Beware of photo sharing messages from Google. It’s a scam according to the Better Business Bureau.
From the BBB, “You get an email or text message that appears to come from Google Photo. Someone is sharing an album of photos with you. To view the photos, you just need to click the link. The message looks so real! It may use a convincing URL, which has been created by Google’s goo.gl URL shortened to appear to be an official Google domain name. The catch? There is no photo album. It’s a phishing con.”
Brookline Police Department Scam
Every now and then the people set to protect us, become part of the scam. Such was the case recently with the Brookline, MA police department. They were the unwitting participants in an imposter scam.
According to Scamicide, “Recently the Brookline, Massachusetts Police Department reported on its Instagram account about a woman receiving a telephone call that her Caller ID indicated was from the Brookline Police Department. The person calling identified himself as ‘officer Turner’ and told her that her bank account had been hacked and asked for her bank account information. Fortunately, the savvy Brookline citizen recognized that this did not seem legitimate with the help of email security software, hung up the call and then called the Brookline Police Department who informed her that the call was a scam, that there was no Officer Turner and that no police officer would ask her for personal financial information over the phone.” The old Officer Turner scam.
Phishing Phrontier
In the “good to know department,” apparently there is a security flaw that allows bypassing PIN verification on Visa contactless payments.
From We Live Security, “A team of researchers from the Swiss Federal Institute of Technology in Zurich (ETH Zurich) has found a security vulnerability in Visa’s EMV contactless protocol that could allow attackers to perform PIN bypass attacks and commit credit card fraud. The academics demonstrated how the attack can be carried out using two Android phones, a contactless credit card, and a proof-of-concept Android application that they developed specifically for this purpose.”
Orange County Scam
How can a simple package be used to phish you? When it’s a fake simple package, this according to the Orange County (CA) Sheriff’s department.
From KTLA News, “Cyber criminals are dangling the promise of a pending package in a phishing scam aimed at obtaining your personal information, the Orange County Sheriff’s Department warned Sunday. Here’s how the scam works: An SMS message is sent to cellphones with a malicious link, which prompts the user to submit personal data, the Sheriff’s Department said in a Facebook post. The information being sought can then allow cyber criminals to steal a person’s identity, empty that individual’s bank account or install malware on the cellphone.”
Body Count
738GB of data is a lot of data. And you don’t have to tell that to Service NSW of Australia because they’re the organization that lost the data.
According to IT News, “Service NSW has revealed that hackers behind an email compromise attack against 47 staff members earlier this year stole 738GB of data, encompassing 3.8 million documents. the one-stop-shop for NSW government services confirmed the data loss, which included the personal information of 186,000 customers.” Ouch.
Bitcoin Wallet Hack
Now you probably don’t have any Bitcoin, most people don’t. And that’s a good thing because the wallets used to store Bitcoin are constant under attack. This week’s victim lost $16 million.
According to Inside Bitcoins, “The user, who goes by the name ‘1400BitcoinStolen’, explained that he had downloaded the Electrum crypto wallet and got a pop-up message to update the app. The security update was a requirement before making any fund transfers, so he installed it and tried sending all the funds in his account. Sadly, the funds were maliciously diverted and are now in the possession of a hacker.” Double ouch.
And that’s the week that was.