Archives for June 2019

If you’ve ever used social media to make a complaint about a company, you’d know that many organizations are quick to respond to this public expression. But have you ever stopped to question whether the account responding to your concern is really someone from the company?

Recently, fraudsters have taken to social media platforms to trick people into falling for their “help” and giving away their personal information. For example, a woman was upset with her broadband services so she took to Twitter to complain about her provider. She promptly received a response from an account appearing to be the customer service team for this company. The “customer service team” was able to gain personal information, and even banking information from her by using lines like: “I’m having trouble locating your account” and “I’ll first need to ask you a security question”. The woman soon found her bank account emptied out and several loans taken out under her name.
Clearly, this customer service team wasn’t helping anyone aside from themselves.

Remember the following to protect yourself:

• Never trust that an account is legitimate based on their Twitter “handle”, or any other “name” on social media. Just because the company name is present, doesn’t make it valid.
• A legitimate organization would never ask you for sensitive data like your bank account information. If it sounds like a strange request, then it probably is.
• If you’re having trouble with a product or service, log in to your account or reach out to their customer support channels, yourself. Never trust a response you receive after making a public complaint on social media or anywhere else online.

Stop, Look, and Think. Don’t be fooled.

Exploit: Malware

Checkers Drive-in Restaurants Inc.: Fast food chain operating in 28 states

Risk to Small Business: Severe: Hackers successfully infected 102 of the company’s point-of-sale systems with malware that stole customers’ payment information. The restaurant chain has elicited the support of law enforcement authorities and third-party security experts to remove the corrupted software from their systems. They will now face the considerable costs of digital infrastructure repair and reputational costs that could discourage people from visiting their restaurants.

Individual Risk: Severe: Attackers gained access to information stored on the credit or debit cards’ magnetic strips. This includes cardholder names, payment card numbers, verification codes, and expiration dates. This extensive payment information can quickly make its way to the Dark Web or be redeployed as a payment method on other websites. All customers should review their account statements for suspicious activity while also procuring credit monitoring services.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Any company reliant on point-of-sale exchanges with their customers must be especially vigilant about protecting the integrity of these systems. Not only is it incredibly costly to repair the technological infrastructure, but the cascading consequences of reputational damage can be even more profound. Companies can (and should) demonstrate their commitment to protecting their employees and customers by taking proactive measures to prevent future breaches.

Read more

---

In Other News: Stolen NSA Tool May Be Responsible for Rash of Ransomware Attacks

Ransomware attacks on local governments have become alarmingly prevalent, and they may have an unlikely source – a cyber weapon developed by the U.S. National Security Agency (NSA). In 2017, the NSA lost control of one of its most impactful weapons, code-named EternalBlue, and it now lies in the hands of independent bad actors and state sponsored hackers. 

The impact on local governments has been immense. While some cities refuse to pay the ransom, many are left with little choice but to pay up to restore access to their digital infrastructure. At the same time, the additional security costs have made it difficult for cash-strapped governments to combat the threat. 

With so much on the line, a comprehensive ransomware response plan has never been more important. Since most ransomware originates as phishing scams sent to employee email accounts, this also means that proper training can be worth its weight in gold, or at least in Bitcoin. 

Read more

According to recent reports, phishing attacks that use brand impersonation are at an all-time high. Cyber criminals are posing as familiar companies so they can trick you and get access to your account in order to steal sensitive data or target additional employees.

Here’s how it typically happens: Attackers send you a standard-looking email appearing to be from a service or company that you use, such as Office 365. Clicking the link in the email will take you to a fake (but very realistic) login page. The most deceiving part of some of these fake pages is that the web address appears to be safe. The URL may end with a legitimate domain like “windows.net”, because the bad guys are hosting these pages with Microsoft’s Azure cloud services. If you enter your information here, the bad guys will gain access to one or more of your accounts which they can use to steal data or plan further attacks on your organization.

Remember the following to protect yourself from your inbox:

• Look out for strange or suspicious domains in sender addresses. Even if the domain looks legitimate, check again. Does the email say “micronsoft.com” instead of “microsoft.com”?
• Before clicking, always hover over links to see where they are taking you. Never click on a link in a message unless you’re certain the sender is legitimate.
• Whenever you get an email from an online service you use, log in to your account through your browser (not through links in the email) to check whether the email message is valid.

Stop, Look, and Think. Don’t be fooled.