Phishing and File Sharing
Internet thieves have long used file sharing sites and services to host their malicious files. When they do this, they typically use the underlying service to generate download links that anyone can click without logging in to the hosting service.
Over the past month we started noticing apparently legitimate Dropbox emails pushing links to files with names suspiciously similar to those routinely used by the bad guys. When we clicked the links to check, however, we were greeted with a demand to log in to the service. That's typically been a sign that the files involved were legit.
Still, something wasn't right here. Given the file names presented, we reckoned there was little chance those files were innocuous. So, we decided to log in to ... Read More
Social engineering led to potential kidnapping
Social engineering and impersonation attacks can lead to far more dangerous consequences than monetary losses, according to Matt Devost from OODA LLC. Devost appeared on the CyberWire’s Hacking Humans Podcast last week, where he described the attacks he’s seen involving cybercriminals with fraudulent personas.
Devost described one case in which an attacker impersonated a broker and an investor to target a successful entrepreneur who was looking for funding for a new startup. Under the guise of the broker, the attacker introduced the target to the supposed investor. Now posing as the investor, the attacker conversed with the target about the company, and eventually asked the entrepreneur to fly to South America so they could meet.
“That individual is very, very close to ... Read More
September 3, 2024Mark Anthony Germanos
Malicious links on otherwise honest web pages
Webroot revealed the results of their 2019 Threat Report, showing that tried-and-true attack methods are still going strong, but new threats emerge daily, and cybercrime is highly innovative. This includes adding malicious URLs (web page addresses) as links on legitimate sites.
Hal Lonas, Webroot's CTO said: “We wax poetic about innovation in the cybersecurity field, but you only have to take one look at the stats in this year’s report to know that the true innovators are the cybercriminals. They continue to find new ways to combine attack methods or compromise new and existing vectors for maximum results. My call to businesses today is to be aware, assess your risk, create a layered approach that protects multiple threat vectors and, ... Read More
September 3, 2024Mark Anthony Germanos
Is this the best Facebook phishing scam ever?
Scams seeking to harvest online credentials have long tried to replicate known logon pages. But this newly found instance is just about perfect.
In every scam that uses social engineering, the key is to be believable. If it looks right, feels right, has the timing right, etc., the victim is more likely to fall for it. This latest scam seeks to take advantage of a user’s desire to leverage single sign-on (SSO) via well-known websites. In this case, Facebook. Rather than creating (and remembering) countless passwords for an equivalently large number of websites, users will take advantage of identifying themselves via Facebook.
Under normal circumstances, a Facebook API is called which prompts the user to authenticate. But researchers at security vendor Myki have ... Read More
September 2, 2024Mark Anthony Germanos
A phishing attack will strike you. It is not a question of IF, but a question of WHEN
With the massive rise in phishing attacks, 2019 is the year for organizations to realize the concept of becoming a victim is an issue of when and no longer if.
According to Malwarebyte’s 2019 State of Malware report, there is pretty much no industry that is unaffected by malware. And phishing attacks remain an effective means of tricking users. In Healthcare alone, nearly one-half of orgs citing a 1-10% click rate when interacting with mock-phishing emails to test user response, and another one-quarter of organizations seeing click rates of 11-30%.
These numbers clearly indicate that organizations simply aren’t prepared for phishing attacks.
What you can do
What’s needed is an anti-phishing plan in place that helps to ... Read More
September 2, 2024Mark Anthony Germanos
Robocall scams more prolific than ever
Robocall spam has surged to 12 billion calls per month globally. Bank account, credit card and extortion are common scams, according to Hiya, a company that makes apps to fend off unwanted calls.
According to Hiya's first Global Robocall Radar Report, global spam calls grew 325 percent from a year ago to 85 billion. Hiya's estimate is based on an analysis of 12 billion calls per month globally.
UK, Spain, Italy, France and Argentina were the countries with the most robocalls. Like spam, robocalls have proliferated because scammers get just enough victims to rake in profits. The Federal Communications Commission and Federal Trade Commission have been looking at ways to curb robocalls, which are one of the top consumer complaints in the U.S.
The ... Read More
September 2, 2024Mark Anthony Germanos
Phishing attackers have found a new avenue: bogus job offers
A series of phishing campaigns are targeting companies in various industries with phony job offers using direct messages on LinkedIn, according to researchers at Proofpoint. The attacker initially makes contact by sending an invitation to the target on LinkedIn with a short message regarding job offers.
Within a week after the target accepts the invitation, the attacker will send a follow-up email with either a link or a PDF attachment that contains embedded URLs. These links take the target to a spoofed version of a real staffing service, which forces the download of either a Word document or a JScript loader. This document or loader will result in the installation of a JScript backdoor known as “More_eggs.”
More_eggs ... Read More
September 2, 2024Mark Anthony Germanos
Internet thieves pose as IRS agents
The Internal Revenue Service is warning us about a surge in phishing emails, links, and phone calls during tax season, according to Toni Birdsong at McAfee. These Internet thieves pose as IRS agents and threaten to seize the victim’s tax refund or have them sent to jail unless the victim makes a payment. The same is likely going on in other countries.
Many of the phishing emails also contain malicious links through which the attackers steal sensitive data, either by sending victims to a spoofed website where their information is harvested or by triggering the download of information-stealing malware. Scammers are also using threatening phone calls to demand immediate payment of taxes and to procure personal information from victims over the phone.
The ... Read More
August 21, 2024Mark Anthony Germanos