warn

now browsing by tag

 
 

#nationalcybersecuritymonth | Opportunistic scammers are preying on coronavirus fears, warn West Yorkshire Police

Source: National Cyber Security – Produced By Gregory Evans

Numerous scams have emerged as criminals seek to take advantage of concerns ranging from how to reclaim money lost on holidays to financial support when schools close.

West Yorkshire Police, Action Fraud and others have been using their own social media channels to raise awareness of the tactics being used.

Ramona Senior, the head of West Yorkshire’s Economic Crime Unit, said her team was anticipating an influx in reports of such scams as fraudsters were very good at “diversifying”.

West Yorkshire Police are warning people about coronavirus scams Copyright: jpimedia

Investigators typically see seasonal scams tied into things like Christmas shopping, Hajj pilgrimages or HMRC tax return deadlines.

Tickets scams linked to big events like music festivals are another example of how the criminals will seek to exploit people using whatever is topical.

Ms Senior said fraudsters will also look at big talking points in the news like last year’s collapse of Thomas Cook, using emails, text messages and cold calling to try to lure in potential victims.

“They make up all sorts of things that sound legitimate at the time,” she said. “Everything that’s in the public eye, a news report about something that creates anxiety or people may lose money and want to protect themselves, is a bit of an opportunity for the fraudsters.”

The force’s Cybercrime Team has warned in recent days about the risk of downloading apps claiming to provide information on the spread of the virus, which are being used as a way to get malware onto people’s phones.

It also shared an image of a malicious website which is luring in people searching for coronavirus maps. Visiting the website infects the user’s phone or computer with malware, steals information and accesses sensitive data.

And within days of the news that the UK’s schools would be closing to everyone but the children of key workers, another scam has emerged.

One such email containing fake links and promising funding for families says that if your child’s school is closed and they are entitled to free school meals, then you should click on the link to send your bank details to the school.

Industry body UK Finance advised earlier this week that criminals were using publicity around coronavirus to “pose as genuine organisations, including banks, police officers, government, the World Health Organisation or other health service providers”.

Katy Worobec, managing director of economic crime at UK Finance, said: “We would urge the public to be vigilant against criminals using the publicity around the coronavirus as a chance to target their victims with fraudulent emails, phone calls, text messages or social media posts”.

The organisation said criminals have used coronavirus as a cover story to attempt to get victims to “disclose personal or financial information or click on links that may contain malware”.

Take Five, the national campaign led by UK Finance and others, is also advising people unable to take planned holidays to be wary as criminals may pose as travel companies or airlines.

It has urged anyone in that situation to contact the organisation they made their booking with directly to enquire about refunds.

Meanwhile, experts from the National Cyber Security Centre (NCSC) have revealed a range of attacks being perpetrated online as cyber criminals seek to exploit coronavirus, known officially as Covid-19.

Techniques seen since the start of the year include bogus ‘phishing’ emails with links claiming to have important updates, which once clicked on lead to devices being infected.

Also in crime: ‘The scammers don’t discriminate’ warns trainer with advice on staying safe

As part of GCHQ created to keep the UK safe online, the NCSC has taken measures to automatically discover and remove malicious sites which serve phishing and malware. These sites use Covid-19 and coronavirus as a lure to make victims ‘click the link’.

Director of operations Paul Chichester said: “We know that cyber criminals are opportunistic and will look to exploit people’s fears, and this has undoubtedly been the case with the coronavirus outbreak.

“Our advice to the public is to follow our guidance, which includes everything from password advice to spotting suspect emails.

“In the event that someone does fall victim to a phishing attempt, they should look to report this to Action Fraud as soon as possible.”

Last month, the World Health Organisation (WHO) warned of fraudulent emails sent by criminals posing as the WHO.

This followed a warning from the US Federal Trade Commission about scammers spreading phishing ‘clickbait’ via email and social media, as well as creating fraudulent websites to sell fake antiviral equipment.

Elsewhere, cyber criminals have impersonated the US Center for Disease Control (CDC), creating domain names similar to the CDC’s web address to request passwords and even bitcoin donations to fund a fake vaccine.

Individuals in the UK have also been targeted by coronavirus-themed phishing emails with infected attachments containing fictitious ‘safety measures.’

Source link

The post #nationalcybersecuritymonth | Opportunistic scammers are preying on coronavirus fears, warn West Yorkshire Police appeared first on National Cyber Security.

View full post on National Cyber Security

#cyberfraud | #cybercriminals | Rimbey RCMP warn public scams related to COVID-19 cropping up – Stettler Independent

Source: National Cyber Security – Produced By Gregory Evans

Rimbey RCMP are warning residents of scams using the COVID-19 outbreak as a cover.

Scams associated with the global pandemic have been cropping up, feeding on people’s fear, uncertainty and misinformation during a difficult time.

“Fraudsters are exploiting the crisis to facilitate fraud and cyber-crime,” Rimbey RCMP said in a press release.

Scammers are using many different means to attempt to exploit innocent victims.

There have been a number of reported scams concerning COVID-19.

These scams include door-to-door sales people, and people posing as an official from the Red Cross.

RCMP say they following scams that have been reported:Cleaning or heating companies – offering duct cleaning services or air filters to protect from COVID-19

Local and provincial hydro/electrical power companies – threatening to disconnect your power for non-payment

Centers for Disease Control and Prevention or the World Health Organization – offering fake lists for sale of COVID-19 infected people in your neighbourhood

Public Health Agency of Canada – giving false results saying you have been tested positive for COVID-19, tricking you into confirming your health card and credit card numbers for a prescription

Red Cross and other known charities – offering free medical products (e.g. masks) for a donation

Government departments – sending out coronavirus-themed phishing emails, tricking you into opening malicious attachments, tricking you to reveal sensitive personal and financial details

Financial advisors – pressuring people to invest in hot new stocks related to the disease, offering financial aid and/or loans to help you get through the shut downs

Door-to-door sales people – selling household decontamination services

Private companies – offering fast COVID-19 tests for sale – Only hospitals can perform the test. No other tests are genuine or guaranteed to provide accurate results and the selling fraudulent products that claim to treat or prevent the disease threaten public health and violate federal laws

RCMP are reminding residents to be mindful and award of the following:Spoofed government, healthcare or research information

Unsolicited calls, emails and texts giving medical advice or requesting urgent action or payment

Unauthorized or fraudulent charities requesting money for victims, products or research

High-priced or low-quality products purchased in bulk by consumers and resold for profit. These items may be expired and/or dangerous to your health

Questionable offers, such as: miracle cures, herbal remedies, vaccinations, faster testing

Fake and deceptive online ads, including: cleaning products, hand sanitizers, other items in high demand

It is important to remember where to find trusted information and advice about COVID-19.

For the latest updates on health information look to the Public Health Agency of Canada and the World Health Organization, RCMP say.

Any questions or concerns about any health insurance should be directed to your insurance provider.

RCMP also recommend having anti-virus software install on your devices to protect from suspicious email or ads online.

Coronavirus

Get local stories you won’t find anywhere else right to your inbox.
Sign up here

Source link

The post #cyberfraud | #cybercriminals | Rimbey RCMP warn public scams related to COVID-19 cropping up – Stettler Independent appeared first on National Cyber Security.

View full post on National Cyber Security

#nationalcybersecuritymonth | Trumps sends top adviser to warn against Huawei

Source: National Cyber Security – Produced By Gregory Evans

U.S. President Donald Trump is dispatching his point man on Huawei Technologies to Ottawa Monday to press the Trudeau government on barring the Chinese telecom giant from next-generation 5G wireless networks in Canada.

Robert Blair, White House special representative for international telecommunications, will be laying out U.S. national-security objections over Huawei’s 5G wireless gear in a meeting with Public Safety Minister Bill Blair and senior officials from the departments of Innovation, Foreign Affairs and Defence, Canadian and U.S. sources say. The Globe and Mail is keeping their names confidential because they are not authorized to publicly comment on the matter.

The U.S. source said that the special representative, who is deputy White House chief of staff as well, will also warn Canada that it could lose access to sensitive intelligence if Huawei is allowed to sell its 5G gear to Canadian wireless carriers.

Story continues below advertisement

This is the first high-level U.S. visit to Ottawa that is solely in support of the U.S. campaign to press allies to bar Huawei from Western telecommunications infrastructure

Washington had also planned to send deputy national-security adviser Matthew Pottinger and economic adviser Larry Kudlow, but they had to cancel to deal with the coronavirus crisis, according to the sources.

The Trump administration, U.S. national intelligence agencies and Congress have led a global campaign against Huawei, arguing that it poses a risk to Western national security. Other countries building 5G networks without Huawei for this reason include Australia, South Korea, India, Japan and Taiwan.

Canada is the only member of the Five Eyes intelligence-sharing alliance – the others are the U.S., Australia, New Zealand and Britain – which has yet to decide whether to bar Huawei from 5G.

Australia, which is more heavily dependent on Chinese trade, has joined the U.S. ban of Huawei, and New Zealand has rejected one wireless carrier’s proposal to use Huawei gear in a 5G network.

Britain angered Washington last month when it took a different course than other Five Eyes members. It rejected U.S. calls for a ban and instead limited Huawei to 35 per cent of the British telecommunications market, banned it from sensitive areas and promised regular testing of Huawei gear for any possible backdoors.

Canada has been conducting a cybersecurity review since last year but has given no indication when a decision will be forthcoming despite pleas from Canada’s telecom carriers for Ottawa to make an announcement. Even with the review under way, Telus announced last month that it would proceed to build its 5G network with Huawei gear.

Story continues below advertisement

The Globe has reported that the Canadian military and Canadian Security Intelligence Service want Huawei barred while the Communications Security Establishment, which handles cybersecurity, believes Huawei gear can be tested and monitored for possible backdoors.

The department of Innovation, Science and Industry is also involved in evaluating whether to allow Huawei into the country’s 5G networks.

Innovation Minister Navdeep Bains said last week – in an apparent reference to the U.S. campaign against Huawei – that Canada “won’t get bullied by any other jurisdiction” in its decision.

When the CBC’s Power & Politics asked Mr. Bains whether he was referring to the Trump administration, he said: “Maybe that was the wrong choice of words. …We won’t be influenced by other jurisdictions. We will make our own independent decision.”

Asked again if he felt that the United States was “bullying Canada”, Mr. Bains said “countries have raised their concerns.”

Separately, Foreign Affairs Minister François-Philippe Champagne has hired an adviser on Asia-Pacific matters who, in a paper published online last December, advised against Canada allowing itself to be drawn too deeply into a U.S.-China conflict.

Story continues below advertisement

“Given deepening U.S.-China antagonism, there is a danger that Canada is siphoned into a higher-level sharp conflict of hearts and minds against China, which would not serve Canadian interests,” University of Ottawa professor Pascale Massot wrote in a paper titled Global order, U.S.-China relations and Chinese behaviour: The ground is shifting, Canada must adjust.

“The current dominant narrative depicting China as a threat to the global order creates a hunkering down mentality and is not conducive to seeing the global order’s limitations and need for reform or to engaging system outsiders in a constructive way,” she wrote.

“A key question for Canadian foreign policy going forward will be how to carve room for manoeuvre given the triangular nature of the U.S.-China-Canada relationship.”

There is a bipartisan consensus in the U.S. Congress that Huawei should be banned. Republicans in both houses have even tabled legislation to ban intelligence sharing with allies that use Huawei 5G gear.

Last year, the Democratic vice-chair of the U.S. Senate intelligence committee, Mark Warner, urged Canada to set aside any ill feelings toward Mr. Trump and join the U.S. in blacklisting Huawei.

Source link

The post #nationalcybersecuritymonth | Trumps sends top adviser to warn against Huawei appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | #infosec | Facebook and Twitter warn some users’ private data accessed via SDK

Source: National Cyber Security – Produced By Gregory Evans

Facebook and Twitter have announced that personal data related to hundreds of users may have been improperly accessed after users logged into third-party Android apps with their social media accounts.

According to a report by CNBC, users of Android apps that made use of a software development kit (SDK) named oneAudience may have unwittingly shared information such as their email addresses, usernames and recent tweets.

CNBC says that amongst the offending Android apps are the photo-editing tools Giant Square and Photofy. Presently there is no indication that iOS users are affected by the issue.

According to an advisory published by Twitter, data extracted from accounts via the use of the oneAudience SDK (which it describes as “malicious”) in a smartphone app could be used to take control of a Twitter account, although it has seen no evidence that this has occurred.

Twitter was keen to emphasise that the “issue is not due to a vulnerability in Twitter’s software, but rather the lack of isolation between SDKs within an application,” and says it will be notifying users of the Twitter for Android app who may have been affected.

Furthermore, Twitter says it has “informed Google and Apple about the malicious SDK so they can take further action if needed.” I presume what they mean by that is that so Google and Apple can kick any offending apps out of their respective app stores.

In response, oneAudience has issued a statement claiming the “data was never intended to be collected, never added to [its] database and never used.”

According to the company, it “proactively” updated its SDK in mid-November so user data could not be collected, and asked developer partners to update to the new version. However, it has now announced it is shutting down the offending SDK.

Facebook meanwhile has issued a statement saying that it is taking action against not only the oneAudience SDK, but also an SDK from marketing company MobiBurn:

“Security researchers recently notified us about two bad actors, One Audience and Mobiburn, who were paying developers to use malicious software developer kits (SDKs) in a number of apps available in popular app stores.”

“After investigating, we removed the apps from our platform for violating our platform policies and issued cease and desist letters against One Audience and Mobiburn. We plan to notify people whose information we believe was likely shared after they had granted these apps permission to access their profile information like name, email and gender. We encourage people to be cautious when choosing which third-party apps are granted access to their social media accounts.”

On its website, MobiBurn describes how it helps app developers generate revenue – not by placing more ads within an app, but through the “monetization of your applications’ valuable data in a safe and confidential way.”

However, in light of the revelations and action taken by Facebook and Twitter, MobiBurn says it has “stopped all its activities” until investigations are complete.

mobiburn statement

This is all very well and good, but what are users supposed to do to protect themselves?

When they install an app, they have no way of knowing whether the developers chose to make use of a malicious SDK which might leave personal information exposed.

All you can realistically do is exercise restraint regarding which third-party apps you connect to your social media profiles. The fewer apps you connect to your Facebook and Twitter, the smaller the chance that someone’s code will be abusing that connection to access information you would rather not share.


Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.

Source link

The post #cybersecurity | #infosec | Facebook and Twitter warn some users’ private data accessed via SDK appeared first on National Cyber Security.

View full post on National Cyber Security

Hackers could gain access to passwords through USB sticks, cyber experts warn

Source: National Cyber Security – Produced By Gregory Evans

Using a USB stick that’s been left lying around is something many, if not most, of us have done — probably without thinking twice about it. But cybersecurity experts are warning against the practice after showing hackers can access personal information through malicious USB sticks which then transmit that information…

The post Hackers could gain access to passwords through USB sticks, cyber experts warn appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hackers Use Pirate Sites to Ruin Your Life, State Attorneys General Warn

Source: National Cyber Security – Produced By Gregory Evans

With a new public service announcement, a group of State Attorneys General warns the public that pirate sites are a severe threat to online safety. Hackers use pirate websites to steal IDs and financial information, or even take over people’s webcams without their knowledge, they say. In recent years copyright…

The post Hackers Use Pirate Sites to Ruin Your Life, State Attorneys General Warn appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Police warn of hacking threat via our online fridges and kettles as fears are raised over the ‘internet of things’

Source: National Cyber Security – Produced By Gregory Evans

Household appliances which connect to the internet will increasingly be hacked by criminals seeking to steal your identity, rob your home or bank accounts, a police chief has warned. Durham chief constable Mike Barton warned about the danger of the ‘internet of things’ as more ordinary household items such as…

The post Police warn of hacking threat via our online fridges and kettles as fears are raised over the ‘internet of things’ appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Lewiston Police warn of detective impersonator phone scam

To Purchase This Product/Services, Go To The Store Link Above Or Go To http://www.become007.com/store/ LEWISTON, Idaho – The Lewiston Police Department warns the public of a new phone scam where a man claiming to be a detective for the department is asking for money. Lewiston …

The post Lewiston Police warn of detective impersonator phone scam appeared first on Become007.com.

View full post on Become007.com

Cybersecurity Firms Warn of New Malware Threat to Electric Grids

Source: National Cyber Security – Produced By Gregory Evans

Cybersecurity Firms Warn of New Malware Threat to Electric Grids

Two cyber security companies said they have uncovered a sophisticated piece of malicious software capable of causing power outages by ordering industrial computers to shut down electricity transmission. Analysis of the malware, known as Crash Override or Industroyer, indicates it was likely used in a December 2016 cyber attack that…

The post Cybersecurity Firms Warn of New Malware Threat to Electric Grids appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Experts warn veterans about latest scam

Source: National Cyber Security – Produced By Gregory Evans

Experts warn veterans about latest scam

While many of us are spending Memorial Day honoring those who gave the ultimate sacrifice, experts say thieves are now targeting our veterans through their medical care. The Federal Trade Commission says thieves are pretending to be from the Department of Veterans Affairs office and are taking hundreds, even thousands…

The post Experts warn veterans about latest scam appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures