anthem’s, what have been reported to be, unencrypted data bases through phishing emails that tricked five Anthem employees  into either providing their passwords or clicking on malware loaded links that stole the passwords from the Anthem employees’ computers.

TIPS

Many companies are just not doing enough to protect their sensitive data including personal information of their customers.   There are many steps that companies can and should be taking including greater encryption of data, employee education about phishing and limiting of access to information from off-site computers.  Whether companies need to be prompted by lawsuits or legislation, the problem is so significant that companies must take action now to better protect themselves from hacking.

As for we, the customers, all we can do is try to limit as best we can the personal information provided to the companies with which we do business (your doctor, does not need your Social Security number) and monitor our financial and medical dealings for signs of identity theft.  Putting a credit freeze on your credit reports at each of the three major credit reporting agencies is another good step to take in order to reduce your risk of identity theft.  You can find information about how to put a credit freeze on your credit reports here on Scamicide in the archives.

Scam of the day – February 5, 2015 – Adware found in Google Play apps

February 5, 2015 Posted by Steven Weisman, Esq.

The security firm Avast has discovered malware in three apps including the popular card game Durak.  The malware causes a pop-up message to appear on your smartphone indicating that your smartphone is infected and directs you to security companies to fix the non-existent problem.  Advertisements on Google Play apps are strictly prohibited as are, of course, viruses and other forms of malware.  This particular malware which may have affected as many as ten million people was particular insidious because the message would not appear when you first installed the tainted Durak or other infected apps, but rather would be delayed for a week or more making it unlikely that people would be able to guess that the source of the problem was the infected app.  Google has removed the three infected apps from the Google Play store.  Infected apps are nothing new.  Similar infected apps result in popups that inform you that your smartphone software is out of date, infected or filled with pornography and then direct you to a website to purchase software to cure a non-existent problem.

TIPS

Although these particular tainted apps came directly from the Google Play store, you are generally much safer obtaining your apps from the Google Play store or other legitimate app vendors.  However, as this case shows, you can never be guaranteed that any app you download will be totally safe.  Just as you cannot trust any email or text message that asks you to click on a link or do a download without verifying that it is legitimate, so you should never automatically click on links in popups that come up on your computer regardless of how legitimate they may appear until you have confirmed that they are legitimate.

Scam of the day – January 19, 2015 – University employee payroll scam

January 19, 2015 Posted by Steven Weisman, Esq.

The Internet Crime Complaint Center, known as IC3 has issued an alert warning about a spear phishing scam aimed at university employees around the country.  It starts with an email addressed specifically with the name of the intended victim.  The email looks official and appears to have been sent by the Human Resources Department of the college or university where the intended victim works.  The email informs the potential victim that there has been a change of the employee’s status and that the employee is required to click on a link contained in the email that takes the employee to a website that appears to be that of the Human Resource Department for the college or university where the victim works where the employee is prompted to input information.  The website is  counterfeit.  The scam is a ruse intended to obtain the login information of the potential victim.  Once this information is provided to the scammer, he or she then logs on to the real Human Resources Department page and changes the bank account information for where the employee’s check is deposited so that the school sends the victim’s check to a bank account controlled by the identity thief.  In addition, since many people use the same user name and password for all of their accounts, the scammers may also attack other accounts of the victim.

TIPS

Although the IC3 warning deals specifically with university and college employees, this scam works just as well with any company that pays their employees through direct deposit so everyone who is paid through a direct deposit should be aware of this scam.  Remember my mantra, “trust me, you can’t trust anyone.”  Never click on links in emails unless you are sure they are legitimate.  In many instances, by clicking on the link, you are unwittingly downloading malware on to your computer or other electronic device.  You also should never provide personal information in a reply to an email.  Confirm whether or not the request for personal information is legitimate and even then, go directly to a website for the company or other institution that you know is legitimate to provide such information.  Finally, as I have warned you many times, (sorry to be a nag) use a unique password for all of your accounts so that if your password from a particular account is jeopardized, your other accounts are still safe.  This is not as difficult as it might seem.  In my book “Identity Theft Alert,” I provide instructions as to how to pick easy to remember, strong passwords.

Scam of the day – January 12, 2015 – Hackers attack German steel mill

January 12, 2015 Posted by Steven Weisman, Esq.

With all of the attention directed at the hacking of Sony Pictures by hackers associated with North Korea, much less attention was given to perhaps an even more ominous cyberattack done around the same time to a German steel mill.  Unknown hackers gained access to the steel mills computers, as they often do in attacks against major companies, through spear phishing of employees by which they lured unwitting employees to click on links or provide information under the belief that the emails they received were sent by upper management within the company.  Armed with the information gathered through the spear phishing, the hackers gained control of the blast furnaces of the steel mill that contained intensely heated molten metal.  According to BSI the German government’s office of information security, massive damage was done through the hacking although BSI did not specify what physical damage occurred as a result of the hacking.  This is only the second confirmed hacking event where a cyberattack has been used to destroy physical materials and equipment.  You have to go back all the way to 2007, when the Stuxnet malware was used to destroy Iranian centrifuges at a uranium enrichment plant to find a precedent.

TIPS

Many of us have warned governments and private industry of the extreme danger posed by cyber sabotage of essential infrastructure of countries around the world.  It is hoped that in the light of the this threat and the attention brought to hacking by the Sony hacking, that a more concerted effort will be made by both governments and corporations to make their systems more secure.  President Obama has tried unsuccessfully for years to get Congress to act and will highlight cybersecurity in his upcoming State of the Union address.  It is hoped that his words and the words of security experts around the world will be heeded.

Scam of the day – January 10, 2015 – Scam videos of the Charlie Hebdo terrorist attacks

January 10, 2015 Posted by Steven Weisman, Esq.

The fear and concern following the attack by terrorists that attacked the offices of the satirical magazine Charlie Hebdo and a Jewish supermarket in Paris is finally over after 53 hours.  The aftermath of the attacks include the deaths of twelve people at Charlie Hebdo’s offices and four more innocent people at the supermarket.  All three terrorists whose attacks were coordinated are also dead.  Much of the public around the world have been glued to their televisions and computers watching the events unfold.  Among the people whose attention has been focused on these events were scammers who are always looking to capitalize on events that capture the public’s interest.  If patterns follow, you can expect that you will be receiving emails, text messages or social media communications promising “shocking video” of these attacks.  Again, the familiar pattern is that you are told that these are exclusive videos that you can see nowhere else.  We have seen this type of scam following major natural and unnatural disasters in including Tsunamis and plane crashes.  Once you click on the links in the various communications, you end up downloading keystroke logging malware that will steal the information from your computer and use it to make you a victim of identity theft.

TIPS

Regardless of the purported source of any email, text message or social media communication, you can never be sure that the source is indeed who it says it is or that it is legitimate.  Never ever click on links in any form of communication unless you have absolutely confirmed that it is legitimate.  The risk is too high.  Even if your electronic devices are protected by anti-virus and anti-malware software, the best security software is always at least a month  behind the latest viruses and malware.  If your curiosity gets the best of you, limit your search to legitimate news websites and, even then, make sure that you type in the website address correctly so you don’t get misdirected to a phony phishing website that appears to be the legitimate website that you seek, but actually is a scam website that will try to lure you into clicking on tainted links.  Google searches are also a dangerous way to look for “shocking video” due to the fact that merely because a website may turn up high on a Google or other search engine search, does not mean that the website is legitimate.  All it means is that the person creating that website was good at Search Engine Optimization (SEO) which is knowing how to adapt the makeup of a website to place high in the algorithms used by search engines to rank websites for searches.

Scam of the day – December 15, 2014 – FBI warns American businesses of Iranian hackers

December 15, 2014 Posted by Steven Weisman, Esq.

The FBI has sent out a confidential warning to American businesses about an imminent threat of hacking by Iranian hackers who may, or may not, be state sponsored.  The attack appears to be focused on the always vulnerable educational institutions as well as energy companies, airlines and defense contractors.  The FBI warning provides detailed technical information about the different types of malware used in the attack as well as information about techniques such as spear phishing that are being used by the hackers to enable their malware to be unwittingly downloaded on to the computer networks of the targeted companies.  Spear phishing, as you may remember is a technique whereby the victim receives a seemingly legitimate email message addressed to the victim by name that lures the victim into clicking on a link that downloads the malware used to attack the company.

TIPS

This particular Iranian hacking scheme may be the same one recently identified as Operation Cleaver by the security firm Cylance  recently that uncovered attacks on more than fifty companies in sixteen countries including the United States.  As for us as individuals, we need to recognize that regardless of how careful we are at protecting the security of our own personal information, that information, as seen in the recent Sony hacking is only as safe as the companies with the weakest security practices that hold our information.  Therefore, whenever possible you should limit the companies and governmental agencies that have your personal information.

Scam of the day – December 11, 2014 – Phony shipping phishing scam

December 10, 2014 Posted by Steven Weisman, Esq.

Phony shipping phishing scam.  Try saying that fast three times.  Most likely you will trip on your words, but that is nowhere near much of a problem when compared to what happens to you if you fall for this scam.  The holiday season is a time when people are ordering gifts from many retailers.  It is common for companies to send an email confirmation when you order something online.  Scammers are taking advantage of this practice to send vast amounts of phony shipping notices and confirmation from what appear to be legitimate companies, such as Amazon with which so many of us do business.  However in these phishing emails, in which the scammer poses as a legitimate company, you are prompted to click on a link or download an attachment under various guises, such as confirming the order.  These links and attachments are filled with malware that will enable the scammer to steal all of your personal information from your computer and use it to make you a victim of identity theft.

Here is a copy of a phony phishing notice purportedly from Amazon.

bogusemail.jpg

TIPS

Legitimate companies will not have attachments or links for you to click on in any real confirmation of your order.  If you receive an email that informs you of a problem with your order or anything else that appears to require action on your part, never click on any links or download any attachments that may appear in such emails.  Rather, contact the real company through its website or a telephone number that you know is accurate.  Don’t use the telephone number contained in the email and don’t click through the email to purportedly go to the website.  Taking these simple steps can save you a lot of grief.

Scam of the day – December 1, 2014 – How to protect yourself on CyberMonday

December 1, 2014 Posted by Steven Weisman, Esq.

Every year, the number of people shopping online and the money spent through online shopping grows significantly.  And why not?  The convenience alone of being able to shop from the comfort and privacy of your home is reason enough for many of us to shop online and when you couple that with often lower prices and, in many instances, the sales not being subject to sales taxes, online shopping is a winner.  But how safe is it?  We all know from last year’s data breach at Target, how risky shopping in brick and mortar stores is, but shopping online can also be risky.  However, if you follow a few simple rules, you can dramatically improve the safety and security of your online shopping.

TIPS
Here is a list of some online shopping tips:

1. Make sure that the computer, laptop, tablet or smartphone you use is equipped with the anti-virus and anti-malware software programs and that you have updated the programs with the latest security patches.

2.  As with shopping at brick and mortar stores, don’t use a debit card for online purchases, as well.  In the event of a data breach, the consumer protection laws in regard to fraudulent use of your debit card are not as protective as those that apply when your credit card is fraudulently used.

3.  Don’t supply your credit card number unless the address of the website is preceded by the letters “https.”  That additional letter “s” indicates that the transmission of your data is encrypted and secure.

4.  Don’t leave your credit card number on record with the online retailers you use for the sake of convenience.  Doing so only makes you more likely to become a victim of identity theft if the company suffers a data breach (and many of them will).

5.  Don’t click on coupons or ads that you may receive by way of an email or text message regardless of how good they appear.  They may be loaded with malware that will be downloaded on to your computer, tablet or smartphone if you click on the link.  That malware can steal all of your personal information and lead to your becoming a victim of identity theft.  Any legitimate coupon you might receive through an email or a text message will also be available on the website of the company where you want to shop.

6.  Limit your online shopping to companies that you know and trust.  Merely because a company comes up high on a Google search does not mean that the company is legitimate.  Any company offering a price that appears too good to be true, should be particularly suspect.

7.  Use distinct and complex passwords for each online company with which you shop and use dual factor authentication whenever possible.

Scam of the day – November 14, 2014 – Watch out for a “Masque Attack”

November 14, 2014 Posted by Steven Weisman, Esq.

FireEye, a cybersecurity firm announced this week that they had identified a serious flaw in Apple’s iPhone operating system that makes most iPhones and iPads extremely vulnerable to being hacked and data being stolen.  The vulnerability, is being called “Masque Attack” and was first discovered by FireEye in July, but was first made public by FireEye this week when the first attempts to exploit the vulnerability by hackers was discovered.  Hackers attempted to exploit the vulnerability through the use of malware deemed “WireLurker.”  Presently, Apple’s iPhone operating system permits a malicious app that uses the same bundle identifier as that of a legitimate app to replace the legitimate app on the victim’s iPhone or iPad while retaining the data from the replaced legitimate app.  Thus the hacker can make it appear that the victim’s bank app, for example is still installed, when in fact it has been replaced by this malicious app and steal account information, passwords and other sensitive data which can easily lead to identity theft.  A Masque Attack occurs when the victim downloads a tainted app that may appear to be that of a popular game or some other apparently innocuous app.  Once installed, the victim does not know that he or she has replaced legitimate apps on the phone or tablet with the malicious app.

TIPS

Users of iPhones and iPads can protect themselves by taking simple precautions.  First, do not install apps from any source other than Apple’s official App Store.  This is always good advice because you can never be sure of the security of apps that come from sources other than the official app stores.  When opening any app, if the iPhone or iPad operating system indicates “Untrusted App Developer,” click on “Don’t Trust” and immediately uninstall the app.