Posts Tagged: ‘Malware’

Scam of the day – February 8, 2016 – The dangers of Facebook farming

February 8, 2016 Posted by Steven Weisman, Esq.

We have all seen Facebook postings urging us to click that we “like”them.  Sometimes it is an emotional appeal to show support for a sick child.  Sometimes it is to show support for a political message. Sometimes these appeals are legitimate, but unfortunately sometimes they are not.  Often they are done to take advantage of Facebook’s algorithms that value the popularity measured by likes and shares which then appear on the Facebook pages of more people.  Although the original content liked or shared may appear sincere or entertaining, the scammers who use this technique, which is called “farming,” then are able to change the content to something entirely different from what was originally shared or liked.  This can be done for purposes of sending advertising or gathering marketing information, but, at its worst, it can be used to send malware infected content that can steal personal information from your computer and use it to make you a victim of identity theft.

TIPS

So what should you do?  Posts that promise some sort of prize for sharing or liking are most likely scams. As for the other scams, you may wish to be a bit skeptical before automatically sharing or liking a post. You may wish to even do a little research yourself to find out if the posting is legitimate.    A 2007 photo of a seven year old Pennsylvania girl with Stage IV cancer posing in her cheerleading uniform has been used numerous times for Facebook farming.  Today that girl is a cancer free teenager whose family is understandably outraged that their daughter’s photograph has been abused by scammers through Facebook farming.

Scam of the day – February 1, 2016 – Police issue warnings about sextortion

February 1, 2016 Posted by Steven Weisman, Esq.

Sex extortion or sextortion has been around for years on the Internet with criminals tricking people into performing sexual acts online that are recorded and then used to blackmail the victims.  In other cases, hackers have gained access to the webcams of women and used them to take photographs of the women who unwittingly undressed in front of computers in their rooms, not knowing they were being recorded.  In one notorious case, Miss Teen USA, Cassidy Wolf refused to be a victim of sextortion and helped law enforcement find and prosecute Jared James Abrahams who was sentenced to 18 months in prison in March of 2014.

Now, however, as with many scams, sextortion has evolved.  In the latest incarnation, uncovered by cybersecurity firm Trend Micro, Cybercriminals in Asia set up fake profiles on social media such as Facebook and then lure their victims to platforms with both video and voice capabilities such as Skype and entice them into performing sexual acts, which are recorded by the cybercriminals.  In a new twist on this scam, however, the cybercriminals then pretend that they are having audio difficulties and convince their victims into downloading a specific Android app on to their Android smartphone which they represent will remedy the problem.  However, instead of fixing the problem, the app is malware that steals all of the contact information stored on the victim’s smartphone.  The cybercriminal then threatens to send the videos to everyone on the victim’s contact list unless the victim pays a ransom.

The York Regional Police in Canada have recently issued a warning about an increase in sextortion criminal activity, much of which has been traced to the Phillipines.  This follows the warning issued by the University of Colorado about this crime that I told you about in the Scam of the day for September 11, 2015.

TIPS

The best solution to any problem is to avoid the problem altogether.  An easy and decidedly low-tech way to protect yourself from webcam surveillance is to merely put a post-it over the camera when you are not using it.  If you are going to indulge in cybersex or phone sex, it should only be done with people whom you totally trust.  Engaging in such activities with strangers or people you do not know well is asking for trouble.  Also, make sure that all of your electronic devices including your smartphone and computer are protected with the latest updated security software.  Even then, however, no security software is 100% effective against the latest viruses and malware so you should never click on links or download attachments unless you have absolutely confirmed that they are legitimate and you should never download apps from anywhere other than legitimate app stores.  The risk of malware is just too high.

Scam of the day – January 20, 2016 – Real estate home buying scam

January 20, 2016 Posted by Steven Weisman, Esq.

Intricate email scams targeting people involved in the sales of residential real estate have increased over the past year both in the United States and the UK.  The scams begin with the hacking into the email accounts of one of the parties involved with a residential real estate conveyance.  This can be either the buyer, seller, lawyers, real estate agent or banker.  Unfortunately, hacking into email accounts is a relatively easy thing for a skilled identity thief to do.  They then monitor the communications regarding the progress of the sale of a particular piece of real estate and when the time is right,  generally posing as one of the lawyers or the bank mortgage officer, the scammer will email the buyer, telling him or her that funds necessary to complete the sale need to be wired to the phony lawyer’s or banker’s account provided in the email.  Everything appears normal so unsuspecting buyers too often are wiring the money to the cyberthieves who then move the funds from account to account to make it difficult to trace the funds.

TIPS

Even if you are not involved in buying or selling a home, it is always a good idea to protect your email account from being hacked.  This means having a strong password and security question as well as changing your passwords on a regular basis.  You can find information about how to pick strong passwords and security questions here in the Scamicide archives as well as in my book “Identity Theft Alert.”  Maintain good anti-virus and anti-malware software on all of your electronic devices including your computer as well as your smartphone and keep your security software up to date with the latest security patches as soon as they are made available.  Don’t click on links in emails or text messages that may contain malware that can steal your personal information from your electronic devices and remember, your security software is always at least thirty days behind the latest malware.

Don’t use public wifi for any financial or business purposes.  Use a virtual private network to encrypt your data when using your electronic devices in public.  Never provide personal information in response to an email regardless of how legitimate it may appear until you have independently confirmed that the email is legitimate.  Finally, whenever you are asked through an email or text message to wire funds as a part of a real estate or other business transaction, don’t do so until you have confirmed that the request and the account to which you are being asked to wire the funds are legitimate.  Appearances can be deceiving so always confirm.

Scam of the day – November 30, 2015 – Data breach at VTech Learning Lodge

November 30, 2015 Posted by Steven Weisman, Esq.

Hong Kong company VTech Holdings Limited has announced that its Learning Lodge app store has been hacked.  The data breach may involve as many as 4.8 million accounts and include personal information on more than 200,000 children which brings a new level of concern about this particular data breach.  Learning Lodge is an app store for  high tech learning games and other educational toys for children.

The adult customer information compromised in the data breach includes names, email addresses, encrypted passwords, security questions and answers, IP addresses and mailing addresses.  Although the passwords were stolen in their encrypted form, VTech used older, less secure encryption algorithms, which can be readily cracked by sophisticated cybercriminals.  This means that the customers whose data was stolen are in particular danger if they, like so many people do, use the same password for multiple accounts.

In addition, the potential for exploitation of the children’s data stolen brings a new wrinkle to this data breach.  Children’s names and birth dates could be tied to their parents through the stolen information thereby establishing a new avenue for identity theft and fraud.  Spear phishing using this information, whereby malware containing emails could be made to appear legitimate, pose a real threat to the victims of this data breach.

TIPS

Once again, people are becoming vulnerable to identity theft due to the lack of proper security measures by a company with which they do business.  However, the failure of people to protect themselves by using unique, distinct passwords for each of their accounts substantially contributes to their risk of identity theft.  The lesson is to remember that you should always have a distinct and unique password for each of your online accounts.  It should be a complex password so that it cannot be broken by simple brute force attacks that use millions of guessable combinations such as any word in the dictionary or such common passwords as 123456.  One good way to pick a complex password is to pick a phrase, such as “I Don’t like passwords” and turn it into the basis for a password by making it IDon’tLikePasswords.  This password is already complex in that it has words and a symbol.  Now add a couple of symbols at the end of the password so it may read IDon’tLikePasswords!!! and you have an easy to remember, but strong password.  Now you can just adapt it for each of your online accounts with a few letters to identify the account.  Thus, your Amazon password can be IDon’tLikePasswords!!!Ama and you have a strong, but easy to remember password.

Scam of the day – October 2, 2015 – Update on data breach at Trump hotels

October 2, 2015 Posted by Steven Weisman, Esq.

It has just been disclosed by the Trump Hotel Collection, which includes hotels in Chicago, Honolulu, Las Vegas, Los Angeles, Miami and New York that its hotels had been hit with a Target-like credit card and debit card data breach that appears to have occurred between May 19, 2014 and June 2, 2015.  Although the Trump Hotel Collection is just announcing this now and much of the media is reporting this as a new story, here at Scamicide, we reported to you about this data breach in our Scam of the day on July 5, 2015.  As with so many data breaches, it was discovered not by the company hacked, but by credit and debit card processing banks that noticed a pattern of fraudulent use and traced the cards back to the Trump hotels.    The malware used to perform this data breach was installed on computers at Trump hotels front desk terminals as well as as payment card terminals in the hotels’ restaurants and gift shops.  This type of hacking and data breach could have been prevented had the Trump Hotel Collection switched to the modern EMV smart chip credit cards now being required to be used according to credit card regulations that just went to effect yesterday.  Instead the Trump Hotel Collection, as many companies still do, used the old fashioned credit and debit cards with magnetic strips which are so susceptible to hacking.

TIPS

If you used your credit and debit card at one of the affected Trump hotels between May 19, 2014 and June 2, 2015, you should obtain your credit report from each of the three major credit reporting agencies and look for indications of identity theft.  You should also carefully monitor your credit card account and bank accounts for unusual activity.  You should also consider putting a credit freeze on your credit reports, which is always a good idea.  The Trump Hotel Collection is offering free credit monitoring for people who used their cards at their hotels during the time period indicated above.  For more information about this offer, call them at 877-803-8586.  Here also is a link to the statement of the Trump Hotel Collection about this data breach. https://www.trumphotelcollection.com/cc-security-faq

As for the rest of us, there is little that we as credit and debit card users can do to protect ourselves from the security vulnerabilities of the companies with which we do business.  One important thing to do is to refrain from using your debit card except at ATMs.  Using your debit card at retail establishments puts you at a much greater risk of expensive identity theft in the event of a data breach at the company with which you are doing business because of weaker consumer protection laws regarding liability for fraudulent use of your debit card.  Also, if you have not yet received a new EMV smart chip credit card from your credit card company, you should ask your credit card company for a replacement credit card with a computer chip now.

Scam of the day – September 27, 2015 – Facebook dislike button scam reappears

September 26, 2015 Posted by Steven Weisman, Esq.

It has been more than three years since I first reported to you about the Facebook dislike button scam.  The scam involves a link on your wall informing you that Facebook now has a dislike button and you can take advantage of this new feature by clicking on a link.   This is a scam.  There is no dislike button on Facebook.  If you click on the link,  a number of things may happen, all of which are bad.  You may be prompted to provide personal information that will be used to make you a victim of identity theft or you may unwittingly be signing up for expensive monthly services on your smartphone or you may automatically download malware that gives the identity thieves access to the personal information in your computer or smartphone which identity thieves then use to make you a victim of identity theft.  Additionally, clicking on the link may give the scammer access to your profile and the ability to send out malware and spam to all of your friends and make it appear that the material is coming from you.

This scam is experiencing a resurgence because last week, Facebook CEO Mark Zuckerberg  spoke about Facebook considering a feature similar to a dislike button.  However, such a feature is a long way from becoming a reality.

TIP

There is no dislike button so if you see a link to one, you can be sure that it is a scam.  If you unwittingly have downloaded this, you should delete it from your Facebook account as soon as possible and report it to Facebook.

Scam of the day – September 14, 2015 – Federal government unveils new cybersecurity plan

September 13, 2015 Posted by Steven Weisman, Esq.

It is no secret that the federal government, as evidenced by the recent hacking of the Office of Personnel Management (OPM) in which personnel data on 22 million people was stolen, is a target of hackers, both nation-state and ordinary (or perhaps not so ordinary) criminals.  The OPM data breach was initiated as was the Target data breach and 90% of all data breaches through a phishing email.  A phishing email is an email sent by the hacker that appears to be legitimate and lures the victim at the targeted company or agency to click on a link or download an attachment that contain malware that enables the hacker to steal the information contained in the victim’s computer system.  It is fascinating in almost all major data breaches, the most complex and sophisticated malware is downloaded on to the victim’s computer through the simple trickery of phishing.  Here is a link to a column I wrote about this last year.  http://www.usatoday.com/story/money/personalfinance/2014/10/18/malware-data-breach-phishing/17458411/

In response to the OPM and other data breaches, William Evanina, the Director of the National Counterintelligence and Security Center has announced a new campaign to raise the awareness of federal workers to the dangers of phishing and specifically targeted phishing emails referred to as spear phishing.

TIPS

Phishing and spear phishing represent threats not just to companies and governmental agencies, but to all of us as individuals as well.  Identity theft is often accomplished through individuals being targeted by phishing or spear phishing emails who unwittingly click on links or download attachments that contain keystroke logging malware that enables the identity thief to steal all of the information including passwords, credit card numbers, Social Security numbers and other personal information from the victim’s computer and use that information to make that person a victim of identity theft.  Other types of malware, such as ransomware, which encrypts and locks all of the data in your computer, followed by a threat to destroy your data unless you pay a ransom, is generally downloaded through clicking on a link or downloading an attachment from a phishing email.

The key to avoiding becoming a victim is to never click on a link or download any attachment unless you have absolutely confirmed that the link or attachment is legitimate.  Even if the link is contained in an email from someone you know and trust, it is possible that their email may have been hijacked so you must always be a bit skeptical.  It may seem a bit paranoid, but remember that even paranoids have enemies.

Scam of the day – September 13, 2015 – Another major health care data breach

September 13, 2015 Posted by Steven Weisman, Esq.

Health insurer Excellus Blue Cross/Blue Shield became the latest major health insurer to disclose that it had suffered a data breach affecting 10.5 million people.  The compromised information may include names, birth dates, Social Security numbers, mailing addresses, telephone numbers, member identification numbers, financial account information and claims information.  This hacking, which was just announced, but has been going on since December of 2013 is the fourth major health care data breach this year with anthem Blue Cross/Blue Shield being the largest, having affected upwards to 80 million people.  As I warned everyone in my USA Today column in which I made my cyberpredictions for 2015, the health care industry is tremendously vulnerable to data breaches and we can expect these data breaches to continue.  Here is a link to that column.  http://www.usatoday.com/story/money/personalfinance/2014/12/20/cyber-hack-data-breach/20601043/

A recent audit of health care companies and insurers showed that more than 81% of these companies have suffered a data breach in the last two years alone and that number only relates to the data breaches that have been discovered.  There may have been more that remain undiscovered.

The potential consequences of medical company data breaches can be tremendous to affected individuals.  The medical records of an identity thief accessing your medical insurance can become intermingled with your medical records such that you can mistakenly receive improper treatment, such as a potentially deadly blood transfusion of the wrong blood type.

TIPS

Excellus will be sending out snail mail letters to those people affected by the data breach shortly.  If you receive an email purportedly from Excellus asking you to click on links for information about the data breach, it is a phishing email aimed at getting you to download malware on to your computer and make you a victim of identity theft.  As many hacked companies do, Excellus is offering two years of free credit monitoring, however these services will do nothing to protect you from identity theft.  In order to do that, I suggest that you put a credit freeze on your credit report at each of the three major credit reporting agencies in order to prevent someone who already has your personal information such as your Social Security number from accessing your credit report to run up debts in your name.  You can find information about how to do a credit freeze in the Scamicide Archives.  For more information about the Excellus data breach, you can either call their toll free hotline number of 877-589-3331 or got their website by clicking on this link. http://www.excellusfacts.com/

Scam of the day – September 11, 2015 – University of Colorado warns students about sextortion

September 11, 2015 Posted by Steven Weisman, Esq.

Back in the March 31st Scam of the day I warned you about the dangers of sextortion.  Sex extortion or sextortion has been around for years on the Internet with criminals tricking people into performing sexual acts online that are recorded and then used to blackmail the victims.  Now the University of Colorado Boulder Police Department is warning students about overseas criminals luring students into performing sexually acts on Skype that the criminal records and then threatens to make the videos public unless a ransom is paid.  In this latest incarnation of the scam, the criminal initially friends the victim on Facebook and gains the trust of the victim before luring him or her into compromising videos.  Investigators in Colorado have traced the particular criminal involved with their campus to someone based in Singapore.

In a twist on this scam found in the actions of other cyberextortionists, the cybercriminals  pretend that they are having audio difficulties and convince their victims into downloading a specific Android app on to their Android smartphone which they represent will remedy the problem.  However, instead of fixing the problem, the app is malware that steals all of the contact information stored on the victim’s smartphone.  The cybercriminal then threatens to send the videos to everyone on the victim’s contact list unless the victim pays a ransom.

TIPS

The best solution to any problem is to avoid the problem altogether.  If you are going to indulge in cybersex or phone sex, it should only be done with people whom you totally trust.  Engaging in such activities with strangers or people you do not know well is asking for trouble.  Also, make sure that all of your electronic devices including your smartphone and computer are protected with the latest updated security software.  Even then, however, no security software is 100% effective against the latest viruses and malware so you should never click on links or download attachments unless you have absolutely confirmed that they are legitimate and you should never download apps from anywhere other than legitimate app stores.  The risk of malware is just too high.

Scam of the day – September 3, 2015 – 225,000 Apple iPhones hacked

September 3, 2015 Posted by Steven Weisman, Esq.

In the largest hacking of iPhone accounts in history, more than 225,000 iPhones have been hacked by Chinese hackers using a malware called KeyRaider that steals the passwords, private keys and certificates of its victims.  The hacked phones are spread around 18 countries including the United States, China, United Kingdom, Australia, Canada, France, Germany, Japan, Italy, Israel, Russia, Singapore, South Korea and Spain.  Only iPhones that have been jailbroken are affected by this malware.  Jailbreaking is the name for the term that describes when iPhone owners remove the Apple installed security settings of the phone, often done by the phone’s owner in order to be able to install  apps that are not approved by Apple.  Armed with the information stolen through the malware, the hacker can access the victim’s data from the Cloud including photographs and documents.  The hackers can also order non-free apps from the App Store  using the victim’s account and in perhaps the worst result of the hacking, the hacker can lock the victim’s phone and cloud account until a ransom is paid.

TIPS

If you have jailbroken your iPhone, you should have the phone checked to see if your phone was one of them hacked through KeyRaider.  If your phone was affected, obviously you should have the malware removed, however, you should then change your Apple account password.  You also would be wise to enable two-factor identification, which Apple provides and which will dramatically improve the security of your Apple devices.  Had the celebrities whose nude photos were hacked and leaked last year been using dual-factor authentication, there photos would never have been stolen.  Using dual-factor authentication is a good idea for everyone whenever possible.