Cryptocurrency scam

Cryptocurrency criminals are lurking on Youtube

Cryptocurrency criminals are lurking on YouTube, a recent lawsuit filed by Apple co-founder Steve Wozniak claims.

Most of the schemes involve scams that purport to be giving bitcoins away but in fact are designed to steal the virtual money, along with other types of cryptocurrency, from users of the popular streaming video site. 

A July study by analytics firm Whale Alert found that YouTube users had lost $24 million in bitcoin and related scams in the first six months of 2020. That’s up from $14 million over the prior three and a half years combined. Crypto Scams are reaching new heights this year

YouTube told CBS MoneyWatch it removed 2.3 million videos and closed 1.7 million accounts in the first three months of the year in connection with bitcoin scams and other deceptive practices on its platform. YouTube did not confirm how many of those scams included cryptocurrencies, but the spokesperson denied that bitcoin-related fraud is a major problem for the site.

phishing-attacks

Another COVID-related lure: Phishing Scam Targeting Email Users

Amid the COVID-19 outbreak, email users are constantly warned against fraudulent emails and scams. However, a new phishing campaign targeted email users by promising them a government-funded tax cut.

According to think tank Parliament Street, the phishing email appears from the recipient appearing to be a ‘Government Digital Service Team’ which claims a user to offer a rebate of nearly £400.

The email begins with,

“You are getting a Council Tax Reduction (this used to be called Council Tax Benefit) considering you’re on a low income or get benefits,” 

“Total amount of benefits: GBP 385.50. The refunded amount will be transferred directly on your Debit/Credit card. Apply now to claim the reductions made over your past two years of Council Tax payments.”

However, in the subject line, the refund amount stated appears £385.55. This is one of several mistakes that indicates a suspicious recipient. Such mistakes demonstrate an email to be a scam

Parliament Street said that the message is delivered to hundreds of inboxes. As argued by Andy Harcup, Absolute Software VP,

“Since the start of COVID-19, the cyber-threats facing adults in the UK has surged, and this latest attack is one of many which have been designed to prey on individuals’ vulnerability and fear during this trying time,” 

The CEO of Cynance, Stav Pischits added that cybercriminals find it easy to use government text and copy it to create phishing emails.

“All too often, weary workers who are struggling with the financial impact of the COVID-19 outbreak will jump at the chance for a discount or refund like this,” he argued.

“Anyone receiving an email like this should also double check the source address of the sender and carefully examine the communication for typos and errors, often associated with online scams. Failure to do so could put the financial and personal data of the individual and their employer at risk.”

In the first half of this year, a notable increase in phishing scams is seen against which users are warned. The new phishing campaigns are emerging every day and for users, it is crucially important to beware.

WHO Warns about Online

WHO Warns about Online Job Scams during COVID-19 Pandemic

A message shared on WhatsApp and Facebook claims that the World Health Organization (WHO) is advertising home-based jobs to “fight coronavirus”. However, there is no such employment offer from the UN health agency, which has warned the public of similar scams.
The message circulating on WhatsApp chat groups in South Sudan, Kenya and Uganda claims that the advertised jobs pay $5 to $100 for two to three hours of work each day using a mobile phone. 

The message reads, “Help us fight CORONAVIRUS by working from home – no experience required… Work 2-3 hours daily on mobile and earn $5- $100 daily,” 

It includes a link to a web page where people are invited to apply. The application form asks users for their personal information and requires the post to be shared on WhatsApp. The deadline is stated as July 31, 2020.

However, the claim is false. The WHO in Uganda issued a statement on its official Facebook page on June 11, 2020, warning the public “to disregard” the job advert “because it’s FAKE”. 

Cybercrimes have increased during Covid-19 pandemic. The organisation warns about hackers and scammers using social media and malicious online links to take advantage of people during the COVID-19 pandemic.

Local-Election-Officials

Local Election Officials’ Emails Could be at risk for phishing attempts

Cybersecurity firm Area 1 found 666 of 10,000 election workers used personal email accounts

According to a report, many election officials across the US are using email systems that could make them more susceptible to phishing attempts

Less than 20 percent of 10,000 state and local election administrations had advanced anti-phishing controls in place. About 666 of the election officials were relying on personal email addresses for election-related matters.

Jurisdictions in several states were using a version of free Exim software that Russia’s GRU intelligence service had targeted for online attacks starting in 2019, according to the Journal

It raises concerns that local election officials may be underprepared for possible intrusions into their email systems. 

Already this year, foreign hackers have targeted the personal email accounts of staffers working on the campaigns of presumptive Democratic nominee Joe Biden and President Trump. Google, which reported the attempts, said last month it had not seen evidence that those attacks were successful.

gaming online services

Garmin Online Services Reportedly Hit With Ransomware Attack in demand for $10 Million

Ransomware attacks are on the rise, and Garmin is the latest big name to take a hit.

A hacker group called Evil Corp demanded $10m from the GPS giant in the latest high-profile ransomware attack. The feds have been chasing Evil Corp for months.

Garmin said Garmin Connect, garmin.com, and even its call centers were hit.

An ongoing global outage at sport and fitness tech giant Garmin  was caused by a ransomware attack, according to two sources with direct knowledge of the incident.

The incident began late Wednesday and continued through the weekend, causing disruption to the company’s online services for millions of users.

In a brief update on Saturday, Garmin said it had “no indication that this outage has affected your data, including activity, payment or other personal information.”

The two sources told TechCrunch that Garmin was trying to bring its network back online after the ransomware attack. One of the sources confirmed that the WastedLocker ransomware was to blame for the outage.

Ransomware attacks have occurred with increasing regularity in the last several years. After gaining access to a computer system through a vulnerability or social engineering, ransomware attackers encrypt important files. They demand heavy payment to provide the decryption key.

ransomware attacks rise as criminals target

Ransomware attacks rise as criminals target remote working

Ransomware attacks are getting bigger and bolder at a time where many organisations are implementing WFH policy.

Cyber criminals look to spread their file-encrypting malware while many people are working from home. Ransomware attacks have surged during the first half of this year as many businesses are implementing WFH policy due to Covid-19 pandemic. 

A report published on malicious activity throughout the year by Skybox Security’s says ransomware has thrived in the first half of the year, with a 72% increase in new samples of the file-encrypting malware.

While the switch to home working has allowed many organisations and workers to remain productive, it has also brought additional risk; security vulnerabilities in remote-desktop protocols.With the use of weak passwords by staff cyber attackers paved an additional way into networks.

As the remote workers are not trained about cyber security, the attack surface for cyber criminals increased.  

Ransomware has surged, with security departments unable to fully defend networks against attacks. Majority of times, ransomware is so brutally successful at locking down vast swathes of infrastructure of the network, the victim feels as if the only option is to pay the ransom. This can cost hundreds of thousands of dollars in bitcoin.

So the need of the hour is to take proper preventive measures to protect your businesses and remote staff from cybercriminals. Educate your remote staff about cybersecurity through virtual training sessions. 

twitter breach scam

Twitter Breach – Bitcoin Scams to the Next Level

A massive attack is reported on Twitter accounts of high-profile and well-recognized brands. Hackers targeted the twitter accounts and took cryptocurrency scam to the next level in a duration of a few hours. The scam took place on July 15 in which 130 well-recognized Twitter accounts were abused to promote the Bitcoin scam.

Hackers got access over the accounts of Barack Obama, Kayne West, Joe Biden and many other celebrities and were able to post tweets promising to pay double the amount of Bitcoin payment that will be sent to the digital wallet address for next 30 minutes. 

The attackers employed social engineering tricks and probably gained access to Twitter’s internal administrative tools through which they were able to post the tweets directly. The hackers were able to collect 12 BTC through more than 320 transactions. The digital wallet address was also given on which the users were supposed to send BTC within 30 minutes of posting the tweets.

elearning sites are under the threat of cyberattacks and compromised the data of nearly one million students

One Million Student Records Compromised by E-Learning Sites

About one million online student records that contain personal information of students have been leaked due to the cloud misconfigurations in a total of five e-learning platforms. The exposed personal information of students included their full names, email and home addresses, DoB, ID numbers, and school information.

The VPN comparison demonstrated about four misconfigurations as well as unencrypted AWS S3 buckets along with an unsecured Elasticsearch server. These loopholes in the digital systems became the reason for a data breach which compromised details of a big number of e-learners which does not only include students but information of teachers and parents as well. 

All this data breach information was found by WizCase and it warned the online users against potential cyberattacks such as identity fraud, phishing attacks, blackmail, and stalking, etc.

“As many users whose data was leaked aren’t active on the sites anymore, they’re less likely to realize these companies still have their information,” it added.

“However, it’s still possible that their data can be used to aid in various types of online crimes. These dangers are even bigger since many of the users affected by the leaks are children and young people.”

In this data breach, the affected companies include Soutfrican sinamed MyTopDog that exposed more than 800,000 records due to misconfigured S3 bucket and this breach includes the data related to Vodacom School that is its business partner. Another company is Escola Digital which exposed 15MB of data which is estimated to be around 75,000 records. Kazakhstan-based Okoo, also leaked 7200 records through an Elasticsearch server. 

WizCase requests users whose data got compromised to keep a regular check over their data and be extra cautious while doing online activities.

phishing attack

Phishing attacks hidden in Google Cloud Services

Cybercriminals are concealing phishing efforts behind legitimate resources like google cloud services.

Cybersecurity researchers have warned of a phishing campaign that uses Google Cloud Services and offers legitimate PDF whitepapers to victims that give away their login credentials.

According to the researchers, it all starts with a PDF document uploaded to Google Drive which contains a link to a phishing page. The landing page, hosted on storage.google requires the user to log in with their Office 365 or organization email.

As the victim gives away their login credentials, they are redirected to a genuine PDF report published by a “renowned global consulting firm.”

Researchers claim that  the user never becomes suspicious as the phishing page is hosted on Google Cloud Storage.

“Hackers are swarming around the cloud storage services that we rely on and trust, making it much tougher to identify a phishing attack,” said Lotem Finkelsteen, Manager of Threat Intelligence at Check Point.

Cybercrimes are skyrocketing. Users of Google Cloud Platform should all beware of this fast-growing trend and learn how to protect themselves. One should think twice about the files they receive from senders.

The-UK’s-largest-mobile-operator-EE-has-announced-its-Digital-Identity-platform-

The UK’s largest mobile operator EE has announced its Digital Identity platform

EE, the UK’s largest mobile operator has announced its new Digital Identity platform to protect customers from falling victims to fraud. 

Through a series of checks, the platform seamlessly verifies a customer’s identity in real time. This helps to prevent identity theft and fraudulent activities. Fraud losses to the telecom industry were estimated to be over $28.3 billion in 2019. False identities are often used to set up accounts, subscription or identity fraud represents 35% of all fraud undergone by the telecoms industry. So it’s the time the telecom industry needs to address frauds like sim swap that are increasing with every passing day.

A common type of criminal activity that EE tackles with the Digital Identity platform is SIM swap fraud which is an account takeover where a customer’s phone number is transferred without the account holder’s knowledge. A fraudster can have unauthorized access to online accounts and can intercept messages or calls to the phone number.

Digital Identity ‘SIM Swap’ checker allows businesses to know when a customer’s SIM was last changed, as a recent change could indicate potential fraud. This information is then used to stop financial transactions until further identity checks are carried out.

crypto spam

Crypto Scams Reach New Heights in 2020 With $24M Stolen So Far

Whale Alert alleges that crypto scams are skyrocketing so far in 2020. 

A report revealed,scammers made off with around $24 million in Bitcoin in the first six months of 2020.

Whale Alert tracks large transactions of cryptocurrency and worked with Scam Alert to produce a “crime reporting, tracking and analysis” report. The initial analysis of a report revealed on a Medium post showed that  $38 million in bitcoin was stolen over the past four years (excluding Ponzi schemes).

Whale Alert reported that most successful scams made over $130,000 in a single day.  The tracking service highlighted more successful operations such as  “the Giveaway,” which features a celebrity, such as Elon Musk, which can net around $300,000. So businesses need to know how to avoid bitcoin scams and stay a step ahead.

Whale Alert claimed that the change in methodology and the increase in quality and scale says that entire professional teams are now behind some of the most successful ones and it is just a matter of time before they start using deepfakes to revolutionize the scam market.

Bitcoin scams are rising at a high pace. Furthermore, Whale Alert projects upwards of $50 million in revenue for scammers by the end of the year.

bitcoin scams

Major US Twitter accounts hacked in Bitcoin scam

Billionaires Elon Musk, Jeff Bezos, Barack Obama, Joe Biden and Bill Gates are among the many US figures who are targeted by hackers on Twitter in an apparent Bitcoin scam.

The official accounts of prominent figures were hacked and requested donations in the cryptocurrency. The US Senate Commerce committee has asked Twitter to brief it about the incident next week.

So far Twitter has reported in a series of tweets that  it was a “coordinated” attack targeting its employees “with access to internal systems and tools”.

Hackers used this access to take control of many highly-visible accounts and Tweet on their behalf. It is added that significant steps had been taken to limit access of criminals to such internal systems. For the time being Twitter has blocked users from being able to tweet Botcoin wallet addresses. 

Meanwhile, Twitter chief executive Jack Dorsey tweeted about the incident: 

“Tough day for us at Twitter. We all feel terrible this happened.”

 

Moreover, People are urged to treat requests for money or sensitive information on social media with extreme caution. Cyber-security experts said that the breach could have been a lot worse in other circumstances.

cyber attacks

Media Industry Suffer Huge Increase in Cyber-Attacks

The media industry is increasingly under the threat of cyberattacks. It suffered 17 billion credential stuffing attacks over the past two years. According to research by Akamai, the media industry has witnessed 20% of the 88 billion cyberattacks during the time period, January 2018 – December 2019. 

The research also recorded a 208% and 630% increase in cyberattacks every year against the broadcast TV and video sites. Akamai security researcher and author of the State of the Internet/Security report, Steve Ragan, said, “As long as we have usernames and passwords, we’re going to have criminals trying to compromise them and exploit valuable information.”

“Password sharing and recycling are easily the two largest contributing factors in credential stuffing attacks. While educating consumers on good credential hygiene is critical to combating these attacks, it’s up to businesses to deploy stronger authentication methods and identify the right mix of technology, policies, and expertise that can help protect customers without adversely impacting the user experience.”

Other than video sites, a 7000% increase in cyber attacks is estimated in the publishing content such as books, newspapers, and magazines.

A threat research team lead at Digital Shadows, Alex Guirakhoo said in an email to infosecurity that the credentials for music and video streaming services are increasing in demand and he had seen these accounts comprise 13% of listings and 25% surpassed by financial accounts. 

He said, 

“Attackers can obtain these accounts cheaply and efficiently using credential stuffing tools, which prey on password reuse. Individual streaming accounts can be purchased for an average of under $10. These accounts are also frequently traded for free on cyber-criminal forums like XSS and RaidForums, likely to help build a sense of community among forum users.”

ecommerce lost million fraud

eCommerce Lost £16 Million in Frauds During Lockdown

The UK’s national reporting centre for fraud and cybercrime has revealed new figures which show £16 million has been lost to eCommerce fraud during the Covid-19 lockdowns.

Action Fraud statistics show 16,352 people fell victim to online shopping and fraudsters steal £17m during lockdown. Since shops were forced to close due to the coronavirus outbreak, businesses are enforced to operate online only. Fraudsters took advantage of this situation and made their game strong.  Most of the victims were between 18 to 26 years of age and lived in London, Birmingham, Manchester, Leeds, Sheffield, Liverpool, Bristol and Nottingham.

Ben Tuckwell, RSA Security district manager for the UK and Ireland, said: 

           “The warning from Action Fraud is concerning but not altogether surprising. Unfortunately, fraudsters thrive in times of disruption. The recent shift to e-commerce has been critical for both consumers and the economy, but fraudsters have been quick to take advantage too. In fact, in the first three months of 2020, RSA recovered details of over five million unique compromised cards globally.”

Once credentials are stolen these are sold on the dark web to other fraudsters who can use them to buy goods. During the pandemic, fraudsters appear to have had growing success targeting online sites for fraudulent purchases. Especially. As retailers guided consumers to mobile apps as a means to transact, fraudsters have exploited this shift. As shopping increasingly moves online, there is a dire need to have digital identity verification solutions integrated into the system to know your buyer and to put a halt on fraudsters.

DDos attacks

Cloudflare Discloses Another huge DDoS Attack

Amid the COVID-19 outbreak, a surf in internet traffic can be seen and thus, an increase in cyberattacks. DDoS attacks are getting complex over time and levitating each passing day. Hackers are finding new ways to exploit vulnerabilities in the network. A four-day attack was witnessed by Cloudflare in late June which involved 316,000 unique sending addresses with 754 million packets per second peak rate.

Cloudflare revealed a DDoS attack on June 21 and mitigated it. Cloudflare researchers reported in a blogpost that this cyberattack was the combination of three TCP attack vectors; ACK floods, SYN floods, and SYN-ACK floods. In this four-day period, the attack sustained a peak rate of 400-600 million packets per second and crossed 700 multiple times. 

The packet-based volumetric DDoS attack was endeavored to jam the routers and all data center appliances of Cloudflare and didn’t flood the in-bound data connections. The company says that these huge cyberattacks continue despite their decrease and size or volume of DD0S attacks. 

Cloudflare says in its blog post that the attack was detected and handled automatically by their DDoS detection system and does not involve any manual interventions. It also says that the attack was an organized four-day campaign that remained from June 18 to June 21

data beaches

U.S. Schools and Colleges Witness a Rise in Data Breaches

Data breaches and cyberattacks continue to grow and now targeting the education sector. Amid the COVID-19 outbreak, these incidents are getting intensified. 

A report from Comparitech revealed that the schools and colleges of the US have been under the threat of 1,327 data breaches which resulted in a loss of over 24 million records in the past 15 years. It also reveals that hacking is primarily has done and cause of data breaches. 

The latest report by Verizon revealed that the education sector has witnessed phishing attacked in about 28% of data breaches in the first four months of this year. It also says that 23% of data breaches take place by hacking the stolen credentials.   

K-12 schools witnessed data breaches and accounted for the leak of 1 million records. Other than hacking and phishing, institution disclosures, insider threats, and portable devices theft are also responsible for data breaches. 

Among all institutions, public institutions are affected more by breaches as compared to private ones.in the US, California is the one most affected due to the data breaches. It witnesses both K-12 schools and colleges and 157 out of 1,328 data breaches.

The FBI reported that the ransomware attacks have increased since September 2019 and their target are K-12 schools. Hackers exploit the remote desktop protocol vulnerabilities, hit approximately 284 schools between January 1 and April 8.

More posts