Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Cyber Frauds. Show all posts

Protecting Your Business from Cybercriminals on Social Media

 

Social media has transformed into a breeding ground for cybercriminal activities, posing a significant threat to businesses of all sizes. According to recent reports, more than half of all companies suffer over 30% revenue loss annually due to fraudulent activities, with social media accounting for about 37% of these scams. This is alarming because even established tech giants like Yahoo, Facebook, and Google have fallen victim to these attacks. For smaller businesses, the threat is even greater as they often lack the robust security measures needed to fend off cyber threats effectively. 

Phishing scams are among the most prevalent attacks on social media. Cybercriminals often create fake profiles that mimic company employees or business partners, tricking unsuspecting users into clicking on malicious links. These links can lead to malware installations or trick individuals into revealing sensitive information like passwords or banking details. In some instances, fraudsters might also impersonate high-level executives to manipulate employees into transferring money or sharing confidential data. Another common method is social engineering, where cybercriminals manipulate individuals into taking actions they otherwise wouldn’t. 

For example, they might pretend to be company executives or representatives, convincing lower-level employees to share sensitive information, such as financial records or login credentials. This tactic is especially dangerous since it often appears as legitimate internal communication, making it harder for employees to recognize the threat. Credential stuffing is another significant concern. In this form of attack, cybercriminals use stolen credentials from data breaches to gain unauthorized access to social media accounts. This can lead to spam, data theft, or the spread of malware through the company’s official accounts, jeopardizing both the business’s reputation and its customers’ trust. Negative campaigns pose a different yet equally damaging threat. 

Attackers may post false reviews, complaints, or misinformation to tarnish a company’s image, resulting in lost sales, reduced customer loyalty, and even potential legal costs if the business decides to pursue legal action. Such campaigns can have long-lasting effects, making it difficult for companies to rebuild their reputations. Targeted advertising is another avenue for cybercriminals to exploit. They create deceptive ads that mislead customers or redirect them to malicious sites, damaging the company’s credibility and resulting in financial losses. To safeguard against these threats, businesses must take proactive steps. Using strong, unique passwords for social media accounts is essential to prevent unauthorized access. 

Responding quickly to any incidents can limit damage, and regular employee training on recognizing phishing attempts and social engineering tactics can reduce vulnerability. Managing access to social media accounts by limiting permissions to a select few employees can minimize risk. Additionally, regularly updating systems and applications ensures that security patches protect against known vulnerabilities. 

By implementing these preventive measures, businesses can better defend themselves against the growing threats posed by cybercriminals on social media, maintaining their reputation, customer trust, and financial stability.

Fraudulent SMS Entities Blacklisted in Government Crackdown



An official release states that the government has blacklisted 'principal entities' behind SMS headers that have been sent over 10,000 fraudulent messages over the past three months as part of a crackdown on SMS scammers. As part of the Sanchar Saathi initiative, the Department of Telecom (DoT) and the Ministry of Home Affairs (MHA) have taken decisive steps to prevent potential SMS fraud, which was launched by the Department of Telecom (DoT). 

According to the Indian Cyber Crime Coordination Centre (I4C), eight SMS headers are being misused to send fraudulent messages for committing cybercrime. In the past three months, the Department of Transport has taken down more than 10,000 fraudulent messages sent using eight headers. These messages belong to eight different Principal Entities (PEs). 

There is a list of the 8 principal entities listed below, along with the 73 SMS headers they own and the 1522 SMS content templates associated with them. There is no longer any possibility of sending SMS via any telecom operator thanks to DoT's steps, which have prohibited the use of any of these Principal Entities, SMS Headers, or templates. 

According to the Indian Cyber Crime Coordination Center, which is under the Ministry of Human Resources, eight SMS headers were misused to send fraudulent communications to commit cybercrime. The term 'principal entity' is commonly used in telecom parlance to refer to business or legal entities that send out commercial messages via SMS to subscribers of mobile operators. Headers can be considered to be alphanumeric strings assigned to a 'principal entity' to send commercial communications. 

In addition, DoT has reiterated its commitment to safeguarding citizens against cybercrime by blacklisting these entities to prevent further victimization of citizens. According to the release, “Citizens can report suspected fraud communications at Chakshu facility on Sanchar Saathi to help DoT in preventing cybercrime and financial frauds from being perpetrated by telecom companies.” TRAI has mandated that only registered principal entities can send promotional and marketing messages to mobile consumers as per its mandate. 

Following the mandate, all commercial messaging (one-time passwords, promotional messages, account balance updates etc) was required to be moved onto the blockchain-based platform by telecom operators. In the country, the government does not permit telemarketing activities, so mobile numbers cannot be used. Upon the first complaint, consumers may be disqualified from their telephone connection if they use the connection to send promotional messages

Additionally, they may also be blacklisted for two years with their name and address being blacklisted. You can identify telemarketing calls by their prefixes: 180, 140, and 10-digit numbers cannot be used for telemarketing. You can report spam by dialing 1909, or by using the Do Not Disturb (DND) service.  

American Financial Data Exposed by Debt Collector

 


An NCB breach notification letter has been sent to affected customers informing them that their data has been hacked. Over 1.1 million people have been exposed by this breach. On February 1st, a US-based company claimed that its systems were breached by attackers, claiming they had penetrated its network. After the company's systems were breached, NCB noticed it within three days of the incident.

Cybernews reported this morning that debt collection agency NCB Management Services has begun notifying customers of data breaches following a breach in February. The breach was first reported by the agency in early 2017. 

It has been reported that an unauthorized third party gained access to confidential information NCB maintains on client accounts recently. The company's letter to potential victims began with the statement: "In the wake of this incident, we are unaware that any of the information you have provided has been misused." 

A report has emerged claiming that NCB had its systems hacked in February. Despite this, it took the company three days to realize this security breach had occurred. 

As a result of cybercriminals stealing personal information from consumers, cybercriminals have launched targeted phishing campaigns via email, phone or text message to defraud those individuals. 

Based on the debt collector's investigation, the type of data accessed from April 19th until now has been determined. Upon reviewing information the company provided to the Maine Attorney General, it appears that the attackers gained access to financial account numbers or payment card numbers. This was done by using security codes, access codes, passwords, or PINs associated with the accounts.

There is a trend of stolen financial data being sold on dark web forums. This is so criminals can mask their illicit activities using others' names. This is done by using stolen information from their bank accounts. 

In my opinion, the amount of financial information exposed is quite concerning as users' credit card numbers could be sold on the dark web if there is no hacking involved. 

In the event hackers are also able to access sensitive data on affected users, it may be possible for them to use their own data to commit crimes such as identity theft or fraud. 

In fact, NCB is a debt collection agency that banks hire to get rid of outstanding amounts owed to them. This is due to its nature as an enforcement agency. This looks like TD Bank and Bank of America have also been indirectly affected by this data breach. 

According to a recent report by JD Supra, the legal advice site, TD Supra, has detailed the possibility that NCB's data breach might impact TD Bank customers as well. This is in a similar manner to that of TD Bank. 

The Toronto-based bank also notified the US Attorney General that the hackers responsible gained access to its customers' names, addresses, account numbers, dates of birth and Social Security numbers. In addition, they gained access to their account balances. This is based on an official filing the bank made with the Main Attorney General. 

One of the recent companies to be breached is Dish, another highly regarded satellite broadcaster in the US. The company has also tried to reassure its affected customers by stating that it had "received confirmation that the extracted data has been deleted." 

Cyber security experts say organizations should never succumb to criminals' demands, as the results are usually high-frequency attacks by the criminals themselves. The FBI and other law enforcement agencies also believe ransomware payments should not be made.

It has been announced that NCB is offering free services to affected users for two years. This will enable them to monitor identity theft for two years and prevent further attacks. 

The National Bank of Boston, in a sample notification letter submitted to the Maine Attorney General, revealed that the bank may also affect Bank of America through the same problem.  

Bank of America has said that if TD Bank offers free access to one of the most effective identity theft protection services, Bank of America will also offer the same to its customers. Bank of America has assured affected customers that it will provide a two-year Experian IdentityWorks subscription. If you have received a data breach notification from NCB, you will have all the information you need about how to set up the subscription. This information is in that notification. 

In the coming year, users affected by this data breach should carefully review their credit reports and account statements. They should look for any unusual activity associated with the breach. 

NCB is working closely with federal law enforcement agencies to figure out who is responsible for the breach and what group of hackers are responsible. Despite that, it is highly likely that the company could pay a fine. This is because hackers accessed its systems for several days before being discovered and getting their hands on them.

Fraudsters Are Difficult to Spot, Thanks to AI Chatbots

 


Researchers at the University of Rochester examined what ChatGPT would write after being asked questions sprinkled with conspiracy theories to determine how the artificial intelligence chatbot would respond. 

In recent years, researchers have advised companies to avoid chatbots not integrated into their websites in a report published on Tuesday. Officials from the central bank have also warned people not to provide personal information to online chat users because they may be threatened. 

It has been reported that cybercriminals are now able to craft highly convincing phishing emails and social media posts very quickly, using advanced artificial intelligence technologies such as ChatGPT, making it even harder for the average person to differentiate between what is trustworthy and what is malicious. 

Cybercriminals have used phishing emails for years to fool victims into clicking on links that install malware onto their computer systems. They also trick them into giving them personal information such as passwords or PINs to trick downloading viruses. 

According to the Office for National Statistics, over half of all adults in England and Wales reported receiving phishing emails in the past year. According to UK government research, businesses are most likely to be targeted by phishing attacks. 

The experts advise users to consider their actions before clicking on links in responses to unsolicited responses, emails, or messages to prevent themselves from becoming victimized by these new threats. 

As well as that, they advise our users to keep their security solutions up to date as well as ensure that they have a complete set of security layers that not just go beyond just detecting known malware that may exist on a device but also identify and block it. Behavioral identification and blocking are two of the layers of this system. 

Researchers from Johns Hopkins University said that personalized, real-time chatbots might enable conspiracy theories to be shared in increasingly credible and persuasive ways, using cleaner syntax and better translations, eliminating errors led by human error, and transcending copy-pasting jobs that are easily identifiable. As for mitigation measures, they claim none can be put in the phone can. 

OpenAI created a program called ChatGPT to predict human behavior. This is a follow-up to its first program aimed at analyzing follow-up behavior and predicting human behavior when human behavior is being observed. OpenAI had previously operated programs that filled online forums and social media platforms with spam comments and comments with grammatical errors as well as artificial intelligence. Following almost 24 hours of being allowed to exist on Twitter, Microsoft's chatbot will never update its status after it has been introduced on the social network after almost 24 hours after being allowed to run. In addition to this, trolls, who consider racist, xenophobic, and homophobic language offensive, attempted to teach the bot to spew racist and xenophobic language. This resulted in it spewing this language.

With ChatGPT, you have far more power and sophistication at your disposal. Whenever confronted with questions loaded with disinformation, the software of convincing, clean variations on the content without divulging any information about its source or origins. 

A growing number of data points show that ChatGPT, which dominated the market last year and became a sensation as soon as it was launched, is being used for cybercrime, with one of the first substantial commercial applications of large language models (LLM) in the creation of malicious communications, a phenomenon that has been growing rapidly across the globe. 

A recent report from cybersecurity experts at Darktrace suggests that more and more phishing emails are being authored by bots as a result of data mining. In this way, criminals can send more messages without worrying about spam filters detecting them. 

Many artificial intelligence platforms have been in the spotlight lately as the next big things in the technology world, including ChatGPT, Bard, and other projects from OpenAI, which are all making waves in the technology world. As smart systems increase in people’s daily lives, biases become more obvious and are more difficult to hide as they become more integrated into people’s lives. 

AI bias can be observed when the data used to train machine-learning models reflect systemic biases, prejudices, or unequal treatment in society, which reflect systemic discrimination and prejudice in society as a whole. The result is that AI systems may perpetuate existing biases and perpetuate discrimination. 

Due to the limited amount of human error in developing, training, and testing AI models, humans can only be blamed for the bias that exists.

Extortion Attempt by Former Ubiquiti Developer

 


Former Ubiquiti employee Nickolas Sharp admitted to the company that he stole gigabytes of private data from the company's network while he was overseeing the company's cloud technology team. During this period, he misrepresented himself as an anonymous hacker and whistleblower to avoid detection. Ubiquiti's GitHub repositories and AWS servers were breached in December 2020 by Sharp, a 36-year-old software engineer from Portland, Oregon. 

Sharp agreed that he would plead guilty to three charges, including making false statements to the FBI, wire fraud, and sending a malicious computer program to a protected computer. Those who commit either of these offenses will be punished with a maximum sentence of 35 years in prison as punishment. 

As a consequence of the data theft incident reported by Ubiquiti in January 2021, the company reported a security incident. 

Using the cover of being an anonymous hacker and pretending to target the company, Sharp tried to extort them. There were 50 bitcoins demanded in the ransom note, which was approximately equal to about $1.9 million at the time the note was written. It was a condition of the agreement to recover the data in exchange for disclosing the weakness in the network that allowed the hack to take place. While Ubiquiti could have paid the ransom by paying the ransom, it chose to change every employee's login information rather than pay the ransom. A second security breach was also discovered in the business's systems, which was found and eliminated before the business notified the government of the breach on December 11. 

A single hour after Sharp was identified as the hacker behind the attack, Ubiquiti's UWS infrastructure and GitHub repositories were cloned using his cloud administrator credentials via SSH (on December 10, 2020) and private files were stolen (on December 21 and 22). 

Despite using the Surfshark VPN service to conceal his IP address while collecting data, he could determine the data collector's location. This was after a short outage of the Internet caused his location to be discovered. He also changed the Log Retention Rules on Ubiquiti's servers along with other data that would have revealed his identity during the investigation. This was done to conceal his identity. 

As a result of a search by the FBI, Nicholas Sharp's residence was searched on March 24, 2021, and electronic equipment belonging to him was seized. He gave several false statements to FBI officials when he was being interrogated. 

His explanations included that he was not the one who committed the crime and that he had never previously used a VPN service of this type. As per records, Sharp purchased the Surfshark VPN service about six months before the incident occurred, in July 2020. It was obtained three months beforehand. Because of this fraud, he alleged that another party had accessed his PayPal account to complete this transaction, so he made the fraudulent allegation that they did so. 

In a media interview after the extortion attempt failed, Sharp, in the false identity of a whistleblower, alleged that Ubiquiti downplayed the breach to avoid retribution. It was after he challenged Ubiquiti's assertion about the impact of the January hack that the company acknowledged its involvement in an extortion attempt and said that there was no indication that any of its users' accounts had been hacked that the firm acknowledged that it was the target of an extortion attempt following that incident. 

He also claimed that Ubiquiti did not have a logging mechanism to enable them to determine whether or not the "attacker" had accessed any systems or data, and that would have prevented them from determining what had occurred. Despite his assertions, the information provided by the Justice Department indicates that he altered the company's logs and the system was compromised.  

Warning for Shoppers: Be Aware of Ransomware

 


With time, cyber attackers are getting updated and using more advanced technologies to steal data and blackmail the victims to get the ransom. One such case happened last year with Austin business Tiny Pies’ Instagram.

The co-founder of Tiny Pies in Austin, Amanda Wadsworth, commented on this incident and explained that they received a mail from an unknown source, and though it looked unauthorized, they clicked on it. After opening the mail, the cyber attackers hacked their system and locked their data. They coerced them to give ransom or else they will delete the account. 

Many cases showed that attackers threaten the victims for a ransom, or else they will leak confidential information on the dark web, where a large amount of such important information is already uploaded, as a consequence of cyber-attacks. 

Bobby Stempfley, the vice president and business unit security officer for Dell Technologies, commented on the rise in cyber-attacks. Dell also has to face many cyber-attacks on Dell. 

She stated that the organizations hold an “astronomical amount of data.” The organizations are managing data that is ten times more than the data that was there five years ago. 

She mentioned, “It is an environment where, when you put in better protections, the threat actors work to find better ways to go, work around those protections.” 

Considering the passion of cyber attackers to continuously find new ways to invade into target’s system and steal data, Stempfley started training employees of Dell to educate them about this ransomware and make them able to identify phishing and other attacks by ransomware. 

Alert for holiday shoppers 

The security company Tanium said that the cases of cyber-attacks are maximum during the holiday shopping season. Tanium added that hackers target when there is higher traffic on websites, such as on holidays, when people surf online more to find good deals. 

Melissa Bischoping, the endpoint security research director at Tanium, said that "security is not just the responsibility of the company storing your data, but it is also an equal responsibility of the shoppers to be alert and aware of such attacks." 

She explained, Shoppers should be cautious when they receive an email and first confirm whether it is legitimate or not. Prefer the trusted official app or the website instead of clicking on the links in emails with “a holiday sale” text. 

She talked about other holiday scams that are carried out using botnets. Cyber attackers collect items that are popularly in demand and add them to sell. Melissa said that the updated technology is working as a helping tool for cyber attackers to target the victims. 

To use the technology as a productive tool for your purpose instead of making it a weapon for hackers, you should follow some tips while shopping for sales online, such as: 

1. In case you receive an email for a shopping sale, do not click on it directly. Search for its authentication on websites or apps. 

2. Do not leave your credit card unchecked. Keep checking your credit card to know if there are any fraudulent charges. 

3. Create different passwords for different websites and apps where you shop from.

Australian Consumer Watchdog Reports Massive Surge of Crypto Use in Investment Scams

 

Australians’ losses from investment frauds surged 90% to AU$103 million from the start of the year to March 20, with the Australian Competition and Consumer Commission (ACCC) confirming payments to fraudsters are most often carried out in cryptocurrency. 

Consumer and Fair Trade Executive Managing Director Rami Greiss said that while the increase in the use of crypto follows its growing popularity, it has facets that lend themselves to being exploited by fraudsters. “It’s also the fact that it’s an unregulated product, so there are no controls. There are no institutions that can be roped in to assist. So really, it’s the fact that it’s the wild west,” Greiss explained.

"In relation to scamwatch, we see a number of scams relating to investment schemes, and we are now seeing that the payments in relation to those are now more often by way of cryptocurrency than by way of bank transfer," Gina Cass-Gottlieb, the new president of the ACCC stated. 

According to ACCC, it has received 66 reports of money recovery frauds this year on its website Scamwatch which is a 725 percent increase compared to the same period in 2021. The commission also disclosed that fraudsters target previous scam victims by contacting them and then posing as someone representing a trusted firm such as a law firm, fraud task force, or government agency. 

Subsequently, the fraudsters ask victims to fill out fake paperwork or provide identity documents and seek upfront payments. They may request remote access to computers or smartphones, enabling them to scam their unsuspecting victims. Earlier this year, the Australian government announced it would design a crypto badge of approval to licence intermediaries such as exchanges.

Last week, Australia’s Financial Services Minister Jane Hume stated that the license will include a "fit and proper person" test, and could include anti-hawking measures to prevent cold calling. Hume also explicitly ruled out a ban. 

“Crypto values will go up and down sure as eggs, and the government will not be protecting consumers from market volatility—and nor should they,” she said. But Australian investors will be sure that if they use a licensed Australian exchange, they can trust the exchange will deliver on its commitments to customers and have appropriate protections.”