Scam of the day – December 19, 2016 – Android Super Mario Run scam

Super Mario Run is presently the most popular game in the App Store for iPhones and other Apple devices. Unfortunately, for those of you with Android devices, Nintendo has not yet created an Android Application Package version of Super Mario Run although scammers are indicating throughout the Internet that they have free Android versions of Super Mario Run that you can download.  This is a total scam. Sometimes a leaked version of a game is leaked before it is officially launched, however, in this instance, Nintendo hasn’t created one yet so there is nothing to leak.  Anytime you download an Android version of Super Mario Run, you are running the risk of downloading attached malware that can be used to steal your identity or bring other dangers such as ransomware.

TIPS

Free apps loaded with malware present a tremendous danger.  The best thing you can do is to stay with sources such as the App Store or Google Play that you know are legitimate when looking for apps.  Although neither of these companies are perfect when it comes to investigating apps to make sure they are legitimate and not filled with malware, they both do a pretty good job of vetting apps before they are made available to the public.

December 18, 2016 – Steve Weisman’s latest column for USA Today

Looking ahead to the new year and the challenges it will present in regard to cybersecurity, here is my latest column from USA Today in which I present my predictions for the world of cybersecurity for 2017.  Although it may seem a bit daunting, there are steps we can all take to protect ourselves and I will describe those in my next column.

http://www.usatoday.com/story/money/columnist/2016/12/17/think-cyberthreats-bad-now-theyll-get-worse-2017-spear-phishing-etc/95262574/

Scam of the day – November 30, 2016 – San Francisco commuter rail system hacked

Late on November 25th, the San Francisco Municipal Transportation Agency (SFMTA), which operates the municipal rail system in San Francisco, referred to as “Muni” was hacked when an SFMTA employee unwittingly clicked on a link in a phishing email and downloaded ransomware that locked and encrypted all of the SFMTA computer systems.  The hacker, who is thought to be Iranian, demanded a ransom of 100 bitcoins which is approximately $73,000 or he would destroy the data.  The SFMTA is refusing to pay the ransom and has indicated that it has backed up the encrypted data which, it says will be restored shortly.

Meanwhile, according to security research Brian Krebs, a white hat hacker hacked into the email of the original hacker and managed to take over the original extortionist’s email account by answering the extortionists security question.  The email account provided evidence that the hacker had been active in installing ransomware and obtaining ransom payments from numerous companies.

TIPS

There are a number of lessons for all of us as individuals to learn from this incident.  First and foremost is to install and maintain good security software including software that will help defend you against phishing emails.  However, no security software is totally effective against phishing emails, so you never click on links in any email unless you have absolutely confirmed that the email is legitimate.  Second, you should back up all of your data either in the cloud or on a portable USB hard drive to protect yourself from the danger of ransomware. Finally, in regard to security questions, which when answered give someone the ability to change your password, you should use a nonsensical answer to the question so it cannot be guessed or obtained through research about you.  For instance, if the question is what is your mother’s maiden name, you might make the answer “firetruck.”  You will remember it because it is so silly, but no one will be able to guess it by going through online data bases or social media.

Scam of the day – October 7, 2016 – Kim Kardashian robbery leads to 2,400% increase in scams

It was only four days ago that I warned you about scams linked to popular celebrities listed in security software company McAfee’s list of the ten most dangerous celebrities on the Internet.  These are people whose popularity is exploited by identity thieves and hackers who lure unsuspecting people through links in emails, social media and text messages relating to these celebrities to malware filled websites where they unknowingly download ransomware or keystroke logging malware that enables the identity thieves to steal all of the personal information from the victim’s computer, laptop, smartphone or other electronic device and use that information to make the person a victim of identity theft.  Whenever something or someone is of great interest to the public, scammers promptly capitalize on that interest to lure people into falling prey to online scams that promise to provide photos or information about the person or event and so it has been with the ten million dollar Paris jewel robbery of Kim Kardashian.  According to security software company, Norton, online scams related to Kim Kardashian increased by a startling 2,400% in just the first twenty-four hours following the robbery.  Emails, text messages and social media posting promising news about the robbery have been used to lure people into clicking on malware infested links. As an indication of the wide popularity of Kim Kardashian, these scams are appearing in English, French and German.

TIPS

Never click on links or download attachments unless you are absolutely sure that they are legitimate.  Merely because it appears that a friend is passing them on to you does not make them legitimate.  Your friend’s email or smartphone could have been hacked or your friend could unwittingly be passing on malware.  As for celebrity news, you should have a healthy mistrust of websites with which you are not entirely familiar.  If the information promised is legitimate, it will be able to be found in trustworthy news websites.  Finally make sure that you keep all of your electronic devices secure with anti-malware and anti-virus software and keep your security software current with the latest security patches.

Scam of the day – September 4, 2016 – The dangers to you from your kids on your computer

If you are a parent of young children or even not so young children, you certainly have noticed how comfortable your children are with computers.  In fact, they are often too comfortable.  When we become victims of malware such as keystroke logging malware that steals the data from your computer and uses it to make you a victim of identity theft or ransomare which destroys your data unless you pay a ransom, the culprit is usually someone who clicked on a phishing or spear phishing link in an email or went to an infected website and unwittingly downloaded the malware.  Yet children, using the family computer, often do not think about these dangers, such as when they click on links for free music or video games.

TIPS

The first step, of course is to educate your children as to the dangers found on computers and the Internet, but there are a number of other steps you should be taking, as well such as:

  1.  Set up your computer with limited user accounts for your children that, in theory, will prevent them from downloading software or changing the settings on your computer.
  2.  Use the parental control features found in your computer called Family Safety in Windows 8 and Windows 10.
  3.  Don’t store sensitive personal information on your computer.  This is a good rule for all of us whether or not you have children.  Encrypt sensitive data and store it on a USB external hard drive that is not connected to the Internet.  This is particularly important in protecting your computer from ransomware.
  4. Don’t let your kids know your passwords and security questions to your computer or accounts.

Finally, as Murphy’s Law instructs us, what can go wrong, will go wrong, so have your children use their own computer that is not connected to yours so even if they falter and do unwittingly download malware, your computer and the information contained therein will not be in danger.

Scam of the day – August 18, 2016 – Major data breach at health care provider

Recently a Ukranian hacking group called “Pravyy Sector” managed to hack into the server of the Central Ohio Urology Group, which includes twenty-four clinics and posted online literally hundreds of thousands of files that included massive amounts of personal information that could be exploited for identity theft and other illegal purposes.  While you may not be a patient of Central Ohio Urology Group and therefore may not consider this to be a serious matter, but it is very serious because it is just another example of the pervasive lack of security in the health care industry.

As I warned everyone in my USA Today column in which I made my cyberpredictions for 2015, the health care industry is tremendously vulnerable to data breaches and we can expect these data breaches to continue.  Here is a link to that column.  http://www.usatoday.com/story/money/personalfinance/2014/12/20/cyber-hack-data-breach/20601043/

An audit of health care companies and insurers showed that more than 81% of these companies have suffered a data breach in the last two years alone and that number only relates to the data breaches that have been discovered.  There may have been more that remain undiscovered.   The health care industry is the perfect storm for data breaches.  It is a highly digitized industry that has massive amounts of personal information that it shares with numerous offices and institutions and yet has not, in many instances instituted the necessary security precautions to protect the information stored.

The potential consequences of medical company data breaches can be tremendous to affected individuals.  The medical records of an identity thief accessing your medical insurance can become intermingled with your medical records such that you can mistakenly receive improper treatment, such as a potentially deadly blood transfusion of the wrong blood type.  Other information such as your Social Security number which may be stored by a health care provider can be stolen and used for purposes of more traditional identity theft. Finally, the vulnerability of the computer systems of health care providers has made them prime targets for successful ransomware attacks.

TIPS

The health care industry has got to recognize that it is a prime target of hackers and identity thieves.  Encryption of all data should be the rule and not the exception for health care providers.  Authorization authentication to access records from both on-site and particularly off-site should be enhanced.  As for us as the patients, we should limit the amount of personal information given to health care providers if they do not have a need for it.  Health care providers do not need our Social Security numbers.  Don’t give it to them.  We also should demand that they institute better data security measures.

Scam of the day – August 5, 2016 – Amazon phishing scam

Using Amazon as a hook for a phishing scam is not surprising since so many people shop through Amazon.  Reproduced below is an Amazon themed email phishing scam that is presently circulating.  DO NOT CLICK ON THE LINK.  As with so many phishing scams, this one appears legitimate as it lures you into clicking on a link in order to provide information purportedly to process your refund. However, the real purpose of the phony email is to persuade you to either provide information that will be used to make you a victim of identity theft or to click on the link which can download keystroke logging malware that will lead to your becoming a victim of identity theft or to download ransomware that will encrypt all of the data on your computer which the hacker will threaten to destroy if you do not pay a ransom.

TIPS
There are a number of indications that phishing emails, such as this, are not legitimate.  Sometimes the address from which it is sent has nothing to do with the company, which is an indication that the email was sent through a botnet of computers hacked into for the purposes of sending out large numbers of such phishing emails while hiding the real source of the email.  However, even if the address of the sender looks correct, it still can be a phishing email.  Grammar and spelling also apparently are not great strengths of many scammers.  Often such messages will contain such errors as in this one the misspelling of the word “system” as “sytem.”  In any event, even if you think when you get such an email that it might be legitimate, the risk of identity theft or ransomware is too great to trust it. Instead, call the company at a telephone number that you know is accurate to confirm whether or not the email is legitimate.  Finally, make sure that you have up to date security software on all of your devices, recognizing, however, that such security software will not protect you from the latest strains of malware.

Scam of the day – August 4, 2016 – Olympic scams

Tomorrow brings the much anticipated opening ceremonies of the 2016 Rio Olympic Games and scammers will be taking advantage of the public’s interest in the event to lure them into scams.  As the Games get underway many people will be receiving emails and text messages purporting to contain updates, photos and videos of Olympic events.  Unfortunately, if you click on the links or download the attachments in these emails, you will end up downloading keystroke logging malware that will steal your personal information from your computer, laptop, tablet or smartphone and use that information to make you a victim of identity theft.   You also run the risk this year of downloading ransomware that will encrypt all of the data on your computer and threaten to destroy it if you do not pay a ransom.

Also, If you are shopping for Olympic merchandise, you should be wary of the large amount of counterfeit and poor value fake Olympic merchandise that is being sold on the Internet.

TIPS

As I have warned you many times, never click on a link or download an attachment unless you are absolutely sure that it is legitimate.  In regard to Olympic email or text message updates you are better off not downloading or clicking on links in any emails or text messages you may receive even if they appear to be from a legitimate source because the URL may appear to be legitimate, but it may merely be “spoofed” or copied from a legitimate site so it appears legitimate, but in truth is not.  You are better off going directly on your own to sources such as www.espn.com that you know are legitimate.  Also, make sure that your anti-malware and anti-virus software is installed and up to date on all of your electronic devices.  Also, be wary of links sent to you through social media such as Facebook even if they look legitimate because it is easy to hack someone’s social media accounts to send out malware that unwary victims click on.

In regard to purchasing official Olympic merchandise, go directly to the official Olympic website of https://www.olympic.org/rio-2016.  If you want Team USA merchandise, go the official Team USA website of http://www.teamusa.org/road-to-rio-2016.   Both of these websites are safe and secure places to purchase official Olympic merchandise and apparel.

Scam of the day – July 21, 2016 – Hackers attack unpatched computers

Recently it was disclosed by the security research firm Proofpoint that a twelve year old malware program known commonly as NetTraveler has been used by Chinese hackers against Russian and Eastern European targets exploiting a vulnerability in Microsoft Word designated as CVE-2012-0158.  This malware program enabled the hackers to infiltrate the computers of their victims who generally downloaded the malware as a result of clicking on links in spear phishing emails.  What is particularly significant about this cyberthreat is that this specific vulnerability was patched four years ago, but many people and companies have still not installed the patches necessary to defend against this particular malware thus leaving them needlessly vulnerable.  Similarly, ransomware, which has developed into a major threat to companies, governments and individuals by which their computer data is encrypted with the hacker threatening to destroy the data unless paid a ransom has turned into a huge worldwide problem.  However, the problem is somewhat bigger than it needs to be as some hackers are still using old ransomware programs for which security patches have already been issued, but failed to be installed by many companies, government agencies and individuals.

It is hard enough to defend yourself against the numerous zero day exploits which are the newer strains of malware exploiting vulnerabilities for which there are no existing security defenses.  Once discovered it can take thirty days or more for the security software companies to come up with a patch for the latest zero day exploits.  However,  no one should fall victim to a malware program for which there already exists a security patch.

TIPS

The solution to protecting yourself from various types of malware including ransomware is to first avoid them in the first place by avoiding spear phishing emails and text messages.  Don’t click on links unless you have absolutely confirmed that they are legitimate.  Installing anti-phishing security software is also advisable, but not totally effective so you should not entirely rely on it to screen all of your phishing emails. Secondly, you should install the latest security updates to all of your software programs as soon as they become available.  The best way to do this is to have updates installed automatically, but in any event, make sure you do not delay installing security updates and patches as soon as they become available.  Here at Scamicide we let you know when important new security updates are issued.

Scam of the day – July 18, 2016 – Facebook cloning or spoofing

Just last weekend, I received three “friend” requests on Facebook from people who were already Facebook friends of mine, which is an indication that someone had set up new Facebook pages in their names and was attempting to lure their friends into becoming friends with the hacker.  This scam is called either Facebook cloning or Facebook spoofing and the goal of the hacker is to get people to respond to the new friend request and then to lure the friends of the person whose Facebook page they commandeered to trust communications and postings from the cloned page in an effort to get them to click on links and download malware or ransomware or respond to emergency requests by sending money.

TIPS

There are many things you can do to protect yourself from this type of scam.  Scammers harvest information from social media to help them in their scams so the first thing you should do is to check to see if the public is able to see your posts.  Click on the padlock at the top right hand side of your Facebook page and click on “Who can see my stuff?”  It should say “friends,” but if it says “public” you should change that setting to “friends” to increase your privacy.

As for accepting friend requests, if you are already a friend of the person, don’t accept a second request.  Also, when accepting friend requests, don’t do it from the friend request email.  Instead go directly to your Facebook page from your browser and not from a link in the email because it could be a phishing scam seeking to steal your password or other information.

Finally, it is worth repeating that you should never trust any communication that contains a link until you have confirmed independently that the communication is legitimate.  The risk of malware in a link found in social media, a text message or email is just too great.

If your Facebook account has been cloned, here is a link that will take you to Facebook with tips as to what to do and how to report the problem.  https://www.facebook.com/help/174210519303259