Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Cyber crimes. Show all posts
VIPRE
Business Email Compromise Cyber crimes Cybersecurity trending news VIPRE

Business Email Compromise Soars in Q3 2024 as Cybercriminals Refine Tactics: VIPRE Report

 

Global cybersecurity provider VIPRE Security Group has published its Q3 2024 Email Threat Trends Report, revealing an alarming rise in business email compromise (BEC) and highlighting the evolving techniques cyber criminals are using to deceive employees and breach corporate security. According to VIPRE’s analysis of 1.8 billion global emails, 208 million were flagged as malicious, with BEC scams making up 58% of phishing attempts. 

VIPRE noted that 89% of these attacks used impersonation, often of senior executives or IT personnel, in an attempt to exploit employees’ trust in authority figures. The manufacturing sector experienced a notable 8% spike in BEC attacks this quarter, increasing from 2% in Q1 to 10% in Q3. 

The report attributes this surge partly to the industry’s extensive use of mobile devices for remote sign-ins, which can leave employees more vulnerable to attacks. Email threats during the quarter were predominantly scams (34%), commercial spam (30%), and phishing (20%), overshadowing ransomware and malware, which together made up less than 20% of email-based attacks. 

Despite their lower prevalence, ransomware and malware remain a significant concern in the cybersecurity industry. To evade detection by modern security measures, cybercriminals have started disguising malicious attachments as voicemails or essential security updates. Microsoft PDF and .DOCX files were the most common formats, with 2.18 million emails containing harmful attachments, representing a 30% rise from Q2’s 21%. In Q3, URL redirection became a popular technique among attackers, representing 52% of email-based scams. 

Cybercriminals used clean URLs within emails to bypass security checks, redirecting recipients to meticulously crafted fraudulent websites. VIPRE also observed a shift in malspam tactics, with attackers favouring attachments (64%) over malicious links (36%). Formats such as LNK, ZIP, and DOCX were common in these campaigns. 

Redline, a notorious malware family, remained the most prevalent, designed to steal sensitive data from web browsers. Usman Choudhary, VIPRE’s CPTO, emphasized the need for robust cybersecurity measures, especially as the holiday season approaches. “BEC email and phishing attacks are becoming more targeted and convincing,” he said, highlighting the urgency of employee education to counter these threats.
Read more »
Scam
Bengaluru Cyber crimes Fraud porter Scam

Delivery Partners Exploit App Loophole, Defraud Logistics Company in Bengaluru

 




This is a major fraud case whereby delivery partners exploited a weakness in the logistics app Porter, syphoning Rs 90 lakh from Bengaluru. The swindle was detected by a routine business audit conducted in July by Smart Shift Logistics Solutions Pvt Ltd, which runs Porter. After this, an official of the logistics company filed a complaint with the police. Insider involvement was ruled out through automated operations.

The authorities suspected it could be an inside job when the fraud was first detected, considering the scale of the crime. They looked at the backend operations of the company and found nothing internal as most processes were automated. This led to a deep probe with Sarah Fathima, the Deputy Commissioner of Police (Southeast), assigning a team to trace the refunds made by the company since January. This series of operations was headed by ACP Govardhan Gopal, along with inspector Eshwari from the Southeast Cybercrime, Economic Offences, and Narcotics (CEN) police station.


Understanding the Scam

The investigators soon came across several refunds credited to the same accounts, and a rather clear fraud pattern began to emerge. The police were following this chain of suspicious transactions when it led them to a Shreyas TL, a 29-year-old from Hassan's Hirisave. Based on confession questioning of Shreyas, the police managed to seize three others: Kaushik KS, aged 26, from Mandya, Ranganath PR, also 26, and Anand Kumar, 30, both from Mandya.

These were earlier cab drivers and food delivery partners for various online applications who chanced upon loopholes in the Porter app after dabbling in such scams in other delivery services. They eventually managed to pinpoint how to exploit the Porter system through trial and error for their financial gains.


How the scam was run

Porter has a system where the driver can get a part of the total bill through his wallet whenever he accepts the job. And if he rejects the delivery, he will have his money back automatically. The application does not allow abusing this system, and therefore it has a strict cancellation policy where it blacklists the drivers in case they cancel two deliveries consecutively.

The fraudsters bypassed the system. Geo-spoofing is an application of the technology, using which they manipulated the app so as to pose their locations at places where there are few available drivers. This way, they accepted the jobs using their fake delivery accounts. The amount of the bill was credited to their digital wallets. Then the amount was drawn from these wallets into bank accounts. They canceled the delivery, and customers canceled the order and received a refund.

The reason they did not get blacklisted was because of repeated cancellations, so to avoid that, the gang bought fake phone numbers from Telegram groups and created new accounts on the app with them. Additionally, the gang practiced geo-spoofing to change their location into neighbouring states, making it hard for the authorities to trace them.


A Perfected Scam

The operation of the gang was so sophisticated that they managed to make off with a total of Rs 90 lakh from the company. Taking advantage of loopholes in the automation of the app, they had syphoned off the amount without raising any suspicion in the beginning. But finally, after going through a detailed investigation, it was traced by the police, and the fraudsters were caught.

This case shines a light on the importance of secure and foolproof systems in online platforms, especially those handling financial transactions. It also highlights the need to frequently audit and monitor company automated processes to detect fraud before it gets out of hand.




Read more »
Scams
Cyber Crime Cyber crimes DNS fraudulent activities Google Scams

New Coalition to Take Down Online Scams, Led by Google

 




As cybercrime continues to cost the world economy billions annually, a robust new coalition launched by Google, the DNS Research Federation, and the Global Anti-Scam Alliance (GASA) is working to disrupt online scammers at a global level. By all accounts, this partnership constitutes a "game changer." The United Coalition focuses on revealing and thwarting fraudulent activity online.

Online Scam Fighting via the Global Signal Exchange

The coalition will be launching a data platform called Global Signal Exchange, which will 24/7 scan open cyberspaces for signs of fraudulent activity and issue alerts. For a platform, it will leverage the DNS Research Federation's DAP.live: an aggregation platform that consolidates feeds from over 100 sources to spot potential scams. Google enhances these efforts while providing relevant feeds from DAP.live that should provide an even more comprehensive view of online fraud as it begins to take shape.

A Growing Threat in the Digital Age

Some scams are becoming almost too clever nowadays, to the extent that an estimated $8.6 billion is lost worldwide due to such scams each year, with few cases going to convictions. In the UK alone, each person is targeted nearly 240 times a year by a scammer via emails or texts from fake legitimate businesses or offices asking them for personal information, such as bank or credit card details.

Britain estimates the average loss per person due to scams is £1,169. Overall, 11% of adults admit that they have fallen for online fraud. More alarming is the economic loss in the proportion of older adults, which indicates people aged 55 and above lose an average amount of £2,151. Those between 36 and 54 lose about £1,270, while those less than 35 years old lose about £851.

The Call for International Cooperation

Another challenge while combating online scams is that many of the criminal organisations behind these scams are operating from abroad, often from such countries as Russia and North Korea. This international nature makes it even more difficult for local authorities to keep an eye on and legally prosecute them. The coalition aims to balance this gap by sharing scam information in real time, thereby creating a chance to respond quickly to new emerging threats. This collaborative approach will serve crucially because cybercriminals often operate in groups and have done all of this work so fast, which has made it really hard to fight scams alone by any single organisation.

Scammers collaborate, they pool and they act fast. The days when individual brands could combat cybercrime on their own are gone. Global Signal Exchange usher in a new chapter in the battle against cybercrime, and Google's partnership promises to be the game-changer," said Emily Taylor, Chief Executive of DNS Research Federation.

Scammers Use All Too Familiar Brand Names Trapping Victims

The research carried out by the coalition indicates that fraudsters make use of the identity of conspicuous brands to acquire victims. Some of the very popular brands currently being used in scams are: home delivery and courier services; financial services, including banks, insurance, and loan companies; companies in the Technology, Media, and Telecoms sector; many public sector organisations, including HMRC and local councils; and, in a few instances, prominent charities.

According to DNS Research Federation, the volume of scams seems to peak each year in November during the Black Friday promotions and associated online shopping. Much of such activity is occurring because of heightened online activity. Thus, proper defences are quite essential when activity reaches such peak levels.

An alliance towards consumers' protection around the world

The Global Anti-Scam Alliance was established in 2021 to create a network of businesses that stand together to protect consumers online from fraud. GASA, in partnership with Google and the DNS Research Federation, will decrease the profitability of scams in order to make them less appealing to cybercriminals.

As threats in cyber continue to grow and seemingly intensify, this alliance will very largely form a critical element in the protection of users internationally. The Global Signal Exchange represents a major leap forward in efforts on anti-scam activities as it promises that consumers will be better protected from online fraud, and are able to navigate an increasingly complex digital environment more securely.


Read more »
UNODC
Cyber crimes Deepfake Personal Data Stolen Data Telegram UNODC

UN Report: Telegram joins the expanding cybercrime markets in Southeast Asia

 


According to a report issued by the United Nations Office for Drugs and Crime, dated October 7, criminal networks across Southeast Asia are increasingly turning to the messaging platform Telegram for conducting comprehensive illegal activities. It says Telegram, due to big channels and seemingly insufficient moderation, becomes the attraction of the underworld for organised crime and its resultant transformation in the ways of operating global illicit operations.

An Open Market for Stolen Data and Cybercrime Tools

The UNODC report clearly illustrates how Telegram has become a trading platform for hacked personal data, including credit card numbers, passwords, and browser histories. Cybercriminals publicly trade on the large channels of Telegram with very little interference. In addition, it has various software and tools designed to conduct cybercrime such as fraud using deepfake technology and malware used for copying and collecting users' data. Moreover, money laundering services are provided in unauthorised cryptocurrency exchanges through Telegram.

An example was an ad to be placed on Telegram stating that it was moving USDT cryptocurrency, stolen and with $3 million daily transactions, to cash in on criminal organisations involved in transnational organised crime in Southeast Asia. According to reports, these dark markets are growing increasingly omnipresent on Telegram through which vendors aggressively look to reach criminal organisations in the region.

Southeast Asia: A hub of fraud and exploitation

According to the UNODC reports, this region in Southeast Asia has become an important base for international fraudulent operations. Most criminal activities within the region relate to Chinese syndicates located within heavily fortified locations and use trafficked individuals forced into labour. It is estimated that the industry generates between $27.4 billion and $36.5 billion annually.

The move comes as scrutiny of Telegram and its billionaire founder, Russian-born Pavel Durov, is intensifying. Durov is facing legal fallout in France after he was charged with abetting crime on the platform by allowing the distribution of illegal content after he tightened his regulations in France. The case has sparked debates on the liability of tech companies for the crimes happening on their platform, and the line between free speech and legal accountability.

It responded to the increasing pressure by promising cooperation with legal authorities. The head of Telegram, Durov, stated that Telegram will share the IP addresses and phone numbers of users whenever a legal request for them is required. He further promised to cancel some features on the platform that have been widely misused for illicit activities. Currently, more than a billion people worldwide are using Telegram, and it has so far not reacted publicly to the latest report from the UNODC.

A Perfect Fertile Ground for Cybercrime

For example, as personal data becomes more and more exposed to fraudulent exploitation and fraud schemes through Telegram, for instance, the Deputy Representative for Southeast Asia and the Pacific at UNODC highlighted the perils of the consumer getting to see. In this respect, Benedikt Hofmann, free access and anonymity developed an ideal setting for criminals towards the people's data and safety.

Innovation in Criminal Networks

The growth in Southeast Asia's organised crime to higher levels may indicate criminals will be armed with new, more varying technologies-most importantly malware, generative AI tools, and deepfakes-to commit sophisticated cyber-enabled fraud. In relation to innovation and adaptability, investigation by UNODC revealed over 10 specialised service providers in the region offering deep fakes technology for use in cybercrime cases.

Expanding Investigations Across Asia

Another area of concern discussed in the UNODC report is the increasing investigation by law enforcement agencies in other parts of Asia. For example, South Korean authorities are screening Telegram for its role in the commission of cybercrimes that include deepfake pornography. Meanwhile, in India, a hacker used Telegram chatbots to leak private data from Star Health, one of the country's largest insurers. This incident disclosed medical records, IDs, and even tax details. Star Health sued Telegram.

A Turning Point in Cybersecurity

The UNODC report opens one's eyes to the extent the challenge encrypted messaging presents toward the fight against organised crime. Thus, while criminal groups will continue and take full advantage of platforms like Telegram, tech companies remain on their toes about enforcing control measures over illegal activity while trying to balance concerns to address user privacy and safety.


Read more »
Ransomware
Bitcoin cryptocurrency Cyber Crime Cyber crimes DOJ Ransomware

Russian Nationals Charged in Billion-Dollar Cryptocurrency Fraud

 




A tremendous blow has been dealt to global cybercrime after US authorities charged two Russian nationals with masterminding a giant cryptocurrency money laundering network. After being charged by the U.S., the two Russian nationals are alleged to have headmastered a giant cryptocurrency money laundering network. The couple laundered the billions through crypto exchange services, concealing ill-gotten gains from cyber frauds, ransomware, and dark web narcotics.

DOJ officials collaborated with worldwide law enforcement to obtain servers and USD 7 million in cryptocurrency from the network, effectively crippling the criminal organisation.

Vast Money Laundering Scheme Exposed

DOJ says the two Russians to be arraigned, Sergey Ivanov and Timur Shakhmametov, played a significant role in one of the largest money laundering operations. They traded billions of dollars for international cybercriminals through various cryptocurrency exchanges, including platforms like Cryptex and Joker's Stash. Their operation enabled criminals to avail themselves of the anonymity associated with cryptocurrencies, avoiding financial regulations, and even making their laundered funds more portable and unobservable.

Investigators said Ivanov operated Cryptex, a site that processed more than $1.15 billion in cryptocurrency transactions. Of that, $441 million was directly linked to crimes, including $297 million in fraud and $115 million in ransomware payments. Cryptex offered criminals a loophole because it didn't require users to have their IDs verified—a "know-your-customer" (KYC) compliance process would have made their transactions traceable.

The medium to support darknet criminals

Besides Cryptex, the operation made it possible to conduct many other illegal activities on the dark web like carding sites-Rescator and Joker's Stash. The said platforms, especially Joker's Stash, deal in stolen payment card information. Estimated proceeds from these operations ranged around $280 million to up to $1 billion. One of the defendants, Shakhmametov was said to manage Joker's Stash, and hence the extent of this criminal network increased.

Seizing Servers and Crypto Currency

Indeed, international cooperation figured quite largely into taking down this elaborate criminal enterprise. US authorities teamed with law enforcement agencies from other countries, such as Dutch authorities, to take down servers hosting such platforms as PM2BTC and Cryptex, located in several different countries, which have disrupted the operation. Moreover, law enforcement seized more than $7 million in cryptocurrency on those servers from the organisation.

According to the Justice Department, bitcoin transactions through Cryptex were pegged at 28% to the darknet markets that are U.S.-sanctioned, as well as other crime enterprises. This percentage emphasises the colossal level of participation that such exchanges provided in furthering cybercrimes at a worldwide level.

Global Crackdown on Cybercrime

The case reminds everyone that efforts at a global level are aimed at fighting the same cybercrime supported by cryptocurrencies. The DOJ has already communicated while working with other U.S. agencies, including the Department of State and the Treasury, that it will continue the crusade against those who use digital currencies for nefarious activities. In this case, the dismantling of this billion-dollar laundering network makes it a milestone victory for law enforcement and a warning to others in similar operations.

As cryptocurrency increases in usage, so does its misuse. Even though digital currencies offer immense legitimate advantages, they also provide criminals with a conduit to bypass traditional financial systems. This makes it pretty evident that the breaking down of Cryptex and Joker's Stash serves as a harsh reminder of how much importance needs to be given to strict security and regulatory measures so that such practices cannot be made using the system for nefarious purposes.

The recent charges suggest that U.S. and international law enforcement agencies are attacking cybercrime networks, especially those using cryptocurrency as a cover for under-the-radar activities. By taking down these systems, the authorities would find it more challenging for cybercrimes to cover up their illegal sources of income and further reduce the threat of rising cybercrime globally.

Hence, this high-profile case should awaken business entities and private individuals dealing in cryptocurrencies to take extreme care that they do not engage in any activity contrary to regulations set to monitor money laundering and other illegal activities.


Read more »
Threat Landscape
Cyber crimes Cyber Extortion Sextortion Threat Landscape

Three Cyber Extortion Schemes Attackers Can Employ Against You

 

Cybercriminals appear to have an infinite repertoire of strategies at their disposal when it comes to forcefully extracting financial information from victims. They prefer specific methods over others, and extortion is one of them. 

Keep in mind that blackmailers will not just use one trick, but will use various types of extortion to force their victims to do their bidding, whether it is paying them a significant sum of money or performing tasks on their behalf.

Hack and extort

The term is rather self-explanatory, but to be sure, the extortionist will access your device or online accounts, search your files for any sensitive or valuable data, and steal it. Although it may resemble ransomware in some ways, the breaking and entering of your system is done manually, and the cybercriminal has to dedicate time and resources in doing so.

Unless your password was compromised in a large-scale data breach, in which case the job required is negligible. The successfully targeted individual is then sent an email in which the criminal attempts to force the intended victim into paying by threatening to expose this data and listing examples for added effect. To safeguard yourself, try encrypting your data and adequately protecting all of your accounts with a strong passphrase, as well as enabling two-factor authentication whenever possible. 

Sextortion

Sextortion is precisely what it sounds like: extortion carried out with the threat of exposing sexual material about the target. Sextortionists might approach the practice in a variety of ways. Until the criminal gains the victim's trust and persuades them to switch from the dating platform to a regular messaging service, it may begin as an apparent romantic dalliance through a dating platform. 

This is done in order to prevent setting off the security measures that dating apps employ to identify possible con artists. After the victim leaves the dating site, they will attempt to persuade them to share some explicit or risqué images or videos, which they will then use as leverage in a blackmail campaign. As an alternative, hackers can opt to break into a victim's computer and take control of their webcam in order to secretly monitor and even record explicit images or videos of them; American model and previous Miss Teen USA Cassidy Wolf was a victim of such sextortion. 

Sending risqué images to anyone is not advisable. Even if you trust someone, you can't rule out the possibility that their devices or accounts have been compromised, sensitive images have been exposed, or that your current level of trust in them has changed or is otherwise wrong. To mitigate your risks of getting hacked, keep your gadgets patched and updated, and utilise a respected security solution.

DDoS extortion 

Cybercriminals frequently use distributed denial of service (DDoS) attacks on enterprises in an attempt to completely disable their target's capacity to offer services. They frequently post their services on DDoS-for-hire marketplaces in an effort to increase their illicit revenue. Threat actors use a large number of machines arranged into a botnet to bombard a target with requests during these attacks. 

The goal is to overwhelm the target's systems to the point where they fail, so taking them offline. Attacker scans can cause this to continue for days at a time, costing some businesses hundreds of thousands of dollars in lost sales. For instance, a cybercrime collective recently threatened to use DDoS assaults against multiple organisations unless they paid ransoms ranging from US$57,000 to US$227,000 by adopting the garb of well-known shacking groups. 

Setting up a firewall to deny access to all unauthorised IP addresses and enrolling with a DDoS mitigation provider are just a few steps you can take to defend yourself from DDoS extortion attempts.
Read more »
VPN
2024 cyber crimes CISA Cyber crimes cybersecurity advisory Cybersecurity Experts Data Breach Data protection FBI IMF VPN

Rising Cybercrime Threats and Prevention Measures Ahead of 2024

 

According to projections from Statista, the FBI, and the IMF, the global cost of cybercrime is anticipated to experience a substantial increase. By 2027, it is estimated to surge to $23.84 trillion, marking a significant rise from the $8.44 trillion reported in 2022. 

Security expert James Milin-Ashmore, from Independent Advisor VPN, has provided a comprehensive list of 10 crucial guidelines aimed at enhancing digital safety by avoiding sharing sensitive information online. 

These guidelines serve as proactive measures to combat the rising threat of cybercrime and safeguard personal and confidential data from potential exploitation. 

1. Avoid Sharing Your Phone Number on Random Sites 

Sharing your phone number online can expose you to a range of security risks, warns an expert. Cybercriminals could exploit this information to gather personal details, increasing the likelihood of identity theft and other malicious scams: 

  • Subscriber Fraud: Scammers set up fake cell phone accounts with stolen info. 
  • Smishing: Fraudsters send text messages to trick victims into revealing data or visiting harmful sites.
  • Fake Call Frauds: Scammers pose as legitimate entities to extract sensitive information. 
  • Identity Theft: Phone numbers are exploited to commit financial fraud and impersonate individuals. 

2. Do Not Update Your Current Location 

It is not new or unknown that people share their current locations on social media handles however, experts caution against sharing personal addresses or current locations online, citing heightened risks of theft, stalking, and malicious online activity. 

Such information can be exploited to tailor phishing attempts, rendering them more convincing and increasing the likelihood of falling victim to scams. 

3. Do Not Post Your Holiday Plans 

As the holiday season approaches, many individuals may feel inclined to share their vacation plans on social media platforms. However, security experts are warning against this seemingly innocent practice, pointing out the potential risks associated with broadcasting one's absence from home. 

Announcing your vacation on social media not only informs friends and family of your whereabouts but also alerts criminals that your residence will be unoccupied. This information could make your home a target for burglary or other criminal activities. 

4. Do Not Take Risks of Sharing Password Online 

Passwords serve as the primary defense mechanism for safeguarding online accounts, making them crucial components of digital security. However, security expert emphasizes the importance of protecting passwords and refraining from sharing them online under any circumstances. Sharing passwords, regardless of the requester's identity, poses a significant risk to online security. 

Unauthorized access to sensitive accounts can lead to various forms of cybercrime, including identity theft, financial fraud, and data breaches. 

 5. Protect Your Financial and Employment Information 

Experts caution against sharing sensitive financial or employment details online, highlighting the potential risks associated with divulging such information. Financial details, including credit card numbers and bank account details, are highly sought after by online fraudsters. Similarly, sharing employment information can inadvertently provide criminals with valuable data for social engineering scams. 

 6. Protect Your ID Documentation 

Expert urges individuals to refrain from posting images of essential identification documents such as passports, birth certificates, or driver's licenses online. These documents contain sensitive information that could be exploited by identity thieves for various criminal activities, including opening unauthorized bank accounts or applying for credit cards. 

7. Stop Sharing Names of Your Loved Ones/Family/Pets 

Security experts advise against sharing personal details such as the names of loved ones or pets online. Hackers frequently attempt to exploit these details when guessing passwords or answering security questions. 

 8. Protect Your Medical Privacy 

Your medical history is a confidential matter and should be treated as such, caution experts. Sharing details about the hospitals or medical facilities you visit can inadvertently lead to a data breach, exposing personal information such as your name and address. 

 9. Protect Your Child's Privacy 

Expert warns against sharing information about your child's school online, as it can potentially put them at risk from online predators and expose them to identity theft. 

 10. Protect Your Ticket Information 

Expert advises against sharing pictures or details of tickets for concerts, events, or travel online. Scammers can exploit this information to impersonate legitimate representatives and deceive you into disclosing additional personal data. 

Furthermore, in 2023, the Internet Crime Complaint Center (IC3) reported a staggering surge in complaints from the American public. A total of 880,418 complaints were filed, marking a significant uptick of nearly 10% compared to the previous year. 

These complaints reflected potential losses exceeding $12.5 billion, representing a substantial increase of 22% in losses suffered compared to 2022. Also, according to the Forbes Advisors, Ransomware, Misconfigurations and Unpatched Systems, Credential Stuffing, and Social Engineering will be the most common threats in 2024.
Read more »
IT
APT Cyber Crime Cyber crimes Cybersecurity Data Theft IT

Data Theft Surge: How IT Admins Are Fighting Back

 


A survey conducted by the company between the 9th and 14th of August 2023 revealed that 55% of IT security decision-makers ranked data theft as their top concern among all IT security concerns they face. There is an interesting trend taking place in terms of ransomware, which has been a staple concern of ours, now slipping from first to third place (29%) behind phishing attacks (35%). 

Based on the results of a survey conducted by the CIO Institute, which collated responses from 205 IT security decision-makers, it was discovered that advanced persistent threats (APTs) and targeted attacks were of greater concern to CIOs (30%) and CTOs (33%), than ransomware (28%, 33%). 

As such, the majority of these APT attack methods are designed to achieve national-level objectives, such as the destruction of infrastructure or the conduct of espionage operations. Based on the data, it appears that data theft is the second most commonly encountered cybersecurity incident within organizations, ranking at 27% of cases reported in the study. 

With 46%, phishing is still at the top of the list when it comes to cybercrime. Therefore, it has become imperative to protect sensitive data, which is why nearly half of the professionals surveyed said they stayed up all night to do so (48%). 

What is Data Theft?


When someone steals data from a computer, server, or another device, to install malware on that device and obtain confidential information, it is considered data theft, as it violates the privacy of the victim. There are increasing numbers of computer users, corporations and organizations that are committing data theft as a major problem. 

At the corporate level, there is a real risk of insiders stealing data from the company as well as from outside its walls; minimizing the risk of insider data theft is anything but an easy task.  The emergence of ransomware has caused headlines over the last decade since it first gained prominence over a decade ago. 

The ransomware has since undergone several evolution cycles and is now capable of both encrypting and stealing sensitive data from a network. It has become increasingly complex for businesses to manage IT environments due to the proliferation of multi-cloud strategies and multiple products, as well as the fact that many enterprises are now using multiple products and multi-cloud strategies, which can lead to security breaches and businesses being forced to pay for tools that are underused or overlap. 

As a result of consolidating cybersecurity architectures, risks can be mitigated, instruments and vendors can be reduced, silos can be removed, costs can be decreased and overall security posture will be improved. A recent study found that security alerts are on the rise, with 89 per cent of respondents reporting an increase in security alert volumes over the past twelve months, while 76 per cent said that alerts have increased by between one and fifty per cent in the past year. 

As a result, 26 per cent of respondents stated a 26 to 50 per cent increase in alerts, which emphasizes that security teams are under increasing pressure and that businesses are facing an ever-increasing number of threats. As a result of losing data in this way, a business is not only at risk of losing customers due to a tarnished image, but they can also potentially lose profits due to disruption and be fined by law enforcement agencies, state legislators, and privacy watchdogs for failure to keep their business data protected. 

A further point to note is that in addition to ransomware, advanced persistent threats (APTs) and targeted attacks are seen as being a greater threat even among CIOs (30%) and CTOs (33%). To mitigate these risks, robust security measures must be implemented to protect these systems and data.
Read more »
Indian PM
Cyber crimes data security Data Theft Indian PM

Cyber Crimes Needs Global Cooperation, Says Indian Prime Minister

 

Highlighting the increasing reliance on technology by terrorist organizations for radicalization purposes, Prime Minister Narendra Modi has drawn attention to their exploitation of emerging digital avenues such as the dark net, metaverse, and cryptocurrency networks. His call for global cooperation underscores the need to combat cybercrimes more effectively. 

During a unique conversation with PTI, he emphasized that according to the World Bank's calculations, cyber attacks might have resulted in global losses nearing USD 5.2 trillion between 2019 and 2023. 
Yet, he pointed out that their repercussions extend far beyond financial dimensions, encompassing deeply concerning activities. 

“Cyber terrorism, online radicalization, and the use of networked platforms to move funds from money laundering to drugs and terrorism are just the tip of the iceberg. Terrorist organizations are using technology for radicalization, moving money from money laundering and drugs into terror funding, and capitalizing on emerging digital avenues such as the dark net, metaverse, and cryptocurrency platforms to fulfill their nefarious aims,” he added. 

Modi highlighted the disruptive potential of 'deep fakes,' expressing concern that their proliferation could lead to chaos and erode the credibility of news outlets. He further noted that fake news and 'deep fakes' have the capacity to incite social unrest. 

In July, India hosted a G20 Conference focusing on the challenges posed by NFTs (Non-Fungible Tokens), Artificial Intelligence, and the Metaverse in the context of crime and security. At this conference, the prime minister highlighted the shared concern regarding malicious cyber activities that run counter to established norms, principles, and international laws governing cyberspace. 

At the conference, it was emphasized by Modi that there was genuine concern voiced regarding malicious cyber activities that run afoul of established norms, principles, and regulations governing cyberspace and international law. 

There was a clear call for enhanced coordination in developing prevention and mitigation strategies. Furthermore, there was a notable emphasis on the imperative of establishing a comprehensive international convention aimed at countering the misuse of Information and Communication Technologies (ICTs). 

As per the information presented in Parliament on December 13, 2022, India witnessed a staggering number of over 16 lakh cybercrime incidents during the three-year span commencing in 2019. Subsequently, more than 32,000 First Information Reports (FIRs) were lodged in response to these incidents.
Read more »
phishing
Cyber Crime Cyber crimes Cybersecurity Deepfake Phishing Deepfakes phishing

Deepfakes: The Emerging Phishing Technology


Phishing has been a known concept for over a few decades now. Attackers manipulate victims into performing actions like clicking a malicious URL, downloading a malicious attachment, transferring funds, or sharing sensitive data by utilizing human psychology, taking advantage of human nature (such as impulsivity, grievances, and curiosity), by posing as legitimate companies. 

While phishing is most commonly executed via emails, it has now evolved into utilizing voice (vishing), social media, and SMS in order to seem more legitimate to the victims. With deepfakes, phishing is reemerging as the most severe type of cybercrime. 

What are Deepfakes? 

According to Steve Durbin of the Information Security Forum, deepfake technology (or deepfakes) is "a kind of artificial intelligence (AI) capable of generating synthetic voice, video, pictures, and virtual personalities." Users may already be familiar with this via their smartphones, consisting of apps that tend to revive the dead, exchange faces with famous persons, and produce effects that are quite lifelike like de-aging Hollywood celebrities. 

Although deepfakes were apparently introduced for entertainment purposes, threat actors later utilized this technology to execute phishing attacks, identity theft, financial fraud, information manipulation, and political unrest. 

Recently, deepfakes are being created by numerous methods, such as swapping (an individual’s face is superimposed upon another), attribute editing, face re-enactment, or entirely artificial content in which a person’s image is entirely made up. 

One may assume deepfake as a futuristic concept, but a widespread and malicious use of deepfakes is in fact readily available and being used in reality. 

A number of instances of deepfake-enabled phishing have already been reported, such as: 

  • AI voice cloning technology conned a bank manager into initiating wire transfers worth $35 million. 
  • A deepfake video of Elon Musk promoting a crypto scam went viral on social media. 
  • An AI hologram, impersonating a chief operating officer at one of the world’s biggest crypto exchanges on a Zoom call and scammed another exchange into losing all their liquid funds. 
  • A deepfake make headlines, showing former US president Barack Obama speaking about the dangers of false information and fake news. 

How Can an Organization Protect Themselves from Deepfake Phishing? 

Deepfake phishing could be the reason for massive damage to businesses and their employees. Businesses could face harsh penalties and a higher risk of financial fraud. Since deepfake technology is currently widely available, anyone with even the smallest bad intent may synthesize audio and video and carry out a sophisticated phishing assault. 

The following steps must be followed to ensure prevention. 

  • Conduct sessions regarding security awareness, so that the employees could understand their responsibility and accountability pertaining to cybersecurity. 
  • Run phishing simulations to expose employees to deepfake phishing so they may learn how these frauds operate. 
  • Implement technologies such as phishing-resistant multi-factor authentication (MFA) and zero-trust in order to mitigate risks of identity fraud. 
  • Encourage people to report suspicious activities and check the credibility of requests, especially if they involve significant money transactions. 

One could not possibly prevent activities like deepfakes from happening, but the risks can still be mitigated by taking certain measures such as nurturing and developing cybersecurity instincts among employees. This will ultimately reinforce the overall cybersecurity culture of the organization.  

Read more »
Police
Christmas Cyber crimes Digital Culture Online Shopping Police

Scammers Target Christmas with Labour's Online Safety Bill

 


During the 12 days of Christmas, Labour has predicted that nearly £80m will be lost to online fraud and spam over the holiday season. Ministers were criticised for the delays in the passage of the bill concerning online safety.  

According to police force data that was analyzed by the party, the number of incidents of cybercrime was 312 per day in 2019/20 and 2020/21 on average. This constitutes a loss of £6.36 million per day or a loss of £76 million over the festive period as a result of fraud. There has been criticism of Labour regarding the delay in the parliamentary process of the online safety bill. It has been alleged that the delay is letting criminals and fraudsters off the hook. 

Several delays and amendments have been made to the bill over the past few years. It was anticipated that it would finish its Commons stages by the end of July. At the last minute, however, the government decided to hold a confidence vote for Boris Johnson. Despite a row among conservative MPs over whether or not it would unfairly stifle freedom of speech online, the bill has since been stalled as ministers rewrite key sections of it. 

As a result of this legislation, children will be better protected from hazardous online content and there will be a decrease in the amount of hate speech and self-harm content available online. 

The government is extending the current parliamentary session, which was supposed to end in May, so it can be used as an opportunity to pass major pieces of legislation. The bill on online safety is included in this category. 

Earlier this year, the Shadow Digital minister, Alex Davies-Jones MP, said that the government was giving fraudsters and criminals a free pass. However, the victim protection against fraudulent activity was broken. 

There has been a growing concern that the country's government is not taking fraud seriously - however, being the biggest crime in the UK. During this Christmas holiday season, families are at risk of falling victim to online fraud and cybercrime as they struggle to make ends meet. 

In addition, she stated that the online safety bill has been a significant success thanks to Labour, as it strengthens online fraud protections. But as a result of ministers' willingness to bow down to vested interests rather than stand up for consumers, the entire bill is now at risk. 

Speaking for the Department for Digital, Culture, Media, and Sport, a spokesperson said that the government remains committed to fighting fraud and economic crime. This is regardless of what it takes. 

As part of the DCMS's plans, £400m will be invested over the next three years to help police agencies respond to crimes more effectively. A report published by the company claims that over 2.7 million scams have been removed from the internet in the past year.  

To ensure that the UK is the safest place to be online in the world, the government is committed to passing a world-leading online safety bill. In addition, big tech firms will be required to tackle fraud, including romance scams and fraudulent advertisements. 
Read more »
Palo Alto Networks' Unit 42
BEC Attacks Cyber crimes Dark Web Palo Alto Networks Palo Alto Networks' Unit 42

Cybercrimes are More Interconnected and are Likely to be More Prevalent


According to two senior representatives from the cyber-security company, Palo Alto Networks, cybercrime and online scams are anticipated to be more prevalent than in previous years. 

Among various cyber threats, business e-mail compromise (BEC) and ransomware attacks continue to be on the top of the global watch list. 

As per Ms. Wendi Whitmore, Palo Alto Network’s Unit 42 senior vice-president, BEC scams, targets both corporations and individuals making genuine transfer-of-funds requests. It makes BEC the most common and costly threat to organizations worldwide. 

“We see (criminal) organizations where you’ve got a member in Nigeria that’s closely communicating (on the Dark Web) with someone in Eastern Europe, and maybe communicating closely with someone in Asia […] I think that as the economy continues to have more challenges, we’re going to see even more of that level of interconnectivity,” says Ms. Whitmore. 

On the FBI Internet Crime Complaint Centre report 2021, BEC continues to hold the apex position, for the sixth year. 

Does Dark Web Harbor Cybercrime? 

Mr. Vicky Ray, a principal researcher at Unit 42 who studies data and telemetry used in such global cyberattacks, believes that the Dark Web has become a breeding ground for cybercrime. 

On the Internet or the ‘Surface web,’ which is readily accessed by the general public, one can look for a variety of information or participate in forums. On the other hand, in order to access Dark Web, one needs a certain browser and a known URL. Some Dark Web forums demand that new members have a known party vouch for them. 

According to Palo Alto, the growth of Darknet markets in Asia has given cybercriminals more flexibility, since the platform's anonymity makes it less likely that they will ever be tracked. 

“It’s hard, but at the end of the day, it is our job to connect these dots together to really answer... the hard question of who may be behind it (a cyberattack) or what the motivation is.” Mr. Ray told The Straits Times. 

No matter if the attack is a ransomware attack or a data breach, cyber criminals are in an ecosystem where “everyone supports each other and collaboration is everywhere”, he continues, showing a screengrab of a malware developer apparently receiving feedback on a Dark Web forum. 

“What has changed in the past three years has been the tactics of ransomware as a service […] These gangs who were actually creating and using the ransomware to target victims, or potential victims back in the day, what they have realized is, if they provide that to other criminals, who are called affiliates, they can be more profitable,” he adds. 

Cybercrime on Dark Web

Criminals on the Dark Web co-operate in an operation in a variety of ways, from "consultants" who offer professional guidance to affiliates who buy malware from developers. 

However, there also lies a similar collaboration between law enforcement and business parties, like Palo Alto, which shares its criminal research with Interpol. 

In one such case, for instance, in 2021, the Nigerian Police Force detained 11 members of certain cybercrime gangs, who are assumed to be part of a threat group ‘SilverTerrier’ recognized for their BEC scams, said Interpol on its website. 

During Operation Falcon II, which ran from December 13 to December 22, 2021, investigators analyzed data from the network's BEC scams, which were allegedly linked to 50,000 individuals. One suspect had more than 800,000 potential victim domain credentials on his laptop, while no monetary amount was disclosed. 

In regards to this, Interpol said, “Through Interpol’s Gateway initiative, Palo Alto Networks’ Unit 42 and Group-IB (a cyber-security firm) have contributed to investigations by sharing information on ‘SilverTerrier’ threat actors, and analyzing data to situate the group’s structure within the broader organized crime syndicate. They also provided key technical expertise consultancy to support the Interpol teams.” 

The Gateway Initiatives aid law enforcement agencies and corresponding private companies to communicate information in a secure and quicker manner, in order to mitigate and disrupt cybercrime.

“We really see the significance of these (partnerships)... So you will see a lot of the law enforcement now openly talking to us and collaborating,” adds Mr. Ray  

Read more »
Scottish Government
child abuse Cyber Crime Cyber crimes Online crimes Scot Cop Scottish Government

Child Protection Scot Cop Alarmed Parents Towards Online Crimes

Child Protection Scot Cop released a report in which it urged parents and caretakers to proactively take steps forward to ensure children are safe online. 

The risk of kids falling victim remains “a high threat” — as paedophiles are using social media platforms and chatroom apps to share sickening images. The details of the issue emerged in the Scottish Multi-Agency Strategic Threat Assessment (SMASTA), which was published yesterday. 

In the report, the researchers explained the developing situations because of the growing presence of worldwide links. Additionally, it also talks about the scale of the underworld menace and the growing threat posed by major gangs with worldwide links. “Snapchat is the social media platform used in the majority of crimes,” the report reads. 

The report also highlighted the other areas where people are at risk including fishing and seafood firms, and labor exploitation in farming. As we know the presence of social media has significantly increased in children's and young people's lives, also because of the pandemic children started spending more time online than usual. 

Digital devices such as mobile phones, laptops, tablets, and computers are valuable tools for education and for entertainment purposes. Nevertheless, this increases the higher risk of exploitation and abuse according to Child Protection Scotland making it more important than ever to protect children and youth from internet-savvy online abusers. 

“Everyone has a role to play in child protection, not just core professionals. There were more than 2,700 children on the child protection register in July 2016. Child protection is part of Getting It Right For Every Child (GIRFEC) – our national approach to improving outcomes and supporting the wellbeing of children and young people”, the blog post of the scot government explained

As per the Scots cops, they are currently investigating almost 100 organized crime groups (OCGs) made up of more than 1,800 hoods, including teenagers women, and OAPs. They make cash from drug dealing, illegal immigration, human trafficking, fraud, money laundering, and cybercrimes.
Read more »
Security Operations
CBI Cyber crimes Cyber Fraud Security Operations

Operation Chakra: CBI Searches 105 Locations, Targeting Cyber Crimes

 

The CBI, on Tuesday, has launched ‘Operation Chakra’ in order to debunk “cyber-enabled financial crimes,” carrying out raids at 105 locations across numerous states and Union Territories. The operations have been put to force in coordination with Interpol, the Federal Bureau of Investigation (FBI) along with state police forces. 
 
The action was taken after CBI busted two call centres in Pune and Ahmedabad, that allegedly targeted unsuspecting American citizens. The centres consisted of nearly 150 people, who would make fraudulent calls to prospective targets in the United States, enticing the victims into making transactions on various pretexts. The calls were allegedly made via Voice over Internet Protocol technology to dodge detection. The initial information regarding the scam was briefed by the FBI with the CBI, a few months ago. 
 
The raids were conducted in association with police forces of the six states and Union Territories, namely Andaman and Nicobar (raids at four locations), New Delhi (five locations), Chandigarh (three locations) and two locations each in the states of Punjab, Karnataka, and Assam. 
 
According to the sources, “Of all the locations, CBI alone has conducted searches at around 80 locations spread states. The agency also received inputs from the raids from the Royal Canadian Mounted Police.” 
 
“From one location in Rajasthan, CBI uncovered Rs. 1.5 crores cash and 1.5 Kg gold. The accused person had been running an illegal call centre. Two such call centres were also busted in Ahemdabad and Pune. They were involved in call centre fraud in the US. The FBI has been informed and they are taking follow up action,” stated the CBI official. 
 
CBI has also retrieved digital evidence, including details pertaining to bank transactions and dark web cybercrime activity. In this regard, “a person of interest has also been identified in Punjab in this connection” the official added. 
 
The agency has carried on with the operation, seizing digital proofs including mobile phones, laptops and hard disks, for further investigation.
Read more »
Ukarin
Cyber crimes Cyber Fraud Russia technology fraud Ukarin

Dark Web Selling Alleged Western Weapons Sent to Ukraine

 

According to the recent reports, various weapon marketplaces on the dark websites have been listing military-grade firearms that are coming from Western countries to support the Ukrainian army in its fight against Russian aggression. 

These weapons were illegally put aside from the received supplies and are now made available to terrorists who are looking to buy rocket launchers and other deadly attack systems. 

This data has been released by Israeli cyber-intelligence specialist KELA who found military weapons listed by Ukrainians on various dark web markets. The report further read that one marketplace was tracked as “Thief,” which had a total number of 9 listings from three sellers associated with Ukraine.

Another seller named “Weapons Ukraine,” sells rifles, grenades, and bulletproof vests for amounts ranging from $1,100 to $3,600, and promises delivery in Ukraine. As per the statistics of the website, 32 users have completed purchases from the site however no user has left a review yet. 

Subsequently, another market that is supplying weapons allegedly to Ukraine by NATO countries is the "Black Market Guns," which offers U.S.-made Switchblade 600 Kamikaze Drone for $7,000 and NLAW anti-tank missiles for $15,000. 

However, the coordination of the publication on various platforms increases the chances of this being a part of a large disinformation scam campaign to take advantage of the current political situation of the county for profit. 

While the listings of these weapons seem genuine with the price of weapons also being offered realistically, the chances of them being created by pro-Russian malicious actors for propaganda purposes are high. If that is the case, pro-Russian media houses could use this information as real to serve their purposes. And at this time, the authenticity of these listed weapons from Ukraine on the dark market websites cannot be verified.
Read more »
USA
Cyber crimes Cyber Security Increasing data Threats Russia Ukraine USA

Biden Prolongs National Emergency Amid Increasing Cyber Threats

 

In the backdrop of the Russia-Ukraine conflict, the increasing risk of cybersecurity threats against U.S. national security, economy, and foreign policy has prompted President Joe Biden to extend the state of national emergency which was originally declared by former President Barack Obama in April 2015. 

The national emergency period has been extended after the Cybersecurity and Infrastructure Security Agency has published a warning regarding possible Russian state-sponsored cyberattacks against U.S. organizations following the invasion of Ukraine. 

The war between Russia and Ukraine will be the main topic at Thursday's NATO meeting, in which Biden's administration will rally western allies and announce a new round of financial sanctions against the Russian government, and Biden is expected to announce sanctions on hundreds of Russians serving in the country's lower legislative body, it is being observed that further sanctions will increase cybersecurity threats against U.S government. 

Last month, U.S. organizations have been altered by the CISA and the FBI regarding the potential spillover of data wiping attacks against Ukraine. 

"Significant malicious cyber-enabled activities originating from or directed by persons located, in whole or in substantial part, outside the United States continue to pose an unusual and extraordinary threat to the national security, foreign policy, and economy of the United States. Therefore, I have determined that it is necessary to continue the national emergency declared in Executive Order 13694 with respect to significant malicious cyber-enabled activities," said Biden. 

On Tuesday, Biden's national security adviser Jake Sullivan said that the administration believes that right now "they have effective posture today for what's necessary today," but further he said that Biden and NATO allies will discuss "longer-term adjustments to NATO force posture on the eastern flank."
Read more »
Subscribe to: Posts (Atom)