now browsing by tag


#cyberfraud | #cybercriminals | Netflix email scam tells victims to ‘update your payment information’, news update

Source: National Cyber Security – Produced By Gregory Evans If you receive an email from Netflix telling you to update your payment information immediately, you could be the victim of sophisticated new scam. The streaming giant has once again been embroiled in a phishing email scam, which uses the same branding and username seen with […] View full post on

#cyberfraud | #cybercriminals | Disputes, Issue 1: Cybercrime: beware the business email compromise

Source: National Cyber Security – Produced By Gregory Evans Over the past three years, the “business email compromise” has become one of the most common, vexing, and financially injurious forms of cybercrime. On any given day, companies around the world and across industry sectors are finding themselves the victim, the pawn or both in cybercrime […] View full post on

#cyberfraud | #cybercriminals | Email Threats Poised to Haunt Security Pros into …

Source: National Cyber Security – Produced By Gregory Evans Decentralized threat intel sharing, more public-private collaboration, and greater use of automated incident response are what’s needed to combat phishing As organizations begin to plan their cybersecurity strategy for 2020 and beyond, email security will certainly be high on leadership’s agenda. That’s because phishing attacks continue […] View full post on

#cyberfraud | #cybercriminals | Twitter Admits User Phone Numbers, Email Data Used For Ads

Source: National Cyber Security – Produced By Gregory Evans

Email addresses and phone numbers might have been misused

No personal data was shared externally by Twitter

No reports on the number of people impacted have come out yet

In a recent incident of a data breach, Twitter has confirmed that user data like email addresses and phone numbers provided by users for security purposes may have been unintentionally used for advertising purposes. 

According to a news report, currently, Twitter is unable to share with certainty the number of people impacted by the breach. However, the US-based company also asserted that no personal data was ever shared externally with their partners or any other third parties.  

In a statement, Twitter highlighted that the personal data, which were provided for safety or security purposes (for example, two-factor authentication) may have been inadvertently used for advertising purposes, specifically in their Tailored Audiences and Partner Audiences advertising system, which helps in creating relevant remarketing campaigns. 

While explaining how the breach occurred, Twitter is a statement said, “When an advertiser uploaded their marketing list, it may have matched people on our platform to that list based on the email or phone number that the user had provided for safety and security purposes.”

As of September 17, Twitter has acknowledged the problem and claimed that it has stopped using numbers or email addresses collected for safety or security purposes, for advertising. 

Although Twitter apologised for this error, it also shared that they have no idea how many people were impacted by this. “We’re very sorry this happened and are taking steps to make sure we don’t make a mistake like this again,” the microblogging site added in the statement. 

Twitter’s average monetisable daily active usage (mDAU) has grown from 122 million in 2018 June quarter to 139 million (29 Mn in the US and 110 Mn from international markets) in 2019 June quarter. Even in the previous quarter, it had a mDAU of 134 million.  

Data Breach On Rise: How Is India Protecting Itself? 

Indian Prime Minister Narendra Modi has touted data as the new oil and new gold and rightly so as it has become very lucrative for hackers to steal and sell the same. Earlier, online food delivery startups Zomato, and FreshMenu, fintech startup EarlySalary, McDonald’s India, Oyo, Ashley Madison, Sony, and many others have been the victims of data breaches.

Social media sites like Instagram and Facebook have also been affected by a data breach by advertisers. Recently, Instagram Ad partner was banned for scraping user data without consent. Even Facebook-linked phone numbers of over 419 Mn users were found on unsecured servers.

Whatsapp, which was planning to introduce its payments feature WhatsApp Payments by the end of this year, is also facing difficulties because of the government’s concerns over the messaging platform’s data localisation compliance. In September, National Payments Corporation of India (NPCI) had asked WhatsApp to make changes in its policy to get the final approval for the launch of payments in India. NPCI had asked the instant messaging app to make changes in its data-compliance framework that prohibits storing payment data outside of India.

In May, India was reported as the second most cyberattacks affected country between the years 2016 to 2018. With the average cost for a data breach in India increased to 7.9% since 2017, the average cost per breached record has mounted to INR 4,552 ($64).

The Reserve Bank of India too recorded a total of 2,059 cases of cyber fraud in 2017-18 as compared to 1,372 cyber fraud cases in 2016-17.

Source link

The post #cyberfraud | #cybercriminals | Twitter Admits User Phone Numbers, Email Data Used For Ads appeared first on National Cyber Security.

View full post on National Cyber Security

Email Has Been #Weaponized by #Hackers, Results Can Be #Deadly

Source: National Cyber Security – Produced By Gregory Evans

Nearly all of the top million most popular domains are inadequately protected from “weaponized” email impersonation by hackers, formerly known as spear phishing, according to a new study released today by San Francisco-based email authentication service provider ValiMail.
One out of every five emails today appears to come from a suspicious sender who’s not authorized to use the sending domain, according to ValiMail’s 2017 Email Fraud Landscape Report. The study also found that only 0.5 percent of the top million domains use adequate authentication strategies to protect against email impersonation, even though most systems support stronger defenses.

Better email authentication defenses could help the typical company save $8.1 million each year in costs related to cybercrime, ValiMail reported.

ValiMail’s findings come on the heels of a report released last week from Google and the University of California-Berkeley that identified phishing as the greatest threat to people’s online identities.

‘Vast Majority’ of Businesses are Vulnerable

DMARC (domain-based message authentication, reporting, and conformance) is an email security system designed to protect against malicious actors sending unauthorized emails that appear to come from legitimate domains. The DMARC system enables administrators to set policies that validate the “From:” content in email headers comes from legitimate senders at those domains.

“Email has been weaponized by hackers as the leading way to infiltrate networks, and the vast majority of businesses are leaving themselves vulnerable by either incorrectly configuring their authentication systems or forgoing protection entirely,” ValiMail co-founder and CEO Alexander García-Tobar said in a statement. “Businesses are asking their employees to complete an impossible task: identifying who is real and who is an impersonator, by closely examining every message in their inboxes. The only sustainable solution is for companies to take control of their email security at the technology level and stop placing the onus on employees to prevent phishing attacks.”

Of organizations that use DMARC to validate their emails, 77 percent have either misconfigured the system or set policies that are too permissive, the ValiMail study found. In fact, only 15 percent to 25 percent of companies in various industries have properly implemented and maintained DMARC protections, the study noted.

‘Alarming Lack of Understanding’

Close to 100,000 phishing email campaigns were reported every month in the early part of this year, according to the Anti-Phishing Working Group, an international coalition of businesses, government organizations, and law-enforcement agencies. Several hundred companies see phishing attacks every few weeks, with businesses in the payment, financial services, and Webmail sectors the most vulnerable, the group said.

The year-long study by Google and the University of California-Berkeley released last week found that phishing poses the top threat against people whose online identities were exposed by Internet data breaches. Google said it has taken several steps in response to boost its authentication systems to defend against phishing.

The new research released today “demonstrates the volume of email fraud threats faced by companies today and highlights the alarming lack of understanding of how to combat these threats,” the Global Cyber Alliance’s Shehzad Mirza said in ValiMail’s statement. “These findings highlight that a lack of email authentication is the most prevalent security vulnerability companies face.”

Late last month, the U.S. Department of Homeland Security issued a directive requiring all federal agencies to begin implementing stronger email security defenses, including DMARC, within 90 days. The move is aimed at preventing federal emails and Web sites from spoofing and impersonation by hackers.

DMARC usage by federal agencies has grown since 2016, although only 38 percent had established adequate record policies as of October, according to the Online Trust Alliance. The ValiMail study noted that DMARC protection is available to most domains.

“Over three-fourths (76 percent) of the world’s email inboxes support DMARC and will enforce domain owners’ authentication policies, if those policies exist,” the report noted.

ValiMail offers its own solution to help enterprises fight the fight to keep email safe. Pricing starts at $30K annually, with the total cost dependent on a number of variables including company size, volume of email, number of domains, and so forth.

The post Email Has Been #Weaponized by #Hackers, Results Can Be #Deadly appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Kremlin Tried To #Hack At Least 4,700 #Email Accounts Before The #Election

Source: National Cyber Security – Produced By Gregory Evans

Kremlin Tried To #Hack At Least 4,700 #Email Accounts Before The #Election

An extensive, Russian-backed hacking operation targeted the email accounts of thousands of perceived Kremlin adversaries in 2015 and 2016, an Associated Press investigation has learned.

The effort, broadly referred to as “Iron Twilight” by security researchers, sought to compromise 4,700 Gmail accounts worldwide, belonging to everyone from high-profile U.S. politicians ― including Hillary Clinton, John Podesta and Colin Powell, who were all hacked ― to academics, journalists, political activists and military personnel.

Who they targeted

According to information provided by Secureworks, the cybersecurity firm whose data underpins much of the AP report, there’s a clear link between the targeted email accounts and Russia’s targets in the real world.

A spokesperson for the prime minister of Ukraine, for instance ― where Russian forces are currently engaged in a military conflict ― was targeted nine times, Secureworks said.

Other targeted individuals identified by the AP include former Secretary of State John Kerry, former NATO Supreme Commander U.S. Air Force Gen. Philip Breedlove, and Serhiy Leshchenko, a Ukranian politician who helped reveal alleged financial crimes of Paul Manafort, who was indicted Monday.

Experts on Ukrainian and Russian subject matters, as well as aerospace researchers and engineers were also among those targeted.

Military spouses and family members also constituted a surprisingly large portion of those targeted, which Secureworks speculates may be an attempt to learn about broader military issues in the U.S., or to gain information about the target’s spouse.

Of the military and government personnel who were targeted, the vast majority are either in the U.S. or a member of NATO:

Given the specific range of targets, experts said the hacks almost undoubtedly originated from within the Kremlin.

“It’s simply hard to see how any other country would be particularly interested in their activities,” Michael Kofman, a Russian military affairs expert at the Woodrow Wilson International Center who had his email targeted, told the AP.

“If you’re not Russia,” he said, “hacking these people is a colossal waste of time.”

Secureworks told HuffPost other, non-Gmail email providers were also targeted in the effort, though they don’t have data on the particulars of the campaign. While the firm only has data spanning March 2015 through May 2016, there’s no reason to believe Russia has ceased its hacking operations.

“This type of operation supports an ongoing intelligence objective,” Rafe Pilling, a senior security researcher with Secureworks’ Counter Threat Unit team said. “The activity is still underway via similar methods and likely will continue while the hackers behind this activity continue to be successful.”

“The targeting we saw (of 4,700 Gmail accounts) was just a fragment of a larger campaign from Iron Twilight.”

How they did it

Data provided by Secureworks shows Russian-linked groups operating under the names APT28, Sofacy, Sednit, Fancy Bear, and Pawn Storm sent emails to targets that mimicked authentic login pages from Google Accounts.

Instead of being directed to the real Google Accounts page, however, the emails directed recipients to a highly-convincing fake page, which then recorded the user’s login and password information:

Russian hackers disguised the website address of the fake page via Bitly, a link-shortening and web analytics service, which is ultimately what tipped Secureworks off to the hacking campaign.

By working backward from a compromised login page, Secureworks was able to decipher the publicly-accessible Bitly account associated with it. That account served as a window into all of the group’s other activity, which, the AP found out, was used 95 percent of the time Monday-Friday, during Moscow’s regular business hours.

Bitly representatives told HuffPost they took quick action once they learned of the activity, noting the operation itself involved little in the way of conventional “hacking” ― all the login information was unwittingly supplied by the targets themselves.

“The links and accounts related to this situation were blocked as soon as we were informed,” Bitly CTO Rob Platzer explained in email. “This isn’t really an exploit of Bitly, but it’s an unfortunate exploit of internet users through social engineering.”

“It serves as a reminder that even the savviest, most skeptical users can be vulnerable to opening unsolicited emails. It can’t always be helped, but we advise everyone to be extra cautious about emails and links related to passwords and other sensitive information, and to employ safety measures such as unique passwords and two-factor authentication.”

What to do if you think you’ve been hacked

Unless your information has been published online, there’s a decent chance you wouldn’t know you’ve been hacked.

“If a target was compromised,” said Pilling, “it’s entirely feasible that the compromise could go undetected for an extended period of time.”

Given the wide range of those targeted and Russia’s continued hacking efforts, Secureworks recommends those who suspect they could be a target ― and use Gmail or any other web mail service ― to regularly change their passwords.

Other commonsense steps, like enabling “two-factor” or “two-step” authentication on your email account, can also go a long way, Pilling said.

He also recommended readers check to see what applications and devices they’ve authorized to access their account, information that’s often found under “settings.”

“If there are any apps or devices they don’t recognize, they should disable or delete the access right away,” he said.

And finally, don’t open attachments or click links in an email unless you’re sure the email was actually ― and intentionally ― sent to you by the sender.

The post Kremlin Tried To #Hack At Least 4,700 #Email Accounts Before The #Election appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Scammers Stealing Down Payments By Hacking Real Estate Agents’ Email Accounts

Source: National Cyber Security – Produced By Gregory Evans

Buying a home is the biggest purchase most Americans will make during their lifetime. But now hackers have figured out how to steal the down payment, leaving the buyer without a new home and often wiping out their life savings. “The timing was impeccable, actually,” said Kristina Soloviena, a real…

The post Scammers Stealing Down Payments By Hacking Real Estate Agents’ Email Accounts appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hackers exploited an Instagram bug to get celebrity phone numbers and email addresses

Source: National Cyber Security – Produced By Gregory Evans

An Instagram bug allowed hackers to access contact phone numbers and email addresses for high-profile users, the company said today. The bug was discovered recently in Instagram’s application programming interface, or API, which the service uses to communicate with other apps. Instagram declined to specify which users had been targeted,…

The post Hackers exploited an Instagram bug to get celebrity phone numbers and email addresses appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

E-mail love-triangle hack backfires on Eskom manager

Source: National Cyber Security – Produced By Gregory Evans

A senior Eskom manager has been fined R40,000 for hacking her former lover’s work e-mail with the help of her new boyfriend. Genevieve Roux, 35, and Sean Millard, 38, admitted gaining illegal access to Johannes Burger’s e-mail account. Millard, who was fined R10,000, also admitted impersonating Burger in order to…

The post E-mail love-triangle hack backfires on Eskom manager appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures