Today’s Scam of the day comes from the inbox for my own email. It is a common phishing scam that attempts to lure the victim into clicking on a link contained in the email. If the intended victim clicks on the link, he or she will unwittingly download keystroke logging malware that will enable the scammer to steal all of the personal information from your computer or smartphone and use it to make you a victim of identity theft. This particular phishing email follows a common pattern at educational institutions or businesses where the email is made to appear as if it originated with your school’s or company’s IT department requiring you to verify your account in order to continue to use your email account. It appears to be legitimate, but it is not. Here is a copy of the email. DO NOT CLICK ON THE LINK.
Many of you may not be familiar with the acronym ICANN which stands for the Internet Corporation for Assigned Names and Numbers, however everyone is familiar with what they do. ICANN is the international organization that administers all website domain names. ICANN recently disclosed that it had been hacked since November. Fortunately, the extent of the hacking and data breach was minimal and passwords were not stolen since they were maintained in an encrypted manner by ICANN. The hackers did, however, manage to obtain the names, addresses, email addresses and phone numbers of ICANN customers. ICANN is in the process of notifying those people whose data was compromised. The danger posed by this information falling into the hands of scammers is that it can be exploited by a technique called “spear phishing” where specific people are targeted in emails that appear to be from legitimate sources and directed to them personally by name, such that the victim is more likely to trust that the email is legitimate and be lured into clicking on links contained in the email or text message that contain malware that will enable the scammer to steal the personal information of the victim and use that information to make the person a victim of identity theft.
Remember my motto, “trust me, you can’t trust anyone.” Regardless of whether an email or text message appears to be legitimate, you should never click on links until you have absolutely confirmed that the message is legitimate and the link is legitimate. Even if the email or text message is addressed to you personally and appears to come from someone or some business or agency with which you have a relationship, you can never be sure that the communication is legitimate and the risk of downloading keystroke logging malware is too great to trust such communications until you have absolutely confirmed that such communications are legitimate. Additionally, it is important to keep your anti-malware and anti-virus software up to date remembering that your security software will always be at least a month behind the latest malware threats.
The Android operating system is used in many popular smartphones including the Google Nexus, HTC, Samsung Galaxy, Motorola Moto and LG Electronics phones. Recently, researchers at the University of California Riverside have discovered a dangerous vulnerability in the Android operating system that permits most Android apps to be easily hacked. This is done when an app infected with malware is unwittingly installed that uses the shared memory of the apps to hijack information from other apps such as those used for online banking while avoiding the Android system’s permission and security system. Some of the apps that the researchers found they were able to access by exploiting this Android vulnerability included apps of Chase Bank and Gmail. The Chase Bank app is particularly problematic because it would allow a hacker to see pictures of checks taken using the Android smartphone as well as bank account information thereby making identity theft and stealing from the victim’s bank account a simple task.
Until the Android developers manage to fix this vulnerability in their operating system, the most prudent thing that Android users can do is to make sure that they are careful in downloading apps to avoid the tainted apps required to exploit this vulnerability. Stick to apps sold or provided at legitimate app stores and make sure that your anti-virus and anti-malware software is up to date.
The E-Z Pass transponder system is available to drivers in fourteen states and enables the drivers to avoid stopping to pay tolls when driving on toll roads. Instead they merely drive through a special lane where their transponder is electronically read. The tolls are then charged to a credit card on file with E-Z Pass. It is a very efficient system that works well. It also works well for scammers who recently have been sending phishing emails to residents of New York, New Jersey, Massachusetts and even Canada where they system is also used. The emails appear official looking. It carries the logo of E-Z Pass. The message is short. It reads: “Dear customer, You have not paid for driving on a toll road. This invoice is sent repeatedly, please service your debt in the shortest possible time.” The stilted language is a good indication that this scam may have originated in a country where English is not the primary language. The email goes on to indicate “The invoice can be downloaded here” and it provides a link for you to supposedly access your bill. DON’T CLICK ON THE LINK. In some versions of the scam, if you click on the link, you will be prompted to provide information that can be used to make you a victim of identity theft. In other versions of the scam, merely clicking on the link will download malware on to your computer that will steal all of your personal information from your computer and use it to make you a victim of identity theft.
Never click on links or download attachments in emails or text messages regardless of how official they may appear. You can never be sure as to whether it is legitimate or not. Your best course of action is, if you have any inclination that it may be legitimate, to contact the real company or agency and inquire as to the legitimacy of the contact. In this particular case, E-Z Pass does not communicate regarding bills by emails so you can be confident if you do get such an email it is a scam. As always, you should also make sure that your anti-malware and anti-virus software is kept up to date, but don’t rely on that to keep you safe because the best anti-malware and anti-virus programs are always at least thirty days behind the latest malware and viruses.
With an estimated 46% of the planet’s population eagerly watching the FIFA World Cup tournament it should come as no surprise that this event will also spawn scams and identity theft schemes concocted by criminals around the world. One of the most common scams involves an email informing you that you have won tickets to the tournament in Brazil. However, if you click on the link in the email, you will only succeed in downloading malware on your computer that will steal your information which will then be used to make you a victim of identity theft. Another common scam being seen now is one in which you are promised that by clicking on links in the email you will either be able to get free access to the games streamed on the Internet or free news and highlight videos. Again, however, if you click on the links, you will end up installing malware on your computer.
The advice is the same as always, never click on links in emails unless you are absolutely sure that they are legitimate. It is impossible to win a contest you have not entered so that should be warning enough not to click on links in emails regarding contests you apparently have won although you never entered. It is impossible to know if any of these emails that you receive regarding the World Cup are legitimate, so do yourself a favor and stick to either the official FIFA website, www.fifa.com or other sports websites that you know are legitimate, such as ESPN’s www.espn.go.com. Also, make sure that your anti-malware and anti-virus security software is up to date.
It was only a few days ago that I warned you about some iPhone scams threatening users of Apple’s iPhone through a manipulation of the Find My Phone feature of the iPhone. The Find My Phone feature allows iPhone owners to track and lock their phones if they are lost or stolen. However this feature was allegedly misused by two Russians who used phishing techniques to get access to their victims’ Apple ID accounts where they activated the phone locking feature. They then sent messages to their victims indicating that they would remotely delete the data in their phone and keep the phone locked unless they paid a ransom. Another technique allegedly used by the pair of criminals to gain access to the phones was to place online ads offering to provide access to much media content to be accessed through the victim’s iPhone. Once the victim linked his or her iPhone to the scammer’s account, the scammers activated the Find My Phone feature to lock the phone.
The best way to resolve a problem is to avoid the problem altogether. As I constantly warn you, never click on links in emails unless you are absolutely sure that they are legitimate. It is always safer to confirm first that the email with a link is legitimate first before considering clicking on the link. You also should make sure that you always backup whatever content you keep on all of your electronic devices. All of your electronic devices should also be protected with anti-virus and anti-malware software although it is important not to rely to heavily on these security programs because they are always a bit behind in protecting you from the latest malware and viruses. Finally, If you are unlucky enough to have had your iPhone hijacked, you can correct the problem yourself through a “hard” reset. Here is a link to instructions from Verizon as to how to do a hard reset: http://www.verizonwireless.com/support/devices/knowledge_base.html/39607/
You also can to to your Apple store with your iPhone and proof of purchase to have Apple resolve the problem.
Only a few days after federal officials managed to take over and shut down the computer networks used by hackers to spread a type of ransomware called CryptoLocker, a new form of ransomware is being used by other hackers to infect the computers of unwary victims. Ransomware is a type of malware that when unwittingly downloaded on to your computer encrypts all of your data and prevents you from accessing your data unless you pay a ransom to the hackers. In most cases the hackers have been asking for $200 and if it is not paid quickly, tripled to $600. The particular malware used is called RIG and is being sold on the Internet to criminals for as little as $60 per day. In many cases the malware has been spread through malvertising, which is legitimate appearing advertising which may be found on legitimate websites unwittingly carrying the advertising without knowing it is a scam. Links in the malvertising when clicked on download the malware on to the unwary computer user’s computer.
This is a good time to extend the warning from never clicking on links in emails unless you are sure that they are legitimate to never clicking on any links until you are convinced that they are legitimate. In the case of the spreading of RIG, it was malvertising that appeared on advertising on legitimate websites so many people trusted the advertisements. Unfortunately, merely because an advertisement appears on a legitimate website does not mean that the advertisement is legitimate. In addition, other safeguards you should be taking include backing up all of your data and maintaining your anti-malware and anti-virus software up to date with the latest security patches.
Earlier this week, the Department of Justice revealed that it had broken a massive hacking scheme and taken over the computer servers that spread two major types of malware about which I have warned you previously. The two types of malware are GameOverZeus and Cryptolocker. GameOverZeus steals banking information from victims’ computer which the hackers then used to empty their victims’ bank accounts. Cryptolocker is a particularly insidious type of malware that when installed on the victim’s computer encrypts all of the data contained on the computer. After the encryption was accomplished, the criminals then notified the victim that their data would be destroyed unless a ransom payment was made. This type of malware, has, appropriately been deemed ransomware. Law enforcement officials estimate that as much as 100 million dollars was stolen by the gang operating these malware programs through a botnet. Members of the gang included Russians, Ukrainians and British criminals. Through the joint efforts of the FBI and law enforcement agencies in ten other countries, the computer servers of the hackers were seized and the alleged ringleader of the group, Russian Evgeniy Bogachev was indicted. American authorities are in contact with Russian authorities to have Bogachev extradited to the United States for trial.
This story is important for many reasons. Certainly is not only good to see law enforcement cracking criminal hacking crimes, but also seeing international cooperation in the law enforcement effort. However, ultimately, law enforcement is not going to be able to prevent you from becoming a victim of hackers seeking to steal from you through the use of malware such as GameOverZeus and Cryptolocker. Instead the burden of protecting you from these attacks falls on all of us individually. In all cases, these malware programs ultimately found their way to their victims’ computers when the victims invited them in by clicking on tainted links in emails or downloaded tainted attachments from phishing emails. The first line of defense is not to ever click on emails or download attachments unless you are absolutely sure that they are legitimate. You should also make sure that you have constantly updated anti-virus software and anti-malware software on all of your electronic devices.
The United States Department of Homeland Security has issued a warning about the GameOverZeus malware that contains links to a number of effective anti-malware programs that can help protect your computer and other electronic devices from infection and remove the infection if it occurs. Here is a link to that warning which, in turn, contains a link to the anti-malware software programs: https://www.us-cert.gov/ncas/alerts/TA14-150A
A recent report from computer security company, Kaspersky Labs confirms what I have been telling you for the last few years. As people use their smartphones more and more, hackers and identity thieves are focusing their attention on our mobile devices. The tactic they use is the same type of phishing technique used for years to lure people through tainted messages in emails to click on infected links that download keystroke logging malware on to their victims’ computers that then steal personal information such as credit card numbers, Social Security numbers and banking information from the computer and use that information for identity theft purposes. Many people are far too trusting of the apps, social media and text messages on their smartphones which have now become a prime source of links with malware that unwitting victims click on and the become victims of identity theft when the identity thieves steal information from their victims’ smartphones.
You can never trust any email, phone call, text message or any other form of communication that comes to you as being legitimate. Never click on a link or download an attachment regardless of how your receive it even if it appears to come from a trusted source. Your trusted source may have been hacked and you are being targeted through a technique called spear phishing where you receive a communication that appears to come from someone you trust and is addressed to you personally. Never click on any link or download an attachment until you have confirmed that it is legitimate. It is also important to install and maintain up to date anti-virus software and anti-malware software on all of your electronic devices including your mobile devices. Too many people fail to protect their smartphones even though they use them so much and store important information on them.
Hardly a day goes by that I don’t receive a number of email scams and I am sure you are receiving the same or similar ones. Today’s scam of the day comes from an email that came with the message line “Wire Payment Transfer Confirmation.” Here is a copy of the email:
"I am glad we were able to resolve the issue with the payment. I have attached
the confirmation slip from the completed wire of $13,700 into your designated
account. Please view the slip attached and get back to me ASAP.
Attached to the email was what was indicated to be a confirmation slip from a wire transfer. Curiosity killed the cat and it can also infect your computer. Scams like this appeal to your curiosity. Don’t give in because if you download the attachment all you will succeed in doing is downloading keystroke logging malware that will steal the information from your computer and use it to make you a victim of identity theft.
Never click on links in email or download attachments unless you are absolutely positive that they are legitimate. I have never done business with someone named Weber Green so why would I download an attachment from him? Even if an email appears to be legitimate, you should always confirm that it is real before ever considering downloading an attachment or clicking on a link. Also, make sure that you have up to date anti-virus and anti-malware software on your computer and other electronic devices.