Scam of the day – December 31, 2016 – President takes action against Russian hackers

In the last Scam of the day for 2016 it is appropriate that we discuss the issue of Russian hacking of American organizations that occurred in 2015 and 2016 that were intended to influence the Presidential election.  Two days ago, President Obama ordered sanctions against Russia including the ejection of 35 Russians spies that the administration said were posing as diplomats and specific actions against three organizations that it said supported the hacking operations.  The possibility of further covert actions against Russia was also hinted at.

A day prior to the President’s announced sanctions, the Department of Homeland Security and the FBI issued a joint analysis report entitled “Grizzly Steppe – Russian Malicious Cyber Activity” in which it provided details about the hackings.  Here is a link to the report.


Although the report contains important information about Russian hacking of American institutions, the report also provides a long list of specific steps that institutions and individuals can take to avoid being a victim of cybercrime.

Here are just a few of the things that all of us as individuals should consider.

  1. Backup all important information offline.
  2. Be on the alert for spear phishing. The report emphasizes, as I have warned you about for years, that the primary cause of hacking is people clicking on links in spear phishing emails that download malware.  Use both anti-phishing security software as well as your own brain to refrain from clicking on links in emails unless you have absolutely confirmed that they are legitimate.
  3. Use strong firewalls with whitelisting configurations by which only approved applications will be allowed to be downloaded on to your computers.  This is much better than blacklisting because it protects you from threats about which you know nothing.
  4. Limit the personal information you provide on social media.
  5. Use dual factor authentication whenever possible.

December 18, 2016 – Steve Weisman’s latest column for USA Today

Looking ahead to the new year and the challenges it will present in regard to cybersecurity, here is my latest column from USA Today in which I present my predictions for the world of cybersecurity for 2017.  Although it may seem a bit daunting, there are steps we can all take to protect ourselves and I will describe those in my next column.

Scam of the day – December 3, 2016 – Implications of Saudia Arabian hacking

It has just been disclosed that unidentified hackers, thought to be Iranians, hacked into and destroyed thousands of computers at six Saudi Arabian government agencies including its General Authority of Civil Aviation.  This attack echoes a previous  2012 cyberattack thought to be the work of Iranian hackers that wreaked havoc on the Saudi state oil company Saudi Aramco and in fact both attacks used the same malware called Shamoon.  The malware was installed using passwords that appear to have been accessed through spear phishing emails. This escalation of cyberwarfare is indeed troubling.


It is well established that the infrastructure of the United States including banks and a dam in New York were targeted by Iranian hackers in recent years.  The lesson for governments, companies and individuals from this latest Saudi hacking is clear.  Much greater attention has to be given to cybersecurity.  The fact that the same Shamoon malware that was used in 2012 was able to be effectively used again is an indictment of the failure of the Saudis to implement updated security software that might have thwarted this attack.  Further, as we have seen time after time, the malware appears to have been downloaded through simple spear phishing in which a Saudi employee clicked on an infected link.  Better anti-phishing analytics security software should have been used and the employees should have been better trained to avoid clicking on links in emails unless they have been confirmed to be legitimate.  There are other steps that can and should be taken as well, but these two are the best and easiest to implement.

Scam of the day – November 23, 2016 – Increased threat to ATMs

For years I have been warning you about the dangers of skimmers, which are small devices installed at ATMs, gas pumps and other card readers that are used to steal the information from your credit card or debit card to gain access to your credit or your bank account respectively.  However, recently a new threat is emerging around the world that poses a greater threat to ATM security.  Cybercriminals including the Russian cybergang known as Buhtrap are using newly developed malware to target not just individual accounts, but the internal networks of banks and ATMs in order to program the ATMs to spit out huge amounts of cash at a specific time.  This technique has been used in Taiwan and Thailand earlier this year to deliver cash to the criminals who go to the infected ATMs at a specific time when the ATM’s programming has been altered  programmed to spit out cash to the awaiting criminals.  The threat to banks around the world is quite real and has been the subject of multiple FBI warnings to financial institutions in the United States since the summer.


In the recent attacks against banks in Taiwan and Thailand, the malware infecting the banks’ internal networks and ATM systems was installed when bank employees clicked on links in phishing emails that appeared to come from other banks or ATM vendors and unwittingly downloaded the malware enabling the cybercriminals to take over the banks’ internal systems and ATM systems.    The danger of phishing cannot be overestimated.  According to Jeh Johnson, the Secretary of the Department of Homeland Security, “the most devastating attacks by the most sophisticated attackers almost always begin with the simple act of spear-phishing.”

This is a lesson to us all.  Whether at work or at home, the danger of phishing emails is tremendous, but it is easy to avoid.  Install anti-phishing security software on all of your electronic devices, however, you cannot depend on this software to keep you totally safe so the best rule to follow is to never click on any link or download any attachment in an email or text message unless you have absolutely confirmed that it is legitimate.

Scam of the day – November 4, 2016 – Security flaws exploited by Russian hackers

Earlier this week it was disclosed that an older version of Microsoft’s Windows software along with the much exploited Adobe Flash software had been exploited by Russian hackers to attack computer systems to gain access to information.  The group that had done these recent hacks appears to be the same Russian hackers responsible for hacking the Democratic National Committee earlier this year.  Adobe has already issued a security update to patch the vulnerability.  A link to the security update can be found in yesterday’s Scam of the day.  Microsoft has said that it will have a security patch available on November 8th.  As soon as it is available, I will let you know here at Scamicide.  Users of Windows 10, the latest version of Windows and the Microsoft’s Edge browser are protected from the attack.

Once again, the malware necessary to spread these computer hacks was spread, as so often is the case, by spear phishing emails luring unsuspecting victims into clicking on links that downloaded the malware.


The best thing you can do to help protect yourself from being hacked is to never click on links in emails or text messages from anyone until you have absolutely verified that the messages and the links are legitimate.  Trust me, you can’t trust anyone.

It is also important to update your security software on all of your electronic devices as soon as security updates become available.  Hackers constantly exploit vulnerabilities in software for which there already exist security patches, but which have not been installed by consumers.

Scam of the day – September 22, 2016 – New Aol phishing scam

Millions of people still use AOL.  One reason is that you get greater email privacy when compared to some other email carriers. Due to its popularity, scammers and identity thieves often send out phishing emails that appear to come from AOL, such as the one reproduced below.  The logo and format of this particular email that is presently circulating is quite poor.  Compare it to the excellent counterfeit phishing email I included in the Scam of the Day for May 31, 2014.  This one comes from an email address that has no relation to the company, AOL.  Further, it is not directed to the recipient specifically by name.  Like many similar scams, this one works by luring you into clicking on a link in the email in order to resolve a problem.  However, if you click on the link, one of two things will happen.  You either will be prompted to provide information that will be used to make you a victim of identity theft or by clicking on the link you will unwittingly download a keystroke logging malware program that will steal all of the information from your computer and use it to make you a victim of identity theft.   Here is how the email appears.  DO NOT CLICK ON THE LINK:
Your two incoming mails were placed on pending status due to the recent upgrade to our database,In order to receive the messages CLICK HERE to Login and wait for response from AOL Mail.We apologies for any inconveniences
Best Regards,
The AOL! Mail Team
When AOL communicates with its customers about their accounts, they do so by AOL Certified Mail, which will appear as a blue envelope in your inbox and will have an official AOL Mail seal on the border of the email.  This particular email had neither and only had an easy to counterfeit Aol logo appear on the email.  Whenever you get an email, you cannot be sure of from whom it really comes.  Never click on a link unless you are absolutely sure that it is legitimate.  If you think the email might be legitimate, The best thing to do is to contact the real company that the email purports to be from at an address or phone number that you know is accurate in order to find out if the communication was legitimate or not.  Remember, never click on links in emails unless you have confirmed that they are legitimate.

Scam of the day – September 15, 2016 – What the data breach at the World Anti-Doping Agency means to you

The World Anti-Doping Agency (WADA), the international agency that enforces the rules regarding the use of performance enhancing drugs and other prohibited substances by athletes around the world was hacked, apparently by Russian hackers who released the medical files of American athletes Simone Biles, Venus Williams, Serena Williams and Elena Delle Donne.  In each case, the records show that these athletes used drugs that were permitted under the Therapeutic Use Exemptions for legitimate medical reasons.  In the case of Simone Biles, the records indicated that she took Ritalin for ADHD.  None of the use of these drugs appeared to be related to improper drug use for performance enhancement.

Perhaps the bigger aspect of this story and one that is being overlooked in much of the media is how the hacking was accomplished.  Once again it appears that the hacking was done by exploiting information obtained through spear phishing.  Spear phishing occurs when you receive an email or text message specifically tailored to you with a link in it that the victim clicks on and unwittingly downloads keystroke logging malware that enables the hacker to be able to steal all of the information from the victim’s computer or smartphone including passwords and other critical information.


Spear phishing has been used successfully by hackers in most of the major data breaches of the last few years including Sony, Target and the Office of Personnel Management (OPM).  Spear phishing is distinguished from the usual phishing email that can be easily spotted because, unlike ordinary phishing emails and text messages, spear phishing emails and text messages often appear to come from a trusted source and contain sufficient personal or relevant information that they appear to be genuine.  Often, we are our own worst enemies because we provide too much personal information on social media that can be used by clever cybercriminals to fashion spear phishing emails and text messages.  It is for this reason that you should never click on any links in an email or text message until you have confirmed that the email is legitimate.  You should also use security software and make sure that it is constantly updated with the latest patches although even doing that won’t protect you from the newest zero day exploits which exploit computer vulnerabilities that have previously not been discovered.  It usually takes the security software companies about a month to come up with defenses against the latest zero day exploits.

Scam of the day – September 12, 2016 – Four year old data breach revealed

It was recently disclosed that Brazzers, a porn website had been hacked four years ago.   Personal information of users of its forum in which subscribers communicated about porn movies was stolen and is now available on the Internet.  The information stolen included not only user names, email addresses and passwords, but also the substance of their  conversations in the forum, which could be embarrassing to Brazzer subscribers if the information became public leading to concerns about blackmail by cybercriminals with access to this information.  This data breach is reminiscent of the data breach at Ashley Madison, which proved to be extremely embarrassing to customers of that website that dealt with extra-marital affairs.  Of course, any data breach in which user names, email addresses and passwords are compromised poses a threat to the victims of the data breach who can be more seriously victimized by cybercriminals using that information to advance spear phishing schemes targeting the victims and luring them to click on links that will download keystroke logging malware that will steal personal information from the victim’s computer, smartphone or other electronic device and use that information to make the person a victim of identity theft.  In addition, many people use the same password for all of their accounts and once their password at one website becomes known, it can lead to attacks at other places such as online banking.


The website Have I Been Pwned is a good place to go to find out if you have been victimized in a data breach.  This website gathers information about data breaches and you can put in your email address to find out if you have been a victim of any data breaches such as Brazzers where information is being circulated on the Internet.  It is also important to use a distinct and unique password for each of your online accounts so if you do become a victim of a data breach at one account, the security of your other accounts are not threatened.  Finally, for people who go to websites that they would prefer no one to know about, they should consider using a different user name and separate email address from their usual use name and email address.

Scam of the day – September 10, 2016 – A new Chase phishing email

Phishing emails, by which scammers and identity thieves attempt to lure you into either clicking on links contained within the email which  download malware or providing personal information that will be used to make you a victim of identity theft, are nothing new.   They are a staple of identity thieves and scammers and with good reason because they work.  Reproduced below is a copy of a new phishing email presently circulating that appears to come from Chase Bank.  DO NOT CLICK ON THE LINK.  Chase is a popular target for this type of phishing email because it is one of the largest banks in the United States.  Like so many phishing emails, this one attempts to lure you into responding by making you think there is an emergency to which you must respond. As phishing emails go, this one is pretty good.  It looks legitimate.  However, the email address from which it was sent is that of an individual totally unrelated to Chase and is most likely the address of an email account of someone whose email account was hacked and made a part of a botnet of computers used by scammers to send out phishing emails.   The grammar and spelling is good, but a minor flaw is the inconsistent capitalization in the phrase, “All Rights reserved.” Also, as so often is the case, the email is not directed to you by name and does not contain your account number in the email.  It carries a legitimate looking Chase logo, but that is easy to counterfeit.

Chase logo

Chase Bank Online® Department Notice:

Your online account has been suspended (Reason: the violation of terms of service).
Update and Restore your online account Now
Log On
Thank you for using Chase Bank.
Member FDIC © 2016 Chase Bank Financial Corporation. All Rights reserved.

There are a number of indications that this is not a legitimate email from Chase, but instead is a phishing email. Legitimate credit card companies would refer to your specific account number in the email.  They also would specifically direct the email to you by your name.  This email has no salutation whatsoever.  As with all phishing emails, two things can happen if you click on the links provided.  Either you will be sent to a legitimate looking, but phony webpage where you will be prompted to input personal information that will be used to make you a victim of identity theft or, even worse, merely by clicking on the link, you may download keystroke logging malware that will steal all of your personal information from your computer or smartphone and use it to make you a victim of identity theft.  If you receive an email like this and think it may possibly be legitimate, merely call the customer service number where you can confirm that it is a scam, but make sure that you dial the telephone number correctly because scammers have been known to buy phone numbers that are just a digit off of the legitimate numbers for financial companies, such as Chase to trap you if you make a mistake in dialing the real number.