Alert

now browsing by tag

 
 

Identity #theft alert: How 77,0000 Canadians lost $99 million last year in #extortion, #phishing and #romance scams

Source: National Cyber Security – Produced By Gregory Evans

Identity #theft alert: How 77,0000 Canadians lost $99 million last year in #extortion, #phishing and #romance scams

Randy Chester was visiting one of his usual second-hand haunts this summer, a Value Village in Toronto’s east end, when he spied a beautiful shirt and vest for $20. Excited about his new finds, he tapped his debit card, only to be shocked by the resulting message: Insufficient funds.

“I was upset because I knew I had money,” he recalls. He tried the card again at a variety store, a restaurant and then at an ATM belonging to his bank, CIBC, and got the same message. When he called the bank to see what was going on, they asked him if he had been shopping at Yorkdale Mall in the city’s north end. There was a $1,500 purchase debited from his account, but Chester, a cancer patient on disability who uses a walker, had been at a medical appointment at the Princess Margaret Cancer Hospital that day.

“It’s like, hello!” he jokes. “Value Village, yes. Yorkdale Mall, no. I couldn’t get there with my walker.”

Then he remembered that a young man had called him on his flip-phone a few days before, claiming to be from CIBC and saying there was a problem with his debit card. Chester knew better than to talk to anyone about his banking information and hung up. The next day, he got a text message, purportedly from CIBC, that had the last four digits of his debit card number in it, and asked him to text back “Y” for yes if it was his account. He assumed because they had his number already, it was legitimate. He hit Y and send.

“The bank told me they would never send a text message,” says Chester, 61. “I didn’t know that.”

Once he reported the problem, the bank locked down his account, reversed the charges, and gave him a new bank card. But it’s impossible to tell how the scammers got his bank information, which is often the case when it comes to identity theft, says Jessica Gunson, the acting call centre and intake unit manager at the Canadian Anti-Fraud Centre in Thunder Bay, Ont.

“It certainly sounds like a variation on phishing,” she says, but notes that it’s unusual because the thief already had Chester’s bank information when he or she sent the text.

“We do know thieves have been known to dumpster dive, and it underlines the importance of having a paper shredder in the home and in the office. We need to treat our personal information like cash.” For that reason, experts advise leaving your Social Insurance Number card and birth certificate in a safe place at home, since thieves can do a lot of damage with your name, birth date and SIN.

The Canadian Anti-fraud Centre, jointly managed by the Ontario Provincial Police, the RCMP, the federal Competition Bureau, manages the central database for fraud complaints. Investigators across the country rely on its vast stores of data to compare notes on mass-marketing fraud and online scams. In 2016, it logged more than 77,000 complaints that resulted in losses of more than $99-million, with the top scams by complaint involving extortion, phishing, and fake computer-service companies. The frauds that resulted in the most money lost were romance scams, at more than $20-million.

Though Gunson could not begin to guess how criminals got Chester’s information, she said it is important never to leave a paper receipt of a transaction in or near the banking machine, and to use online banking to check balances, rather than printing them out at ATMs.

“When it comes to identity theft and identity fraud, the difficulty is in pinpointing the source. Unless (investigators) find a boiler room where people are mass producing ID, it is difficult to determine on an individual basis where it is coming from.”

The good news is most cases of identity theft and identity fraud result in little financial loss to the victims, but Gunson says it takes time and effort to untangle the mess.

In Montreal, actor Paul Burke figures someone used a surveillance camera or fake keypad or card reader to obtain his PIN, which they used to empty his account of $700 in the summer of 2010. He called the bank, which contacted the RCMP. And then he waited.

“ I called them back after a week and I said, ‘I have zero money. I need my money back,” says Burke, 48.

Within a day or two of that call he had the money in his account, but to this day he has no clue what happened.

“It was so bizarre. I consider it a one-off, but obviously I should be more careful.”

The post Identity #theft alert: How 77,0000 Canadians lost $99 million last year in #extortion, #phishing and #romance scams appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

CyberSecurity Alert in South Korea and the United States as Data Stealing Malware Attacks the Infrastructure

Source: National Cyber Security – Produced By Gregory Evans

CyberSecurity Alert in South Korea and the United States as Data Stealing Malware Attacks the Infrastructure

FormBook is the new malware from attackers targeting manufacturing, defense, and aerospace firms in the South Korea and the United States.

According to the expert FireEye researchers, Formbook was identified in numerous distribution campaigns attacking the U.S. with emails containing unauthentic XLS, DOC, or PDF files. Even similar attacks from FormBook have been identified in South Korea through emails containing malicious files in ZIP, ACE, ISOS, and RAR formats.

With functional payloads, Formbook creates grabber to steal the data, the same being advertised in various hacking forums since 2016. Keylogging, tracking HTTP/SPDY/HTTPS/HTTP2 forms, network requests, stealing passwords from the browsers, email clients, clipboard monitoring, and taking screenshots are some of the prominent capabilities of FormBook.

There have been wide assortments of distribution mechanisms leveraged by the attackers of such email campaigns to distribute the information from FormBook malware, as posted on 9th October 2017 on the australiandefence.com.

As confirmed by the FireEye experts, an important and exclusive feature of this malware is that is can read ‘Windows ntdl.dll module’ to memory from the disk. This is the exported function of the FormBook making ineffective the API monitoring and user-mode hooking mechanisms.

There is a self-extracting RAR file that delivers the payload execution to the FormBook. During the instigation of launch,an AutoIt loadersrun and compile the script. This script decrypts the files from FormBook payload into a memory and then carry the execution process, confirm the researchers.

But overtime the researchers have identified that FormBook can also download NanoCore, which is a remote access Trojan or RAT that was first witnessed in 2013 and readily sold on the web. Taylor Huddleston, the author of the same was arrested for this in March 2017.

Besides the United States and South Korea, the malware has targeted other countries, such as United Kingdom, France, Poland, Ukraine, Hungry, Russia, Australia, Germany, and Netherlands.Even the archive campaign has hit the prominent countries of the world like United States, Belgium, Japan, Saudi Arabia, France, Sweden, Germany, and India.

The FormBook holds the potential to hit Windows devices, and hence it has become an urgent need for the high-end institutions to look to a more secure solution and upgrade their Windows operating system. As for now, it is announced strictly to not open any suspicious emails or click on unidentified links or download any unknown attachments from any unrecognized email address.

Source:

The post CyberSecurity Alert in South Korea and the United States as Data Stealing Malware Attacks the Infrastructure appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Be Alert! Hackers Are Stealing Millions From Buyers By Using These Real Estate Scams

Source: National Cyber Security – Produced By Gregory Evans

Tight Inventory Continues To Dog Housing Market Steve starts his Real Estat Roundup segment by asking Terry how long a typical For Sale house stays on the market before it gets a confirmed buyer. Terry says the national average was 27 days for the month of May 2017, well below…

The post Be Alert! Hackers Are Stealing Millions From Buyers By Using These Real Estate Scams appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Fed agency issues security alert on Siemens imaging systems

Source: National Cyber Security – Produced By Gregory Evans

The Department of Homeland Security and Siemens Healthineers have issued advisories detailing security vulnerabilities of four of the company’s diagnostic imaging systems. Even an attacker with a low skill level would be able to exploit the vulnerabilities, Siemens warns. The vulnerable systems are Windows 7-based versions of the following systems:…

The post Fed agency issues security alert on Siemens imaging systems appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Global GPS Vehicle Tracking System Device With Movement and Speed Alert

Source: National Cyber Security – Produced By Gregory Evans

Global GPS Vehicle Tracking System Device With Movement and Speed Alert

Specifications: Item: GPS / GPRS / SMS vehicle tracking system Parameter:– GPS chip: SIRF III chip– Network: GSM / GPRS– GSM frequency: 850 / 900 / 1800 / 1900mHz– GSM / GPRS module: Simcom Sim340– GPS sensitivity: -159 dBM– GPS …

The post Global GPS Vehicle Tracking System Device With Movement and Speed Alert appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

North Korea and Iran unite in major attack on US: White House on red alert

north-korea-capable-of-killer-attacks-533044

Source: National Cyber Security – Produced By Gregory Evans

North Korea and Iran unite in major attack on US: White House on red alert

The two hostile regimes are said to pose an “increasingly diverse and dangerous” threat to global security. Speaking at a conference on cyber attacks on Tuesday, White House counter-terrorism advisor Lisa Monaco said that North Korea and Iran have shown they can carry out “destructive attacks” on “critical” infrastructure in the US. Read More….

The post North Korea and Iran unite in major attack on US: White House on red alert appeared first on National Cyber Security.

View full post on National Cyber Security

Overwatch hack alert : In-game hacks for Blizzard’s game sold at $30

Overwatch-Soldier-76-980x500-702x336

Source: National Cyber Security – Produced By Gregory Evans

Overwatch gaming hack, Aimbots are sold at $30 giving gamers cheats like auto aim, instant reload and no recoil Blizzard’s Overwatch is probably the best thing to happen to gamers in 2016. With Overwatch animated shorts and Overwatch porn already making news there is little surprise that in-game hacks would be far behind. A listing […]

The post Overwatch hack alert : In-game hacks for Blizzard’s game sold at $30 appeared first on National Cyber Security.

View full post on National Cyber Security

Facebook’s new alert system warned the US about Iranian hackers

Source: National Cyber Security – Produced By Gregory Evans

Facebook’s new alert system warned the US about Iranian hackers

How do you think the US would find out about a state-sponsored hack from Iran? SophisticatedSECURITY SOFTWARE? Surveillance? Nope — Facebook. According to the New York Times, State Department officials were tipped off about an Iranian hacking campaign thanks to Facebook implementing a government attack alert system just last month. They knew something was up when they got messages about being the victims of “state-sponsored actors.” Reportedly, the cyberattackers were hoping to use the social networkingACCOUNTS of younger government staff to compromise other, more prominent staffers in the government division. Iran is no stranger to online spying, including through social links. It once created a fake news site to trick officials into compromising theirACCOUNTS, and it launched a hacking campaign last year that targeted everyone from government higher-ups to dissidents. However, this latest attempt was clearly very sophisticated, an unnamed official tells the NYT. The intruders were aware of which people were working on Iranian policy following its nuclear agreement with the US, and the bottom-up approach is considerably smarter than the all-out Russian attacks from recent memory. From allINDICATIONS, Iran is trying to get away with as much hacking as it can without wrecking its nuclear deal — it’s […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post Facebook’s new alert system warned the US about Iranian hackers appeared first on National Cyber Security.

View full post on National Cyber Security

Hacker hits 24 sites to ‘alert’ govt

Source: National Cyber Security – Produced By Gregory Evans

A national hacked more than 24 government websites Saturday morning in just two hours after those in charge of these websites ignored messages of a possible attack, said an online newspaper. Through his Twitter account, the hacker “Cyber of Emotion” said that after the government websites ignored his messages about a possible attack, his group announced that it was going to attack those websites lacking strong protection and security. The Saudi hacker and his team with the Arabic hashtag #minna_wala_min_ghairena (from us and not from others) said these hackings would not harm the data. “We are just creating a hurdle in the entry till these websites are corrected,” he said. After attacking the sites, the hacker wrote both in English and Arabic: “We do not want to disrespect the website. We do not want anything. But if an enemy attacked it, your data about e-mails and users would be compromised. We are informing you that we want government websites protected from enemies before any major incident happens.” Some of the targeted sites belong to the office of the kindergarten education, Qunfuda Health City, Misan Municipality, Center of Social Development of Al-Aflaj, Al Mahani Municipality, Al Ghat Municipality, office of the […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post Hacker hits 24 sites to ‘alert’ govt appeared first on National Cyber Security.

View full post on National Cyber Security

FDA alert advises hospitals and med centers stop using hacker-vulnerable networked IV pumps

Source: National Cyber Security – Produced By Gregory Evans

The U.S. Food and Drug Administration has issued an alert advising hospitals, nursing homes, and other medical care centers to stop using the Symbiq Infusion System of intravenous pumps, which deliver IV medications with dosages programmed over a hospital’s wireless network. As the FDA’s release says: “The FDA, the U.S. Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), and [pump manufacturer] Hospira are aware of cybersecurity vulnerabilities associated with the Symbiq Infusion System. FDA strongly encourages health care facilities transition to alternative infusion systems, and discontinue use of these pumps. Hospira and an independent researcher confirmed that Hospira’s Symbiq Infusion System could be accessed remotely through a hospital’s network.” If a hacker did gain such illicit remote access, it would be trivially easy to change the programmed drug doses, with results that could be harmful or even fatal to patients. However, the FDA stressed that thus far, there’s no evidence any hackers actually have taken advantage of this although “due to recent cybersecurity concerns, the FDA strongly encourages health care facilities to begin transitioning to alternative infusion systems as soon as possible.” Healthcare hacking poses major problem Those unnamed “recent cybersecurity concerns” surely refer to the near-constant […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post FDA alert advises hospitals and med centers stop using hacker-vulnerable networked IV pumps appeared first on National Cyber Security.

View full post on National Cyber Security