If it’s in the news, it will probably be used in a scam shortly thereafter, and such was the case this week. According to an article on Bleeping Computer, “An attacker is attempting to take advantage of the recent warnings about possible Iranian cyberattacks by using it as a theme for a phishing attack that tries to collect Microsoft login credentials.”
“The phishing email goes on to say that in response to this attack, Microsoft was forced to protect their user by locking their email and data on Microsoft’s servers. To gain full access again to this locked data, the phishing email says that the recipient must log in again.” You have been warned.
Does it ever surprise us when PayPal re-appears in the list of scams? Nope. Such was the case this week when it was reported by IT Governance that the “Latest PayPal phishing scam goes for more than just your login details.” According to the article, “It begins with a standard phishing email, but victims end up handing over financial and personal details in addition to their login credentials. The scammers’ bait is an email supposedly from PayPal informing recipients that someone has attempted to log in to their account from an unknown device.”
You know you’re in trouble when the ransomware that threatens you is called Snake. According to SC Magazine, there is “another malicious encryption program that targets large enterprise networks in hopes of scoring big financial payoffs. The latest such threat is called Snake, a ransomware program written in the Go programming language, with an unusually high level of obfuscation.”
This is pretty sophisticated malware. “As Snake encrypts each network file, it reportedly appends a random five-character string to the extension, and then within each file it appends the file marker “EKANS” (SNAKE spelled backwards). Before the encryption begins, it removes shadow copies to thwart recovery efforts, and kills numerous process related to SCADA systems, virtual machines, industrial control systems, remote management tools, network management software and more. The ransom note, named Fix-Your-Files.txt and found in the desktop folder, provides the victim with an email address to contact for payment instructions.”
Smartphone Apps Hack
You have to hand it to hackers. They’re always coming up with new ways to avoid detection. A report this week from Phish Labs said that their “Security Operations Center discovered a new and unique evasion technique. It abuses an experimental feature available in select web browsers: device motion and orientation events. More specifically, the phishing attack abuses the gyroscope and accelerometers that have been built into smartphones for more than a decade. The most common uses of these sensors can be seen in those 3D images you see on Facebook, augmented reality street view on Google Maps, or even on Pokémon Go.” Gyroscopes and accelerometers? Go figure.
No matter how many data breaches at medical facilities we read about in the news, they never seem to stop. So, either these organizations don’t follow the news or they just don’t care. This week’s victim is the Minnesota-based hospital operator Alomere Health. According to SC Magazine, “Alomere Health this month began notifying patients of a data breach affecting 49,351 individuals, after a malicious actor gained access to two employee email accounts. Compromised data includes names, addresses, dates of birth, medical record numbers, health insurance information and diagnosis and treatment details information.”
Perhaps most frustrating of all, is that the hospital said in response to the attack, that it has “put in place additional security measures for all of Alomere Health employee email accounts.” Why is it they had to have a data breach to do that?
Manor ISD Phishing
A lot of school districts have been hit by phishing scams lately, but none of them worse than Manor Independent School District (in Austin, TX). According to CBS Austin, “Manor ISD is facing a loss of $2.3 million after police say the district fell victim to an email phishing scam. Police have not specified how it happened and it’s not clear if the district will get the money back.”
The one thing everyone seems to agree on is that scams of this magnitude are pretty rare. They could be extinct if these school districts would invest in phishing protection software, but that’s for another time.
Recovered from the Scam
Every now and then, in the world of phishing scams and ransomware, something good happens and that’s precisely what happened this week. According to Eyewitness News NY, “Nassau County recovers $710,000 sent in phishing scam.” That’s right, the county that actually fell for a phishing scam, got their money back.
Apparently, “The money ended up in Seattle, where there was an elderly woman. It dropped into her account. She was also set up and was a victim of this scam. The money then moved to several different accounts. The county was able to recover the money.” Whew!
And that’s the week that was.