Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Canada. Show all posts
telephone scams
Canada Cyber Crime RCMP Spoofing telephone scams

Scammers Impersonate Thunder Bay RCMP in New Phone Spoofing Scheme

 



Phone number of the RCMP used in scams across Thunder Bay. The local Royal Canadian Mounted Police detachment is warning residents of Thunder Bay about a phone scam. Scammers are spoofing the official RCMP number, 807-623-2791, which will have calls that appear to be from the police when they actually are not. The RCMP has issued a public alert to raise awareness and try to prevent potential fraud.

How the Spoofing Scam Works

Spoofing is a technique by which fraudsters mask their real phone numbers through technology, making it seem as though the call is coming from a trusted source. In this case, they are masquerading as the Thunder Bay RCMP in an attempt to intimidate or defraud unsuspecting victims. The fraudsters might use the RCMP's name to give their requests a semblance of legitimacy. These requests usually demand sensitive personal information or money.

The RCMP clears the air on its communication practices

As far as the spoofing cases are concerned, the RCMP states that neither them nor any government institution will ever ask for a fee in an odd manner such as Bitcoin, gift cards, or cash collections. In fact, police will never visit your home to collect money as a reason a family member is behind bars. According to the RCMP, it does not seek social insurance numbers, birthdays, or phone numbers via phone call.

How to Verify an RCMP Call 

 In case somebody is doubtful whether a call claiming that it is from her detachment is genuine or not, then she must hanger and call again at 807-623-2791 between 8 a.m. and 4 p.m. Therefore, he will know if that was the genuine call or an attempt by a scammer.

Role of RCMP in Ontario

Another thing the public should be aware of is that the RCMP does not deal with local law enforcement in Ontario but rather deals with issues involving federal law, such as national security, border integrity, organised crime, and financial crimes, including cybercrime and money laundering.

What to Do if You Suspect a Scam

If you believe you are a target, the best action is to hang up. Victims of telephone scams are advised to contact either their local police service or the Canadian Anti-Fraud Centre to report the incident, helping investigators to track and follow up on ongoing schemes.

By knowing how to validate government calls and remaining vigilant, the citizens will be able to guard themselves against spoofing scams and other fraudulent schemes.


Read more »
User Privacy
Canada Cyber Attacks Private Data Ransomware User Privacy

Ransomware Attackers Target Canada’s Largest School Board

 

The Toronto District School Board (TDSB) has issued a warning following a ransomware attack on its software testing environment and is currently investigating whether any personal data was compromised. 

TDSB is Canada's largest school board and the fourth largest in North America, overseeing and managing 473 elementary, 110 secondary, and five adult education institutions. The group has an annual budget of around $2.5 billion. 

An announcement posted on the board's website earlier this week informs parents, guardians, and carers about a ransomware attack that may have exposed personal information.

"TDSB recently became aware that an unauthorized third party gained access to TDSB's technology testing environment, which is a separate environment used by TDSB IT Services to test programs before they are run live on TDSB systems," reads the announcement. 

"We are conducting a thorough investigation to understand the nature of the incident, any impact on our network, and if any personal information may have been affected by the incident," adds TDSB further down in the announcement. 

TDSB claims that all of its systems are operational, with no disruptions, indicating that the attack was contained in the testing environment. The organisation has contacted the Toronto Police Service and the Information and Privacy Commissioner of Ontario, and it is working with third-party cybersecurity specialists to evaluate the extent of the incident. 

TDSB serves roughly 247,000 students and employs 40,000 employees, therefore this incident could impact a large number of people. The Toronto District School Board agreed to notify affected persons if the ongoing investigation reveals that a data breach happened, but for the time being, it has chosen not to provide too much information

Individuals who may have been impacted and are looking for answers may contact the organisation at 'cyberincident@tdsb.on.ca.’ At the time of writing, none of the major ransomware gangs claimed responsibility for the attack on TDSB.
Read more »
Project Swan
Canada Crypto Fraud Cyber Fraud Ontario Police Project Swan

Self Proclaimed “Crypto King” Aiden Pleterski Charged With $30 Million Scam

 

Aiden Pleterski, also known as the "Crypto King," and his partner, Colin Murphy, have been arrested and charged with allegedly defrauding investors of $40 million CAD (about $30 million USD) in a cryptocurrency and foreign exchange investment scam. 

Earlier this week on Wednesday, the Ontario Securities Commission revealed that Aiden Pleterski, 25, known as the "Crypto King," is facing fraud and money laundering charges. The commission also charged his colleague, Colin Murphy (27), with fraud. It stated Pleterski squandered investors' money on a lakeside house and a fleet of expensive cars. Among them was a Lamborghini, the Italian sports car totemic of crypto-based wealth.

The criminal allegations filed against the two Canadians are part of a 16-month investigation dubbed Project Swan. It coincides with a high-profile bankruptcy case involving their alleged investment fraud scheme. 

According to court filings and local media sources, Pleterski and his company, AP Private Equity Limited, received roughly $40 million CAD from 160 investors between 2021 and 2022 to invest in cryptocurrency and foreign exchange markets. Some investors apparently took out loans to fund their investments with Pleterski.

According to the findings of the bankruptcy trustee, Pleterski only invested two percent of the funds that he was given. He spent at least $16 million on personal luxury items in the interim. Among them were: International trips to the US and UK; more than 10 luxury cars, including two McLarens, two BMWs, and a Lamborghini. renting a lakefront property worth $8.4 million for $45,000 a month.

Aiden Pleterski, a self-proclaimed "Crypto King" and occasional livestreamer, has exposed his lavish lifestyle on social media. He bragged of travels to Los Angeles, London, and Miami, where he drove rental Lamborghini and McLarens. In one film, Pleterski was seen assembling a Lego Titanic model. During it, he claimed that he had spent $150,000 on Lego since 2021. 

Throughout the bankruptcy proceedings, Pleterski portrayed himself as a "20-something-year-old kid". He revealed to creditors that he was messy and did not keep financial records or track payments, CBC reported.

Meanwhile, in December 2022, a group of individuals involved in Pleterski's operation allegedly kidnapped the self-proclaimed Crypto King. According to reports, the group held him captive for three days, torturing and beating him. 

The kidnappers reportedly sought a $3 million ransom for his release. Although Pleterski was later released, a 12-minute video emerged on social media showing him injured and wounded. He apologised to his investors in what his lawyer termed as a forced apology. Four of the suspected kidnappers have since been apprehended and charged.
Read more »
User Safety
AI Scams Canada Cyber Fraud Data Privacy User Safety

Authorities Warn of AI Being Employed by Scammers to Target Canadians

 

As the usage of artificial intelligence (AI) grows, fraudsters employ it more frequently in their methods, and Canadians are taking note. According to the Royal Bank of Canada’s (RBC's) annual Fraud Prevention Month Poll, 75% of respondents are more concerned with fraud than ever before. Nine out of 10 Canadians feel that the use of AI will boost scam attempts over the next year (88%), thereby making everyone more exposed to fraud (89%).

As per the survey, 81 percent of Canadians think that AI will make phone fraud efforts more difficult to identify, and 81 percent are worried about scams that use voice cloning and impersonation techniques. 

"With the recent rise in voice cloning and deepfakes, fraudsters are able to employ a new level of sophistication to phone and online scams," stated Kevin Purkiss, vice president, Fraud Management, RBC. "The good news is that awareness of these types of scams is high, but we also need to take action to safeguard ourselves from fraudsters.”

The study also discovered that phishing (generic scams via email or text), spear phishing (emails or texts that appear authentic), and vishing (specific phone or voicemail scams) were among the top three types of fraud. More than half also report an increase in deepfake frauds (56%), while over half (47%) claim voice cloning scams are on the rise. 

Prevention tips

Set up notifications for your accounts, utilise multi-factor authentication whenever possible, and make the RBC Mobile App your primary banking tool. Keep an eye out for impersonation scams, in which fraudsters appear to be credible sources such as the government, bank employees, police enforcement, or even a family member. 

Some experts also recommend sharing a personal password with loved ones to ensure that you're conversing with the right individual. 

To avoid robo-callers from collecting your identity or voice, limit what you disclose on social media and make your voicemail generic and short. Ignore or delete unwanted emails and texts that request personal information or contain dubious links or money schemes.
Read more »
Threat Intelligence
Canada City of Hamilton Cyber Attacks Municipal City Ransomware attack Threat Intelligence

Canadian City Says Timescale for Recovering from Ransomware Attack 'Unknown'

 

The Canadian city of Hamilton is still getting over a ransomware attack that compromised nearly every facet of municipal operations. 

Since February 25, when the ransomware attack was first reported, city officials have been working nonstop. Foundational services, such as waste collection, transit, and water and wastewater treatment, are functioning as of Wednesday.

However, the attack has impacted nearly every online payment system, forcing the city to rely on cash transactions and other manual processes. All fines, tickets, and tax payments must be made in person. 

Numerous municipal services, including cemeteries, child care centres, and public libraries, were reported by the city as having phone system or website issues. Before March 15, there will be no more city council meetings, and the city's libraries will no longer provide WiFi, public computers, printing services, or other services. 

“The City of Hamilton took swift action to investigate, protect systems and minimize impact on the community. We engaged a team of experts, insurers, legal counsel, and relevant authorities and [are] working diligently to restore the City’s system in a safe and secure manner,” the city said in a statement. “While a timeline for recovery is not yet known, the City is committed to resolving the situation as quickly and effectively as possible.” 

Hamilton is located roughly 40 miles from Toronto and has a population of nearly 600,000. The city stated that it is currently investigating whether citizen data was stolen. No ransomware group has claimed responsibility for the attack yet, and local officials have not responded to calls for comment. 

City officials held a press conference on Tuesday, and City Manager Marnie Cluckie stated that it is "impossible to know how long it will take us to get up and running again.” 

Cluckie declined to comment on whether the city is in talks with the ransomware group, stating that they will "do what is best for the city." She confirmed that the city has cyber insurance. 

During the press conference, Cluckie was asked if the attack would follow the same schedule as the Toronto Library, which dealt with troubles for more than four months after a ransomware attack. Cluckie claims the hired cyber specialists would only advise her that each assault and recovery is unique.

Hamilton is the second municipality in Canada to deal with a ransomware attack over the last week. Ponoka, a small town about an hour west of Edmonton, recently dealt with a ransomware attack that caused system failures for the government.
Read more »
Threat Landscape
Canada City of Hamilton Cyber Attacks Cyber Warfare Threat Landscape

Hamilton City's Network is the Latest Casualty of the Global Cyberwar.

 

The attack that took down a large portion of the City of Hamilton's digital network is only the latest weapon in a global fight against cybersecurity, claims one of Canada's leading cybersecurity experts. 

Regarding the unprecedented attack on the municipality's network that affected emergency services operations, the public library website, and the phone lines of council members, not much has been stated by city officials. Although the specifics of the Sunday incident are yet unknown, Charles Finlay, executive director of Rogers Cybersecure Catalyst, believes that the attack is a part of a larger campaign against a shadow firm that is determined to steal money and data. 

“I don't think that the average citizen of Hamilton or any other city, fully understands what's at play here,” Finlay stated. “Our security services certainly are, but I don't think the average citizen is aware of the fact that institutions in Canada, including Hamilton, are at the front lines of what amounts to a global cybersecurity conflict.” 

On Sunday, city hall revealed service delays caused by what it later described as a "cybersecurity incident" that had far-reaching consequences for the city's network and related services. 

The specifics of what took place, however, remain unknown as local officials maintain a cloak of secrecy. So far, the city has refused to divulge the amount of the damage or how affected departments are operating. Emergency services are described as "operational," with some activities now being completed "manually," but officials refuse to disclose specifics.

The city also refuses to reveal whether sensitive data was stolen or is being held ransom.

According to Vanessa Iafolla of Halifax-based Anti-Fraud Intelligence Consulting, a municipality may prefer to delay reporting the extent of the harm in order to preserve an impression of security and control. 

Finlay and Iafolla said they can only speculate about what transpired because city hall hasn't provided any information. However, given the available details and the consequences of other institutions' attacks, a ransomware attack is a realistic possibility. 

A ransomware assault is one in which malicious software is installed on a network, allowing users to scan and grab sensitive data. In the case of the city, Iafolla could refer to personal information on employees and citizens, such as social insurance numbers and other identifying information.

“It's a safe bet that whatever they took is likely of real financial value,” concluded Iafolla. “It's difficult to speculate exactly what may have been taken, but I would be pretty confident in thinking whatever it is, is going to be a hot commodity.”
Read more »
USA
Akira Ransomware Canada cyber attack Cyber Attacks Ransomware ransomware attacks USA

Akira Ransomware Unleashes Cyber Storm: Targets North American Companies

In the continually changing realm of cyber threats, organizations find themselves urgently needing to strengthen their cybersecurity measures to combat the increasing complexity of ransomware attacks. The focus is on Akira, a recently discovered ransomware family, highlighting a group of cyber adversaries armed with advanced tactics and led by highly skilled individuals. 

In a recent analysis of blockchain and source code data, the Akira ransomware has surged to prominence, rapidly establishing itself as one of the fastest-growing threats in the cyber landscape. This surge is attributed to its adept utilization of double extortion tactics, adoption of a ransomware-as-a-service (RaaS) distribution model, and the implementation of unique payment options. 

Who are the Targets? 

The Akira ransomware made its debut in March 2023, and its sights are set on companies in the United States and Canada. But what is really catching attention is its unique Tor leak site, which, as per Sophos' report, brings back vibes of "1980s green-screen consoles." Users need to type specific commands to navigate through this throwback-style interface. 

What is even more intriguing is that, despite sharing the same .akira file extension for encrypted files, the new Akira is nothing like its 2017 counterpart when it comes to the code under the hood. This twist highlights the ever-evolving nature of cyber threats, where old names come back with a new style and a fresh set of tricks. 

The Akira encryptor 

The Akira ransomware was found by MalwareHunterTeam, and they shared a part of it with BleepingComputer. When it starts working, Akira does something serious – it deletes Windows Shadow Volume Copies on the device. It uses a special command to do this: 

powershell.exe -Command "Get-WmiObject Win32_Shadowcopy | Remove-WmiObject" 
 
Furthermore, linkages between the Akira ransomware group and the now-defunct Conti ransomware gang have come to light, indicating a potential affiliation. Conti, renowned as one of the most notorious ransomware families in recent history, is believed to have evolved from the highly targeted Ryuk ransomware, marking a lineage of prolific cyber threats. The intricate connections between these ransomware entities underscore the evolving nature of cyber threats and the persistence of criminal organizations in adapting and expanding their malicious operations.
Read more »
Security
Canada Cyber Attacks Data Data Safety data security Hackers Privacy Safety Security

Notorious Ransomware Gang Claims Responsibility for Cyberattack on Southwestern Ontario Hospitals

 

A notorious cybercrime gang known as Daixin Team has publicly admitted to pilfering millions of records from five hospitals in southern Ontario, subsequently leaking the data online when their ransom demands were not met. The targeted hospitals include those in Leamington, Windsor, Sarnia, and Chatham-Kent. The Windsor Star has obtained a purported link to the leaked information, which is hosted on the dark web, offering access to personal details of patients from these facilities.

While the hospitals confirmed the publication of the compromised data, they did not officially confirm Daixin Team's involvement. Windsor Regional Hospital CEO, David Musyj, emphasized that the attackers were part of a sophisticated and organized operation, rather than an isolated individual. 

The affected hospitals, including Sarnia’s Bluewater Health, Chatham-Kent Health Alliance, Windsor-Essex hospice, Erie Shores HealthCare, Hôtel-Dieu Grace Healthcare, and Windsor Regional Hospital, continue to grapple with system access issues following the cyberattack on October 23. In addition to disrupting digital and tech-based systems, the perpetrators made off with substantial amounts of personal information pertaining to both staff and patients. When the hospitals refused to yield to ransom demands, the criminals opted to disseminate the pilfered data.

A comprehensive investigation, involving local police departments, the Ontario Provincial Police, the FBI, and INTERPOL, is underway. Daixin Team has a track record of similar cyberattacks against various organizations, including a German water metering company, AirAsia, Fitzbiggon Hospital in Missouri, and OakBend Medical Centre in Texas.

Brett Callow, a threat analyst at the cybersecurity firm Emsisoft Ltd., emphasized that Daixin Team has been active since the middle of the previous year and has repeatedly targeted healthcare organizations. He cautioned that while this incident is unfortunate, it may not be the last, and underscored the urgency for robust cybersecurity measures in the healthcare sector. Following the breach, the hackers locked the hospitals out of their own systems by targeting TransForm Shared Service Organization, which oversees technology systems for all five facilities.

Musyj revealed that the extent of the stolen data is still unknown, but investigations are ongoing. He emphasized that the decision not to pay the ransom aligns with the joint statement from the 50 members of the International Counter Ransomware Initiative, which includes Canada. Callow, however, stressed that global governments need to take more effective measures to combat cybercriminals.

The U.S. government’s Cybersecurity and Infrastructure Security Agency issued a warning about Daixin Team last year, specifying that the group targets businesses in the Healthcare and Public Health sector with ransomware and data extortion operations. They encrypt servers responsible for healthcare, exfiltrate personal information, and demand ransom payments.

Callow concluded by advising caution and preparation for potential misuse of the compromised information, given the hackers' track record. He recommended assuming that the information could be exploited and taking appropriate precautions.
Read more »
Subscribe to: Posts (Atom)