A phishing scam that uses what to scam you? Hand sanitizer? That according to WHNT News.
“A phishing email went out to businesses saying the BBB had antiviral, antibacterial hand sanitizer that was being offered exclusively to those receiving the email. It said with only a few weeks until the area opens back up, businesses needed to be stocked. The email then encouraged them to click a link in order to get their supply of hand sanitizer. The BBB says this email was not sent from them, and was a scam.” Keep your hands clean, but not like that.
Halton Region Computer Breach
Can a successful phishing scam really claim access to your computer? Yes, but just because it can doesn’t mean it did. And that’s what the police in Oakville Ontario are trying to warn the residents.
From the Oakville News website, “Over the past week, the Halton Regional Police Service (HRPS) received more than 30 calls concerning the same phishing scam email. In this email, a current or previous password used by the victim is provided as proof that the sender has access to the victim’s computer.” But the scammers do NOT have access to the computers. The passwords were most likely obtained from a previous data breach as victims did not have email security services. If you can’t trust hackers to tell you the truth during their scam, who can you trust?
Phishing Phrontier
It’s always comforting to hear how cyber crooks are updating the technology used in their attacks. This week, Nemty ransomware-as-a-service operation are reportedly folding up shop as they concentrate their efforts on a newly launched malicious encryptor.”
The really bad news? Victims of their “old” technology now have only a limited time to pay up. “The decision to shut down Nemty could leave some individuals in a lurch. As of April 14, the cybercriminals are giving victims one week to pay their ransom and receive a decryption key before Nemty’s payment infrastructure is supposedly dismantled. This ticking clock could coerce some panicked victims to hastily pay up.” Talk about pressure.
Printer Hacking
When you think of the items in your office that are vulnerable to a security threat, you probably don’t think of your printer. But maybe you should. This from an article entitled “Office printers: The ticking IT time bomb hiding in plain sight.”
From the article, “Last summer, a Russian hacker group penetrated numerous organizations by first infiltrating unprotected printers, which were connected to the same network as every other device, and then laddering up to exploit increasingly sensitive areas.” Let that be a lesson to you.
Smart TV Breach
When do smart TVs become scary TVs? When they get spoofed to deliver billions of fake ad impressions.
“A cybergang created a botnet that used Smart TVs to generate fake eyeballs for a massive ad fraud campaign that saw billions of ad requests being generated per week. The campaign, nicknamed Icebucket, was uncovered by a team of researchers at White Ops Security. At its peak in January 1.9 billion fake ad requests were being generated per day by Smart TVs and other devices impersonating about two million people scattered over 30 different countries.” That’s why ads cost so much. Nobody is actually watching them, but your TV is watching you.
Body Count
We’re always shocked when tech companies get hit with breaches. This week’s victim? Application Software Technologies. “The San Diego-based firm discovered on March 9 that an unauthorized party had accessed the company by obtaining access to a company email account. The attacker essentially took over the email account, used it to request the employee’s 2019 W-2 data and then divert the information to themselves.” Assume that one of the company’s applications is NOT email security.
Financial Loss due to Covid-19 Scams
We can now put a number of the financial losses experienced by US victims from COVID-19-related scams. $13 million, according to the FTC. Not so fast. According to an article on Help Net Security, “The real amount must be higher, though, as these losses are just the ones associated with the 17,425 COVID-19 complaints the FTC received in the last three months and a half. There are surely victims out there that didn’t bother to file a complaint.” In other words, this is only the amount we know about. and it doesn’t count non-COVID scams.
German Government Phishing Attack
Not to be outdone by the Americans, the German government might have lost tens of millions of euros in COVID-19 phishing attack. “The government of North Rhine-Westphalia, a province in western Germany, is believed to have lost tens of millions of euros after it failed to build a secure website for distributing coronavirus emergency aid funding.”
Continuing from the article, “The funds were lost following a classic phishing operation. Cybercriminals created copies of an official website that the NRW Ministry of Economic Affairs had set up to distribute COVID-19 financial aid. Crooks distributed links to their sites using email campaigns, lured users on the sites, and collected details from locals. They then filed requests for government aid on behalf of the real users but they replaced the bank account where funds were to be wired.”
And that’s the week that was.