Our first scam of the week “Says it will pay for data breaches.” Really? You don’t say?
“A new phishing scam that masquerades as a U.S. government consumer agency is supposedly paying data breach victims for the loss of their personally identifiable information. Instead, once consumers enter their name, birthdate, credit card number and Social Security number, you can probably guess what happens next.” Yes, we can.
Invoice Phishing Scam
The next phishing scam of the week is “spreading fake invoices loaded with malware.” Don’t pay those invoices—don’t even open them up.
“A notorious malware campaign is targeting banks and financial institutions in the US and the UK with cyberattacks that are not only destructive in their own right, but could also be used as the basis for future intrusions by other hackers. The malware is delivered via phishing emails that contain a malicious Microsoft Word document. This time the email subject lines are based around invoices, bank details and other financial subjects – common terms to attract the attention of workers in the finance sector.”
Corona Virus related Scam
In the “you knew it had to happen” category, our last scam of the week revolves around coronavirus-related anxiety.
“As cases of the virus infection keep popping up across the world – demonstrating just how small (i.e., well-connected) our planet is – so do fake news and videos about the situation on social media, as well as malware, phishing schemes and other scams in people’s inboxes. The latest example of the latter are fake emails purportedly coming from the World Health Organisation (WHO), which is, ironically, engaged in fighting an infodemic of fake coronavirus-themed news online.” You’ve been warned.
From the “truly scary” department comes word that hackers can now “silently exfiltrate sensitive information from air-gapped computers by manipulating the brightness of their screen.” They don’t even need direct access to your computer!
Researchers from Israel’s Ben-Gurion University of the Negev and the Shamoon College of Engineering “showed how a piece of malware could collect valuable data from a device (e.g. passwords, encryption keys, files), modulate it in screen brightness, and transmit it to a nearby camera. They captured data from up to 9 meters (30 feet).”
Vulnerability in Philips Bulbs
From the “inevitable” department comes word that WiFi light bulbs are vulnerable to attack. “Check Point researchers have found a vulnerability in Philips Hue smart bulbs and bridge enabling them to remotely infiltrate the device. Check Point’s Institute for Information Security team was able to take control of a light bulb and install malware enabling them to take over the device’s control bridge and attack the network.”
Apparently, if you want to be safe you should turn off your computer and sit in the dark.
You expect ransomware to hit your computer, and maybe even your mobile device. But industrial control systems? You know, things that enable you to remotely turn things on and off?
According to Help Net Security, “New ransomware targets industrial control systems. Researchers from various security outfits have been analyzing EKANS (aka Snake) since it emerged in mid-December 2019 and found that, among other things, it’s capable of stopping a number of processes (applications) related to ICS (industrial control system) operations.” I wonder who will pay the ransom.
It costs a lot to be beautiful, but nobody ever said it would cost you your privacy. From Security Week, beauty products manufacturer Estée Lauder admitted that a database with 440 million records was left unprotected. “In total, 440,336,852 records were inadvertently exposed to the Internet, including audit logs containing a large number of email addresses in each document.” If you’re an Estée Lauder customer you should be expecting some spam in your inbox pretty soon.
University of Maastricht Ransomware Threat
Poor University of Maastricht in The Netherlands. It was just sitting there minding its own business when it was hit with a ransomware attack. In the end it decided not to fight it and “paid a ransom of 30 Bitcoins (about $240,000 at the time, $294,000 today) for a decryption key to the CLOP ransomware.”
How did this ransomware come to be? How else? “A series of phishing emails was delivered, and two were successful on different workstations.” In other words, two different staff took the bait.
Phishing Attack on Water Dept in Greenville
Not to be outdone, the water department in Greenville, SC was hit with a phishing attack. Question: what caused the phishing attack? Answer: “Greenville Water officials say that a cyber-attack happened after an employee clicked on a phishing email.” The more things change the more they stay the same.
And that’s the week that was.