Posts Tagged: ‘security software’

Scam of the day – September 13, 2016 – Phony Hillary Clinton video contains malware

September 12, 2016 Posted by Steven Weisman, Esq.

A common way that hackers manage to trick people into downloading malware used to steal the information from your computer or smartphone and enable them to make you a victim of identity theft is to send the malware disguised as an attachment for a video of something of great interest to many people.  It may be something related to a celebrity, such as purported nude videos or it may be of an event in the news, such as a video purporting to show formerly unavailable footage of, for instance, the shootings in the Orlando nightclub.  The presidential election is tremendous fodder for people seeking videos of candidates in compromising situations and scammers are taking advantage of this with malware attached to emails promising to provide newsworthy events. Such is the situation, as reported by computer security company Symantec, with an email presently circulation promising that the attached video shows Hillary Clinton accepting money from an ISIS leader in 2013.  In addition to being a totally outrageous accusation not based in any fact, the email is fraught with poor grammar.  However, that is not stopping some people who are clicking on the link and unwittingly downloading malware that can result in their becoming a victim of identity theft.

TIPS

Regardless of who sends you an email or a text message with a link attached, you should never click on the link until you have confirmed that the communication is legitimate.  Even if the message appears to come in the email or text message from a trusted friend, you can’t be sure that your friend has not had his email or smartphone hacked and used by a scammer to spread malware.  You should have security software on all of your electronic devices including your computer and smartphone and make sure that you keep your security software up to date with the latest security patches, but you cannot totally rely on that software to protect you from all malware dangers because it generally takes the software security companies about a month to catch up with the latest strains of malware.  Finally, in regard to communications promising startling videos or pictures of celebrities or newsworthy events, you should be particularly skeptical as to their authenticity.   Instead, it is better to rely on legitimate news sources that you can trust to be safer and more accurate.

Scam of the day – December 19, 2015 – Security update threatens 40 million cellphone users

December 19, 2015 Posted by Steven Weisman, Esq.

The ability to use your smartphone or computer safely when online is of concern to everyone.  Hacks and data breaches by which information is stolen and then used to make millions of people victims of identity theft is an ever present threat of life today.  This is why when the CA/Browser Forum a trade group which mandates web encryption programs used throughout the web by the companies we all connect with online such as Facebook, Google and Twitter was told that its present encryption algorithm SHA-1 was vulnerable to hacking, it acted promptly and rolled out a new and more secure encryption algorithm, SHA-2.  Companies are required to use the new SHA-2 on January 1, 2016 and this is a good thing, however, it is not a good thing for people who use smartphones that are more than five years old to surf the web.  Their phones are generally incompatible with SHA-2.  It has been estimated that about 40 million people worldwide still use smartphones that won’t support SHA-2 and, unless something is done, they will no longer be able to use their phones to surf the web as of January 1, 2016.  Facebook has proposed a solution by which older browsers will be able to use the SHA-1 algorithm and newer ones the SHA-2, but as of the writing of this posting, no decision has yet been made by the CA/Browser Forum.

TIPS

If your smartphone is less than five years old, you do not have to do anything.  The security changes will happen automatically.  However, if your smartphone is five years old or older, you should check with your service provider to see about your options.  Even if Facebook’s proposal is accepted by the CA/Browser Forum, the old SHA-1 encryption algorithm is no longer safe and you should consider switching to a device that will support the new SHA-2 encryption algorithm.

Scam of the day – August 5, 2015 – Free scan for Hacking Team vulnerabilities

August 5, 2015 Posted by Steven Weisman, Esq.

Following the embarrassing hacking and data breach at the Italian spyware company Hacking Team which sells spyware to governments, it has been learned that the release of the 400 gigabytes of files, source code and emails stolen and made public has enabled hackers and identity thieves to use that information to construct malware to exploit the vulnerabilities uncovered by creating zero day exploits which are malware for which there are no known security patches yet developed.  These zero day exploit kits are presently being sold on the black market to hackers and identity thieves around the world.

Now Rook Security, a computer security company is offering a free scan that can identify if your computer has already been infected by one of these new malware programs.  Here is the link to their website and the free scan.  https://www.rooksecurity.com/hacking-team-malware-detection-utility/

TIPS

Everyone should make sure that they have all of their computers, smartphones and electronic devices protected by anti-malware and anti-virus software and that your security software is constantly and automatically updated with the latest security updates.  The failure to update security software when new vulnerabilities are discovered and patched is a major factor in many data breaches and identity thefts.  In addition, the primary way that most data breaches and identity thefts are accomplished with malware is through phishing where victims are lured into clicking on links in emails and text messages containing malware.  The lesson is clear.  Don’t click on links unless you are absolutely sure that they are legitimate.

Scam of the day – April 17, 2015 – Mass email service hacked

April 16, 2015 Posted by Steven Weisman, Esq.

Many people may not be aware of SendGrid, but there is a good chance that you have received an email from them.  SendGrid is a mass email service that is used by 180,000 companies worldwide including Uber, Pinterest, Spotify and Foursquare when companies wish to send mass email messages to their customers, such as when a company wants to alert customers to a service update. When you receive an email from SendGrid or other such mass email services, it appears that the message is being sent by the company with which you have an account, but it actually comes from SendGrid or other mass email services.  Last week one of the companies that uses SendGrid had its SendGrid account hacked in an attempt to hack into the company’s account with Coinbase, a Bitcoin exchange.  Although the company, unnamed by SendGrid, had its account with Coinbase hacked,  according to SendGrid no Bitcoins were stolen.  Last year a similar attack aimed at stealing Bitcoins from another SendGrid client, ChunkHost was foiled because, Chunkhost used dual factor authentication, preventing the hacker from accessing the Bitcoins in Chunkhost’s account even after the hackers had managed to steal ChunkHost’s password.  More and more hackers are trying to hack into the accounts of users of mass email services such as SendGrid because it enables the hacker to make his or malware containing message appear to come from a trusted source.

TIPS

Remember my motto, “trust me, you can’t trust anyone.”  Merely because an email or text message appears legitimate or appears to come from a trusted email address is no reason to trust the message and click on links contained in the email or text message or download attachments to such emails or text messages.  The risk is too great.  Never click on links or download attachments unless you are absolutely sure that they are safe and legitimate.  Even if you are protected by the latest security software, you are still not safe because the most updated anti-malware and anti-virus software is always at least a month behind the latest malware.

Scam of the day – April 8, 2015 – Tewksbury Police Department pays ransom to retrieve files

April 7, 2015 Posted by Steven Weisman, Esq.

The Tewksbury, Massachusetts Police Department became the latest in a long list of police departments that became a victim of ransomware, the malware that, generally through phishing, manages to become downloaded on to the department’s computers that locks and encrypts the victim’s files making them unusable.  In this particular case, the Tewksbury Police Department’s arrest and incident records were locked and a message appeared that read, “Your personal files are encrypted.  File decryption costs – $500.”  The particular type of ransomware used in this case has been called KEYHolder and despite the efforts of federal and state law enforcement agencies as well as two computer security companies, the data could not be retrieved.  Ultimately, the Tewksbury Police Department paid the five hundred dollar ransom electronically in bitcoins as demanded, making it pretty much impossible to trace.

In recent years, particularly since the development of CryptoLocker, one of the early ransomware malware programs, ransoming of computer data has brought criminals as much as 28 million dollars in ransom payments.  Many government agencies and police departments have been targeted along with the computers of ordinary citizens.  No one is safe.  The Colinsville, Alabama Police Department became a victim of ransomware last summer, refused to pay the ransom and lost their infected database of mugshots.  The Durham, New Hampshire Police Department also refused to pay a ransomware, but wisely had backed up its information so it lost nothing of value.  Other police departments, companies, government agencies and individuals have not been so fortunate, however and have either paid the ransom or lost their data in many instances.  Depending on the sophistication of the malware used, sometimes the ransomware can be defeated, but often it cannot.

TIPS

Certainly you want to always keep your anti-virus and anti-malware software up to date on all of your electronic devices, however, you can never be fully confident that this will keep you safe because the latest viruses and malware are always at least a month ahead of the software security updates created to deal with these issues.  Since generally the ransomware is downloaded on to the victim’s computer by clicking on a link in an email, it is critical that you not click on links in emails unless you are absolutely sure that the link is legitimate.  Finally, it is very important to back up all of your data independently every day so that even in a worst case scenario, you will not need to give into the demands of extortionists.

Scam of the day – March 30, 2015 – A new wrinkle on income tax identity theft

March 29, 2015 Posted by Steven Weisman, Esq.

Income tax identity theft is a 5.9 billion dollar problem that the IRS and Congress have still not responded to sufficiently.  Most income tax identity theft involves a criminal filing an income tax return with phony W-2 information using a victim’s Social Security number.  If undiscovered by the IRS, as many of these phony returns are, the IRS sends the refund and the person whose Social Security number was stolen has his or her legitimate income tax return flagged when it comes in as a second income tax return using the same Social Security number.  It often takes many months before the victim is able to get his or her true refund.

But now, a new twist has come to income tax identity theft.  Where most income tax identity theft, as described above relies on the identity thief filing an income tax return before the victim files his or her legitimate tax return, now we are seeing a number of people who file their income tax returns electronically using TurboTax having their refunds stolen after the victim has electronically filed their legitimate income tax return.

People who have been victimized by this new type of income tax identity theft all filed electronically and had their electronic filing fees deducted from their refunds.  Generally the refunds are deposited with Tax Products Group a bank owned by the Green Dot Corporation where the fees are taken out and the balance sent to a bank account designated by the tax filer.  What has been happening is hackers are hacking into the accounts of their victims and changing the bank account into which the refund is to be deposited.  It is not clear yet if the breach of security is with TurboTax, Tax Products Group or the individual taxpayers although it would appear from the relatively small numbers of people so far affected by this scam that the security breach is with the individual taxpayers whose own computers were most likely hacked.

TIPS

Filing income tax returns online through TurboTax and other similar companies is still a safe way to file your taxes.  In response to this problem, TurboTax has already made security changes including requiring users of TurboTax to answer security questions before they are able to access their accounts or refunds.  TurboTax is also considering flagging customers who attempt to change their bank account information.  These are good steps to help stop this type of identity theft, but we have to do our part as well.  Protecting the computers and other electronic devices you use for financial transactions with regularly updated security software and avoiding clicking on links and downloading attachments unless you are absolutely sure that the links or attachments are legitimate are important steps that everyone should take.

Scam of the day – December 31, 2014 – ICANN suffers data breach

December 31, 2014 Posted by Steven Weisman, Esq.

Many of you may not be familiar with the acronym ICANN which stands for the Internet Corporation for Assigned Names and Numbers, however everyone is familiar with what they do.  ICANN is the international organization that administers all website domain names.  ICANN recently disclosed that it had been hacked since November.  Fortunately, the extent of the hacking and data breach was minimal and passwords were not stolen since they were maintained in an encrypted manner by ICANN.  The hackers did, however, manage to obtain the names, addresses, email addresses and phone numbers of ICANN customers.  ICANN is in the process of notifying those people whose data was compromised.  The danger posed by this information falling into the hands of scammers is that it can be exploited by a technique called “spear phishing” where specific people are targeted in emails that appear to be from legitimate sources and directed to them personally by name, such that the victim is more likely to trust that the email is legitimate and be lured into clicking on links contained in the email or text message that contain malware that will enable the scammer to steal the personal information of the victim and use that information to make the person a victim of identity theft.

TIPS

Remember my motto, “trust me, you can’t trust anyone.”  Regardless of whether an email or text message appears to be legitimate, you should never click on links until you have absolutely confirmed that the message is legitimate and the link is legitimate.  Even if the email or text message is addressed to you personally and appears to come from someone or some business or agency with which you have a relationship, you can never be sure that the communication is legitimate and the risk of downloading keystroke logging malware is too great to trust such communications until you have absolutely confirmed that such communications are legitimate.  Additionally, it is important to keep your anti-malware and anti-virus software up to date remembering that your security software will always be at least a month behind the latest malware threats.

Scam of the day – December 9, 2014 – Banks win first round in Target lawsuit

December 9, 2014 Posted by Steven Weisman, Esq.

Last year’s massive data breach at Target was the first of a series of data breaches that continue unabated to this day with no end in sight.  While millions of Target customers were inconvenienced by the theft of their credit card or debit card information, banks that issued those cards and had to replace those stolen cards suffered financial losses involved with replacing the stolen cards as high as 400 million dollars.  Five of these banks, Umpqua Bank, Mutual Bank, Village Bank, CSE Federal Credit Union and First Federal Savings filed a class action in federal court on behalf of themselves and other affected banks seeking payment from Target for the losses they incurred as a result of the Target data breach.  Target responded to the lawsuit by filing a Motion to Dismiss the lawsuit arguing that it was not responsible for the data breach, however Judge Paul A. Magnuson, in denying Target’s motion ruled that there was sufficient evidence of Target’s negligence to warrant a trial.  Specifically, the judge said that Target ignored security software program alerts that there was a problem and also actually disabled some of its own security features which contributed to the data breach.  According to Judge Magnuson, “Plaintiffs have plausibly alleged that Target’s conduct both caused and exacerbated the harm they suffered.”

TIPS

The importance of this early ruling in the case of the banks against Target cannot be overestimated.   While in the past retailers were not held responsible for the occasional data breach occurring in the processing of credit and debit card transactions, an ultimate verdict in favor of the banks could signal a major change in how retailers conduct business in general and in particular what security steps they will need to take in order to avoid financial responsibility for future data breaches.  Coupled with regulations shifting responsibility for data breaches to retailers who fail to switch to new smart credit cards with computer chips by October of 2015, this ruling may signal a new paradigm for company electronic security.

Scam of the day – June 25, 2014 – World Cup scams

June 25, 2014 Posted by Steven Weisman, Esq.

With an estimated 46% of the planet’s population eagerly watching the FIFA World Cup tournament it should come as no surprise that this event will also spawn scams and identity theft schemes concocted by criminals around the world.  One of the most common scams involves an email informing you that you have won tickets to the tournament in Brazil.  However, if you click on the link in the email, you will only succeed in downloading malware on your computer that will steal your information which will then be used to make you a victim of identity theft.  Another common scam being seen now is one in which you are promised that by clicking on links in the email you will either be able to get free access to the games streamed on the Internet or free news and highlight videos.  Again, however, if you click on the links, you will end up installing malware on your computer.

TIPS

The advice is the same as always, never click on links in emails unless you are absolutely sure that they are legitimate.  It is impossible to win a contest you have not entered so that should be warning enough not to click on links in emails regarding contests you apparently have won although you never entered.  It is impossible to know if any of these emails that you receive regarding the World Cup are legitimate, so do yourself a favor and stick to either the official FIFA website, www.fifa.com or other sports websites that you know are legitimate, such as ESPN’s www.espn.go.com.  Also, make sure that your anti-malware and anti-virus security software is up to date.