It’s one thing to be taken in by a hacker. It’s another thing to be taken in by a bot. Called trickbots, they are a network of bots, or Internet robots, that trick the recipient into divulging some personal information.
Now word comes that the latest trickbot, which is an updated version of an existing trickbot, is being used “to target three of the largest mobile carriers in the United States, namely Verizon Wireless (August 5), T-Mobile (August 12), and Sprint (August 19).” The trickbot in this instance is being used to grab user’s PIN code.
“The targeting of mobile PIN codes by this threat actor or other groups associated with Trickbot suggests that cybercriminals might be interested in engaging in port-out or SIM swap fraud,”
If you’re like me you subscribe to a lot of things online, which means eventually you get overwhelmed and unsubscribe to a lot of things. I was wondering how long it would take for some hacker to replace that unsubscribe link in a subscription email with a malicious phishing link if you do not have email security service in place. I don’t have to wonder anymore.
Now comes word of an “unsubscribe’ scam. According to The Defence Works, one of the employees there received a bogus email. “The body of the email was straight forward. It told me I had requested an unsubscribe from a dating mailing list. Below this were two boxes with links to let me either confirm the unsubscribe or continue my subscription.” Of course, neither box what it promised to do. What did it do? Harvested the recipients email address. This is what’s called playing the long game in hacker terms.
According to the article, “This type of scam email is particularly dangerous because they can go under the radar. Email harvest scams do not follow the typical phishing profile. Instead, they are like scouts, checking out the lay of the land to increase the chance of a subsequent phishing campaign being successful.”
When is a video not a video? When it’s a deepfake video. What’s a deepfake video? According to Security Week, “Deepfake videos are videos that use artificial intelligence to map an almost flawless video image of one person (the target, say, a company CFO) to another (the fake, say, an actor). The video image of the target can be constructed from still photos, and is then mapped to the moving image of the fake. Deepfaked audio, similarly constructed via artificial intelligence from existing target recordings is then added. As a result, it is possible to manufacture a video of almost anyone saying almost anything.”
If you thought business email compromise (BEC) emails are an effective phishing tool, just imagine what a deepfake video can do. Don’t think it’s possible? “In June 2019, a fake video of Facebook CEO Mark Zuckerberg was posted to Instagram that showed him giving a speech about the power of Facebook and saying things that he never actually said.” Yeah, it’s possible.
Social Engineering Toolkit
At the heart of every effective phishing attack is great social engineering. Now, according to Security Week, “A new social engineering toolkit has been discovered. The basic premise is to compromise a website and use that to display an overlay. The overlay entices visitors to install an update that really downloads the NetSupport RAT.” The researcher as security firm Malwarebytes have called this new campaign Domen. Sounds a lot like damien, doesn’t it?
It was not a good week to be a dentist. “Dental practices across the country found themselves locked out of their patient files after a hacker group infected a pair of software providers with REvil, or Sodinokibi, ransomware,” according to an article on SC Magazine website. The good news, if there was any, is that “The two companies, The Digital Dental Record and PerCSoft, which created DDS safe to provide medical records retention and backup services to dental offices, ponied up the ransom for a decryptor that they have passed on to the practices affected.” That’s standing by your product.
Lumber Liquidators Attack
In the market for a new hardwood floor? You may want to stay clear of Lumber Liquidators, one of the largest retailers of hard-surfacing in America. According to an article on Security Week, “Lumber Liquidators this week revealed that it managed to restore most of its network after a malware attack disabled parts of it for nearly a week. The incident ultimately disabled certain corporate and store systems nationwide.” The good news, if there is any, is that “investigation hasn’t revealed any possible compromise of sensitive and confidential consumer or employee data.”
Healthcare Provider Phishing
Another week, another healthcare provider got phished as they did not have any email security solution. According to Health IT & CIO Report, “Macon, Ga.-based Navicent Health began notifying 1,400 patients that their information may have been exposed in a data breach. Patient data that may have been affected included names, addresses, Social Security numbers, telephone numbers, medical records, insurance information, bank accounts and other personal information.”
And that’s the week that was