California wildfires used for social engineering
Internet thieves are using the California wildfires as a social engineering tactic to trick you into buying gift cards supposedly intended for victims of the disaster, according to James Linton at Agari. The scammers send emails to employees of organizations posing as their CEO.
These CEO Fraud emails target employees who work in accounting, finance, or administration, and tell their recipients to purchase gift cards worth hundreds of dollars to be sent to clients affected by the fires. The employees are instructed to send photos of the codes on the purchased cards, after which the criminals can use online services to convert them into regular currency.
Scammers exploit tragedies
One of the demoralizing byproducts of large-scale tragedies is the tendency for scammers to exploit people’s charitable ... Read More
Good guys: 1. CEO fraud: 0
The case of how the FBI turned the tables on cybercriminals using the very same tactics demonstrates how powerful the art of social engineering and deception can get a victim to act.
This story starts with cranes and ergonomic lifting manufacturer Gorbel who were scammed out of $82,000 using a simple fileless CEO scam. The accounts payable team was sent an official-looking email from an account purporting to be the CEO. The scam worked, Gorbel was out the $82K, and the FBI was brought in.
But, it wasn’t enough to take Gorbel for tens of thousands of dollars; no, the cybercriminals wanted to take a drink from the same well a second time, again purporting to be the CEO.
Turning the tables
With the FBI engaged, ... Read More
Attractive target
The real estate industry is a particularly attractive target for CEO Fraud, according to FBI spokesman David Fitz. Fitz told The Baltimore Sun that the industry’s day-to-day activities present a host of opportunities for scammers, including large, online transactions and a great deal of remote communication.
Between January 2017 and November 2018, sixty victims in Maryland lost over $2 million combined as a result of hijacked real estate transactions. Fitz notes that those numbers could be much higher, since many individuals and companies may refrain from reporting that they were scammed.
Hacked email account
A CEO Fraud real estate scam usually starts with an attacker hacking the email account of an agent or company employee, often via a phishing email. The attacker then observes the correspondence within ... Read More
CEO fraud villian posed as a contractor
Months after a classic CEO fraud scam took Galveston County, Texas for $525,000, County Judge Mark Henry is now asking for the County Auditor and Purchasing Agent to resign.
It’s one of the easiest scams to pull off – do a little homework and identify a contractor working for a business or government with lots of money, impersonate someone from the contractor’s accounting department, and send an email to the victim organization asking for a bill to be paid. In the case of Galveston County, this is pretty much as sophisticated as it got. The scammer pretended to be working for Lucas Construction, a Houston company doing road work for the county.
Look for the red flags
And just as the CEO Fraud is relatively ... Read More
Spot red flags to avoid becoming a CEO fraud victim
Two top-level executives of European movie chain, both the Managing Director and the CFO, were fired recently, after it became clear that they fell for a massive CEO Fraud attack. This could have been prevented if they only would have spotted the red flags.
In a recent Amsterdam, Holland court decision the details were revealed how this scam went down, and what errors were made along the way.
Thursday, March 8th, the MD of a Dutch movie chain gets an email from the CEO of their holding company: "Did KPMG already call you?" The email was sent from a smartphone. The MD forwards the email to their CFO, but both are puzzled. They decide to email back and ask what ... Read More
CEO Fraud Scam costs firm $6 million
Knowbe4 and CNBC reported some pretty stunning breaking news. I cannot come up with a better case for new-school security awareness training for employees in accounting and HR.
A lawsuit filed on Friday September 16, 2016 by Tillage Commodities Fund alleges that $6 billion SS&C Technologies Holdings, a financial services software firm, showed an egregious lack of diligence and care, when they fell for a CEO fraud scam that ultimately led to hackers in China looting $5.9 million.
Tillage claims that SS&C didn't follow their own policies, which enabled the theft, but to add insult to injury, staffers actually helped the criminals by fixing transfer orders that had initially failed. The documents were posted online by the law firm representing Tillage in the case. Above is the stock price on Monday, before ... Read More
FOR IMMEDIATE RELEASE. CAMERON PARK, CA (November 12, 2020) – Cyber Safety Net today announced How Hacks Happen and how to protect yourself was awarded the Nonfiction Authors Association's Gold Award.
"The Nonfiction Authors Association sets the bar extremely high," says author Mark Anthony Germanos. "To have How Hacks Happen be reviewed by other authors and receive the Gold Award is truly an honor. I am glad the reviewers, and reading public as a whole, are finding How Hacks Happen valuable. The content helps keep you safe online." Some sample reviews are as follows:
In How Hacks Happen, Mark Anthony Germanos uses two author personas to explain and illustrate the hazards to our online information: the cybersecurity expert trying to help us and the black-hat hacker exploiting our ... Read More
Free email services monetize your personal information. Use one of them and you are vulnerable. Free email and social media services are indexing and monetizing your mailbox data. They use that information for their gain, not yours.
Gmail monetizes your personal informationFor example, https://policies.google.com/terms?hl=en says “When you upload, submit, store, send or receive content to or through our Services, you give Google (and those we work with) a worldwide license to use, host, store, reproduce, modify, create derivative works (such as those resulting from translations, adaptations or other changes we make so that your content works better with our Services), communicate, publish, publicly perform, publicly display and distribute such content. The rights you grant in this license are for the limited ... Read More
Remote Desktop is a big vulnerability
Maybe you use Microsoft’s Remote Desktop feature to connect to your workstation at work from…anywhere. Remote Desktop has been in Windows for 20 years at no extra cost. The network administrator at my target reviews the workstation’s logs through Windows’ Event Viewer. This screenshot is from my research honeypot.
Someone is trying to login to this virtual machine at a ferocious pace
The unlucky soul who has to read these logs finds login attempts are international. My perusal shows login attempts from five IP addresses:
211.72.1.31 in Taipei, Taiwan
24.142.48.215 in Dartmouth, Canada
87.147.195.55 in Olching, Germany
47.185.77.29 in Keller, Texas
91.234.125.163 is in Sosnicowice, Poland
Assuming it is one hacker who either employed a botnet (a series of computers simultaneously tasked with a large task) or is ... Read More
Let LastPass manage your passwords (you have other things to think about today).
We have too many passwords. Keeping track of them mentally or on Post-It notes does not work. Keeping them in a Microsoft Word document is also troublesome. If you change a password and fail to update the document, then the record becomes wrong. Next time you go to that website and use the password in your Microsoft Word document, it won’t work. You did not update the document. Let me introduce LastPass.
Several companies have solutions. I use LastPass, which lets you create a vault that holds all your passwords. You don’t have to remember what LastPass stores in the vault. You only have to remember the master password to access the vault. The ... Read More