Posts Tagged: ‘Malware’

Scam of the day – December 15, 2014 – FBI warns American businesses of Iranian hackers

December 15, 2014 Posted by Steven Weisman, Esq.

The FBI has sent out a confidential warning to American businesses about an imminent threat of hacking by Iranian hackers who may, or may not, be state sponsored.  The attack appears to be focused on the always vulnerable educational institutions as well as energy companies, airlines and defense contractors.  The FBI warning provides detailed technical information about the different types of malware used in the attack as well as information about techniques such as spear phishing that are being used by the hackers to enable their malware to be unwittingly downloaded on to the computer networks of the targeted companies.  Spear phishing, as you may remember is a technique whereby the victim receives a seemingly legitimate email message addressed to the victim by name that lures the victim into clicking on a link that downloads the malware used to attack the company.

TIPS

This particular Iranian hacking scheme may be the same one recently identified as Operation Cleaver by the security firm Cylance  recently that uncovered attacks on more than fifty companies in sixteen countries including the United States.  As for us as individuals, we need to recognize that regardless of how careful we are at protecting the security of our own personal information, that information, as seen in the recent Sony hacking is only as safe as the companies with the weakest security practices that hold our information.  Therefore, whenever possible you should limit the companies and governmental agencies that have your personal information.

Scam of the day – December 11, 2014 – Phony shipping phishing scam

December 10, 2014 Posted by Steven Weisman, Esq.

Phony shipping phishing scam.  Try saying that fast three times.  Most likely you will trip on your words, but that is nowhere near much of a problem when compared to what happens to you if you fall for this scam.  The holiday season is a time when people are ordering gifts from many retailers.  It is common for companies to send an email confirmation when you order something online.  Scammers are taking advantage of this practice to send vast amounts of phony shipping notices and confirmation from what appear to be legitimate companies, such as Amazon with which so many of us do business.  However in these phishing emails, in which the scammer poses as a legitimate company, you are prompted to click on a link or download an attachment under various guises, such as confirming the order.  These links and attachments are filled with malware that will enable the scammer to steal all of your personal information from your computer and use it to make you a victim of identity theft.

Here is a copy of a phony phishing notice purportedly from Amazon.

bogusemail.jpg

TIPS

Legitimate companies will not have attachments or links for you to click on in any real confirmation of your order.  If you receive an email that informs you of a problem with your order or anything else that appears to require action on your part, never click on any links or download any attachments that may appear in such emails.  Rather, contact the real company through its website or a telephone number that you know is accurate.  Don’t use the telephone number contained in the email and don’t click through the email to purportedly go to the website.  Taking these simple steps can save you a lot of grief.

Scam of the day – December 1, 2014 – How to protect yourself on CyberMonday

December 1, 2014 Posted by Steven Weisman, Esq.

Every year, the number of people shopping online and the money spent through online shopping grows significantly.  And why not?  The convenience alone of being able to shop from the comfort and privacy of your home is reason enough for many of us to shop online and when you couple that with often lower prices and, in many instances, the sales not being subject to sales taxes, online shopping is a winner.  But how safe is it?  We all know from last year’s data breach at Target, how risky shopping in brick and mortar stores is, but shopping online can also be risky.  However, if you follow a few simple rules, you can dramatically improve the safety and security of your online shopping.

TIPS
Here is a list of some online shopping tips:

1. Make sure that the computer, laptop, tablet or smartphone you use is equipped with the anti-virus and anti-malware software programs and that you have updated the programs with the latest security patches.

2.  As with shopping at brick and mortar stores, don’t use a debit card for online purchases, as well.  In the event of a data breach, the consumer protection laws in regard to fraudulent use of your debit card are not as protective as those that apply when your credit card is fraudulently used.

3.  Don’t supply your credit card number unless the address of the website is preceded by the letters “https.”  That additional letter “s” indicates that the transmission of your data is encrypted and secure.

4.  Don’t leave your credit card number on record with the online retailers you use for the sake of convenience.  Doing so only makes you more likely to become a victim of identity theft if the company suffers a data breach (and many of them will).

5.  Don’t click on coupons or ads that you may receive by way of an email or text message regardless of how good they appear.  They may be loaded with malware that will be downloaded on to your computer, tablet or smartphone if you click on the link.  That malware can steal all of your personal information and lead to your becoming a victim of identity theft.  Any legitimate coupon you might receive through an email or a text message will also be available on the website of the company where you want to shop.

6.  Limit your online shopping to companies that you know and trust.  Merely because a company comes up high on a Google search does not mean that the company is legitimate.  Any company offering a price that appears too good to be true, should be particularly suspect.

7.  Use distinct and complex passwords for each online company with which you shop and use dual factor authentication whenever possible.

Scam of the day – November 14, 2014 – Watch out for a “Masque Attack”

November 14, 2014 Posted by Steven Weisman, Esq.

FireEye, a cybersecurity firm announced this week that they had identified a serious flaw in Apple’s iPhone operating system that makes most iPhones and iPads extremely vulnerable to being hacked and data being stolen.  The vulnerability, is being called “Masque Attack” and was first discovered by FireEye in July, but was first made public by FireEye this week when the first attempts to exploit the vulnerability by hackers was discovered.  Hackers attempted to exploit the vulnerability through the use of malware deemed “WireLurker.”  Presently, Apple’s iPhone operating system permits a malicious app that uses the same bundle identifier as that of a legitimate app to replace the legitimate app on the victim’s iPhone or iPad while retaining the data from the replaced legitimate app.  Thus the hacker can make it appear that the victim’s bank app, for example is still installed, when in fact it has been replaced by this malicious app and steal account information, passwords and other sensitive data which can easily lead to identity theft.  A Masque Attack occurs when the victim downloads a tainted app that may appear to be that of a popular game or some other apparently innocuous app.  Once installed, the victim does not know that he or she has replaced legitimate apps on the phone or tablet with the malicious app.

TIPS

Users of iPhones and iPads can protect themselves by taking simple precautions.  First, do not install apps from any source other than Apple’s official App Store.  This is always good advice because you can never be sure of the security of apps that come from sources other than the official app stores.  When opening any app, if the iPhone or iPad operating system indicates “Untrusted App Developer,” click on “Don’t Trust” and immediately uninstall the app.

Scam of the day – November 11, 2014 – New study on effectiveness of phishing

November 11, 2014 Posted by Steven Weisman, Esq.

Phishing, as you probably know, is the term for the tactic used by scammers and identity thieves who pose as a legitimate company, government agency or some other person or entity you trust and lure you into providing personal information that can either be used to make you or someone you know a victim of identity theft.  Recently, Google and the University of California, San Diego completed a study that showed just how effective phishing is.  A common phishing technique is to send an email to someone with a link directing them to a phony, but legitimate appearing website.  Other times, the phony email itself contains a request for personal information.  Startlingly, the study showed that at teh most effective of these phishing websites up to 45% of people targeted provided the information requested.  Sometimes, the scammers are merely looking to take over your email account so that they can send targeted emails to people on your email list that appear to come from you and may be directed to your friends by name.  This type of phishing is called spear phishing.   Phishing is a tremendously effective scam technique and was at the core of the hacking of Target, Home Depot and many other companies and people.

TIPS

Never click on links or download attachments unless you are absolutely sure that they are legitimate.  Even if they appear to be in an email or text message from a friend, you cannot trust the communication because your friend’s account may have been hijacked by an identity thief or scammer.  Never provide personal information on websites unless you have confirmed that it is legitimate.

If your email account is compromised here are the steps to take:

1. Change your password on your email account. If you use the same password for other accounts, you should change those as well.
2. Change your security question. I often suggest that people use a nonsensical security question because the information could not be guessed or gathered online. For instance, you may want the question to be “What is your favorite color?” with the answer being “seven.”
3. Report the hacking to your email provider.
4. Contact people on your email list and let them know you have been hacked and not to click on links in emails that may appear to come from you. You have already done this.
5. Scan your computer thoroughly with an up to date anti-virus and anti-malware program. This is important because the hacker may have tried to install a keystroke logging malware program that can steal all of the information from your computer.
6. Review the settings on your email, particularly make sure that your email is not being forwarded somewhere.
7. Get a free copy of your credit report. You can get your free credit reports from www.annualcreditreport.com. Some other sites promise free credit reports, but sign you up for other services that you probably don’t want or need.
8. Consider putting a credit freeze on your credit report. You can find information about credit freezes here on Scamicide.

Scam of the day – October 29, 2014 – World Health Organization Ebola scam

October 29, 2014 Posted by Steven Weisman, Esq.

I warned you about a number of Ebola scams in my Scam of the day for October 16th, however, a new one is now appearing that requires a specific warning.    This scam starts with an email that appears to come from the World Health Organization that contains a link for you to click on in order to download an attachment purported to contain tips to protect you from the Ebola virus.   It is preying upon the public’s fear and concern regarding Ebola.  However, if you download the attachment, you will not get Ebola information, but will download a keystroke logging malware program that will steal your personal information from your computer and use it to make you a victim of identity theft.

TIPS

Never click on links or download attachments in emails, text messages or social media postings unless you have confirmed that the links or downloads are legitimate.  Trust me, you can’t trust anyone.  It is easy to make a counterfeit message that carries the logo of a real organization and appears to be legitimate.  If you even have the slightest thought that the message may indeed be legitimate, you should merely go to the website at an address that you know is correct or call the entity at a telephone number you have confirmed is correct to verify whether or not the original message to you was phony or not.  In this particular case, the World Health Organization never sends messages to the general public, so you should immediately know it is a scam.

 

Scam of the day – October 11, 2014 – Nude photos of Emily Watson scam

October 11, 2014 Posted by Steven Weisman, Esq.

Emma Watson is a popular, young actress who is best known for her role as Hermione in the Harry Potter movies.  She is one of the most well searched celebrities on the Internet.  This intelligent Brown University graduate also may be one of the few celebrities who did not have nude photos of her stolen from the cloud.  It may even because she has not taken such pictures.  Regardless, there are many people who would very much like to see nude photographs of her which is why a new scam first reported by the security firm Bitdefender comes as no surprise.  This scam starts with a Facebook posting that promises nude videos of Emma Watson for free, merely by clicking on a link.  If you click on the link the image reproduced below appears on your screen.  Unfortunately, if you download the attachment in order to view the promised video, you will not succeed in seeing a video of Emma Watson, but you will succeed in downloading malware called Trojan.Agent.BFQZ which will steal the information from your computer or other electronic device and use it to make you a victim of identity theft, make postings using your name on Facebook and sign you up for expensive text message services for which you will be billed through your cellular service.

The Emma Watson Trojan virus being shared on Facebook

TIPS

Without even getting into the morality and ethics of viewing what appear to be privacy invading, stolen nude videos of public figures, the plain, hard truth is that many of these solicitations to view these videos are just bait by scammers and identity thieves to lure you into clicking on links and downloading attachments that will install malware on your computer or other electronic device that will end up costing you money and making you a victim of identity theft.  Trust me, you can’t trust anyone.  Never click on links or download attachments unless you are absolutely sure that they are legitimate.

 

Scam of the day – October 7, 2014 – Latest security updates from Department of Homeland Security

October 7, 2014 Posted by Steven Weisman, Esq.

Constant updating of the software we all use with the latest security patches and updates is a critical part of avoiding scams and identity theft threats.  Whenever new security updates and patches are issued, we provide access to these so that you can update your software to provide better security on your computers, smartphones, laptops and other electronic devices.  Updating your software with the latest security patches and updates as soon as possible is important because identity thieves and scammers are always finding and exploiting vulnerabilities in the software that we all use.  Delay in updating your software could lead to disastrous results.  However, it is also important to be sure that you are downloading legitimate patches and updates rather than being tricked by an identity thief or scammer into downloading malware under the guise of downloading a security patch or update.  That is why we provide links to the necessary patches and updates as provided by the Department of Homeland Security and the companies directly.  Today’s updates include a number of important security patches related to the Bash virus.

TIPS

Here are the links to the latest security updates as issued by the Department of Homeland Security: https://www.us-cert.gov/ncas/bulletins/SB14-279

Scam of the day – September 23, 2014 – How LinkedIn can be used to hack companies

September 22, 2014 Posted by Steven Weisman, Esq.

LinkedIn is a very popular social networking service site for business people where 300 million people share knowledge and opportunities.  Unfortunately, however the information provided on LinkedIn can be manipulated in the hands of a hacker to provide information that can be used to hack a business’ computers and data.  If you look up a company on LinkedIn you will find a number of profiles for individual employees of the company.  Many of these will include the employee’s email address.  After viewing a few employee profiles a hacker can determine the protocol used for emails within the company, such as initial of first name, last name@companyname.com.   Using this information, the hacker can send a legitimate appearing email to a company employee that looks like it comes from within the company luring the real employee to either click on a tainted link or enter a username and password.  This can be used to either directly install malware on to the company’s computers through the tainted link or get access through the user name and password of the employee victimized by the scam.  From there it is an easy thing to install malware to steal information from the company.

TIPS

Never click on links in emails, text messages or social media or download attachments until you have absolutely confirmed that they are legitimate.  Also, when it comes to network security, most companies will never ask for an employee’s user name or password.  Again, never provide this information on any website or anywhere else until you have first confirmed that the website is legitimate.  It might be a phony, tainted website merely phishing for your information.  Trust me, you can’t trust anyone.

Scam of the day – September 17, 2014 – JP Morgan data breach update

September 17, 2014 Posted by Steven Weisman, Esq.

In August I first told you about the hacking of banking giant J.P. Morgan and as many as four other banks.   Investigators believe the hacking was the work of sophisticated hackers from Eastern Europe.  Some are theorizing that the hacking was sponsored by the Russian government.  Much sensitive data was compromised and stolen as a result of the hacking although to date none of the million customer accounts compromised have suffered any loss or fraudulent activity.  Investigators are now saying that the breach was limited to names, addresses and phone numbers.  The initial investigation appears to be focusing on the exploitation of computer programs used by a J.P. Morgan employee to work from a remote location.  This type of exploitation of remote desktop software such as Microsoft’s Remote Desktop, Apple’s Remote Desktop, Chrome’s Remote Desktop, Splashtop, Pulseway and LogMein that enable the convenience of logging into a company’s computers from an off site location has proven to be a major security flaw that has been continually exploited in company after company for quite a while going back to Target’s hacking last year to the recent UPS hacking.  I have warned people about this flaw for sometime and the FBI has warned American businesses to watch for this.

TIPS

Banks are a frequent target of cyberattacks and American banks have generally done a good job in recent years in protecting data, however, as this latest hacking shows, more needs to be done, particularly in regard to the particular type of malware used in this attack which may be or be similar to the “Backoff” malware I have been warning about.  As for we as consumers, there is little we can do other than to carefully monitor all of our accounts, only use credit cards rather than debit cards for retail purchases and limit the amount of personal information you provide to any company or governmental agency with which you do business.  This will not be the last major hacking exploiting this flaw to occur.