Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label IT Experts. Show all posts
IT Experts
Cyber Security Cyber Wave Cyberattacks CyberCrime CyberThreat Designer Brands IT Experts

Cyber Crime Wave: Chinese Scammers Target Europe with Fake Designer Brands

 


In the last couple of weeks, there has been an increase in the number of people who have been duped into sharing their card details and other personal information with a network of fake online designer shops that are operated from China, which appear to have duped over 800,000 people in Europe and the United States. This report by the Guardian, Die Zeit, and Le Monde gives an inside look at one of the biggest scams of its kind, one that has created 76,000 fake websites in the UK, considered one of the largest scams. 

Several reporters and IT experts have examined a trove of data indicating an extremely organized, technically proficient operation — and ongoing one. A large number of fake web shops have been created on an industrial scale by programmers who offer discounted goods from brands like Dior, Nike, Lacoste, Hugo Boss, Versace, Prada, and many others on an industrial scale. 

It is believed that over 75,000 websites with logos of various high-end brands, such as Nike, UNIQLO, Paul Smith, and Cartier, are carrying out the ruse, which has been called one of the biggest scams ever to take place. The website claims to sell discounted items, but it is just a ruse. These English versions of the sites are accompanied by duplicates in several other European languages such as French, German, Spanish and Italian, intended to scam unsuspecting consumers from around the globe. 

Even though about two-thirds of these sites were deactivated in the last few weeks, investigators believe that at least 22,500 still exist, and they are still trying to fool bargain-hunting consumers. According to SR Labs, a German cybersecurity consultancy that uncovered the scam, a group of programmers had developed a system that enabled them to create and deploy new websites rapidly, which dramatically increased their reach. 

Reporters and IT experts have examined a vast amount of data to discover that the operation has a lot of organisation, a lot of technical know-how, and has been operating for some time now. As a result, programmers are operating on an industrial scale to create thousands of fake online shops selling Dior, Nike, Lacoste, Hugo Boss, Versace, Prada and other luxury brands at discounts. 

This website appears to have been developed to lure shoppers into parting with money and sensitive personal information by publishing it in multiple languages, from German to French to Spanish to Swedish to Italian, in addition to English. In most cases, however, consumers who spoke about their experiences said that they did not receive any items from the sites, as they had no affiliation to the brands they were claiming to sell. 

It is important to note that in many cases these scammers are not looking to get money from customers. They often inform them upon checkout that their bank, or the website, had rejected their payment request. Even though the funds remained in their accounts, their details - including their full names, addresses, credit card numbers and three-digit security codes - were all in the hands of the scammers, even though their details remained in their accounts. 

A global cybersecurity adviser at the software company ESET, Jake Moore, said in The Guardian that data is the new currency in cybersecurity. It’s important to realize that, as a matter of course, it is safe to assume that the Chinese government might be able to access the data, he stated. At the moment, about 800,000 people have shared email addresses, almost all of them in Europe and the United States. Of these, 476,000 people have also shared debit card and credit card information, including their three-digit security number, which represents their three-digit security code. 

The network collected information concerning all of them, including their names, phone numbers, email addresses, and postal addresses. It was branded as "one of the largest online fake shop scams that I have seen in the past few years" by Katherine Hart, the lead officer at the Chartered Trading Standards Institute. According to her, many of these individuals belong to serious and organised crime groups, or they are affiliated with them, and so they may harvest data that they will be able to use against people later, which makes consumers more vulnerable to phishing attacks." 

The quote by Jake Moore, a global cybersecurity adviser at the company ESET, which makes security software, was described as "data is the new currency." Several foreign intelligence agencies have expressed concern about such data troves which can be used to spy on their subjects by foreign intelligence agencies. Taking a broader perspective, one must assume that the Chinese government may have access to the data, which brings us to the larger picture of the issue," he concluded. 

A German cybersecurity consultancy called Security Research Labs (SR Labs) disclosed the existence of the fake shop's network to Die Zeit, which obtained several gigabytes of data from several sources and shared that data with them. This statement was made by Matthias Marx, SR Labs contractor. He explained that he believes a small team of programmers has been able to develop a system that can automate a portion of the process for creating and deploying new versions of scam sites, which will help the company grow rapidly. 

It then adopts a franchise model rather than the franchise model itself in which a broader team is brought in to oversee and manage these sites. A growing number of people are becoming victims of online scams. In the United Kingdom, the occurrence of purchase fraud, wherein individuals pay for goods that never materialize, surged by 43% during the initial half of 2023 compared to the corresponding period in 2022, reaching a total of 77,000 reported cases. 

Concurrently, in the United States, consumers incurred losses totalling nearly $8.8 billion due to fraud in 2022, marking a notable increase of over 30% from the preceding year. Remarkably, online shopping fraud emerged as the second most frequently reported scam. Matt Hepburn, the designated spokesperson on fraud matters for TSB, underscored that purchase fraud stands as a primary catalyst for online financial crime in the UK.

He advocated for heightened vigilance on the part of technology companies, emphasizing the imperative for them to bolster safeguards that shield consumers. Specifically, he urged search engines and tech platforms to proactively curtail user exposure to fraudulent sites and expeditiously remove reported scam content. Echoing similar sentiments, Hester Abrams, serving as the international engagement manager at Stop Scams UK, stressed the necessity for concerted efforts by both businesses and governmental entities to elevate scam prevention to the forefront of their agendas. Abrams emphasized the potential efficacy of a more cohesive international approach to combating criminal exploitation of digital systems, highlighting the substantial impact that such collective action could yield against scammers.
Read more »
Small Businesses
Business hacking Cyber Attacks Cyber Protection Cyber Threats Cybersecurity Breach IT Experts Small Businesses

How can Small Businesses Protect Themselves From Cyber Threats?


In today’s world where businesses of kinds and shapes are developing into a digitalized body, it has also increased chances of cybercrime in their cyber spaces significantly. Newbie business personnel who are looking forward to set a business in bakeries, renovations, and other fascinating passions now struggle, seeing the complexities in cybersecurity. Due to the fact that cybercriminals are continuously keeping an eye on vulnerabilities, it is crucial for organizations to take proactive measures to safeguard their digital assets and keep their operations running smoothly.

Modern Reality of Cyber Threats 

While pondering over cyberattacks is definitely not the first thing that comes over an entrepreneur’s mind, in today’s world where digital footprints is a known issue in any operation, cyber security needs to be taken into consideration. Data breaches and ransomware assaults are only two examples of the destructive actions that go under the umbrella of "cyber risk," which are frequently carried out by rogue agents, organized crime groups, or even nation-states. The virtual nature of cyberattacks does not lend itself to the straightforward answer of shifting to a "safer neighborhood," unlike conventional physical protection. Attackers benefit from ongoing access and endless opportunities as a result of firms being online all the time.

Adding to this, incorporation of AI technologies into a business has given threat actors a chance to improvise and add more complexities to their attacks. Ransomware-as-a-Service (RaaS) has further aided in expending the gig economy in the cybercrime-space, allowing small-time offenders to use automation and scale up their destructive activities. As a result, the fusion of technology with malicious intent has made the business of cyberattacks a booming one worldwide.

Critical Strategies for Cyber Protection 

There are many measures that could be followed to protect oneself from getting their systems struck by any cybercrime entity. We are listing some them below:

Keep Software Up-to-Date: Software maintenance is an essential practice. Cybercriminals may be able to exploit weaknesses in software that is even decades old. By installing software updates from reputable manufacturers like Microsoft, the danger of cyberattacks can be greatly reduced.

Implement Essential Controls: Leaders from small-size businesses are advised to emphasize on foundation measures in order to protect against known threats, like phishing attacks, malware or hacking. Some of the best safety measures include multifactor authentication, email and web filtering, data security and backups, privileged access management, and endpoint detection and response.

Collaborate with Insurers and IT Experts: Despite effective cybersecurity precautions, hacks can still happen, thus planning and cooperation are crucial. Working together with IT professionals and cyber insurers can result in specialized incident plans and quick recovery plans in the event of a successful attack. Cyber insurance offers access to specialized teams, coaching for crisis response, and financial support.  

Read more »
User Data Goldmine
API ChatGPT Cyberattacks Google IT Experts Technology Twitter User Data Goldmine

User Data Goldmine: Google's Ambitious Mission to Scrape Everything for AI Advancement

 


It was announced over the weekend that Google had made a change to its privacy policies. This change explicitly states that the company reserves the right to scrape everything you post online to build its artificial intelligence tools. Considering how far Google can read what you have to say, you can assume that you can expect your words to end up nestled somewhere within the bowels of a chatbot now that Google can read them. 

Google and Facebook privacy policies were quietly updated over the weekend and, likely, you didn't notice. There has been a slight change in the policy wording, but the change is significant, particularly because it is a revision.

In a recent report by Gizmodo, Google revised its privacy policy. Even though most of the policy is not particularly noteworthy, there is one section that stands out - one related to research and development - that could make a significant difference. 

The Gizmodo team has learned that Google's new privacy statement has been revised. While most of the policy is relatively unremarkable, one section in particular, the one dealing with research and development, stands out, particularly from the rest.  

For those who love history, Google has compiled a history of changes to its terms of service over the years that can be found here. According to the new language, the tech giant has written new ways in which your online musings might be used in the company's AI tools, which would not contradict the existing language in its policies. 

Google said in the past that the data would be used "for language models," rather than making "AI models," and places like Bard, Cloud AI, and Google Translate are now being mentioned, as well as the older policy that only mentioned Google Translate. 

Generally, a privacy policy does not include a clause such as this one. This type of policy describes how companies use your information when you post it on a company's service such as their website or their social media. It appears that Google has a right to harvest and harness any data posted to any part of the public web. This is as if the entire internet is the firm's playground for artificial intelligence experiments. Several requests for comment were sent to Google, but the company did not respond immediately. 

The practice raises interesting questions regarding the privacy of patients and raises new privacy concerns. Public posts are understood by the majority of people as being public. It is important to remember that what it means to write something online has changed over the years. 

The question is no longer whether a person has access to the information, but how can they use it based on that information. Your long-forgotten blog posts or even restaurant reviews from 15 years ago are very likely to have been ingested by Bard and ChatGPT. In the course of reading this, the chatbots may regurgitate some funny, humonculoid version of the words you have just spoken. This is in ways that are difficult to predict and comprehend. 

It seems odd for a company to add such a clause to its contract, as pointed out by this outlet. There is something peculiar about this because the way it has been worded gives the impression that the tech giant does reserve the right to harvest and use any data available on any part of the public internet at any time. There are times when a company's data usage policy only addresses how that company plans to make use of the personal information it has collected. 

The vast majority of people probably realize that whatever information they post online will be visible to the world at large, but this development opens up a whole new world of opportunities. The issue of privacy does not just extend to those who see your online posts, but to everything that is done with those posts as well. 

There used to be a reference here to "AI models" rather than "language models" before the update, and that statement has been changed. Furthermore, it mentioned the addition of Bard and Cloud AI to Google Translate, a service that has been included with Bard since then. 

In the outlet's opinion, this is an unusual clause that a business would enshrine in its policies. The writing of this statement seems odd since the way it's written implies that Apple owns the right to collect and use data from any section of the Internet that is open to the public. The purpose of a policy such as this is normally to tell the customer how its services will use the data it posts.

It is well known that anything you post online will be seen by almost everyone, but with the new developments that have come about, there is an unexpected twist: the possibility of using it. The thing you need to keep in mind is not just who can read what you write online, but also how that information will be used by the people who can read it. 

It is also possible to use real-time data-looking technology such as Bard, ChatGPT, Bing Chat, and other AI models that scrape data from the internet in real-time. Often, sources of information can be found in other people's intellectual property and come from their sources. AI tools currently being used for such activities are accused of theft, and more lawsuits are likely. 

The question of where data-hungry chatbots acquire their information in the post-ChatGPT world is one of the lesser-known complications of the post-ChatGPT world. Google and OpenAI scrape the Internet to fuel their robot habits. 

There is no clear legal guidance on whether it is legal. There is no doubt that the courts will have to deal with copyright questions that seemed like science fiction a few years ago when they first came up. At the same time, there have been some surprising effects on consumers that have been caused by the phenomenon so far.    

There is some aggrievement among Twitter and Reddit overlords related to the AI issue. Both have made controversial changes to lock down their platforms going forward. There has been a change in both companies' API which prevented third parties from downloading large quantities of posts for free. This was something they allowed anyone to download. There is no doubt that this statement is intended to protect social media sites from being harvested by other companies looking to steal their intellectual property. However, the consequences of this decision are far more significant. 

Third-party tools that people used to access Twitter and Reddit have been broken by the API changes that Twitter and Reddit implemented. At one point, Twitter even appeared to be considering requiring public entities such as weather forecasts, transit lines, and emergency services to pay a monthly fee to use their Twitter services, but Twitter backed down after receiving a hailstorm of criticism for this plan. 

Elon Musk has historically made web scraping his favorite boogieman in recent years. Musk explained a number of the recent Twitter disasters as a result of the company's need to guard against the theft of data from the site by others, even when the issues do not seem to be related. There was a problem with Twitter over the weekend when the number of tweets a user was permitted to view per day was limited, making the service almost unusable for many users. 

Musk believed rate-limiting was a necessary response to "data scraping" and "system manipulation." However, most IT experts agree that it was more likely a crisis response resulting from mismanagement or incompetence rather than an attempt to solve a problem. Despite Gizmodo's repeated requests for information on the matter, Twitter did not respond.
Read more »
Subscribe to: Posts (Atom)