Scam of the day – July 16, 2016 – Google warning Gmail users about foreign hackers

State sponsored hacking from countries such as China, North Korea and Russia pose a threat to everyone, but Google, which has for years been monitoring hacking attempts by foreign governments, is notifying Gmail customers when Google has reason to believe that their Gmail accounts are being targeted.  If Google finds that you have been targeted you will receive the following message that takes up your entire screen warning you of the danger and urging you to use the more security dual factor authentication.  In its warning, Google indicates that less than 0.1% of all Gmail accounts are targeted, however, it is important to note that this percentage translates into more than a million people who are in jeopardy.

Screen Shot 2016-04-01 at 3.52.40 PM

TIPS

As I have suggested many times, whenever you have the opportunity to use dual factor authentication, it is a wise choice to make because even if someone manages to steal your password or even trick you into providing it, as was the case with Jennifer Lawrence when she was convinced by a phishing email to provide her password to a cybercriminal who used it to access nude photos of her that she stored in the cloud, the hacker will not be able to access your email or other account because a special code provided to you through your cell phone is required whenever you wish to gain access to your account.

Finally, as I so often say, even paranoids have enemies so I urge you to err on the side of caution if you receive this type of notice and not necessarily trust it.  It could be a phishing communication from a cybercriminal luring you into clicking on a link which will either get you to provide personal information that can be used to make you a victim of identity theft or will download keystroke logging malware or ransomware.  The best course of action would be to merely go to Google directly from your browser without clicking on the link contained in the notification.  Here is a link you can trust that will take you to instructions for enabling dual factor authentication for Gmail  https://support.google.com/accounts/answer/185839?hl=en

Scam of the day – June 5, 2016 – Danger when recharging your smartphone

Recently, cyber security company Kaspersky Lab issued a report detailing the dangers posed by the simple act of recharging your phone through someone else’s computer or at a public charging station as are commonly found in airports.  The problem stems from the fact that information is transferred between your smartphone and the charger as soon as you plug your smartphone into the computer or charging station you are using to recharge your smartphone.  Among the information that is transferred is the name of your device, the manufacturer and model, serial number, firmware information, file system and electronic chip ID which would all be shared with a computer that you may be using to recharge your phone.  And while this information may seem to be innocuous, this information is sufficient for a sophisticated hacker to use to gain much further information from your smartphone that could be used to your detriment.  As for the charging stations at airports and elsewhere, they can be either infected with malware or be a fake charging station with the sole purpose of infecting your smartphone.  Once you plug your phone into one of those already infected charging stations or a totally phony charging station, it can install and delete applications, including stealing your data or installing ransomware.

TIPS

So what can you do?  Obviously, you should never use a strange computer to recharge your phone.  The risk is too great.  As for charging stations, confirm that it is a legitimate charging station and not a fake one before you connect your smartphone.  Make sure that your smartphone is secured with a password, fingerprint or iris scanners and do not unlock the smartphone while it is charging.  Always protect the data on your smartphone with encryption programs and finally, use security software programs for your smartphone and make sure that it is updated with the latest security patches.

Scam of the day – March 29, 2016 – SEC settles insider trading charges with Russian hedge fund manager

As I first  reported to you this past August and numerous times thereafter as the story developed, forty-three people were charged both civilly and criminally in the largest hacking and securities fraud enterprise in American history.  The defendants were made up of rogue stock traders including hedge fund manager and former Morgan Stanley employee Vitaly Korchevsky along with computer hackers based in the Ukraine.  The hackers used simple phishing tactics to gain access to more than 150,000 press releases issued by Marketwired, PR Newswire in New York and Business Wire of San Francisco on behalf of numerous American companies including Panera, Caterpillar, Inc and Align Technology that contained earnings and other corporate information prior to their public release.  This enabled the rogue stock traders to make trades based on this inside information before it became known to the public.  Trades using this stolen information were made by traders in Russia, Ukraine, Malta, Cyprus, France and here in the United States in Georgia, New York and Pennsylvania  It is estimated that between 2010 and 2015, the defendants made profits of  as much as 100 million dollars on 800 trades during this time.  In December, Alexander Garkusha, one of the defendants pleaded guilty to making trades based upon the stolen information that personally gained him $125,000. Garkusha is cooperating with the government at this time.  His sentencing is scheduled for May 6th.  In January, Igor Dubovoy also pleaded guilty to conspiracy to commit wire fraud and agreed to forfeit more than 11 million dollars.

Now the SEC has announced that it has settled civil charges against Moscow-based hedge fund manager David Amaryan and his funds Copperstone Alpha Fund, Copperstone Capital, Ocean Prime, Inc and Intertrade Pacific SA through which Amaryan earned more than eight million dollars in profits through the illegal scheme.  Pursuant to the settlement, Amaryan and his companies will pay the SEC ten million dollars.  Of course, as is typical in such settlements, Amaryan neither admitted nor denied any wrongdoing, however pursuant to the settlement he is prohibited from using such tactics in the future, which is akin to Amaryan saying he didn’t do anything wrong and he promises not to do it again while also agreeing to pay ten million dollars to the SEC.

TIPS

One of the biggest takeaways from this case is how easy it is to still use phishing emails to lure people into clicking on links tainted with malware that permits hackers to steal a person’s or company’s data.  Phishing and the more targeted spear phishing is also the way that the ransomware used against the Hollywood Presbyterian Medical Center was implanted in its computers.   Apparently corporations still have not learned to sufficiently train their employees to recognize phishing emails nor have they learned to encrypt and segregate sensitive data from hackers.  This lesson is one that each of us, as individuals, should also learn in our own lives because identity thieves and hackers use the same phishing techniques to enable criminals to hack into the computers of individuals and steal their personal information.  Never click on links in emails regardless of from whom they appear to come unless you are absolutely sure that the link is legitimate.  It well could contain keystroke logging malware that will steal all of the information from your computer.  Also, it is important to remember that you cannot rely on your anti-malware software to protect you because the best anti-malware software is always at least a month behind the latest malware.  However, it is still important to have security software on all of your electronic devices and keep that software up to date with the latest security patches because many scammers use older versions of malware for which there are defenses.

Scam of the day – February 20, 2016 – Nine new defendants in cyber stock scam

As I first  reported to you this past August and twice thereafter, more than thirty people were  indicted in the largest hacking and securities fraud enterprise in American history.  The defendants were made up of rogue stock traders including hedge fund manager and former Morgan Stanley employee Vitaly Korchevsky along with computer hackers based in the Ukraine.  The hackers used simple phishing tactics to gain access to more than 150,000 press releases issued by Marketwired, PR Newswire in New York and Business Wire of San Francisco on behalf of numerous American companies including Panera, Caterpillar, Inc and Align Technology that contained earnings and other corporate information prior to their public release.  This enabled the rogue stock traders to make trades based on this inside information before it became known to the public.  Trades using this stolen information were made by traders in Russia, Ukraine, Malta, Cyprus, France and here in the United States in Georgia, New York and Pennsylvania  It is estimated that between 2010 and 2015, the defendants made profits of  as much as 100 million dollars on 800 trades during this time.  In December, Alexander Garkusha, one of the defendants pleaded guilty to making trades based upon the stolen information that personally gained him $125,000. Garkusha is cooperating with the government at this time.  His sentencing is scheduled for May 6th.  In January, Igor Dubovoy also pleaded guilty to conspiracy to commit wire fraud and agreed to forfeit more than 11 million dollars.

Now the SEC has filed fraud charges against nine new defendants in this case including both companies and individuals who traded with a brokerage company in Malta using the stolen information.

TIPS

One of the biggest takeaways from this case is how easy it is to still use phishing emails to lure people into clicking on links tainted with malware that permits hackers to steal a person’s or company’s data.  Phishing and the more targeted spear phishing is also the way that the ransomware used against the Hollywood Presbyterian Medical Center was implanted in its computers.   Apparently corporations still have not learned to train their employees to recognize phishing emails nor have they learned to encrypt and segregate sensitive data from hackers.  This lesson is one that each of us, as individuals, should also learn in our own lives because identity thieves and hackers use the same phishing techniques to enable the stealing of the identities of individual victims.  Never click on links in emails regardless of from whom they appear to come unless you are absolutely sure that the link is legitimate.  It well could contain keystroke logging malware that will steal all of the information from your computer.  Also, it is important to remember that you cannot rely on your anti-malware software to protect you because the best anti-malware software is always at least a month behind the latest malware.  However, it is still important to have security software on all of your electronic devices and keep that software up to date with the latest security patches because many scammers use older versions of malware for which there are defenses.

Scam of the day – February 19, 2016 – Hospital pays ransomware hackers

I have been warning you about the dangers of ransomware since 2012.  Ransomware  problems begin when you find your computer frozen and a message on your screen tells you that your computer will remain frozen until you pay a “ransom.”  CryptoWall and its predecessor CryptoLocker ransomware have been used effectively by criminals for years.    The most recent version of ransomware being used is called Tescrypt.  Companies, government agencies and individuals have all been the targets of ransomware.  In fact, a number of police departments, including the Swansea Massachusetts police department have been the victims of ransomware and actually paid the ransom. More recently, the town of Medfield, Massachusetts paid a bitcoin ransom equal to approximately $300 to a hacker who used ransomware to encrypt and lock the municipalities computer network.

Recently the computer system of the Hollywood Presbyterian Medical Center had its computers locked and encrypted by ransomware and this week paid a ransom of 50 bitcoins (approximately $16,664) to get back access to its computers.

As with many types of malware, you download ransomware when you click on tainted links or tainted attachments, which is why I always warn you not to click on any links or download attachments unless you are absolutely sure that they are legitimate. That is what happened in Medfield and at the Hollywood Presbyterian Medical Center. In my end of the year column for 2015 for USA Today, I predicted an upswing in ransomware.  This prediction, unfortunately, has proven to be accurate.  Here is a link to that column. http://www.usatoday.com/story/money/columnist/2015/12/27/weisman-cybersecurity-predictions/77832588/

TIPS

The best way to deal with ransomware is to avoid it in the first place.  Have a good firewall, good anti-virus and good anti-malware software installed on your computer, tablet or other devices and keep the software up to date.  However, remember that the security software companies are always playing catchup with hackers, so your security software will not always protect you.  The latest incarnations of most malware is generally at least thirty days ahead of the security software companies so you can never rely on your security software and your firewall to keep you totally safe.   However, make sure that when security updates are available that you download them as soon as possible.  Many people become victims of older versions of ransomware because they have not updated their security software.  Also, you should always back up everything on your computer in the Cloud or on a USB drive or preferably both.  Finally, never click on links or download attachments unless you are absolutely positive that they are legitimate and the only way to do this is to confirm that they are legitimate with the real companies you think may be sending you the email before ever clicking on a link or downloading an attachment.

If you are a victim of ransomware, here are a couple of free links that may help you.   The first  is a link to Microsoft’s Malware Protection Center with links and instructions for removing ransomware infections from your computer: http://www.microsoft.com/security/portal/shared/ransomware.aspx#recover.  The second is to Malwarebytes Anti-Malware which will detect and remove malware such as trojans and spyware.  The link is www.malwarebytes.org.  Some types of ransomware cannot be defeated after they are installed, but it is always worth a try.

Scam of the day – November 29, 2015 – UAE bank hacked

The Bank of Sharjah in the United Arab Emirates was recently hacked and the hacker, who calls himself Hacker Buba is reportedly threatening to make public confidential information including account statements of the bank’s customers if he does not receive a three million dollar bitcoin ransom by the end of the weekend.  This is not an idle threat as the hacker has already released account statements of more than five hundred of the bank’s customers.  Officially, the bank’s chief financial and operating officer has admitted that the bank has been hacked and is being blackmailed, however, the bank has indicated that it will not give in to extortion and is refusing to pay the ransom.

TIPS

Cybercriminals are more and more turning to extortion against banks, lawfirms and other companies by which the cybercriminals threaten to either publicly release privileged data or encrypt and destroy the data of the targeted company.  In many instances, companies have not made public that they have been the victims of such cyber extortion.  As I constantly remind you, your data is only as secure as the companies with which you do business with the weakest security.  Choosing companies to do business with that have strong cybersecurity standards is something we all should consider.

Scam of the day – November 16, 2015 – FBI agent advises ransomware victims to pay the ransom

Speaking recently at a cybersecurity conference in Boston, FBI Assistant Special Agent Joseph Bonavolonta startled many people when, in discussing ransomware, he said “the ransomware is that good.  To be honest, we often advise people just to pay the ransom.”  I have been warning you about ransomware since 2012.  Ransomware  problems start when you find your computer frozen and a message on your screen tells you that your computer will remain frozen until you pay a “ransom.”  CryptoWall and its predecessor CrytoLocker ransomware have been used effectively by criminals for years.    The most recent version of ransomware being used is called Tescrypt.  Companies and individuals have been the targets of ransomware.  In fact, a number of police departments, including the Swansea Massachusetts police department have been the victims of ransomware and actually paid the ransom.

As with many types of malware, you download it when you click on tainted links or tainted attachments, which is why I always warn you not to click on any links or download attachments unless you are absolutely sure that they are legitimate.  In many instances, the ransomware has come as hidden malware in a phony email purporting to be from Federal Express or UPS.  As we approach the holiday shopping season, you can expect an upswing in people falling for this scam and clicking on links and downloading attachments in emails purportedly from these companies related to holiday shopping.

TIPS

The best way to deal with ransomware is to avoid it in the first place.  Have a good firewall, good anti-virus and good anti-malware software installed on your computer, tablet or other devices and keep the software up to date.  However, remember that the security software companies are always playing catchup with the hackers, so your security software will not always protect you.  The latest incarnations of most malware is generally at least thirty days ahead of the security software companies so you can never rely on your security software and your firewall to keep you totally safe.   However, make sure that when security updates are available that you download them as soon as possible.  Many people become victims of older versions of ransomware because they have not updated their security software.  Also, you should always back up everything on your computer in the Cloud or on a USB drive or preferably both.  Finally, never click on links or download attachments unless you are absolutely positive that they are legitimate and the only way to do this is to confirm that they are legitimate with the real companies you think may be sending you the email before ever clicking on a link or downloading an attachment.

If you are a victim of ransomware, here are a couple of free links that may help you.   The first  is a link to Microsoft’s Malware Protection Center with links and instructions for removing ransomware infections from your computer: http://www.microsoft.com/security/portal/shared/ransomware.aspx#recover.  The second is to Malwarebytes Anti-Malware which will detect and remove malware such as trojans and spyware.  The link is www.malwarebytes.org.  Some types of malware cannot be defeated after it is installed, but it is always worth a try.  However, the best course of action to take is to avoid downloading anything unless you are confident it is legitimate and always back up all of your data both in the cloud and offline so that even if you do become a victim of ransomware, you don’t have to pay because your data is already preserved.

Scam of the day – October 26, 2015 – TalkTalk data breach

British communications company TalkTalk, which provides services including broadband, phone and cable, has just announced that it was hacked and personal information of as many as four million customers may have been stolen.  The compromised information included names, addresses, email addresses, telephone numbers, credit card numbers and bank account details.  Already some TalkTalk customers are reporting funds being stolen from their bank accounts, however, it is still too early to know if these thefts were related to the data breach.  According to the old adage, “fool me once, shame on you; fool me twice, sham on me.”  Under this standard TalkTalk’s actions are particularly shameful as this is the third time it has suffered a data breach in the last year alone.  Investigations have been started into the cybersecurity or lack thereof being employed by TalkTalk.  What also makes this story noteworthy is that TalkTalk has received a ransom note demanding a payment or else their customers’ personal information will be made public.  One of my predictions for the new year is that we will see much more corporate extortion by which hackers will threaten to either destroy hacked information or make public information stolen from companies.

TIPS

Companies have got to do a better job of cybersecurity.  Too many companies just do not take sufficient steps to keep the information they store secure.  The federal government has started to take action against companies failing to protect data, but these actions have should be increased.  As for we consumers, we are left at the mercy of the companies and governmental agencies with which we do business.  If they have weak security, we have weak security.  Therefore, as much as you can, limit the personal information that you provide to companies and governmental agencies with which you do business.

Scam of the day – July 1, 2015 – Critical Adobe Flash update

Adobe Flash software is a highly used video software program so it should be of little surprise that it is highly scrutinized for vulnerabilities by hackers who exploit these vulnerabilities to gain access to their targets computers.  Unpatched vulnerabilities in Adobe Flash software were exploited by Russian hackers who hacked into the White House and State Department computer systems.  Recently, the security firm FireEye found attempts to attack aerospace, defense, construction, technology and telecom companies by exploiting a flaw in Adobe Flash uncovered by FireEye.  FireEye promptly notified Adobe which promptly created a patch for the problem.  A link to the patch can be found below.

The problem is that hackers are now distributing kits on black market websites that enable other hackers to exploit this vulnerability on computers that have not been updated and all too often individuals and companies fail to update their software in a timely basis.  Already this flaw is being exploited by hackers as a way of getting victims to download Ransomware on to their computers.  As I have written about many times before, Ransomware encrypts and locks your computer data.  The hacker then threatens to destroy the data unless a ransom is paid immediately.

TIPS

Businesses, government agencies and individual computer users must make it a priority to install the latest security patches and updates as soon as they become available.  Time after time, companies, government agencies and individual computer users have become victims of devastating computer hacks that they could have easily avoided had they promptly updated their software with the latest security patches and updates as soon as they became available.  Don’t make this mistake.  Here at Scamicide we regularly provide you the links to the latest security patches.

Here is the link to the latest Adobe Flash security update:  https://helpx.adobe.com/security/products/flash-player/apsb15-14.html

Scam of the day – June 6, 2015 – Law firms being targeted by Ransomware

I have been warning you about the dangers of Ransomware for a couple of years now.  Ransomware is a type of malware that when installed on your computer locks and encrypts your data so that it becomes unavailable to you unless you pay a ransom to the hacker who promises to provide the decryption key if you pay the ransom, but who threatens to destroy your data if you do not promptly pay the ransom.  Individuals, companies, governmental agencies and now law firms are being increasingly targeted by Ransomware.  The FBI issued a warning earlier this year about an increase in the use of Ransomware.  Two of the more popular Ransomware programs presently being used by hackers are CryptoLocker and the newer CryptoWall.  As is so often the case with malware, Ransomware is installed on victims’ computers when they unwittingly click on links or download attachments in phishing emails that appear legitimate.  In the last year, one particularly successful phishing email containing Ransomware promised information about the television series “Breaking Bad.”

TIPS

A good way to protect yourself against all types of malware including Ransomware is to never click on links or download attachments until you have confirmed that it is legitimate.  Additionally, you should keep all of your anti-malware and anti-virus software up to date with the latest security patches.  Another helpful thing to do is to program your hard drive to prevent unidentified users from modifying your files.  Finally, all of your data should be regularly, and when possible, automatically backed up.