Make a blog

danieltrujillo

1 month ago

These Are Today's Top 8 Cyber-Crime Trends According to Europol by Online Security

These Are Today

In its Internet Organized Crime Threat Assessment (IOCTA) report released today, Europol has detailed today's top 8 most prevalent cybercrime trends, for which investigators have seen a rise in detected incidents since the start of the year.

 

The report, which highlights an upward trend for volume, scope and material cost of cybercrime, comes on the heels of UK authorities announcing earlier in the year that cybercrime has surpassed traditional crime for the first time in their country's history.

1 month ago

Online Security: Apple urges iPhone users to update after powerful cyberweapon is found

Online Security: Apple urges iPhone users to update after powerful cyberweapon is found

SAN FRANCISCO – Apple on Friday urged iPhone owners to install a security update after a sophisticated attack on an Emirati dissident exposed vulnerabilities targeted by malware dealers.

Researchers at the Lookout mobile security firm and Citizen Lab at the University of Toronto said they had uncovered a three-pronged attack targeting the dissident’s phone “that subverts even Apple’s strong security environment.”

 

Lookout and Citizen Lab worked with Apple on an iOS patch to defend against the attack, called Trident because of its triad of methods, the researchers said in a joint blog post.

“We were made aware of this vulnerability and immediately fixed it with iOS 9.3.5,” Apple said in a released statement.

 

Trident is used in spyware referred to as Pegasus, which a Citizen Lab investigation showed was made by an Israel-based organization called NSO Group. NSO was acquired by the U.S. firm Francisco Partners Management six years ago.

Lookout referred to Pegasus as the most sophisticated attack it has seen, accessing calls, cameras, email, passwords, apps and more.

2 months ago

Online Security: People encouraged to better secure online accounts following Yahoo breach

Online Security: People encouraged to better secure online accounts following Yahoo breach

Residents who use Yahoo Mail are being encouraged by the S.C. Department of Consumer Affairs to take action to secure their online accounts following the announcement last month of a massive breach.

 

During the last two weeks of September, Yahoo announced that at least 500 million user accounts had been compromised.

 

An investigation by Yahoo following suspicions of an attack in July uncovered a far larger, allegedly state-sponsored attack in recent weeks, according to the Associated Press.

 

“We take these types of breaches very seriously and will determine how this occurred and who is responsible,” the FBI said in a statement last week.

 

Given the importance most people place on protecting personal information, the Department of Consumer Affairs is encouraging Yahoo Mail users to take action by following several tips, said Megan Stockhausen, communications coordinator with the agency.

 

• Change the account password and security questions immediately. Use strong, creative passwords (uppercase, lowercase and special characters) and don’t share them with anyone. Also, don’t use the same passwords or security questions for multiple accounts, especially when using an email address as the login name on a site.

 

• Watch out for phishing attempts, which is defined by asking for personal or sensitive information via a phone call, text or email is a tactic used by scammers. Never reply to texts, pop-ups, or emails that ask for verification of personal information. Avoid clicking on links or downloading attachments from suspicious emails or texts.

 

 

• Closely monitor financial and benefits statements/accounts. Check all monthly statements and account activity, especially for financial accounts saved as payment options on internet merchant sites.

 

Review them carefully and notify the financial institution/provider as soon as an unauthorized or suspicious item is spotted.

 

 

• Consider a fraud alert and security freeze. Scammers may use the stolen information to open new accounts.

 

 

A fraud alert and security freeze are free security measures for a credit report. A fraud alert tells a business accessing the report to take extra steps to verify that the person holding the account is the one seeking its goods/services.

 

When a security freeze is in place, no one can access the report without the account holder approving it.

 

Stockhausen said these tips can help anyone trying to secure any personal online information.

2 months ago

Business Email Compromise – Top Phishing Attacks of 2016 by Oakmere Road

Business Email Compromise – Top Phishing Attacks of 2016 by Oakmere Road

In this series of blog posts we examine the most common forms of phishing attacks and appropriate countermeasures to protect both individuals and organizations – in this post we explore Business Email Compromise and the potential fall-out for executives.

 

Business Email Compromise

 

At the start of 2016, the FBI warned that it had seen a 270% increase in CEO scams, also known as Business Email Compromise (BEC) scams.

 

With these scams, savvy cyber criminals are taking the time to harvest personal information and learn the processes within a company. Once armed with this information, they target carefully selected employees with a spear phishing email designed to get access to confidential business information or transfer money into an unknown account.

3 months ago

PayPal “Verification Required” Phishing Scam Email by Oakmere Road

PayPal “Verification Required” Phishing Scam Email by Oakmere Road

Outline:

“Verification Required” email purporting to be from PayPal claims that your account has been limited due to several listed security issues and you must click a “Remove Limitation” button to address the issues.

 

Brief Analysis:

The email is not from PayPal and the claim that your account has been limited is untrue. In fact, the email is a phishing scam designed to steal your PayPal account login credentials, your credit card numbers, and other sensitive personal information.

 

Detailed Analysis:

According to this email, which claims to be from PayPal, your account has been limited and your “verification is required”. The email, which addresses you as “Dear Customer”, claims that the limitation has been imposed because someone else has logged into your account, you sent or received money related to fraudulent activity, and you violated the terms and the user agreements.

 

It features a “Remove Limitations” button that will supposedly allow you to deal with the account issues mentioned.

 

However, the email is not from PayPal and the claim that your account has been limited is a lie. Instead, the email is a typical phishing scam designed to steal your personal information.

 

If you hit the “Remove Limitations” button, you will be taken to a bogus website that has been built to emulate a genuine PayPal login page. The page asks you to login with your PayPal email address and password. After logging in, you will be taken to a second form that asks you to verify your account by supplying your credit card numbers, your name and address details, and other identifying information.  After submitting the requested information, you may receive a final message claiming that you have successfully removed the account limitations.

 

Meanwhile, the criminals can use the information you supplied to hijack your PayPal account and steal or misuse its funds as well as use your credit card for fraudulent transactions.   They may also be able to steal your identity using the personal and financial information they have gathered from you.

 

PayPal scams like this one are very common. Be wary of any PayPal message that claims that your account has been limited, disabled, or suspended and you must click a link or open an attached file to verify account details. PayPal will never send you an email or text message that makes such demands. Note also that PayPal will always address you by name in its messages. Genuine PayPal messages will never use generic greetings such as “Dear Customer”.

 

If you receive one of these emails, do not click any links or open any attachments that it contains.

 

The PayPal website includes information about how to recognize and report such phishing scams.

3 months ago

Top scams for college students to avoid by Oakmere Road

Top scams for college students to avoid by Oakmere Road

EAU CLAIRE, Wis. (RELEASE) -- College students are often intended targets of scams. Newly independent and excited to be on their own, that freedom can make them targets of and susceptible to scams.

 

Students don’t always necessarily recognize when a scam comes knocking. As college students begin to head back to campus, the BBB wants to remind students and parents about preventing fraud when they’re away from home.

 

BBB has some information on the top scams for college students to avoid:

 

Roommate/Rental scheme – If you post an ad for a roommate on Craigslist, beware of “fake roommates” who are out of the country, but can provide the rent upfront in the form of a money order. When you receive it, the amount is higher than the amount requested (overpayment scam). You are asked to cash it, and wire back the rest. This is a scam!

 

Credit Cards – Credit card offers are all over campus. While it’s important to build credit, it’s more important to maintain good credit. Many of these cards have annual fees or charge high interest rates on purchases. Shop around for the best rate and pay off your credit card bills every month.

 

Employment – Beware of ads that pop up near campus offering jobs with “no experience necessary.” Often, these “opportunities” are bogus! If you are interviewed in a hotel lobby or required to sign a contract, or have to pay for everything including training, travel, lodging, food, etc. associated with the job – forget it! Check out a company first with bbb.org.

 

Scholarship/Grants – Scholarship-finding services “guarantee” grants or scholarships. They sell lists to students on potential scholarship or grant opportunities. However, nearly all available financial aid comes from the federal government or from individual colleges. Go to grants.gov for more information.

 

Safeguard your ID – Keep your personal information, including your driver’s license, student ID, debit cards, credit cards, and bank information in a SAFE place. Be wary of any online solicitations, emails, social media sites, or phone calls asking for your personal information. NEVER give out personal information to someone you don’t know.