Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label SMS. Show all posts
SMS
CyberCrime Cyberhackers Cybersecurity CyberThreat Digital Evidence Judicial Response Privacy SMS

Forensic Analysis in the eXp Realty Case: Privacy and Evidence Integrity

 


In a recent video hearing for the case Acevedo v. eXp, related to a sexual assault claim, a judge deliberated on whether to grant a protective order that would prevent a forensic examination of eXp founder and chairman Glenn Sanford's cell phone during the discovery process.

The plaintiff argued that Sanford’s right to privacy does not override their request for electronically stored information (ESI) to review metadata. Courtrooms increasingly rely on text message screenshots as evidence, but the authenticity of these screenshots is frequently called into question. In a prior case, Sanford provided screenshots of text messages, but these alone failed to meet evidentiary standards for authenticity.

The Role of Forensic Analysis

Sanford submitted screenshots of text message conversations in court, which the plaintiffs argued were insufficient for evidentiary purposes. According to RisMedia, the self-collection method allegedly used by Sanford was inadequate. The US District Court for the Southern District of New York, under Judge Judith Rosenberg, issued a protective order requiring Sanford to collaborate with a digital evidence expert. This ensures that the extraction and verification of text messages from the physical device adhere to strict privacy safeguards.

Forensic analysis plays a pivotal role in ensuring the authenticity of digital evidence. The process retrieves all available data without bias, including potentially deleted content, to present a complete and credible picture of the evidence while respecting privacy concerns.

Advanced Technology in Digital Forensics

Forensic investigations rely on cutting-edge tools like Cellebrite and Magnet Forensics GrayKey to extract comprehensive data from mobile devices. This process, known as forensic acquisition, systematically retrieves all available data fields without prefiltering, ensuring that no evidence is overlooked.

The complexity of mobile data storage presents challenges, making exhaustive and unbiased data collection essential to meet evidentiary standards. Forensic analysis goes beyond recovering visible messages by retrieving associated metadata, deleted communications, and other artifacts to provide a complete picture of the evidence.

Privacy vs. Evidentiary Needs

While forensic investigations are invaluable for uncovering the truth, their intrusive nature raises significant privacy concerns. Judge Rosenberg's protective order aims to strike a balance between maintaining the integrity of the forensic process and safeguarding individual privacy. The order emphasizes responsible handling of sensitive data while ensuring that the evidence presented in court is credible.

Challenges with Traditional Evidence

Traditional SMS and MMS messages are logged by mobile carriers, generating call detail records (CDRs) that include timestamps, phone numbers, and network information. However, these records do not contain the content of the messages, which is typically deleted shortly after transmission. Internet-based messaging platforms like iMessage, WhatsApp, and Telegram bypass traditional cellular networks, leaving carriers unable to log these communications.

Forensic analysis of physical devices remains the most reliable way to retrieve complete messaging data, including metadata and deleted content, from these platforms. Such detailed analysis ensures that digital evidence can withstand rigorous scrutiny in court.

The Growing Importance of Digital Forensics

The eXp Realty case highlights the increasing reliance on advanced digital forensic methods to address the limitations of traditional evidence like screenshots. Comprehensive forensic investigations provide verifiable records, capturing nuanced details that enhance the reliability of evidence.

Courts are increasingly adopting protective orders to balance privacy with evidentiary needs, emphasizing the importance of accurate and trustworthy evidence. This case illustrates how digital forensic methods are evolving to meet the demands of modern legal disputes in an era dominated by technology.

Read more »
TRAI
Airtel Cyber Security Jio Mobile Network Network Security OTP SMS Telecommunication TRAI

India’s New SMS Traceability Rules to Combat Fraud Begin November 1, 2024

 

Beginning November 1, 2024, Indian telecom providers Airtel, Jio, and Vi will follow a new set of SMS traceability and monitoring guidelines mandated by the Telecom Regulatory Authority of India (TRAI). Aimed at combating cybercrime, these measures seek to enhance security by allowing users to block suspicious calls and messages effectively. By tracing SMS sources more accurately, telecom operators can swiftly identify and block fraudulent messages, improving the fight against scams and phishing attempts. 

Additionally, organizations sending promotional SMS, such as banks and e-commerce companies, must adhere to TRAI’s telemarketing standards, or risk their messages being blocked. This initiative aims to create a safer SMS ecosystem, giving users a clearer means to distinguish legitimate messages from scams. Yet, the vast volume of commercial messages sent in India—between 1.5 and 1.7 billion daily—makes it challenging to implement such a system seamlessly. With high-volume traffic, the infrastructure for monitoring requires robust capabilities to ensure message traceability without slowing down service for time-sensitive messages, especially for critical banking and transaction-related OTPs. Another layer of concern involves potential delays in urgent messages. 

These requirements could slow the delivery of essential communications, such as OTPs used in online banking. Telecoms are working to prevent this issue, as delays in these transactional messages could interrupt online financial processes. Balancing security and timely delivery is essential for TRAI and telecom providers, particularly for consumers who rely on timely OTPs and other immediate notifications. The Cellular Operators Association of India (COAI), which represents key telecom companies like Airtel, Jio, and Vodafone-Idea, has requested a two-month delay to facilitate a smoother transition. This extension would allow telecom operators additional time to set up necessary infrastructure and conduct thorough testing to avoid unintentional service disruptions. 

While TRAI maintains its commitment to the November deadline, telecom companies argue that extra preparation time could ensure reliable service delivery and a smoother rollout. Telecom providers have committed to ensuring user security remains intact while providing efficient service. TRAI’s objective is to foster a more secure digital communication environment where consumers feel protected against fraud and unauthorized data use. However, the effectiveness of these changes depends heavily on the ability of telecom companies to meet these new standards without compromising service quality. 

TRAI’s new SMS traceability requirements represent a meaningful step forward in enhancing consumer protection against digital scams. Despite logistical challenges, this initiative could make India’s messaging landscape safer, allowing consumers greater peace of mind. The success of this system depends on how effectively telecom providers can balance secure traceability with minimal disruption to essential services, paving the way for a digital space that prioritizes both security and efficiency.
Read more »
TRAI
Airtel Cyber Attacks CyberCrime Cyberfraud Cyberhackers Cyberspam CyberThreat DoT Malicious calls SMS Telecom TRAI

India Launches New Initiatives to Combat Spam and Cyber Fraud

 


There is a renewed effort underway in the fight against spam and unsolicited commercial communication as the Department of Telecom (DoT), the telecom regulator Trai, and private telecommunication companies are launching new programs to combat cyber fraud and phishing attacks that are on the rise. 

Several regulatory agencies have been working hard to crack down on spammers and block the numbers of individuals who are engaging in fraudulent activities as detected by Trai and the DoT. It has been reported that the Trai and DoT have been targeting spammers and blocking numbers that seem suspicious. 

Additionally, they have met with representatives from telecom companies to establish new rules regarding vigilance and curbing unwanted activities to control them more effectively. The company has developed an AI-driven tool that helps identify spam and sends an alert to customers if it detects it. A blockchain-based spam control system has been rolled out by Vodafone Idea as part of its SMS spam control program. 

As part of Bharti Airtel's campaign to handle the issue of spam for customers, the company launched India's first network-based, AI-powered spam detection solution on Wednesday. It has been a long time since they met with top representatives from telecom companies and asked them to be vigilant against these criminal activities as well as stipulating new rules to counter them in the future. 

A report issued by the Telecom Regulatory Authority of India and the Department of Telecommunications has indicated that over a crore fraudulent mobile connections have been disconnected, as well as 2.27 lakh handsets that are subject to financial fraud and cybercrime. According to Trai, mobile operators have been encouraged to disconnect telecom resources that are used for bulk spam calls and they have stated that such entities could be blacklisted for up to two years if they are not disconnected. 

Furthermore, telecom companies will be required to check all SMS transmissions containing non-whitelisted URLs, to reduce the misuse of SMS headers and templates and, as a result, ensuring that standard SMS protocols are followed. Trai has mandated as of November 1, all telecommunications operators shall ensure the traceability of messages from the point of origin to the point of destination. 

 According to Airtel CEO Gopal Vittal, spam has become a menace for its customers. It is believed that the entire industry needs to work together to resolve this problem comprehensively... (and) to shield our customers from the continuous onslaught of intrusive and unwanted communications. The Vodafone Idea announced that it will launch soon a URL whitelisting platform, stating, "Vi is participating actively on the topic along with the TRAI, COAI, and other relevant groups.". 

Airtel's data scientists are using a proprietary algorithm to identify and classify calls and SMSs as 'suspected SPAM' through the AI-powered solution developed in-house by Airtel's data scientists. A network powered by artificial intelligence analyzes, in real-time, several parameters including the usage patterns of the caller or sender, the frequency of calls and SMS, and the duration of the calls, among other factors. 

As a result of comparing the information you provide with this information with known spam patterns, the system can flag suspicious calls and SMSs. Further, Airtel has developed a system that notifies customers when malicious links are sent via SMS. To achieve this, Airtel has built a centralized database of blacklisted URLs, and every SMS is scanned in real-time by an AI algorithm to alert users in order not to click on those links accidentally.
Read more »
Yemeni
Cyberattacks Cyberhackers CyberThreat Cyebrcrime Military Phones Privacy. SMS Yemeni

Yemeni Hackers Unmasked Spying on Middle Eastern Military Phones

 


According to researchers at MIT, a Yemeni hacking group has been eavesdropping on the phone calls of military personnel in the Middle East, the latest example of mobile surveillance becoming prevalent in conflicts around the world as a result of the proliferation of mobile technologies. According to new research, American Shia Islamist allies of an organization that operates in Yemen have been using surveillance technology to target militaries in a range of countries throughout the Middle East since 2019. It has been discovered that a threat actor aligned with the Houthis has used malware known as GuardZoo to steal photos, documents, and other files from devices infected with the malware, researchers at Lookout reported in a report posted Tuesday. 

A majority of the roughly 450 victims, according to unprotected controller logs, were found in Yemen, Saudi Arabia, Egypt, and Oman. In contrast, a smaller number were found in the United Arab Emirates, Turkey, and Qatar, based on unsecured server logs. There was a civil war between Houthis and Arab soldiers in the city of Sanaa in 2014 when they took control. This led to a famine in the city. According to human rights groups, there have been a series of arbitrary arrests, torture, and enforced disappearances in Yemen since June 2019, following a controversial Saudi-led intervention there. 

According to Lookout, the campaign is believed to have started as early as October and has been attributed to a threat actor aligned with the Houthi militia, based on information such as the application lures, control-and-control server logs, targets, and the location of the attack infrastructure, and Lookout confirmed this. Lookout says its surveillance tool draws its name from a piece of source code that persists on an infected device for a long period. 

According to the report, the malware not only steals photos and documents from an infected device, but it can also "coordinate data files related to marked locations, routes, and tracks" and can identify the location, model number, cellular service provider, and configuration of a Wi-Fi enabled device. Developed by Symantec, the GuardZoo Java application is a modified version of a remote access trojan (RAT) called Dendroid RAT which was originally discovered in March 2014 by Broadcom-owned Symantec. Earlier in August, it had been revealed that there had been a leak of the entire source code for the crimeware solution. 

This piece of malware was first sold for a one-off price of $300, but the capabilities it offers go far beyond what is expected from commodity malware. It is equipped with phone numbers and call logs that can be deleted, web pages that can be accessed, audio and call recordings, SMS messages that can be accessed, and even HTTP flood attacks. The researchers from Lookout said in a report shared with us that the code base underwent many changes, new functionalities were added and unused functions were removed. They added that many changes had been made for the betterment of the code base. As Guardzoo says in a statement, the command and control (C2) backend is no longer based on Dendroid RAT's leaked PHP web panel but rather uses an ASP.NET-based backend created specially for C2. 

After embarking on a military campaign against the then government in 2014, the Houthi movement became internationally known when it caused that government's fall, and set off the post-war humanitarian crisis that followed. Iran backs this group, and they have been fighting against a Saudi-backed military force for years. The militant group recently carried out a series of crippling attacks against international ships transiting the Strait of Hormuz in retaliation for Israel's military operation in Gaza, which has put a strain on international shipping.   

There has been an increase in the use of cyber capabilities by the Houthis in recent years. Researchers from Recorded Future have observed hackers with likely ties to the Houthis carrying out digital espionage campaigns that were carried out using WhatsApp as a method of sending malicious lures to targeted individuals last year.   On Tuesday, Lookout's report revealed that an ongoing campaign not only relied on direct browser downloads but also utilized WhatsApp to infect its targets. Lookout’s senior security researcher, Alemdar Islamoglu, noted that the group behind this campaign, which had not been previously observed by their researchers, showed a particular interest in maps that could disclose the locations of military assets. 

The campaign predominantly employed military themes to attract victims. However, Lookout researchers also identified the use of religious themes and other motifs, including examples such as a religious-themed prayer app or various military-themed applications. Additionally, Recorded Future released a report on Tuesday concerning a group likely affiliated with pro-Houthi activities, which they have named OilAlpha. This group continues to target humanitarian organizations operating in Yemen, including CARE International and the Norwegian Refugee Council. The report noted that military emblems from various Middle Eastern countries, such as the Yemen Armed Forces and the Command and Staff College of the Saudi Armed Forces, were used as lures in military-themed applications. 

Recorded Future’s Insikt Group documented that OilAlpha is targeting humanitarian and human rights organizations in Yemen with malicious Android applications. The group's objective appears to be the theft of credentials and the collection of intelligence, potentially to influence the distribution of aid. The Insikt Group first detected this exploit in May, with CARE International and the Norwegian Refugee Council among the affected organizations.
Read more »
SMS
Cyber Frauds Cyber Security Cyberatttacks CyberCrime CyberThreat DoT Government Crackdown SMS

Fraudulent SMS Entities Blacklisted in Government Crackdown



An official release states that the government has blacklisted 'principal entities' behind SMS headers that have been sent over 10,000 fraudulent messages over the past three months as part of a crackdown on SMS scammers. As part of the Sanchar Saathi initiative, the Department of Telecom (DoT) and the Ministry of Home Affairs (MHA) have taken decisive steps to prevent potential SMS fraud, which was launched by the Department of Telecom (DoT). 

According to the Indian Cyber Crime Coordination Centre (I4C), eight SMS headers are being misused to send fraudulent messages for committing cybercrime. In the past three months, the Department of Transport has taken down more than 10,000 fraudulent messages sent using eight headers. These messages belong to eight different Principal Entities (PEs). 

There is a list of the 8 principal entities listed below, along with the 73 SMS headers they own and the 1522 SMS content templates associated with them. There is no longer any possibility of sending SMS via any telecom operator thanks to DoT's steps, which have prohibited the use of any of these Principal Entities, SMS Headers, or templates. 

According to the Indian Cyber Crime Coordination Center, which is under the Ministry of Human Resources, eight SMS headers were misused to send fraudulent communications to commit cybercrime. The term 'principal entity' is commonly used in telecom parlance to refer to business or legal entities that send out commercial messages via SMS to subscribers of mobile operators. Headers can be considered to be alphanumeric strings assigned to a 'principal entity' to send commercial communications. 

In addition, DoT has reiterated its commitment to safeguarding citizens against cybercrime by blacklisting these entities to prevent further victimization of citizens. According to the release, “Citizens can report suspected fraud communications at Chakshu facility on Sanchar Saathi to help DoT in preventing cybercrime and financial frauds from being perpetrated by telecom companies.” TRAI has mandated that only registered principal entities can send promotional and marketing messages to mobile consumers as per its mandate. 

Following the mandate, all commercial messaging (one-time passwords, promotional messages, account balance updates etc) was required to be moved onto the blockchain-based platform by telecom operators. In the country, the government does not permit telemarketing activities, so mobile numbers cannot be used. Upon the first complaint, consumers may be disqualified from their telephone connection if they use the connection to send promotional messages

Additionally, they may also be blacklisted for two years with their name and address being blacklisted. You can identify telemarketing calls by their prefixes: 180, 140, and 10-digit numbers cannot be used for telemarketing. You can report spam by dialing 1909, or by using the Do Not Disturb (DND) service.  

Read more »
VoIP
Cisco Data Breach Employee Data Information Security Multi-Factor Authentication (MFA) SMS Supply chain vulnerability third party VoIP

Cisco Duo raises awareness over a breach in third-party data security, revealing the exposure of SMS MFA logs.

 

In the ever-evolving landscape of cybersecurity, safeguarding sensitive information and ensuring secure access to corporate networks are paramount concerns for organizations worldwide. Recently, Cisco Duo, a leading provider of multi-factor authentication (MFA) and Single Sign-On services, found itself grappling with a significant breach that shed light on the evolving threats confronting modern enterprises. 

On April 1, 2024, Cisco Duo's security team sent out a warning to its extensive customer base regarding a cyberattack targeting their telephony provider, which handles the transmission of SMS and VoIP MFA messages. According to reports, threat actors leveraged employee credentials acquired through a sophisticated phishing attack to infiltrate the provider's systems. 

Following the breach, the attackers successfully obtained and extracted SMS and VoIP MFA message logs linked to specific Duo accounts, covering the timeframe from March 1, 2024, to March 31, 2024. The ramifications of this breach are deeply concerning. While the provider assured that the threat actors did not access the contents of the messages or utilize their access to send messages to customers, the stolen message logs contain data that could be exploited in targeted phishing campaigns. 

This poses a significant risk to affected organizations, potentially resulting in unauthorized access to sensitive information, including corporate credentials. In response to the breach, Cisco Duo swiftly mobilized, collaborating closely with the telephony provider to conduct a thorough investigation and implement additional security measures. The compromised credentials were promptly invalidated, and robust measures were instituted to fortify defenses and mitigate the risk of recurrence. 

Additionally, the provider furnished Cisco Duo with comprehensive access to all exposed message logs, enabling a meticulous analysis of the breach's scope and impact. Despite these proactive measures, Cisco Duo has urged affected customers to exercise heightened vigilance against potential SMS phishing or social engineering attacks leveraging the stolen information. Organizations are advised to promptly notify users whose phone numbers were contained in the compromised logs, educating them about the risks associated with social engineering tactics. 

Furthermore, Cisco has emphasized the importance of promptly reporting any suspicious activity and implementing proactive measures to mitigate potential threats. This incident serves as a stark reminder of the persistent and evolving threat landscape faced by organizations in today's digital age. As reliance on MFA and other security solutions intensifies, proactive monitoring, regular security assessments, and ongoing user education are indispensable components of an effective cybersecurity posture. 

Moreover, the Cisco Duo breach underscores the broader issue of supply chain vulnerabilities in cybersecurity. While organizations diligently fortify their internal defenses, they remain susceptible to breaches through third-party service providers. Hence, it is imperative for businesses to meticulously evaluate the security practices of their vendors and establish robust protocols for managing third-party risks. 

As the cybersecurity landscape continues to evolve, organizations must remain agile, adaptive, and proactive in their approach to cybersecurity. By prioritizing robust security measures, fostering a culture of cyber resilience, and fostering close collaboration with trusted partners, organizations can effectively mitigate risks and safeguard their digital assets in the face of evolving threats.
Read more »
virus
Advanced Encryption Standard Android Phone CERT-In Cyber Attacks CyberCrime Cybersecurity Daam Government Hacked SMS URL virus

Android Phone Hacked by 'Daam' Virus, Government Warns

 


It has been announced by the central government that 'Daam' malware is infecting Android devices, and the government has issued an advisory regarding the same. CERT-IN, the national cyber security agency of the Indian government, released an advisory informing the public about the possibility of hackers hacking your calls, contacts, history, and camera due to this virus.

The virus' ability to bypass anti-virus programs and deploy ransomware on targeted devices makes it very dangerous, according to the Indian Computer Emergency Response Team or CERT-In, which provided the information. 

As quoted by the PTI news agency, the Android botnet is distributed primarily through third-party websites or apps downloaded from untrusted or unknown sources, according to the Federal Bureau of Investigation. 

The malware is coded to operate on the victim's device using an encryption algorithm known as AES (advanced encryption standard). The advisory reports that the other files are then removed from local storage, leaving only the files that have the extension of ".enc" and a readme file, "readme_now.txt", that contain the ransom note. 

To prevent attacks by such viruses and malware, the central agency has suggested several do's and don'ts. 

The CERT-IN recommends that you avoid browsing "untrusted websites" or clicking "untrusted links" when they do not seem trustworthy. It is advisable to exercise caution when clicking on links contained within unsolicited emails and SMS messages, the organization stated. Specifically, the report recommends updating your anti-virus and anti-spyware software regularly and keeping it up to date.

Once the malware has been installed, it tries to bypass the device's security system. In the case it succeeds in stealing sensitive data, as well as permissions to read history and bookmarks, kill background processing, and read call logs, it will attempt to steal sensitive information of the user. 

"Daam" is also capable of hacking phone calls, contacts, images, and videos on the camera, changing passwords on the device, taking screenshots, stealing text messages, downloading and uploading files, etc. 

In the Sender Information field of a genuine SMS message received from a bank, the Sender ID (abbreviation of the bank) is typically mentioned instead of the phone number, according to the report. 

A cautionary note was provided to users warning them to be aware of shortcut URLs (Uniform Resource Locators) such as the websites 'bitly' and 'tinyurl', which are both URLs pointing to web addresses such as "http://bit.ly/" "nbit.ly" and "tinyurl.com" "/". 

To see the full domain of the website the user is visiting, it is recommended that they hover over the shortened URL displayed. As suggested in the consultation, they may also be able to use a URL checker that allows them to enter both a shortened URL and the complete URL when completing the check. 

This is being viewed as a serious warning by the government to Android phone users throughout the world to remain vigilant and to take all necessary precautions to protect their mobile devices.

The Central Government strives to educate citizens about "Daam" malware, as well as its potential impacts, so citizens can take proactive measures to protect their Android devices and stay safe from cyber threats in the ever-evolving environment we live in today.
Read more »
SMS
Cyber Attacks Cyber Fraudsters Cybersecurity HDFC Banks PAN Phishing Scams PIB SMS

Stay Alert Against Messages Like 'Account Suspended, Update PAN'



Banking fraud has increased in recent years. There has been an increase in digital phishing attacks claimed by HDFC Bank customers as the social media outcry has mounted in recent days. Several HDFC Bank customers reported to the authorities that many of the incidents involved phishing SMSes that they received in February. 

There are indications that they have adopted a revised method of operation to step up their efforts to protect others which may have been the case. To strengthen cybersecurity measures, phishing links masquerade as verification processes as part of their phishing campaign. 

There has been a significant number of customers who have been receiving false text messages in the last few days, which claim that they have been blocked or suspended because they have not updated their Permanent Account Numbers (PAN) because their PAN has not been updated. The message you are receiving is a fake one, so keep an eye out and be aware of it. 

The Public Information Bureau (PIB) has recently issued a warning to the customers of the State Bank of India (SBI) regarding fake messages purporting to be from SBI officials that claim the recipient's YONO account has been disabled as a result of a power cut. 

One of the most common ways scammers use to trick people is through phishing SMS messages, which is one of the methods they use to steal their money in different ways. Cyber fraudsters use phishing bank SMS as a means of scaring people away by telling them their bank account has been suspended by cyber thieves. 

A link is attached to the SMS and it asks the users to click on it to update their KYC or PAN details. The problem arises, however, when someone is tricked into believing that the SMS is legitimate and clicks on the link, and their phone is hacked and money is lost. 

Often more common than you might think is phishing SMS fraud. Most banks have issued an advisory informing customers not to be fooled by them. Earlier this month, HDFC alerted its customers that these types of frauds have been taking place. 

There was a viral HDFC bank SMS sent to some of its users that they received on their mobile phones. Some of their users tagged the bank with the message. There has been an attempt by fraudsters to create a fake HDFC Bank website, giving the false appearance that there is a verification process when it is not. HDFC customers have now received a link with the details of the offer.  

An alert was sent by Manoj Nagpal, the CEO of Outlook Asia Capital, who posted a picture of the infected email to Twitter with a description of what he had seen. The same message has also been received by many other customers as well. It has been recommended by Nagpal that people should refrain from clicking on links that have been sent via email or SMS.  

What Are the Methods Used by Fraudsters?

To use fraudsters to commit fraud. Here is how HDFC bank explains how this happens. 

First step: The fraudsters create bogus emails impersonating bank employees that ask consumers to activate a link in the email that instructs them to verify or update the account information in their accounts as soon as possible. 

Second step: When a customer clicks on the link provided by the email, the victim is taken to a fake site that appears to be the official website of the Bank. There is a web form on this site that allows the customer to enter their personal information so that we can communicate with them. 

If you doubt any SMS request, report any suspicious SMSes, or confirm a bank alert with a bank manager to avoid having your account hacked, make sure to check the sender's identity before acting on it.   

 A two-factor authentication system should be implemented for online banking to keep personal information secure. The OTP and password that you used to access your account must be entered every time you want to access it. Using your fingerprints as a second password is even possible if you have a secure device. The message you receive should not be clicked on and any unidentified links should be deleted.    

Read more »
Subscribe to: Posts (Atom)