Scam of the day – April 3, 2017 – Scary email scam

Scammers are always finding ways to take what is in the news and make it the basis of a scam.  The reasons for doing so are obvious.  If you are aware or even concerned about something in the news, you are more likely to fall victim to a scam related to that newsworthy matter.  Such is the case now with a scam related to the recent Congressional passage of a bill that would overturn  Internet Service Provider privacy regulations enacted last year.  With the imminent overturning of these regulations, Internet Service Providers will be able without your specific knowledge to maintain records of everything you do online and sell that information to companies who may wish to use that information.  In its more benign form, you may find yourself receiving online advertisements for products that you may have searched for online, however, the threat to your privacy presented by the rescinding of the previously enacted privacy protection regulations cannot be overstated.

Now scammers are taking advantage of this concern and are sending out carefully crafted spear phishing emails directed to you personally by name that indicate that you have been found to have committed fraudulent conduct online by a company monitoring your online usage and that the information is going to be sent to law enforcement.  The email purports to provide the incriminating evidence in an attachment for you to see.  It is easy to imagine how someone confronted with such an email would immediately download the attachment to find out details. Unfortunately, anyone downloading the attachment would only succeed in downloading keystroke logging malware that would enable the scammer to steal all of the information in your computer and use it to make you a victim of identity theft.


Never click on links in emails or download attachments unless you have absolutely confirmed that they are legitimate.  In this instance, a little research would have shown that the email was a scam.

It is also important to remember that the privacy regulations recently rescinded only related to Internet Service Providers.  Companies like Google, Facebook and Amazon have been gathering and selling information about you for a long time.  Unknown to many people, every time you click “like” on Facebook, that information is stored and used by Facebook.

For enhanced privacy online you should go to Facebook,  YouTube, Google and every other website you use and see what privacy rights you have and how you can set your preferences to a level with which you would be comfortable.

You also should consider using a Virtual Private Network while doing online browsing.  This will enable you to maintain your anonymity online. Here is a link to information about some free VPNs.

Scam of the day – February 11, 2017 – Arby’s suffers major data breach

Fast food company Arby’s became the latest announced victim of a major data breach which appears to have occurred between October 25, 2016 and January 19, 2017, but was only disclosed by the company yesterday.  The data breach which affected hundreds of the company owned stores, but not those of franchise owners may have resulted in more than 335,000 credit and debit cards being compromised.

As is often the case, the data breach was originally discovered by a bank which first found a pattern of fraudulent credit card use and was able to trace the source back to Arby’s restaurants.  In this case PSCU, a credit union service group for more than 800 credit unions uncovered the fraud.

At the present time it has not been determined how the point of sale credit and debit card processing equipment was compromised with the malware that was downloaded to the equipment to steal the credit and debit card information.  Often the problem can be traced back to spear phishing.


This type of data breach continues to occur as many retail stores and restaurants still have not replaced their magnetic strip credit and debit card processing equipment with EMV chip card processing equipment. Whenever possible you should use your EMV chip card and never use your debit card for a retail purchase because the consumer protection laws regarding debit card fraud are not as strong as the laws protecting consumers from credit card fraud.

Anyone who has used their credit card at an Arby’s restaurant between October 25, 2016 and January 19, 2017 should carefully monitor their credit card statements for evidence of fraudulent use and if you find it, you should report it immediately to your credit card company.  If you used a debit card at an Arby’s restaurant during that time period, you should monitor the bank account attached to the card particularly carefully and refrain from using your debit card for retail purchases in the future.

Scam of the day – January 28, 2017 – Hacker of nude photos of celebrities sentenced

In 2014 nude photos of as many as one hundred celebrities including Jennifer Lawrence, Kate Upton, Kirsten Dunst and Hope Solo turned up online on websites such as and   The photos were taken from both the Apple’s iCloud accounts of the hacked celebrities as well as their email accounts.  The hacker, a 29 year old self-described “computer nerd” named Edward Majerczyk pleaded guilty to one count of unauthorized access to a protected computer to obtain information and was sentenced earlier this week to nine months in prison.

The manner by which Majerczyk accomplished the hacking was simple, but effective.  He sent spear phishing emails to his intended victims that appeared to come from Apple or Google security in which, under various pretenses, he requested the victims’ usernames and passwords, which he then used to access their email accounts and iCloud accounts from which he stole the photos and videos.

Using a similar tactic, Ryan Collins hacked 600 celebrities thereby obtaining nude photos, as well.  He was convicted and sentenced to eighteen months in prison.


There are a number of lessons to be learned from this crime about how to protect our own security.    It is important to resist providing your username and passwords in response to emails and text messages unless you have absolutely and independently confirmed that the request is legitimate, which such requests seldom are.  If you have any concern that such a request might be legitimate, merely call the real company to confirm the legitimacy of the communication.  Also, take advantage of the dual-factor identification protocols offered by Apple and many others.  With dual-factor identification, your password is only the starting point for accessing your account.  After you have inputted your password, the site you are attempting to access will send a special one-time code to your smartphone for you to use to be able to access your account.  In some instances, the companies will only send the code to you if your account is being accessed from a different device than you usually use to access your accounts.  Had Jennifer Lawrence and the other hacked celebrities used dual-factor identification, they would still have their privacy.  It is also important to note that merely because you think you have deleted a photograph or video from your smartphone, that may not be accurate.  Smartphones save deleted photographs and videos on their cloud servers such as the Google+service for Android phones and the iCloud for iPhones.  However, you can change the settings on your smartphone to prevent your photos from automatically being preserved in the cloud.

Scam of the day – January 23, 2017 – Latest Gmail phishing scam

An effective new phishing email scam is presently circulating that is targeting users of Gmail.  It starts when you receive an email that appears to be sent from the email address of one of your real friends and, in fact, the email may have been sent from a friend’s email account that unfortunately has been hacked and taken over in order to send out phishing emails that victims will trust because it appears to come from a trusted source.  The email has an attachment and when you click on the attachment, a sign-in page for your Gmail account appears requiring you to type in your email address and password.  Unfortunately, if you do so, you have just turned over this information to a cybercriminal who can wreak havoc with this information.


Although this particular spear phishing email scam is quite sophisticated, there are a number of simple steps you can take to prevent yourself from becoming a victim of the scam.  Primarily, you should follow my rule and never click on any link or download any attachment unless you have absolutely confirmed that the communication sending the link or attachment is legitimate.  Even if the email address from which the communication is sent appears legitimate, your friend’s email may have been hacked and it is a cybercriminal sending you the email.

It is also a good idea to use dual factor authentication when possible for your email account.  If you use dual factor authentication, such as where a one time code is sent to your smartphone each time you want to access your email, you are protected from having your email account taken over even if the cybercriminal has your password and username.  Finally, it is a good idea not to store sensitive information in your email account.

Scam of the day – December 31, 2016 – President takes action against Russian hackers

In the last Scam of the day for 2016 it is appropriate that we discuss the issue of Russian hacking of American organizations that occurred in 2015 and 2016 that were intended to influence the Presidential election.  Two days ago, President Obama ordered sanctions against Russia including the ejection of 35 Russians spies that the administration said were posing as diplomats and specific actions against three organizations that it said supported the hacking operations.  The possibility of further covert actions against Russia was also hinted at.

A day prior to the President’s announced sanctions, the Department of Homeland Security and the FBI issued a joint analysis report entitled “Grizzly Steppe – Russian Malicious Cyber Activity” in which it provided details about the hackings.  Here is a link to the report.


Although the report contains important information about Russian hacking of American institutions, the report also provides a long list of specific steps that institutions and individuals can take to avoid being a victim of cybercrime.

Here are just a few of the things that all of us as individuals should consider.

  1. Backup all important information offline.
  2. Be on the alert for spear phishing. The report emphasizes, as I have warned you about for years, that the primary cause of hacking is people clicking on links in spear phishing emails that download malware.  Use both anti-phishing security software as well as your own brain to refrain from clicking on links in emails unless you have absolutely confirmed that they are legitimate.
  3. Use strong firewalls with whitelisting configurations by which only approved applications will be allowed to be downloaded on to your computers.  This is much better than blacklisting because it protects you from threats about which you know nothing.
  4. Limit the personal information you provide on social media.
  5. Use dual factor authentication whenever possible.

December 18, 2016 – Steve Weisman’s latest column for USA Today

Looking ahead to the new year and the challenges it will present in regard to cybersecurity, here is my latest column from USA Today in which I present my predictions for the world of cybersecurity for 2017.  Although it may seem a bit daunting, there are steps we can all take to protect ourselves and I will describe those in my next column.

Scam of the day – December 3, 2016 – Implications of Saudia Arabian hacking

It has just been disclosed that unidentified hackers, thought to be Iranians, hacked into and destroyed thousands of computers at six Saudi Arabian government agencies including its General Authority of Civil Aviation.  This attack echoes a previous  2012 cyberattack thought to be the work of Iranian hackers that wreaked havoc on the Saudi state oil company Saudi Aramco and in fact both attacks used the same malware called Shamoon.  The malware was installed using passwords that appear to have been accessed through spear phishing emails. This escalation of cyberwarfare is indeed troubling.


It is well established that the infrastructure of the United States including banks and a dam in New York were targeted by Iranian hackers in recent years.  The lesson for governments, companies and individuals from this latest Saudi hacking is clear.  Much greater attention has to be given to cybersecurity.  The fact that the same Shamoon malware that was used in 2012 was able to be effectively used again is an indictment of the failure of the Saudis to implement updated security software that might have thwarted this attack.  Further, as we have seen time after time, the malware appears to have been downloaded through simple spear phishing in which a Saudi employee clicked on an infected link.  Better anti-phishing analytics security software should have been used and the employees should have been better trained to avoid clicking on links in emails unless they have been confirmed to be legitimate.  There are other steps that can and should be taken as well, but these two are the best and easiest to implement.

Scam of the day – November 23, 2016 – Increased threat to ATMs

For years I have been warning you about the dangers of skimmers, which are small devices installed at ATMs, gas pumps and other card readers that are used to steal the information from your credit card or debit card to gain access to your credit or your bank account respectively.  However, recently a new threat is emerging around the world that poses a greater threat to ATM security.  Cybercriminals including the Russian cybergang known as Buhtrap are using newly developed malware to target not just individual accounts, but the internal networks of banks and ATMs in order to program the ATMs to spit out huge amounts of cash at a specific time.  This technique has been used in Taiwan and Thailand earlier this year to deliver cash to the criminals who go to the infected ATMs at a specific time when the ATM’s programming has been altered  programmed to spit out cash to the awaiting criminals.  The threat to banks around the world is quite real and has been the subject of multiple FBI warnings to financial institutions in the United States since the summer.


In the recent attacks against banks in Taiwan and Thailand, the malware infecting the banks’ internal networks and ATM systems was installed when bank employees clicked on links in phishing emails that appeared to come from other banks or ATM vendors and unwittingly downloaded the malware enabling the cybercriminals to take over the banks’ internal systems and ATM systems.    The danger of phishing cannot be overestimated.  According to Jeh Johnson, the Secretary of the Department of Homeland Security, “the most devastating attacks by the most sophisticated attackers almost always begin with the simple act of spear-phishing.”

This is a lesson to us all.  Whether at work or at home, the danger of phishing emails is tremendous, but it is easy to avoid.  Install anti-phishing security software on all of your electronic devices, however, you cannot depend on this software to keep you totally safe so the best rule to follow is to never click on any link or download any attachment in an email or text message unless you have absolutely confirmed that it is legitimate.

Scam of the day – November 4, 2016 – Security flaws exploited by Russian hackers

Earlier this week it was disclosed that an older version of Microsoft’s Windows software along with the much exploited Adobe Flash software had been exploited by Russian hackers to attack computer systems to gain access to information.  The group that had done these recent hacks appears to be the same Russian hackers responsible for hacking the Democratic National Committee earlier this year.  Adobe has already issued a security update to patch the vulnerability.  A link to the security update can be found in yesterday’s Scam of the day.  Microsoft has said that it will have a security patch available on November 8th.  As soon as it is available, I will let you know here at Scamicide.  Users of Windows 10, the latest version of Windows and the Microsoft’s Edge browser are protected from the attack.

Once again, the malware necessary to spread these computer hacks was spread, as so often is the case, by spear phishing emails luring unsuspecting victims into clicking on links that downloaded the malware.


The best thing you can do to help protect yourself from being hacked is to never click on links in emails or text messages from anyone until you have absolutely verified that the messages and the links are legitimate.  Trust me, you can’t trust anyone.

It is also important to update your security software on all of your electronic devices as soon as security updates become available.  Hackers constantly exploit vulnerabilities in software for which there already exist security patches, but which have not been installed by consumers.