Login
When we published our 2020 Predictions report in December, we didn’t realize there was a global pandemic brewing that would give cybercriminals an almost daily news cycle to take advantage of in their attacks against people and organizations around the world. Malicious actors have always taken advantage of big news to use as lures for socially engineered threats, but these events tend to be fairly short news cycles.
When Covid-19 started making headlines in early 2020, we started seeing new threats using this in the attacks. As you see below, April was the peak month for email-based Covid-19 related threats.
The same was true for phishing URLs related to Covid-19, but for files using Covid-19 in their naming convention, the peak month in the first half was June.
Impact on Cybercrime
The constant 24×7 news around cases, cures and vaccines makes this pandemic unique for cybercriminals. Also, the shift to remote working and the challenges posed to supply chains all gave cybercriminals new content they could use as lures to entice victims into infecting themselves.
As we’ve seen for many years now, email-based threats were the most used threat vector by malicious actors, which makes sense as the number one infection vector to penetrate an organization’s network is to use a socially engineered email against an employee.
We even saw malicious mobile apps being developed using Covid-19 as a lure, as you see below.
In this case it was supporting potential cures for the virus, which many people would have wanted.
Other Highlights in 1H 2020
While Covid-19 dominated the threat landscape in the 1H 2020, it wasn’t the only thing that defined it. Ransomware actors continued their attacks against organizations, but as we’ve been seeing over the past year, they’ve become much more selective in their victims. The spray and pray model using spam has been shifted to a more targeted approach, similar to how nation-state actors and APT groups perform their attacks. Two things showcase this trend:
|
|
Home network attacks are another interesting aspect of the threat landscape in the first half of this year. We have millions of home routers around the world that give us threat data on events coming into and out of home networks.
Threat actors are taking advantage of more remote workers by launching more attacks against these home networks. As you see below, the first half of 2020 saw a marked increase in attacks.
Many of these attacks are brute force login attempts as actors try to obtain login credentials for routers and devices within the home network, which can allow them to do further damage.
The above are only a small number of security events and trends we saw in just six months of 2020. Our full roundup of the security landscape so far this year is detailed out in our security roundup report – Securing the Pandemic-Disrupted Workplace. You can read about all we found to help prepare for many of the threats we will continue to see for the rest of the year.
The post 1H 2020 Cyber Security Defined by Covid-19 Pandemic appeared first on .
You get an email from bank0famerica@acc0unt.com claiming that they have found suspicious activity on your credit card statement and are requesting that you verify your financial information. What do you do? While you may be tempted to click on a link to immediately resolve the issue, this is likely the work of a cybercriminal. Phishing is a scam that tricks you into voluntarily providing important personal information. Protect yourself from phishing by reviewing some examples of phishing emails and learning more about this common online scam.
Phishing is a cybercrime that aims to steal your sensitive information. Scammers disguise themselves as major corporations or other trustworthy entities to trick you into willingly providing information like website login credentials or, even worse, your credit card number.
A phishing email or text (also known as SMiShing) is a fraudulent message made to look legitimate, and typically asks you to provide sensitive personal information in various ways. If you don’t look carefully at the emails or texts, however, you might not be able to tell the difference between a regular message and a phishing message. Scammers work hard to make phishing messages closely resemble emails and texts sent by trusted companies, which is why you need to be cautious when you open these messages and click the links they contain.
Phishing scammers often undo their own plans by making simple mistakes that are easy to spot once you know how to recognize them. Check for the following signs of phishing every time you open an email or text:
Even the biggest companies sometimes make minor errors in their communications. Phishing messages often contain grammatical errors, spelling mistakes, and other blatant errors that major corporations wouldn’t make. If you see multiple, glaring grammatical errors in an email or text that asks for your personal information, you might be a target of a phishing scam.
To enhance their edibility, phishing scammers often steal the logos of who they’re impersonating. In many cases, however, they don’t steal corporate logos correctly. The logo in a phishing email or text might have the wrong aspect ratio or low-resolution. If you have to squint to make out the logo in a message, the chances are that it’s phishing.
Phishing always centers around links that you’re supposed to click. Here are a few ways to check whether a link someone sent you is legitimate:
If the URL you discover doesn’t match up with the entity that supposedly sent you the message, you probably received a phishing email.
Phishing messages come in all shapes and sizes, but there are a few types of phishing emails and texts that are more common than others. Let’s review some examples of the most frequently sent phishing scams:
Some phishing emails appear to notify you that your bank temporarily suspended your account due to unusual activity. If you receive an account suspension email from a bank that you haven’t opened an account with, delete it immediately, and don’t look back. Suspended account phishing emails from banks you do business with, however, are harder to spot. Use the methods we listed above to check the email’s integrity, and if all else fails, contact your bank directly instead of opening any links within the email you received.
Two-factor authentication scam
Two-factor authentication (2FA) has become common, so you’re probably used to receiving emails that ask you to confirm your login information with six-digit numerical codes. Phishing scammers also know how standard 2FA has become, and they could take advantage of this service that’s supposed to protect your identity. If you receive an email asking you to log in to an account to confirm your identity, use the criteria we listed above to verify the message’s authenticity. Be especially wary if someone asks you to provide 2FA for an account you haven’t accessed for a while.
We all know how important tax season is. That’s what phishing scammers are counting on when they send you phony IRS refund emails. Be careful when an email informs you that you’ve received a windfall of cash and be especially dubious of emails that the IRS supposedly sent since this government agency only contacts taxpayers via snail mail. Tax refund phishing scams can do serious harm since they usually ask for your social security number as well as your bank account information.
Sometimes, cybercriminals will try to tick you by sending emails with fake order confirmations. These messages often contain “receipts” attached to the email or links claiming to contain more information on your order. However, criminals often use these attachments and links to spread malware to the victim’s device.
You need to be wary of phishing when you’re using your work email as well. One popular phishing scam involves emails designed to look like someone in the C-suite of your company sent them. They ask workers to wire funds to supposed clients, but this cash actually goes to scammers. Use the tips we listed above to spot these phony emails.
Often, hackers look for ways to update old schemes so that they go undetected by users already aware of certain cyberthreats. Such is the case with the latest phishing evasion technique, which detects virtual machines to fly under the radar. Cybersecurity firms often use headless devices or virtual machines (a computer file that behaves like an actual computer) to determine if a website is actually a phishing page. But now, some phishing kits contain JavaScript — a programming language that allows you to implement complex features on web pages — that checks whether a virtual machine is analyzing the page. If it detects any analysis attempts, the phishing kit will show a blank page instead of the phishing page, allowing the scam to evade detection. To help ensure that you don’t fall for the latest phishing scams, stay updated on the most recent phishing techniques so you can stay one step ahead of cybercriminals.
Never click links in suspicious emails. If you click a link you suspect a phishing scammer sent, the link will take you to a web page with a form where you can enter sensitive data such as your Social Security number, credit card information, or login credentials. Do not enter any data on this page.
If you accidentally enter data in a webpage linked to a suspicious email, perform a full malware scan on your device. Once the scan is complete, backup all of your files and change your passwords. Even if you only provided a phishing scammer with the data from one account, you may have also opened the door to other personal data, so it’s important to change all the passwords you use online in the wake of a suspected phishing attack.
Let’s wrap things up with some summarized tips on how to avoid phishing emails:
Phishing emails only work on the unaware. Now that you know how to spot phishing emails and what to do if you suspect scammers are targeting you, you’re far less likely to fall for these schemes. Remember to be careful with your personal information when you use the internet and err on the side of caution whenever anybody asks you to divulge sensitive details about your identity, finances, or login information.
To stay updated on all things McAfee and on top of the latest consumer and mobile security threats, follow @McAfee_Home on Twitter, subscribe to our email, listen to our podcast Hackable?, and ‘Like’ us on Facebook.
The post Phishing Email Examples: How to Recognize a Phishing Email appeared first on McAfee Blogs.
Forecasts predict that roughly 80 million votes will get cast by mail-in ballots—double the number cast by mail in the 2016 election. Here are a couple tips to make sure your vote counts for the 2020 election.
Smart use of the internet will help you cast a mail-in ballot that counts.
Projections abound, yet forecasts predict that roughly 80 million votes will get cast by mail-in ballots—double the number cast by mail in the 2016 election. While we’ll only know the final tally of mail-in voters sometime after election day, what we know right now is that nearly 75% of U.S. voters will be able to vote by mail in the 2020 election
If you’re one of those voters, or know someone who is, this quick five-point primer of online resources should help.
Pew Research found that Americans are split 50/50 as to whether voting in the 2020 election will be “easy” or “hard.” Compare that to the 2018 figures where 85% said that voting would be “easy” in that election. We can chalk that up to several factors this year, most notably the effect of the pandemic on voting, which I touched on in my blog last week.
However, there are other concerns at play. We’ve seen concerns about mail-in ballot fraud, along with confusion about how to get a mail-in ballot, and yet further confusion as to who is eligible to get a mail-in ballot in the first place… just to name a few.
These concerns all share a common remedy: the facts.
Good information, direct from your state election officials, will point the way. Skip social media altogether. It is not a trusted resource. In all, it’s a mistake to get any election information on social media, according to F.B.I. Director, Christopher Wray. Instead, let’s point ourselves in the right direction.
To stay updated on all things McAfee and for more resources on staying secure from home, follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.
The post Election 2020 – Five Tips to Secure a Mail-In Ballot That Counts appeared first on McAfee Blogs.
Election 2020: Make Sure Your Voice is Heard with These Tips & Best Practices
Last year, India exercised one of the greatest feats of democracy, trying to enable over 900 million people to vote in their general election. My mom lives in India, and I remember talking with her about their ambitious plans to reach every voter, no matter how remote their location. They sent poll workers deep into the jungle, and across rivers, to reach just a handful of voters. The result: a record turnout at over 67%.
In the United States, we too have an opportunity to fulfill our civic duties, with various options available to us to make sure our votes are heard. While many people choosing to mail in their votes for the very first time, there’s also a lot of confusion around election rules and security, not to mention a flood of misinformation online to be wary of.
Here at McAfee, we want to help you vote with confidence in this critical election. That’s why we’ve put together a number of tools, resources, and best practices to empower voters. Our hope is that every voice can be heard.
Demystifying Mail-In Voting
Let’s start with some questions you may have around mail-in voting, since twice as many people plan to mail in their ballots this year, compared to 2016. Of course, with the COVID-19 pandemic still active, it’s understandable that many people, especially the vulnerable, would prefer to mail their ballot, rather than go to a polling station. I personally got my mail-in ballot and am ready to mail it this week. If you haven’t decided on how to vote, you still have time to decide.
To get accurate information on mail-in voting, go directly to your state and local websites for guidance, including how to fill out your ballot, and when to turn it in. Rules vary state to state, but one thing we do know is that mail-in voting has proven to be a reliable and secure way to have your voice heard.
It’s great to see long lines to vote in some states already. If you are still concerned about election security and online scams, my colleague Judith Bitterli has written a great guide for locating reliable sources and protecting your vote (Key tip: always look for a .gov domain name).
She also has advice for making sure that your mail-in ballot counts.
Safe Election Surfing
When looking online for election resources, be aware that scammers and cybercriminals are always trying to take advantage of trending topics to misdirect users to dangerous websites and links. In fact, the FBI recently warned that bad actors have been setting up fake election websites, in an attempt to steal voters’ personal information, or get them to download dangerous files.
The Bureau suggests that you visit the U.S. Election Assistance Commission website for accurate information in a variety of languages. If you are concerned about clicking on risky links during the election or year-round, one smart action you can take is to install McAfee WebAdvisor, which warns you of risky sites before you click on them.
Although it can be tempting to believe election information posted on social media, especially by friends and family members, know that business school MIT Sloan says “fake news is at its peak” during online presidential years, and even your loved ones can be fooled.
But whether information is clickbait, or legitimate, it can still be posted to risky websites designed to steal your information, or download malware. That’s why McAfee released a new social media protection tool as part of WebAdvisor. Using color codes, the tool shows you which links are safe or risky right in your social feed, and can be used across all six major social media platforms. This makes it easier to avoid dangerous links posted on social channels. Given the increase in phishing we’ve observed in the last few months across PC and mobile platforms, a comprehensive security solution like McAfee® Total Protection can help keep your personal information and devices safe.
In-Person Voting
If you still plan to vote in person, or even better, volunteer as a poll worker, make sure that you have reliable information on voting times and locations. You’ll probably also want to look into local rules on health and safety precautions, so you are well prepared.
False and misleading information about COVID 19 has been swirling since the start of the pandemic, so it’s important that you seek verified information about the virus. Here again are some great tips from Judith on how to keep COVID misinformation from suppressing your vote.
Exercise Your Right
Now that you know how to sidestep misinformation, find trusted resources, and plan your vote — either through the mail or in person— I hope that you will exercise your right, with confidence.
The post Election 2020: Make Sure Your Voice is Heard with These Tips appeared first on McAfee Blogs.
Spooky season is among us, and ghosts and goblins aren’t the only things hiding in the shadows. Online threats are also lurking in the darkness, preparing to haunt devices and cause some hocus pocus for unsuspecting users. This Halloween season, researchers have found virtual zombies and witches among us – a new trojan that rises from the dead no matter how many times it’s deleted and malicious code that casts an evil spell to steal users’ credit card data.
Let’s unlock the mystery of these threats so you can avoid cyber-scares and continue to live your online life free from worry.
Just like zombies, malware can be a challenge to destroy. Oftentimes, it requires a user to completely wipe their device by backing up files, reinstalling the operating system, and starting from scratch. But what if this isn’t enough to stop the digital walking dead from wreaking havoc on your device?
Recently, a new type of Trojan has risen from the dead to haunt users no matter how many times it’s deleted. This zombie-like malware attaches itself to a user’s Windows 10 startup system, making it immune to system wipes since the malware can’t be found on the device’s hard drive. This stealthy malware hides on the device’s motherboard and creates a Trojan file that reinstalls the malware if the user tries to remove it. Once it sets itself up in the darkness, the malware scans for users’ private documents and sends them to an unknown host, leaving the user’s device in a ghoulish state.
A malware misfortune isn’t the only thing that users should beware of this Halloween. Cybercriminals have also managed to inject malicious code into a wireless provider’s web platform, casting an evil spell to steal users’ credit card data. The witches and warlocks allegedly responsible for casting this evil spell are part of a Magecart spin-off group that’s known for its phishing prowess. To pull off this attack, they plated a credit card skimmer onto the wireless provider’s checkout page. This allowed the hackers to exfiltrate users’ credit card data whenever they made a purchase – a spell that’s difficult to break.
While these threats might seem like just another Halloween trick, there are other forces at play. According to McAfee’s Quarterly Threats Report from July 2020, threats like malware phishing and trojans have proven opportunistic for cybercriminals as users spend more and more time online – whether it be working from home, distance learning, or connecting with friends and loved ones. In fact, McAfee Labs observed 375 threats per minute in Q1 2020 alone.
So, as hackers continue to adapt their techniques to take advantage of users spending more time online, it’s important that people educate themselves on emerging threats so they can take necessary precautions and live their digital lives free from worry.
Fortunately, there are a number of steps you can take to prevent these threats from haunting your digital life. Follow these tips to keep cybersecurity tricks at bay this spooky season:
Zombie malware is easily spread by phishing, which is when scammers try to trick you out of your private information or money. If you receive an email from an unknown user, it’s best to proceed with caution. Don’t click on any links or open any attachments in the email and delete the message altogether.
Look over your credit card accounts and bank statements often to check whether someone is fraudulently using your financial data – you can even sign up for transaction alerts that your bank or credit card company may provide. If you see any charges that you did not make, report it to the authorities immediately.
Add an extra layer of protection with a security solution like McAfee® Total Protection to help safeguard your digital life from malware and other threats. McAfee Total Protection also includes McAfee® WebAdvisor – web protection that enables users to sidestep attacks before they happen with clear warnings of risky websites, links, and files.
To stay updated on all things McAfee and on top of the latest consumer and mobile security threats, follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.
The post Trick or Treat: Avoid These Spooky Threats This Halloween appeared first on McAfee Blogs.
I’ve had such a busy morning! I’ve hunted down my favourite foundation, bought a puzzle mat, stocked up on special dog food for our naughty new puppy, ordered the groceries, made a few appointments and chatted with several friends. And guess what? I haven’t left my study – or changed out of my pyjamas!! Ssshhh!! Because it’s all happened online…
Of course, some of us embraced the benefits of the online world long before 2020 but the Pandemic forced almost everyone to replace our in-person activities and routines with online ones. New research from McAfee in their 2021 Consumer Security Mindset Report shows that 72% of Aussies made changes in their online activities last year out of convenience which makes complete sense!
But what’s so interesting is that now we have these super handy new online routines in place – we aren’t that keen to give them up! McAfee’s report shows that 76% of Aussies are planning on continuing with online banking, 59% of us want to keep connecting with friends and family online and 55% of us remain totally committed to online shopping! Hear, hear, I say! I am absolutely staying that course too!!
There’s no doubt that there is a lot of upside to managing our lives online but unfortunately there is also a downside – increased risk! The more time spent online, the greater the chance that we will be exposed to potential risks and threats such as phishing attacks, entering details into malicious websites or even becoming a victim of fraud.
McAfee’s research shows that we are aware of the risks of being online. In fact, 66% of us are concerned about the potential dangers of living our lives online with losing control of our financial data top of the list for the majority of us. And almost 2/3 (65%) of us are also worried about having our social media accounts hacked.
But pandemic life has meant that we are now a lot more comfortable with sharing information online. Whether it’s paperless transaction records, text and email notifications, opting to stay logged in or auto-populating forms with our credit card, this level of online sharing does make life so convenient but it can be a risky business! Why, I hear you ask? Because these conveniences usually only work when you share multiple pieces of your contact details. And the more you share, the greater your chance of being hacked or compromised. But the report was very clear – if we can make our online life more seamless then we are only too happy to share our key contact information! Oh dear!!
In addition to confessing that they don’t always take the necessary security precautions, Aussie consumers in McAfee’s report also admitted that they haven’t thought about why hackers might want their data. I don’t know how many people tell me that they don’t need to really bother with a lot of online precautions because they live a pretty boring life and don’t spend that much time online.
But this is a very dangerous way to think. Your online data is like a pot of gold to hackers. Not only can they use it to possibly steal your identity and try to empty your bank accounts but they can also on-sell it for a profit. But the majority of Aussies don’t stop to consider this with the research showing that 64% of Aussies have never considered just how valuable their online data is worth.
Hackers are ALWAYS on the lookout for new ‘up-to-date’ ways to exploit others for money. Don’t forget how quick they were to conjure up scams around COVID in early 2020 – it was just a matter of weeks before Aussies received phishing emails and malicious text messages with the aim of extracting personal information from vulnerable consumers.
But, encouragingly, 85% of Aussies said they would be far more proactive about managing their data if it could be traded as a currency.
The good news is that there are ways to secure your online life and minimise the risk of being hacked. Here are my top tips:
Yes, it might take a minute or 2 more, but using multi-factor authentication is an easy way to add an additional layer of security to protect your personal data and information. Commit to using it wherever it is offered!
If you live your life out & about like I do then you’ll be very tempted to use Wi-Fi. Using public Wi-Fi to conduct transactions, particularly financial ones is a big no-no! It takes keen hackers minimal effort to set up a fraudulent wi-fi service which could easily fool a busy person into connecting. Using a Virtual Private Network (or VPN) like McAfee® Safe Connect, is the best way of ensuring everything you share over Wi-Fi is safe and secure.
Browsing the internet with a tool like the McAfee WebAdvisor is a great way of ensuring dangerous malware is blocked if you click on a malicious link in a phishing email. You’ll have real peace of mind knowing you can manage your online life while someone looks out for you!
With 4 kids, 3 pets, 2 jobs – I know I could never get to the bottom of my ‘to-do’ lists without managing the bulk of it online. I often think I should send the internet an e-card at Christmas!! Of course, I understand why corners are cut and precautions are overlooked when we all feel so stretched for time. But just think about how much more time it would take if you were hacked and had to spend hours on the phone to your bank or if you had to reconfigure all your online accounts and social media platforms!!
So, you know what you need to do! Stay safe online everyone!
The post How 2020 Has Shaped The Way We Live Our Lives appeared first on McAfee Blogs.
You open your laptop and see an email from a healthcare organization that you don’t recognize. The subject line reads “URGENT – PROOF OF VACCINATION NEEDED.” Impulsively, you open the email and click on the link. You’re redirected to a website that asks you to enter your name, date of birth, Social Security Number, and a photo of your vaccine card. Scrambling, you enter the information and click “Submit.”
As you continue to adapt your lifestyle to the ongoing public health precautions, it’s important to consider how these precautions can affect your digital health as well. According to the Washington Post, pandemic-related email scams are on the rise, especially with the delta variant surging. McAfee Labs’ April 2021 Threats Report found that COVID-19-themed cyber-attack detections increased 114% in Q3 and Q4 of 2020. Research also shows that COVID-19 phishing attempts in June 2021 increased 33%. With confusion around proof of vaccination and booster shots emerging, it’s likely that cybercriminals will take advantage.
As employers re-evaluate their return-to-office plans, some are requiring proof of vaccination or negative COVID-19 test results. This creates a new opportunity for cybercriminals to exploit. Researchers have uncovered phishing emails disguised as human resources departments asking recipients to submit personally identifiable information about their vaccination status. Many of these types of emails contain links to fake login pages. If the recipient proceeds with entering their credentials and personal data, cybercriminals can use the consumer’s data to conduct credential stuffing attacks and hack their online profiles. This could lead to credit card fraud, data extraction, wire transfers, identity theft, and more.
With various organizations contacting individuals about potential virus exposure, testing and vaccination information, and other public health news, it’s important to remember that some of these organizations may not be what they say they are. That email from the healthcare company you’ve never heard of? It’s probably a cybercriminal in disguise. Some hackers are impersonating public health and government organizations, sending phishing emails in the hopes of collecting users’ names, Social Security Numbers, birthdates, and other valuable data. Criminals tend to sell this information on the dark web, making a profit while the recipients’ online safety is put in jeopardy.
As more news and recommendations for dealing with the pandemic continues to emerge, it’s important that you stay vigilant when it comes to protecting your digital wellness. After all, it’s just as important as your physical wellness! In addition to staying updated on the latest COVID-19-related scams, follow these tips to keep yourself secure from online threats like phishing scams:
If you receive an email or text message from an organization that you’re unfamiliar with, do some sleuthing. Verify that the organization is legitimate. The same goes if you receive a message from an entity that you recognize. If your “HR department” or a “doctor’s office” contacts you and asks for personal information, reach out to them directly instead of replying directly or clicking on any links in the message. This can prevent you from interacting with a hacker in disguise.
Oftentimes, hackers will use a URL for their spoofed website that is just one character off from the legitimate site. Before clicking on any website from an email asking you to act, hover over the link with your cursor. This will allow you to preview the URL and identify any suspicious misspellings or grammatical errors before navigating to a potentially dangerous website.
Multi-factor authentication requires that users confirm a collection of things to verify their identity—usually something they have, and a factor unique to their physical being—such as a retina or fingerprint scan. This can prevent a cybercriminal from using credential-stuffing tactics (where they will use email and password combinations to hack into online profiles) to access your network or account if your login details were ever exposed during a data breach and sold on the dark web.
An identity theft alert service warns you about suspicious activity surrounding your personal information, allowing you to jump to action before irreparable damage is done. McAfee Total Protection not only keeps your devices safe from viruses but gives you the added peace of mind that your identity is secure, as well.
The post How Fraudsters Are Fooling Users With This Proof of Vaccination Phishing Scam appeared first on McAfee Blog.
Businesses today have many options for interacting with customers online. The findings of our independent survey of online consumers suggest that websites and branded email continue to be critical components of many businesses’ online presence, essential to supporting consumer confidence and enabling effective interaction with customers.
The quantitative study, commissioned by Verisign and conducted in December 2019 and January 2020 by 451 Research, now a part of S&P Global Market Intelligence, surveyed 5,450 online consumers across key markets in North America, Latin America, Europe and Asia to help understand their sentiments on interacting with businesses online.
The survey was designed to arm service providers and registrars with an understanding of how the resources they provide to businesses can help create trust and deliver value to their customers.
Among those surveyed, approximately two-thirds (66%) agreed that a business with its own website is more credible than one without. Likewise, a majority indicated that they would expect it to be more difficult to verify the identity of (56%), find online (55%) and contact (54%) a business that does not have its own website.
Certainly, this doesn’t suggest that businesses should abandon other online channels, such as social media and search engine efforts, to focus on a website-only approach. Instead, 64% of respondents said that a business with many points of online presence is more credible than a business with few.
Still, the study suggests that other online resources should complement, rather than replace, a small business’s own website. Respondents identified a business’s own website as being one of the most popular online methods for learning about (69%) and conducting transactions with (57%) businesses. Further, 71% of respondents reported being more likely to recommend a business with a professional website.
Taken together, these findings suggest that a website can help add credibility and drive new business.
Trust is central to the relationship between a business and customers. This may be particularly true for online transactions (95% of survey respondents said they actively make purchases online), which require consumers to trust not only that the business will deliver the product or service for which they have paid, but also that it will not misuse payment or personal information.
A branded email address may be able to help, as an overwhelming number of respondents (85%) agreed that a business with a branded email address is more credible than one that uses a free email account. Respondents were more likely to have used a business’s branded email address (67%), than the telephone (56%) or social media (40%), to communicate with a business during the prior 12 months.
For a small business, failing to be perceived as credible online could mean lost business not just today, but also in the future. A website and branded email address can help businesses add credibility and more effectively engage with consumers online.
Service providers offer a variety of website-building tools, email hosting solutions, and domain name registration services that can help businesses – whether just starting or well-established – to have a website and use a branded email.
Detailed survey results are available in 451 Research’s Black & White Paper Websites, Branded Email Remain Key to SMB Internet Services.
Verisign is a global wholesale provider of some of the world’s most recognized top-level domains, including .com and .net. For website building tools and email hosting solutions, contact a registrar. You can find a registrar here.
The post Websites, Branded Email Remain Key to SMB Internet Services appeared first on Verisign Blog.
Authorities in the United States, Germany, the Netherlands and the U.K. last week said they dismantled the “RSOCKS” botnet, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer. While the coordinated action did not name the Russian hackers allegedly behind RSOCKS, KrebsOnSecurity has identified its owner as a 35-year-old Russian man living abroad who also runs the world’s top spam forum.
The RUSdot mailer, the email spamming tool made and sold by the administrator of RSOCKS.
According to a statement by the U.S. Department of Justice, RSOCKS offered clients access to IP addresses assigned to devices that had been hacked:
“A cybercriminal who wanted to utilize the RSOCKS platform could use a web browser to navigate to a web-based ‘storefront’ (i.e., a public web site that allows users to purchase access to the botnet), which allowed the customer to pay to rent access to a pool of proxies for a specified daily, weekly, or monthly time period. The cost for access to a pool of RSOCKS proxies ranged from $30 per day for access to 2,000 proxies to $200 per day for access to 90,000 proxies.”
The DOJ’s statement doesn’t mention that RSOCKS has been in operation since 2014, when access to the web store for the botnet was first advertised on multiple Russian-language cybercrime forums.
The user “RSOCKS” on the Russian crime forum Verified changed his name to RSOCKS from a previous handle: “Stanx,” whose very first sales thread on Verified in 2016 quickly ran afoul of the forum’s rules and prompted a public chastisement by the forum’s administrator.
Verified was hacked twice in the past few years, and each time the private messages of all users on the forum were leaked. Those messages show that after being warned of his forum infraction, Stanx sent a private message to the Verified administrator detailing his cybercriminal bona fides.
“I am the owner of the RUSdot forum (former Spamdot),” Stanx wrote in Sept. 2016. “In spam topics, people know me as a reliable person.”
A Google-translated version of the Rusdot spam forum.
RUSdot is the successor forum to Spamdot, a far more secretive and restricted forum where most of the world’s top spammers, virus writers and cybercriminals collaborated for years before the community’s implosion in 2010. Even today, the RUSdot Mailer is advertised for sale at the top of the RUSdot community forum.
Stanx said he was a longtime member of several major forums, including the Russian hacker forum Antichat (since 2005), and the Russian crime forum Exploit (since April 2013). In an early post to Antichat in January 2005, Stanx disclosed that he is from Omsk, a large city in the Siberian region of Russia.
According to the cyber intelligence firm Intel 471, the user Stanx indeed registered on Exploit in 2013, using the email address stanx@rusdot.com, and the ICQ number 399611. A search in Google for that ICQ number turns up a cached version of a Vkontakte profile for a Denis “Neo” Kloster, from Omsk, Russia.
Cybersecurity firm Constella Intelligence shows that in 2017, someone using the email address istanx@gmail.com registered at the Russian freelancer job site fl.ru with the profile name of “Denis Kloster” and the Omsk phone number of 79136334444. Another record indexed by Constella suggests Denis’s real surname may in fact be “Emilyantsev” [Емельянцев].
That phone number is tied to the WHOIS registration records for multiple domain names over the years, including proxy[.]info, allproxy[.]info, kloster.pro and deniskloster.com.
A copy of the passport for Denis Kloster, as posted to his Vkontakte page in 2019. It shows that in Oct. 2019, he obtained a visa from the American Embassy in Bangkok, Thailand.
The “about me” section of DenisKloster.com says the 35-year-old was born in Omsk, that he got his first computer at age 12, and graduated from high school at 16. Kloster says he’s worked in many large companies in Omsk as a system administrator, web developer and photographer.
According to Kloster’s blog, his first real job was running an “online advertising” firm he founded called Internet Advertising Omsk (“riOmsk“), and that he even lived in New York City for a while.
“Something new was required and I decided to leave Omsk and try to live in the States,” Kloster wrote in 2013. “I opened an American visa for myself, it was not difficult to get. And so I moved to live in New York, the largest city in the world, in a country where all wishes come true. But even this was not enough for me, and since then I began to travel the world.”
The current version of the About Me page on Kloster’s site says he closed his advertising business in 2013 to travel the world and focus on his new company: One that provides security and anonymity services to customers around the world. Kloster’s vanity website and LinkedIn page both list him as CEO of a company called “SL MobPartners.”
In 2016, Deniskloster.com featured a post celebrating three years in operation. The anniversary post said Kloster’s anonymity business had grown to nearly two dozen employees, most of whom were included in a group photo posted to that article (and some of whom Kloster thanked by their first names and last initials).
The employees who kept things running for RSOCKS, circa 2016.
“Thanks to you, we are now developing in the field of information security and anonymity!,” the post enthuses. “We make products that are used by thousands of people around the world, and this is very cool! And this is just the beginning!!! We don’t just work together and we’re not just friends, we’re Family.”
Mr. Kloster did not respond to repeated requests for comment.
It’s not clear if the coordinated takedown targeting the RSOCKS botnet will be permanent, as the botnet’s owners could simply rebuild — and possibly rebrand — their crime machine. Based on the RSOCKS owner’s posts, that is exactly what they intend to do.
“RSocks ceases to exist,” wrote the Rsocks account on the BlackHatWorld forum on June 17. “But don’t worry. All the active plans and fund balances will be transferred to another service. Stay tuned. We will inform you about its name and all the details later.”
Rsocks told the BlackHatWorld community they would be back soon under a new name.
Malware-based proxy services like RSOCKS have struggled to remain competitive in a cybercrime market with increasingly sophisticated proxy services that offer many additional features. The demise of RSOCKS follows closely on the heels of VIP72[.]com, a competing proxy botnet service that operated for a decade before its owners pulled the plug on the service last year.
U.S. state and federal investigators are being inundated with reports from people who’ve lost hundreds of thousands or millions of dollars in connection with a complex investment scam known as “pig butchering,” wherein people are lured by flirtatious strangers online into investing in cryptocurrency trading platforms that eventually seize any funds when victims try to cash out.
The term “pig butchering” refers to a time-tested, heavily scripted, and human-intensive process of using fake profiles on dating apps and social media to lure people into investing in elaborate scams. In a more visceral sense, pig butchering means fattening up a prey before the slaughter.
“The fraud is named for the way scammers feed their victims with promises of romance and riches before cutting them off and taking all their money,” the Federal Bureau of Investigation (FBI) warned in April 2022. “It’s run by a fraud ring of cryptocurrency scammers who mine dating apps and other social media for victims and the scam is becoming alarmingly popular.”
As documented in a series of investigative reports published over the past year across Asia, the people creating these phony profiles are largely men and women from China and neighboring countries who have been kidnapped and trafficked to places like Cambodia, where they are forced to scam complete strangers over the Internet — day after day.
The most prevalent pig butchering scam today involves sophisticated cryptocurrency investment platforms, where investors invariably see fantastic returns on their deposits — until they try to withdraw the funds. At that point, investors are told they owe huge tax bills. But even those who pay the phony levies never see their money again.
The come-ons for these scams are prevalent on dating sites and apps, but they also frequently start with what appears to be a wayward SMS — such as an instant message about an Uber ride that never showed. Or a reminder from a complete stranger about a planned meetup for coffee. In many ways, the content of the message is irrelevant; the initial goal to simply to get the recipient curious enough to respond in some way.
Those who respond are asked to continue the conversation via WhatsApp, where an attractive, friendly profile of the opposite gender will work through a pre-set script that is tailored to their prey’s apparent socioeconomic situation. For example, a divorced, professional female who responds to these scams will be handled with one profile type and script, while other scripts are available to groom a widower, a young professional, or a single mom.
That’s according to Erin West, deputy district attorney for Santa Clara County in Northern California. West said her office has been fielding a large number of pig butchering inquiries from her state, but also from law enforcement entities around the country that are ill-equipped to investigate such fraud.
“The people forced to perpetrate these scams have a guide and a script, where if your victim is divorced say this, or a single mom say this,” West said. “The scale of this is so massive. It’s a major problem with no easy answers, but also with victim volumes I’ve never seen before. With victims who are really losing their minds and in some cases are suicidal.”
West is a key member of REACT, a task force set up to tackle especially complex forms of cyber theft involving virtual currencies. West said the initial complaints from pig butchering victims came early this year.
“I first thought they were one-off cases, and then I realized we were getting these daily,” West said. “A lot of them are being reported to local agencies that don’t know what to do with them, so the cases languish.”
West said pig butchering victims are often quite sophisticated and educated people.
“One woman was a university professor who lost her husband to COVID, got lonely and was chatting online, and eventually ended up giving away her retirement,” West recalled of a recent case. “There are just horrifying stories that run the gamut in terms of victims, from young women early in their careers, to senior citizens and even to people working in the financial services industry.”
In some cases reported to REACT, the victims said they spent days or weeks corresponding with the phony WhatsApp persona before the conversation shifted to investing.
“They’ll say ‘Hey, this is the food I’m eating tonight’ and the picture they share will show a pretty setting with a glass of wine, where they’re showcasing an enviable lifestyle but not really mentioning anything about how they achieved that,” West said. “And then later, maybe a few hours or days into the conversation, they’ll say, ‘You know I made some money recently investing in crypto,’ kind of sliding into the topic as if this wasn’t what they were doing the whole time.”
Curious investors are directed toward elaborate and official-looking online crypto platforms that appear to have thousands of active investors. Many of these platforms include extensive study materials and tutorials on cryptocurrency investing. New users are strongly encouraged to team up with more seasoned investors on the platform, and to make only small investments that they can afford to lose.
The now-defunct homepage of xtb-market[.]com, a scam cryptocurrency platform tied to a pig butchering scheme.
“They’re able to see some value increase, and maybe even be allowed to take out that value increase so that they feel comfortable about the situation,” West said. Some investors then need little encouragement to deposit additional funds, which usually generate increasingly higher “returns.”
West said many crypto trading platforms associated with pig butchering scams appear to have been designed much like a video game, where investor hype is built around upcoming “trading opportunities” that hint at even more fantastic earnings.
“There are bonus levels and VIP levels, and they’ll build hype and a sense of frenzy into the trading,” West said. “There are definitely some psychological mechanisms at work to encourage people to invest more.”
“What’s so devastating about many of the victims is they lose that sense of who they are,” she continued. “They thought they were a savvy, sophisticated person, someone who’s sort of immune to scams. I think the large scale of the trickery and psychological manipulation being used here can’t be understated. It’s like nothing I’ve seen before.”
Courtney Nolan, a divorced mother of three daughters, says she lost more than $5 million to a pig butchering scam. Nolan lives in St. Louis and has a background in investment finance, but only started investing in cryptocurrencies in the past year.
Nolan’s case may be especially bad because she was already interested in crypto investing when the scammer reached out. At the time, Bitcoin was trading at or near all-time highs of nearly $68,000 per coin.
Nolan said her nightmare began in late 2021 with a Twitter direct message from someone who was following many of the same cryptocurrency influencers she followed. Her fellow crypto enthusiast then suggested they continue their discussion on WhatsApp. After much back and forth about his trading strategies, her new friend agreed to mentor her on how to make reliable profits using the crypto trading platform xtb.com.
“I had dabbled in leveraged trading before, but his mentor program gave me over 100 pages of study materials and agreed to walk me through their investment strategies over the course of a year,” Nolan told KrebsOnSecurity.
Nolan’s mentor had her create an account website xtb-market[.]com, which was made to be confusingly similar to XTB’s official platform. The site promoted several different investment packages, including a “starter plan” that involves a $5,250 up-front investment and promises more than 15 percent return across four separate trading bursts.
Platinum plans on xtb-market promised a whopping 45 percent ROI, with a minimum investment of $265,000. The site also offered a generous seven percent commission for referrals, which encouraged new investors to recruit others.
The now-defunct xtb-market[.]com.
While chatting via WhatsApp, Nolan and her mentor would trade side by side in xtb-market, initially with small investments ranging from $500 to $5,000. When those generated hefty returns, Nolan made bigger deposits. On several occasions she was able to withdraw amounts ranging from $10,000 to $30,000.
But after investing more than $4.5 million of her own money over nearly four months, Nolan found her account was suddenly frozen. She was then issued a tax statement saying she owed nearly $500,000 in taxes before she could reactivate her account or access her funds.
Nolan said it seems obvious in hindsight that she should never have paid the tax bill. Because xtb-market and her mentor cut all communications with her after that, and the entire website disappeared just a few weeks later.
Justin Maile, an investigation partner manager at Chainalysis, told Vice News that the tax portion of the pig butchering scam relies on the “sunk costs fallacy,” when people are reluctant to abandon a failing strategy or course of action because they have already invested heavily in it.
“Once the victim starts getting skeptical or tries to withdraw their funds, they are often told that they have to pay tax on the gains before funds can be unlocked,” Maile told Vice News. “The scammers will try to get any last payments out of the victims by exploiting the sunk cost fallacy and dangling huge profits in front of them.”
Vice recently published an in-depth report on pig butchering’s link to organized crime gangs in Asia that lure young job seekers with the promise of customer service jobs in call centers. Instead, those who show up at the appointed place and time are taken on long car rides and/or forced hikes across the borders into Cambodia, where they are pressed into indentured servitude.
Vice found many of the people forced to work in pig-butchering scams are being held in Chinese-owned casinos operating in Cambodia. Many of those casinos were newly built when the Covid pandemic hit. As the new casinos and hotels sat empty, organized crime groups saw an opportunity to use these facilities to generate huge income streams, and many foreign travelers stranded in neighboring countries were eventually trafficked to these scam centers.
Vice reports:
“While figures on the number of people in scam centers in Cambodia is unknown, best estimates pieced together from various sources point to the tens of thousands across scam centers in Sihanoukville, Phnom Penh, and sites in border regions Poipet and Bavet. In April, Thailand’s assistant national police commissioner said 800 Thai citizens had been rescued from scam centers in Cambodia in recent months, with a further 1,000 citizens still trapped across the country. One Vietnamese worker estimated 300 of his compatriots were held on just one floor in a tall office block hosting scam operations.”
“…within Victory Paradise Resort alone there were 7,000 people, the majority from mainland China, but also Indonesians, Singaporeans and Filipinos. According to the Khmer Times, one 10-building complex of high-rises in Sihanoukville, known as The China Project, holds between 8,000 to 10,000 people participating in various scams—a workforce that would generate profits around the $1 billion mark each year at $300 per worker per day.”
REACTs’ West said while there are a large number of pig butchering victims reporting their victimization to the FBI, very few are receiving anything more than instructions about filing a complaint with the FBI’s Internet Crime Complaint Center (IC3), which keeps track of cybercrime losses and victims.
“There’s a huge gap in victims that are seeing any kind of service at all, where they’re reporting to the FBI but not being able to talk to anyone,” she said. “They’re filling out the IC3 form and never hearing back. It sort of feels like the federal government is ignoring this, so people are going to local agencies, which are sending these victims our way.”
For many younger victims of pig butchering, even losses of a few thousand dollars can be financially devastating. KrebsOnSecurity recently heard from two different readers who said they were in their 20s and lost more than $40,000 each when the investment platforms they were trading on vanished with their money.
The FBI can often bundle numerous IC3 complaints involving the same assailants and victims into a single case for federal prosecutors to pursue the guilty, and/or try to recapture what was stolen. In general, however, victims of crypto crimes rarely see that money again, or if they do it can take many years.
“The next piece is what can we actually do with these cases,” West said. “We used to frame success as getting bad people behind bars, but these cases leave us as law enforcement with not a lot of opportunity there.”
West said the good news is U.S. authorities are seeing some success in freezing cryptocurrency wallets suspected of being tied to large-scale cybercriminal operations. Indeed, Nolan told KrebsOnSecurity that her losses were substantial enough to warrant an official investigation by the FBI, which she says has since taken steps to freeze at least some of the assets tied to xtb-market[.]com.
Likewise, West said she was recently able to freeze cryptocurrency funds stolen from some pig butchering victims, and now REACT is focusing on helping state and local authorities learn how to do the same.
“It’s important to be able to mobilize quickly and know how to freeze and seize crypto and get it back to its rightful owner,” West said. “We definitely have made seizures in cases involving pig butchering, but we haven’t gotten that back to the rightful owners yet.”
In April, the FBI warned Internet users to be on guard against pig butchering scams, which it said attracts victims with “promises of romance and riches” before duping them out of their money. The IC3 said it received more than 4,300 complaints related to crypto-romance scams, resulting in losses of more than $429 million.
Here are some common elements of a pig butchering scam:
–Dating apps: Pig-butchering attempts are common on dating apps, but they can begin with almost any type of communication, including SMS text messages.
–WhatsApp: In virtually all documented cases of pig butchering, the target is moved fairly quickly into chatting with the scammer via WhatsApp.
–No video: The scammers will come up with all kinds of excuses not to do a video call. But they will always refuse.
–Investment chit-chat: Your contact (eventually) claims to have inside knowledge about the cryptocurrency market and can help you make money.
The FBI’s tips on avoiding crypto scams:
-Never send money, trade, or invest based on the advice of someone you have only met online.
-Don’t talk about your current financial status to unknown and untrusted people.
-Don’t provide your banking information, Social Security Number, copies of your identification or passport, or any other sensitive information to anyone online or to a site you do not know is legitimate.
-If an online investment or trading site is promoting unbelievable profits, it is most likely that—unbelievable.
-Be cautious of individuals who claim to have exclusive investment opportunities and urge you to act fast.
Private tech companies gather tremendous amounts of user data. These companies can afford to let you use social media platforms free of charge because it’s paid for by your data, attention, and time.
Big tech derives most of its profits by selling your attention to advertisers — a well-known business model. Various documentaries (like Netflix’s “The Social Dilemma”) have attempted to get to the bottom of the complex algorithms that big tech companies employ to mine and analyze user data for the benefit of third-party advertisers.
This article will help you better understand what information is being collected by tech companies, how it’s being used, and how you can protect your privacy online.
Tech companies benefit from personal information by being able to provide personalized ads. When you click “yes” at the end of a terms and conditions agreement found on some web pages, you may be allowing the companies to collect the following data:
For someone unfamiliar with privacy issues, it is important to understand the extent of big tech’s tracking and data collection. Once these companies collect data, all this information can be supplied to third-party businesses or used to improve user experience.
The problem with this is that big tech has blurred the line between collecting customer data and violating user privacy in some cases. While tracking what content you interact with can be justified under the garb of personalizing the content you see, big tech platforms have been known to go too far. Prominent social networks like Facebook and LinkedIn have faced past legal trouble for accessing personal user data like private messages and saved photos.
The information you provide helps build an accurate character profile and turns it into knowledge that gives actionable insights to businesses. Private data usage can be classified into three cases: selling it to data brokers, using it to improve marketing, or enhancing customer experience.
Along with big data, another industry has seen rapid growth: data brokers. Data brokers buy, analyze, and package your data. Companies that collect large amounts of data on their users stand to profit from this service. Selling data to brokers is an important revenue stream for big tech companies.
Advertisers and businesses benefit from increased information on their consumers, creating a high demand for your information. The problem here is that companies like Facebook and Alphabet (Google’s parent company) have been known to mine massive amounts of user data for the sake of their advertisers.
Marketing can be highly personalized thanks to the availability of large amounts of consumer data. Tracking your response to marketing campaigns can help businesses alter or improve certain aspects of their campaign to drive better results.
The problem is that most AI-based algorithms are incapable of assessing when they should stop collecting or using your information. After a point, users run the risk of being constantly subjected to intrusive ads and other unconsented marketing campaigns that pop up frequently.
Analyzing consumer behavior through reviews, feedback, and recommendations can help improve customer experience. Businesses have access to various facets of data that can be analyzed to show them how to meet consumer demands. This could help improve any part of a consumer’s interaction with the company, from designing special offers and discounts to improving customer relationships.
For most social media platforms, the goal is to curate a personalized feed that appeals to the users and allows them to spend more time on the app. When left unmonitored, the powerful algorithms behind these social media platforms can repeatedly subject you to the same kind of content from different creators.
Here are the big tech companies that collect and mine the most user data.
Users need a comprehensive data privacy solution to tackle the rampant, large-scale data mining carried out by big tech platforms. While targeted advertisements and easily found items are beneficial, many of these companies collect and mine user data through several channels simultaneously, exploiting them in many different ways.
It’s important to make sure your personal information is protected. Protection solutions like McAfee’s Personal Data Cleanup feature can help. With this feature, our teams scour the web for traces of your personal information and assist in getting it removed to enhance your online privacy.
McAfee’s Total Protection provides antivirus software for all of your digital devices and a secure VPN connection to avoid exposure to malicious third parties while browsing the internet. Our identity monitoring and personal data removal solutions further remove gaps in your devices’ security systems.
With our airtight data protection and custom guidance (complete with a protection score for each platform and tips to keep you safer), you can be sure that your internet identity is protected.
The post What Personal Data Do Companies Track? appeared first on McAfee Blog.
Your digital footprint grows with every internet account you make. While your old Tumblr account may be fun for reminiscing, dormant accounts are actually one of the most significant sources of user data on the internet. These accounts can be used by data brokers or third parties to access your personal information.
To improve your data security, it’s good practice to remove public-facing information by deleting unused accounts. Simply put, having less personal data stored on the internet reduces the risk of theft and/or non-consensual data usage.
Deleting, canceling, unsubscribing, or removing your account can be a long process, depending on the service. This article will walk you through the simplest ways to delete unwanted accounts from various social media platforms.
Deleting unwanted accounts protects your information and prevents the monetization of your data. Your internet accounts often hold personal information like your name, age, email, or home address. What’s more alarming is that some platforms may even have credit card details, phone numbers, and bank account information.
When left unattended, internet accounts become vulnerable to being suspended or taken over by the platform. This means that if your accounts are left inactive for too long, you might be handing some or all of your data over to the tech platform.
For example, even if you believe an old Google account doesn’t have any sensitive information stored, it may be linked to other platforms you use (like Amazon or Google services like Gmail and Google Play). This exposes all of these accounts to several data privacy vulnerabilities.
Moreover, a recent survey found that 70% of surveyed adults admitted using the same password for more than one service. People who don’t use password managers or reuse passwords are at a greater security risk than others, as multiple accounts can become compromised at once. Whether the platform is now out of service or you are cutting down on your app usage, deleting dormant accounts will minimize security threats and safeguard your data.
Every platform has a different process for deleting accounts: Some take only a few clicks to complete and others are a little longer. Companies usually don’t want a user to stop using their services, so account deletion pages are often hidden in a complex web of tabs that you have to navigate.
In addition, some subscription services might require that you send an email to customer support to close your account. You can go to justdelete.me, an online directory that lets you access direct links to account deletion pages of various web services.
Remember to download your personal information and data before pulling the plug on your account. Most platforms let you download your data before initiating a deletion request, which saves you from losing important details and files. It is also important to check whether your Google account is used for your YouTube channel or connected to other online accounts.
To help you get rid of accounts you no longer use, we’ve broken down deleting accounts from some of the most popular social networks. The steps described below are for a desktop browser and may not apply to Android or iOS devices (unless specified).
Facebook’s user privacy policy enables it to store a large amount of user information, including personal messages, posts, search history, name, age, birthdate, and even metadata from posted photos and videos.
Follow these simple steps to delete your Facebook account:
LinkedIn collects information on users and uses it for targeted advertising. As a result, it amasses quite a lot of your data, from professional details to personal preferences and even your online behavior trail.
Follow these simple steps from your desktop to delete your account:
It’s simple to delete your Twitter account, but you’ll have to wait 30 days for your data and tweets to clear. To delete your account, you first need to deactivate it.
Once you’ve decided to delete your account from the micro-blogging site, follow these steps from your desktop:
Remember to revoke third-party access to your Twitter account to avoid having your account reactivated in the 30 days following deactivation.
Since Facebook and Instagram are both owned by Meta, they share a lot of data for targeted advertising. You can adjust the privacy settings of your Instagram account from the mobile app, but you will need to log in from a web browser like Chrome to delete your account.
To delete your Instagram account:
Your information and data will be permanently deleted after 30 days and you won’t be able to retrieve it. However, completing a deletion process may take up to 90 days.
Tumblr has a fairly simple process to delete your account:
Follow these steps to delete your account from the popular picture-sharing platform:
Pinterest servers continue to store your data after deletion, but your information won’t be visible to other users.
There are different steps to deleting your email account depending on which email service you use. Backing up email data usually takes more time because of the sheer volume of data a mail account can hold.
Complete the following steps to delete your Google account:
Here’s what you need to do to delete your Yahoo email account:
Deleting your Yahoo account also deletes the linked information from Yahoo’s other services.
Follow these steps to delete your Microsoft account on Outlook 2010, 2013, or 2016:
Leaving old information scattered across the internet makes you susceptible to identity theft. There are multiple ways to keep your identity and data secure online, including McAfee’s Total Protection plan.
Total Protection lets you choose from multiple affordable subscription models that provide comprehensive security against identity theft and potential data breaches and offers web protection and several related benefits. In addition, having access to 24/7 online security experts and a 30-day money-back guarantee make the Total Protection plan an easy, reliable, and safe choice. You can also have peace of mind with McAfee’s Personal Data Cleanup feature where our teams will work to find your personal information online and assist in removing it.
The post How to Delete Old Accounts Containing Personal Information appeared first on McAfee Blog.
Here’s one way you can help reduce your chances of identity theft: remove your personal information from the internet.
And chances are, you have more personal information posted online than you think.
According to the U.S. Federal Trade Commission (FTC), consumers registered 1.4 million identity theft complaints in 2021, all part of a year where consumers reported losing $5.8 billion to fraud overall—a 70% increase over the year prior.
What fuels all this theft and fraud? Access to personal information.
Scammers and thieves can get a hold of personal information in several ways, such as through phishing attacks that lure you into handing it over, malware that steals it from your devices, by purchasing your information on dark web marketplaces, or as a result of information leaked in data breaches, just to name a few.
However, scammers and thieves have other resources to help them commit theft and fraud—data broker sites, places where personal information is posted online for practically anyone to see. Which makes removing your info from them so important, from both an identity and privacy standpoint.
Think of data broker sites as huge repositories of personal information. Search your name and address online and you’ll see. You’ll likely find dozens of sites that turn up information about you, some of which offer a few pieces for free and others that offer far more information for a price.
Data brokers collect and then aggregate personal information from several sources, including:
Data brokers also buy personal information from other data brokers. As a result, some data brokers have thousands of pieces of data for billions of individuals worldwide.
What could that look like? A broker may know how much you paid for your home, your education level, where you’ve lived over the years and who your lived with, your driving record, and possibly your political leanings. A broker may also know your favorite flavor of ice cream and your preferred over-the-counter allergy medicine thanks to information from loyalty cards. Further, they may also have health-related information from fitness apps. The amount of personal information can run that broadly, and that deeply.
With information at this potential level of detail, it’s no wonder that data brokers rake in an estimated at $200 billion U.S. dollars worldwide every year.
On the legitimate side, it’s used by advertisers to create targeted ad campaigns. With information sold by data brokers, they can generate lists based on highly specific criteria, such as shopping histories, personal interests, and even political leanings as mentioned above. Likely without you being aware of it—and likely with no way to contest that information if it’s incorrect.
Other legitimate uses include using these sites for background checks. Law enforcement, reporters, and employers will use data brokers as a starting point for research because the leg work has largely been done for them. Namely, data brokers have aggregated a person’s information already, which is an otherwise time-consuming process.
If this seems a little shady, it’s still legal. As of now, the U.S. has no federal laws that regulate data brokers or require data them to remove personal information if requested. A few states, such as Nevada, Vermont, and California, have legislation in place aimed at protecting consumers. Meanwhile, the General Data Protection Regulation (GDPR) in the European Union has stricter rules about what information can be collected and what can be done with it. Still, the data broker economy thrives.
On the darker side, scammers and thieves use personal information for identity theft and fraud. With enough personal information gathered from enough sources, they can create a high-fidelity profile of their victims. One that gives them enough information to open new accounts in their name.
So, from the standpoint of both privacy and identity, cleaning up your personal information online makes a great deal of sense.
Let’s review some ways you can remove your personal information from data brokers and other sources on the internet.
The process starts with finding the sites that have your information. From there, you can request to have it removed. Yet as mentioned above, there are dozens and dozens of these sites. Knowing where to start is a challenge in of itself, as is manually making the requests once you have identified the sites that post and sell information about you.
Our Personal Data Cleanup can do the work for you. Personal Data Cleanup scans some of the riskiest data broker sites and shows you which ones are selling your personal info. It also provides guidance on how you can remove your data from those sites and can even manage the removal for you depending on your plan. It also monitors those sites, so if your info gets posted again, you can request its removal again.
As of September 2022, Google accounts for just over 92% of search engine market share worldwide. Aside from being a search engine, Google offers a myriad of other services and applications, such as Gmail and Google Maps. While Google offers plenty of tools for productivity, travel, work, and play for free, they still come at a cost—the gathering and analysis of your personal information.
You can limit the data Google associates with you by removing your name from Google search results with a removal request. This will disable anyone online from getting any results if they search your name. (Note that this will not remove your information from the original sites and sources where it’s posted.) Moreover, Google collects all your browsing data continuously. You have the option to turn on “Auto Delete” in your privacy settings to ensure that the data is deleted regularly and help limit the amount of time your sensitive data stays vulnerable.
You can also occasionally delete your cookies or use your browser in incognito mode to prevent websites from being tracked back to you. Go to your Google Chrome settings to clear your browser and cookie history.
As discussed above, data brokers can collect information from public social media profiles. You can minimize your presence on social media to the bare minimum. Make a list of the ones you use or have used in the past. If there are old accounts that you no longer use or websites that have gone by the wayside like Myspace or Tumblr, you may want to deactivate them or consider deleting them entirely.
For social media platforms that you still may use regularly, like Facebook and Instagram, consider adjusting your privacy settings to ensure that your personal information on these social media platforms is the bare minimum. For example, on Facebook you can lock your profile, while on Instagram you can stay private.
If you’ve ever published articles, written blogs, or created any content online, it might be a good time to consider taking it down if it is no longer serving a purpose. Depending on what you’ve posted, you may have shared personal details about your life. Additionally, you might be mentioned by other people in various social media posts, articles, or blogs. It is worth reaching out to these people to request them to take down posts with sensitive information.
Social media and online articles that host your personal information are often used when businesses or hackers are doing “internet scrapes” to find better ways to use your targeted information. Asking your friends or third-party sites to remove that information can help protect your privacy.
Another way you can tidy up your digital footprint online involves deleting all the unnecessary phone apps that you no longer need or use. Even when apps are not open or in use, they may be able to track personal information such as your real-time location and even your payment details if you have a paid subscription to the app.
Some apps even sell this data as it can be extremely advantageous to other companies, which they use to target certain consumer segments and profiles for advertising. Try to share as little information with apps as possible if you’re looking to minimize your online footprint, and provide them access to your photos, contacts, and location only on as-needed basis and only when the app is in use. Your phone’s app and location services settings will give you the tools to do it.
In addition to the steps above, comprehensive online protection software can keep you more private and minimize your risk of cybercrime. It can include:
So while it may seem like all this rampant collecting and selling of personal information is out of your hands, there’s plenty you can do to take control. With the steps outlined above and strong online protection software at your back, you can keep your personal information more private and secure.
The post 5 Steps to Removing Your Personal Information From the Internet appeared first on McAfee Blog.
Email scammers sent an Uber to the home of an 80-year-old woman who responded to a well-timed email scam, in a bid to make sure she went to the bank and wired money to the fraudsters. In this case, the woman figured out she was being scammed before embarking for the bank, but her story is a chilling reminder of how far crooks will go these days to rip people off.
Travis Hardaway is a former music teacher turned app developer from Towson, Md. Hardaway said his mother last month replied to an email she received regarding an appliance installation from BestBuy/GeekSquad. Hardaway said the timing of the scam email couldn’t have been worse: His mom’s dishwasher had just died, and she’d paid to have a new one delivered and installed.
“I think that’s where she got confused, because she thought the email was about her dishwasher installation,” Hardaway told KrebsOnSecurity.
Hardaway said his mom initiated a call to the phone number listed in the phony BestBuy email, and that the scammers told her she owed $160 for the installation, which seemed right at the time. Then the scammers asked her to install remote administration software on her computer so that they could control the machine from afar and assist her in making the payment.
After she logged into her bank and savings accounts with scammers watching her screen, the fraudster on the phone claimed that instead of pulling $160 out of her account, they accidentally transferred $160,000 to her account. They said they they needed her help to make sure the money was “returned.”
“They took control of her screen and said they had accidentally transferred $160,000 into her account,” Hardaway said. “The person on the phone told her he was going to lose his job over this transfer error, that he didn’t know what to do. So they sent her some information about where to wire the money, and asked her to go to the bank. But she told them, ‘I don’t drive,’ and they told her, “No problem, we’re sending an Uber to come help you to the bank.'”
Hardaway said he was out of town when all this happened, and that thankfully his mom eventually grew exasperated and gave up trying to help the scammers.
“They told her they were sending an Uber to pick her up and that it was on its way,” Hardaway said. “I don’t know if the Uber ever got there. But my mom went over to the neighbor’s house and they saw it for what it was — a scam.”
Hardaway said he has since wiped her computer, reinstalled the operating system and changed her passwords. But he says the incident has left his mom rattled.
“She’s really second-guessing herself now,” Hardaway said. “She’s not computer-savvy, and just moved down here from Boston during COVID to be near us, but she’s living by herself and feeling isolated and vulnerable, and stuff like this doesn’t help.”
According to the Federal Bureau of Investigation (FBI), seniors are often targeted because they tend to be trusting and polite. More importantly, they also usually have financial savings, own a home, and have good credit—all of which make them attractive to scammers.
“Additionally, seniors may be less inclined to report fraud because they don’t know how, or they may be too ashamed of having been scammed,” the FBI warned in May. “They might also be concerned that their relatives will lose confidence in their abilities to manage their own financial affairs. And when an elderly victim does report a crime, they may be unable to supply detailed information to investigators.”
In 2021, more than 92,000 victims over the age of 60 reported losses of $1.7 billion to the FBI’s Internet Crime Complaint Center (IC3). The FBI says that represents a 74 percent increase in losses over losses reported in 2020.
The abuse of ride-sharing services to scam the elderly is not exactly new. Authorities in Tampa, Fla. say they’re investigating an incident from December 2021 where fraudsters who’d stolen $700,000 from elderly grandparents used Uber rides to pick up bundles of cash from their victims.
One way to tame your email inbox is to get in the habit of using unique email aliases when signing up for new accounts online. Adding a “+” character after the username portion of your email address — followed by a notation specific to the site you’re signing up at — lets you create an infinite number of unique email addresses tied to the same account. Aliases can help users detect breaches and fight spam. But not all websites allow aliases, and they can complicate account recovery. Here’s a look at the pros and cons of adopting a unique alias for each website.
What is an email alias? When you sign up at a site that requires an email address, think of a word or phrase that represents that site for you, and then add that prefaced by a “+” sign just to the left of the “@” sign in your email address. For instance, if I were signing up at example.com, I might give my email address as krebsonsecurity+example@gmail.com. Then, I simply go back to my inbox and create a corresponding folder called “Example,” along with a new filter that sends any email addressed to that alias to the Example folder.
Importantly, you don’t ever use this alias anywhere else. That way, if anyone other than example.com starts sending email to it, it is reasonable to assume that example.com either shared your address with others or that it got hacked and relieved of that information. Indeed, security-minded readers have often alerted KrebsOnSecurity about spam to specific aliases that suggested a breach at some website, and usually they were right, even if the company that got hacked didn’t realize it at the time.
Alex Holden, founder of the Milwaukee-based cybersecurity consultancy Hold Security, said many threat actors will scrub their distribution lists of any aliases because there is a perception that these users are more security- and privacy-focused than normal users, and are thus more likely to report spam to their aliased addresses.
Holden said freshly-hacked databases also are often scrubbed of aliases before being sold in the underground, meaning the hackers will simply remove the aliased portion of the email address.
“I can tell you that certain threat groups have rules on ‘+*@’ email address deletion,” Holden said. “We just got the largest credentials cache ever — 1 billion new credentials to us — and most of that data is altered, with aliases removed. Modifying credential data for some threat groups is normal. They spend time trying to understand the database structure and removing any red flags.”
According to the breach tracking site HaveIBeenPwned.com, only about .03 percent of the breached records in circulation today include an alias.
Email aliases are rare enough that seeing just a few email addresses with the same alias in a breached database can make it trivial to identify which company likely got hacked and leaked said database. That’s because the most common aliases are simply the name of the website where the signup takes place, or some abbreviation or shorthand for it.
Hence, for a given database, if there are more than a handful of email addresses that have the same alias, the chances are good that whatever company or website corresponds to that alias has been hacked.
That might explain the actions of Allekabels, a large Dutch electronics web shop that suffered a data breach in 2021. Allekabels said a former employee had stolen data on 5,000 customers, and that those customers were then informed about the data breach by Allekabels.
But Dutch publication RTL Nieuws said it obtained a copy of the Allekabels user database from a hacker who was selling information on 3.6 million customers at the time, and found that the 5,000 number cited by the retailer corresponded to the number of customers who’d signed up using an alias. In essence, RTL argued, the company had notified only those most likely to notice and complain that their aliased addresses were suddenly receiving spam.
“RTL Nieuws has called more than thirty people from the database to check the leaked data,” the publication explained. “The customers with such a unique email address have all received a message from Allekabels that their data has been leaked – according to Allekabels they all happened to be among the 5000 data that this ex-employee had stolen.”
HaveIBeenPwned’s Hunt arrived at the conclusion that aliases account for about .03 percent of registered email addresses by studying the data leaked in the 2013 breach at Adobe, which affected at least 38 million users. Allekabels’s ratio of aliased users was considerably higher than Adobe’s — .14 percent — but then again European Internet users tend to be more privacy-conscious.
While overall adoption of email aliases is still quite low, that may be changing. Apple customers who use iCloud to sign up for new accounts online automatically are prompted to use Apple’s Hide My Email feature, which creates the account using a unique email address that automatically forwards to a personal inbox.
What are the downsides to using email aliases, apart from the hassle of setting them up? The biggest downer is that many sites won’t let you use a “+” sign in your email address, even though this functionality is clearly spelled out in the email standard.
Also, if you use aliases, it helps to have a reliable mnemonic to remember the alias used for each account (this is a non-issue if you create a new folder or rule for each alias). That’s because knowing the email address for an account is generally a prerequisite for resetting the account’s password, and if you can’t remember the alias you added way back when you signed up, you may have limited options for recovering access to that account if you at some point forget your password.
What about you, Dear Reader? Do you rely on email aliases? If so, have they been useful? Did I neglect to mention any pros or cons? Feel free to sound off in the comments below.
Phishers are enjoying remarkable success using text messages to steal remote access credentials and one-time passcodes from employees at some of the world’s largest technology companies and customer support firms. A recent spate of SMS phishing attacks from one cybercriminal group has spawned a flurry of breach disclosures from affected companies, which are all struggling to combat the same lingering security threat: The ability of scammers to interact directly with employees through their mobile devices.
In mid-June 2022, a flood of SMS phishing messages began targeting employees at commercial staffing firms that provide customer support and outsourcing to thousands of companies. The missives asked users to click a link and log in at a phishing page that mimicked their employer’s Okta authentication page. Those who submitted credentials were then prompted to provide the one-time password needed for multi-factor authentication.
The phishers behind this scheme used newly-registered domains that often included the name of the target company, and sent text messages urging employees to click on links to these domains to view information about a pending change in their work schedule.
The phishing sites leveraged a Telegram instant message bot to forward any submitted credentials in real-time, allowing the attackers to use the phished username, password and one-time code to log in as that employee at the real employer website. But because of the way the bot was configured, it was possible for security researchers to capture the information being sent by victims to the public Telegram server.
This data trove was first reported by security researchers at Singapore-based Group-IB, which dubbed the campaign “0ktapus” for the attackers targeting organizations using identity management tools from Okta.com.
“This case is of interest because despite using low-skill methods it was able to compromise a large number of well-known organizations,” Group-IB wrote. “Furthermore, once the attackers compromised an organization they were quickly able to pivot and launch subsequent supply chain attacks, indicating that the attack was planned carefully in advance.”
It’s not clear how many of these phishing text messages were sent out, but the Telegram bot data reviewed by KrebsOnSecurity shows they generated nearly 10,000 replies over approximately two months of sporadic SMS phishing attacks targeting more than a hundred companies.
A great many responses came from those who were apparently wise to the scheme, as evidenced by the hundreds of hostile replies that included profanity or insults aimed at the phishers: The very first reply recorded in the Telegram bot data came from one such employee, who responded with the username “havefuninjail.”
Still, thousands replied with what appear to be legitimate credentials — many of them including one-time codes needed for multi-factor authentication. On July 20, the attackers turned their sights on internet infrastructure giant Cloudflare.com, and the intercepted credentials show at least three employees fell for the scam.
Image: Cloudflare.com
In a blog post earlier this month, Cloudflare said it detected the account takeovers and that no Cloudflare systems were compromised. Cloudflare said it does not rely on one-time passcodes as a second factor, so there was nothing to provide to the attackers. But Cloudflare said it wanted to call attention to the phishing attacks because they would probably work against most other companies.
“This was a sophisticated attack targeting employees and systems in such a way that we believe most organizations would be likely to be breached,” Cloudflare CEO Matthew Prince wrote. “On July 20, 2022, the Cloudflare Security team received reports of employees receiving legitimate-looking text messages pointing to what appeared to be a Cloudflare Okta login page. The messages began at 2022-07-20 22:50 UTC. Over the course of less than 1 minute, at least 76 employees received text messages on their personal and work phones. Some messages were also sent to the employees family members.”
On three separate occasions, the phishers targeted employees at Twilio.com, a San Francisco based company that provides services for making and receiving text messages and phone calls. It’s unclear how many Twilio employees received the SMS phishes, but the data suggest at least four Twilio employees responded to a spate of SMS phishing attempts on July 27, Aug. 2, and Aug. 7.
On that last date, Twilio disclosed that on Aug. 4 it became aware of unauthorized access to information related to a limited number of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials.
“This broad based attack against our employee base succeeded in fooling some employees into providing their credentials,” Twilio said. “The attackers then used the stolen credentials to gain access to some of our internal systems, where they were able to access certain customer data.”
That “certain customer data” included information on roughly 1,900 users of the secure messaging app Signal, which relied on Twilio to provide phone number verification services. In its disclosure on the incident, Signal said that with their access to Twilio’s internal tools the attackers were able to re-register those users’ phone numbers to another device.
On Aug. 25, food delivery service DoorDash disclosed that a “sophisticated phishing attack” on a third-party vendor allowed attackers to gain access to some of DoorDash’s internal company tools. DoorDash said intruders stole information on a “small percentage” of users that have since been notified. TechCrunch reported last week that the incident was linked to the same phishing campaign that targeted Twilio.
This phishing gang apparently had great success targeting employees of all the major mobile wireless providers, but most especially T-Mobile. Between July 10 and July 16, dozens of T-Mobile employees fell for the phishing messages and provided their remote access credentials.
“Credential theft continues to be an ongoing issue in our industry as wireless providers are constantly battling bad actors that are focused on finding new ways to pursue illegal activities like this,” T-Mobile said in a statement. “Our tools and teams worked as designed to quickly identify and respond to this large-scale smishing attack earlier this year that targeted many companies. We continue to work to prevent these types of attacks and will continue to evolve and improve our approach.”
This same group saw hundreds of responses from employees at some of the largest customer support and staffing firms, including Teleperformanceusa.com, Sitel.com and Sykes.com. Teleperformance did not respond to requests for comment. KrebsOnSecurity did hear from Christopher Knauer, global chief security officer at Sitel Group, the customer support giant that recently acquired Sykes. Knauer said the attacks leveraged newly-registered domains and asked employees to approve upcoming changes to their work schedules.
Image: Group-IB.
Knauer said the attackers set up the phishing domains just minutes in advance of spamming links to those domains in phony SMS alerts to targeted employees. He said such tactics largely sidestep automated alerts generated by companies that monitor brand names for signs of new phishing domains being registered.
“They were using the domains as soon as they became available,” Knauer said. “The alerting services don’t often let you know until 24 hours after a domain has been registered.”
On July 28 and again on Aug. 7, several employees at email delivery firm Mailchimp provided their remote access credentials to this phishing group. According to an Aug. 12 blog post, the attackers used their access to Mailchimp employee accounts to steal data from 214 customers involved in cryptocurrency and finance.
On Aug. 15, the hosting company DigitalOcean published a blog post saying it had severed ties with MailChimp after its Mailchimp account was compromised. DigitalOcean said the MailChimp incident resulted in a “very small number” of DigitalOcean customers experiencing attempted compromises of their accounts through password resets.
According to interviews with multiple companies hit by the group, the attackers are mostly interested in stealing access to cryptocurrency, and to companies that manage communications with people interested in cryptocurrency investing. In an Aug. 3 blog post from email and SMS marketing firm Klaviyo.com, the company’s CEO recounted how the phishers gained access to the company’s internal tools, and used that to download information on 38 crypto-related accounts.
A flow chart of the attacks by the SMS phishing group known as 0ktapus and ScatterSwine. Image: Amitai Cohen for Wiz.io. twitter.com/amitaico.
The ubiquity of mobile phones became a lifeline for many companies trying to manage their remote employees throughout the Coronavirus pandemic. But these same mobile devices are fast becoming a liability for organizations that use them for phishable forms of multi-factor authentication, such as one-time codes generated by a mobile app or delivered via SMS.
Because as we can see from the success of this phishing group, this type of data extraction is now being massively automated, and employee authentication compromises can quickly lead to security and privacy risks for the employer’s partners or for anyone in their supply chain.
Unfortunately, a great many companies still rely on SMS for employee multi-factor authentication. According to a report this year from Okta, 47 percent of workforce customers deploy SMS and voice factors for multi-factor authentication. That’s down from 53 percent that did so in 2018, Okta found.
Some companies (like Knauer’s Sitel) have taken to requiring that all remote access to internal networks be managed through work-issued laptops and/or mobile devices, which are loaded with custom profiles that can’t be accessed through other devices.
Others are moving away from SMS and one-time code apps and toward requiring employees to use physical FIDO multi-factor authentication devices such as security keys, which can neutralize phishing attacks because any stolen credentials can’t be used unless the phishers also have physical access to the user’s security key or mobile device.
This came in handy for Twitter, which announced last year that it was moving all of its employees to using security keys, and/or biometric authentication via their mobile device. The phishers’ Telegram bot reported that on June 16, 2022, five employees at Twitter gave away their work credentials. In response to questions from KrebsOnSecurity, Twitter confirmed several employees were relieved of their employee usernames and passwords, but that its security key requirement prevented the phishers from abusing that information.
Twitter accelerated its plans to improve employee authentication following the July 2020 security incident, wherein several employees were phished and relieved of credentials for Twitter’s internal tools. In that intrusion, the attackers used Twitter’s tools to hijack accounts for some of the world’s most recognizable public figures, executives and celebrities — forcing those accounts to tweet out links to bitcoin scams.
“Security keys can differentiate legitimate sites from malicious ones and block phishing attempts that SMS 2FA or one-time password (OTP) verification codes would not,” Twitter said in an Oct. 2021 post about the change. “To deploy security keys internally at Twitter, we migrated from a variety of phishable 2FA methods to using security keys as our only supported 2FA method on internal systems.”
Update, 6:02 p.m. ET: Clarified that Cloudflare does not rely on TOTP (one-time multi-factor authentication codes) as a second factor for employee authentication.
Fears and phobias. We all have them. But what are your biggest ones? I absolutely detest snakes but spiders don’t worry me at all. Well, new research by McAfee shows that cybercriminals and the fear of being hacked are now the 5th greatest fear among Aussies.
With news of data breaches and hacking crusades filling our news feed on a regular basis, many of us are becoming more aware and concerned about the threats we face in our increasingly digital world. And McAfee’s latest confirms this with hackers making their way into Australia’s Top 10 Fears.
According to research conducted by McAfee, snakes are the top phobia for Aussies followed by spiders, heights and sharks. Cybercriminals and the fear of being hacked come in in 5th place beating the dentist, bees, ghosts, aeroplane travel and clowns!
Aussie Top 10 Fears and Phobias
Fears and phobias develop when we perceive that we are at risk of pain, or worse, still, death. And while almost a third of respondents nominated snakes as their number one fear, there is less than one-in-fifty thousand chance of being bitten badly enough by a snake to warrant going to hospital in Australia, according to research from the Internal Medicine Journal.
In contrast, McAfee’s analysis of more than 108 billion potential online threats between October and December, identified 202 million of these threats as genuine risks. With a global population of 7.5 billion, that means there is approximately a one in 37 chance of being targeted by cybercrime. Now while this is not a life-threatening situation, these statistics show that chance of us being affected by an online threat is very real.
According to the research, 82% of Aussies believe that being hacked is a growing or high concern. And when you look at the sheer number of reported data breaches so far this year, these statistics make complete sense. Data breaches have affected Bunnings staff, Federal Parliament staff, Marriott guests, Victorian Government staff, QLD Fisheries members, Skoolbag app users and Big W customers plus many more.
Almost 1 in 5 (19%) of those interviewed said their top fear at work is doing something that will result in a data security breach, they will leak sensitive information or infect their corporate IT systems.
The fear that we are in the midst of a cyberwar is another big concern for many Aussies. Cyberwar can be explained as a computer or network-based conflict where parties try to disrupt or take ownership of the activities of other parties, often for strategic, military or cyberespionage purposes. 55% of Aussies believe that a cyberwar is happening right now but we just don’t know about it. And a fifth believe cyber warfare is the biggest threat to our nation.
Being proactive about protecting your online life is the absolute best way of reducing the chances of being hacked or being affected by a data breach. Here are my top tips on what you can now to protect yourself:
Using a password manager to create unique and complex passwords for each of your online accounts will definitely improve your online safety. If each on your online accounts has a unique password and you are involved in a breach, the hacker won’t be able to use the stolen password details to log into any of your other accounts.
Storing your financial data within your browser and being able to populate online forms quickly within seconds makes the autofill function very attractive however it is risky. Autofill will automatically fill out all forms on a page regardless of whether you can see all the boxes. You may just think you are automatically entering your email address into an online form however a savvy hacker could easily design an online form with hidden boxes designed to capture your financial information. So remove all your financial information from Autofill. I know this means you will have to manually enter information each time you purchase but your personal data will be better protected.
One of the easiest ways for a cybercriminal to compromise their victim is by using phishing emails to lure consumers into clicking links for products or services that could lead to malware, or a phoney website designed to steal personal information. If the deal seems too good to be true, or the email was not expected, always check directly with the source.
It’s important to put the right security solutions in place in order to surf the web safely. Add an extra layer of security to your browser with McAfee WebAdvisor.
I know public Wi-Fi might seem like a good idea, but if consumers are not careful, they could be unknowingly exposing personal information or credit card details to cybercriminals who are snooping on the network. If you are a regular Wi-Fi user, I recommend investing in a virtual private network or (VPN) such as McAfee Secure VPN which will ensure your connection is completely secure and that your data remains safe.
While it is tempting, putting our head in the sand and pretending hackers and cybercrime don’t exist puts ourselves and our families at even more risk! Facing our fears and making an action plan is the best way of reducing our worry and stress. So, please commit to being proactive about your family’s online security. Draw up a list of what you can do today to protect your tribe. And if you want to receive regular updates about additional ways you can keep your family safe online, check out my blog.
‘till next time.
Alex x
The post Aussies Fear Snakes, Spiders and Getting Hacked appeared first on McAfee Blog.
With regular marketing emails from brands, businesses, and subscription services, our email accounts are more cluttered than ever. The number of daily emails exchanged globally reached an estimated 319 billion in 2021. Unfortunately, the chances that these emails were spam or junk are quite high. In fact, 45% of all email traffic came from spam emails as of December 2021.
With emails often being the preferred mode of communication for official purposes, it’s important to observe good digital hygiene with your inbox. While a cluttered inbox can be overwhelming, it can also double as a cybersecurity threat. Junk emails that contain malware or act as phishing tools are notorious for wreaking havoc in IT systems or aiding identity theft.
Are you tired of opening your inbox to a barrage of unwanted emails? Read this article to learn how to block or eliminate spam emails.
We know you didn’t sign up to be spammed by unwanted emails. So why is your inbox overflowing with spam messages? It could be one of many reasons, including:
Companies also often share information that you’ve entered during registration with other businesses. Applications for loyalty cards and discount coupons at checkout are also sources of customer information for companies. Although companies are mandated to ask permission before sharing your personal information with affiliates, users often ignore the fine print. So, how do you block these unwanted emails?
Fortunately, most email services let you block this contact or other specific email addresses by following a few simple steps. Usually, just notifying your email service that a certain sender is spamming you does the job. The process varies according to the email provider used. Read on to find out how to keep your inbox clean.
Gmail users can block spam mail using the Gmail app or web app. Follow the steps below to block emails while using the web app:
Open a message from the sender you wish to block. If you don’t have a recent email from them, search their address or name in the search box at the top of the page.
Doing this will cause all future emails from this sender to enter your spam folder. If you block someone you didn’t intend to, follow the same procedure to unblock and start receiving mail from their address.
Follow these steps to block an address using the Outlook (the new Hotmail) web app:
By marking the email as junk, Outlook filters and sends all further emails from the sender to your spam folder.
Like all other service providers, the process of blocking a sender from your Yahoo mail account is quite straightforward. Use your web app and follow these steps to get rid of junk mail from your inbox:
Alternatively, you can also block a sender from the Settings menu.
You can unblock any address by navigating to “Blocked addresses” using the same steps and unblock any ID.
To proactively block senders from your AOL Mail inbox, follow the steps below using your web browser:
Following these simple steps marks all future emails from the chosen sender as spam and sends them to the spam folder.
The Apple iOS email app on iPhone, iPad, and Mac only recently allowed unsubscribing from mailing lists. It still doesn’t let you block senders. Follow the steps detailed below to filter and unsubscribe from senders:
Flag any email as spam by forwarding the email to spam@icloud.com.
Widely used and accepted email services are a frequent target of cyberattacks. Attackers can use email to gain control or access your personal information and resources.
Securing email systems is crucial since your email might contain a lot of sensitive information, including financial documents, legal information, important personal documents, or even trade secrets.
As an email sender and receiver, you should be aware of the most common ways the service is used to infect a computer.
A general rule of thumb is to verify and review download links, forms, and email addresses of the sender before clicking on them, as they can pose significant threats to your cybersecurity. If you receive an email from someone you trust but it contains a link that you find suspicious, multiple websites can analyze URLs and files for malware.
Keeping an email system safe involves securing the servers of the client and the user. As an informal email system user, it can be hard to mitigate and manage risks posed by malicious emails on your own.
Fortunately, you can utilize McAfee+and Identity Theft Protection. McAfee ensures complete cyber protection with advanced monitoring, customized tips according to your usage, and data clean-ups. With multiple subscription plans at your disposal, you can protect yourself and your family from all kinds of cyberthreats.
The post How to Block Emails appeared first on McAfee Blog.
One of the oldest tricks in the cybercrime playbook is phishing. It first hit the digital scene in 1995, at a time when millions flocked to America Online (AOL) every day. And if we know one thing about cybercriminals, it’s that they tend to follow the masses. In earlier iterations, phishing attempts were easy to spot due to link misspellings, odd link redirects, and other giveaways. However, today’s phishing tricks have become personalized, advanced, and shrouded in new disguises. So, let’s take a look at some of the different types, real-world examples and how you can recognize a phishing lure.
Every day, users get sent thousands of emails. Some are important, but most are just plain junk. These emails often get filtered to a spam folder, where phishing emails are often trapped. But sometimes they slip through the digital cracks, into a main inbox. These messages typically have urgent requests that require the user to input sensitive information or fill out a form through an external link. These phishing emails can take on many personas, such as banking institutions, popular services, and universities. As such, always remember to stay vigilant and double-check the source before giving away any information.
A sort of sibling to email phishing, link manipulation is when a cybercriminal sends users a link to malicious website under the ruse of an urgent request or deadline. After clicking on the deceptive link, the user is brought to the cybercriminal’s fake website rather than a real or verified link and asked to input or verify personal details. This exact scenario happened last year when several universities and businesses fell for a campaign disguised as a package delivery issue from FedEx. This scheme is a reminder that anyone can fall for a cybercriminals trap, which is why users always have to careful when clicking, as well as ensure the validity of the claim and source of the link. To check the validity, it’s always a good idea to contact the source directly to see if the notice or request is legitimate.
Corporate executives have always been high-level targets for cybercriminals. That’s why C-suite members have a special name for when cybercriminals try to phish them – whaling. What sounds like a silly name is anything but. In this sophisticated, as well as personalized attack, a cybercriminal attempts to manipulate the target to obtain money, trade secrets, or employee information. In recent years, organizations have become smarter and in turn, whaling has slowed down. Before the slowdown, however, many companies were hit with data breaches due to cybercriminals impersonating C-suite members and asking lower-level employees for company information. To avoid this pesky phishing attempt, train C-suite members to be able to identify phishing, as well as encourage unique, strong passwords on all devices and accounts.
Just as email spam and link manipulation are phishing siblings, so too are whaling and spear-phishing. While whaling attacks target the C-suite of a specific organization, spear-phishing rather targets lower-level employees of a specific organization. Just as selective and sophisticated as whaling, spear-phishing targets members of a specific organization to gain access to critical information, like staff credentials, intellectual property, customer data, and more. Spear-phishing attacks tend to be more lucrative than a run-of-the-mill phishing attack, which is why cybercriminals will often spend more time crafting and obtaining personal information from these specific targets. To avoid falling for this phishing scheme, employees must have proper security training so they know how to spot a phishing lure when they see one.
With so many things to click on a website, it’s easy to see why cybercriminals would take advantage of that fact. Content spoofing is based on exactly that notion – a cybercriminal alters a section of content on a page of a reliable website to redirect an unsuspecting user to an illegitimate website where they are then asked to enter personal details. The best way to steer clear of this phishing scheme is to check that the URL matches the primary domain name.
When users search for something online, they expect reliable resources. But sometimes, phishing sites can sneak their way into legitimate results. This tactic is called search engine phishing and involves search engines being manipulated into showing malicious results. Users are attracted to these sites by discount offers for products or services. However, when the user goes to buy said product or service, their personal details are collected by the deceptive site. To stay secure, watch out for potentially sketchy ads in particular and when in doubt always navigate to the official site first.
With new technologies come new avenues for cybercriminals to try and obtain personal data. Vishing, or voice phishing, is one of those new avenues. In a vishing attempt, cybercriminals contact users by phone and ask the user to dial a number to receive identifiable bank account or personal information through the phone by using a fake caller ID. For example, just last year, a security researcher received a call from their financial institution saying that their card had been compromised. Instead of offering a replacement card, the bank suggested simply blocking any future geographic-specific transactions. Sensing something was up, the researcher hung up and dialed his bank – they had no record of the call or the fraudulent card transactions. This scenario, as sophisticated as it sounds, reminds users to always double-check directly with businesses before sharing any personal information.
As you can see, phishing comes in all shapes and sizes. This blog only scratches the surface of all the ways cybercriminals lure unsuspecting users into phishing traps. The best way to stay protected is to invest in comprehensive security and stay updated on new phishing scams.
The post The Seven Main Phishing Lures of Cybercriminals appeared first on McAfee Blog.
I’m sure you’ve seen them — emails or messages that sound alarming and ask you to act quickly. We live in a digital world that produces hundreds of messages and alerts every day. It’s often hard to determine the validity of a suspicious message or phishing email. Whether you are an administrator, or an end-user, it can be overwhelming to accurately identify a malicious message. When in doubt, here are some questions you should ask yourself:
Is the message from a legitimate sender?
Do I normally receive messages from this person?
If there’s a link, can I tell where it’s sending me?
Attackers continue to evolve their methods, and they’re highly educated on the defenses they come up against in the wild. They’ll craft messages that do not involve any traditional indicators of compromise, such as domains, IP address, or URL links. They’ll also start their attacks by sending messages as an initial lure to establish trust, before sending an email with altered invoice or one claiming to be a helpless employee attempting to get their payroll fixed.
Phishing is a socially-based attack type, one where the threat actors focus on human behavior. When these attacks target organizations, there are multiple levels of attack at play. One that focuses on behavioral patterns and workflow, and the other centers on the victim’s emotional boundaries, such as targeting their desire to help others. You see this pattern frequently in Business Email Compromise (BEC) attacks.
Below, we’ve placed an example of a lure, which will test the victim to see if there is a means to quickly establish trust. Here, the threat actor is pretending to be the Chief Financial Officer (CFO) of the victim’s organization. If the lure is successful, then the threat actor will progress the attack, and often request sensitive records or wire transfers. Notice that in the email headers, the person pretending to be the CFO is using a Gmail account, one that was likely created just for this attack. The message is brief, stresses importance and urgency, and requests assistance, playing on the victim’s workflow and desire to help an executive or someone with authority.
The example below is a simplified one, to be sure, but the elements are legitimate. Daily, emails like this hit the inboxes of organizations globally, and the attackers only need to locate a single victim to make their efforts payout.
In the FBI / IC3 2021 Internet Crime Report, there were nearly 20,000 Business Email Compromise complaints filed, with an adjusted loss of nearly 2.4 billion dollars. While spoofing the identity of an executive is certainly one way to conduct a BEC attack, the FBI says that threat actors have started leveraging the normality of hybrid-work to target meeting platforms to establish trust and conduct their crimes. When successful, the funds from the fraudulent wire transfers are moved to crypto wallets and the funds dispersed, making recovery harder.
So as an end user what can you do to protect your organization? Be mindful anytime you receive an urgent call to action, especially when the subject involves money. If your workflow means that you regularly receive these types of requests from the specific individual, verify their identity and the validity of the request using another channel of communication, such as in person or via phone. If you do validate their identity via the phone, take care to avoid calling any numbers listed in the email.
Cisco Secure Email helps stop these types of attacks by tracking user relationships and threat techniques. These techniques often include account takeover, spoofing and many more. Using an intent-based approach allows Secure Email to detect and classify business email compromises and other attacks, so administrators are empowered to take a risk-based approach to stopping these threats.
Find out more about how Cisco Secure Email can help keep your organization safe from phishing.
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
puppi-car-1200
Watch ThreatWise TV: Explorations in the spam folder
The spam folder: that dark and disregarded corner of every email account, full of too-good-to-be-true offers, unexpected shipments, and supposedly free giveaways.
You’re right to ignore this folder; few good things come from exploring it. But every once in a while one of these misleading, and sometimes malicious, emails manages to evade the filters that normally siphon them off, landing them in your inbox instead.
Fortunately, it’s easy enough to spot these emails if you know what to look for. We’ve investigated this folder once before, showcasing a variety of scams. With the holiday season in full swing, we thought this would be a good time to revisit how scammers are trying to trick unsuspecting users.
The holiday season is traditionally a time when this type of activity increases, and this year is no different. According to research published by credit reporting agency TransUnion, the average daily number of suspected digital fraud attempts was up 82 percent globally between Thanksgiving and Cyber Monday (Nov 24–Nov 28) compared to the rest of the year (Jan 1–Nov 23) and 127 percent higher for transactions originating in the US.
This level of activity makes it all the more important to be aware of these scams. With that in mind, let’s dive into the spam folder to get a picture of the types of campaigns currently circulating.
While much of the spam circulating is innocuous, many emails are phishing attempts, and some are indeed malicious. To explore these scams, we used a dedicated computer, segmented from the rest of the network, and leveraged Cisco Secure Malware Analytics to safely open the emails before clicking on links or opening attachments. The point being, we do not recommend doing this at home.
By far, the largest category of spam we saw were surveys scams. According to these emails, if you fill out a simple survey you’ll receive “exclusive offers” such as gift cards, smartphones, smart watches, power drills, or even pots and pans.
There are even some campaigns that specifically target the holiday shopping season.
Clicking the links in these emails takes the recipient to sites where they are asked to fill out a survey.
These pages often include fake testimonials that say how easy the survey is and what they did with their free gift.
The surveys are straightforward, comprising 10-20 simple questions that cover demographic information and shopping habits.
After the survey is completed, these sites offer the choice of a handful of rewards. All the recipient must do is pay for shipping. They are then brought to a page where they can fill out shipping and payment information, and the reward is supposedly shipped.
However, the attempts to make payment often appear to fail, or the recipient is informed that the prize is no longer available.
An unsuspecting user may simply give up at this point, disappointed that they won’t be getting their free gift. What they may not be aware of, is that they have just given their credit card details away in a phishing scam.
In their 2021 Internet Crime Report, the Internet Crime Complaint Center (IC3) said that Non-Payment / Non-Delivery scams such as these led to more than $337 million in losses, up from $265 million in 2020. Credit card fraud amounted to $172 million in 2021 and has been climbing continuously at a conservative rate of 15-20 percent since 2019.
According to Cisco Umbrella, many of the sites asking for credit card details are known phishing sites, or worse, host malware.
Another topic that we covered the last time we explored these types of scams was package delivery spam. These continue to circulate today. There are a variety of shipping companies impersonated in these campaigns, and some generic ones as well.
Many of these campaigns claim that a package could not be delivered. If the recipient clicks on a link in an email, they’re brought to a web page that explains that there are outstanding delivery fees that need to be paid.
The recipient is further enticed by suggestions that the package contains a big-ticket item, such as an iPhone or iPad Pro. All the recipient is required to do is enter their credit card details to cover the shipping.
While no outright malicious activity was detected while examining these emails in Secure Malware Analytics, several suspicious behaviors were flagged. Chances are the bad actors behind these campaigns are phishing for credit card details.
Sometimes the simplest approaches can work just as well as the flashiest. This certainly holds true with spam campaigns, given the prominence of plain-text messages.
The topics covered in such emails run the gamut, including medical cures, 419 scams, romance and dating, pharmaceuticals, weight loss, and many of the scam types we’ve already covered. Many of these link to phishing sites, though some attempt to establish a dialog with the recipient, tricking them into sending the scammers money.
The IC3 report says that victims of confidence fraud and romance scams lost $956 million collectively, which is up from $600 million in 2020. Healthcare fraud, such as the miracle pills and prescriptions scams, resulted in $7 million in losses in 2021, but nearly $30 million in 2020. While these types of scams seem generic and easily spotted, they still work, and so it’s important to be aware and avoid them.
Many emails hitting the spam box attempt to trick users of various services into believing that there is a problem with their account. The problems cover all sorts of services, including streaming platforms, email providers, antivirus subscriptions, and even public records.
If the links are clicked, the recipient is presented with landing pages that mimic the respective services. Any details that are entered will likely be phished, leading to account takeover and/or access to personal records. However, some domains encountered in these cases may do more than just steal information, they could deliver malware too.
Another frequently encountered scam surrounds billing. Many of these appear to be unexpected bills for services the recipient never purchased.
These emails include attachments that are designed to look like official invoices. Interestingly, most of the attachments that we looked at this time were harmless. The goal is to get the recipient to call what appears to be a toll-free number.
While we haven’t called any of these numbers, the experience usually unfolds like a standard customer service call. In the end the “agents” simply claim the charges—which never existed in the first place—have been removed. Meanwhile the scammers steal any personal or financial information provided during the call.
While most billing scams we encountered played out as described above, a few did indeed contain malware.
In this example, the email appears to come from an internet service provider, informing us that our monthly bill is ready.
An invoice appears to be attached, stored within a .zip file. If the recipient opens it and double clicks the file within, a command prompt appears.
This may seem unusual to the recipient, especially since no invoice appears, but by this point it’s too late. The file contains a script that launches PowerShell and attempts to download a remote file.
While the remote file was no longer available at the time of analysis, there is a high likelihood it was malicious. But even though we were unable to determine its contents, Secure Malware Analytics flagged the script execution as malicious.
Knowing about prevalent scams, especially during the holiday season, is a first step in guarding against them. Granted the bad actors who distribute these spam campaigns do everything they can to make their scams look legitimate.
Fortunately, there are several things that you can do to identify scams and defend against them:
But even the best of us can be fooled, and when overseeing a large operation it’s more a matter of when, rather than if, someone clicks on the wrong link. There are elements of the Cisco Secure portfolio that can help for when the inevitable happens.
Cisco Secure Malware Analytics is the malware analysis and malware threat intelligence engine behind all products across the Cisco Security Architecture. The system delivers enhanced, in-depth, advanced malware analysis and context-rich intelligence to help better understand and fight malware within your environments. Secure Malware Analytics is available as a standalone solution, as a component in other Cisco Security solutions, and through software-as-a-service (SaaS) in the cloud, on-premises, and hybrid delivery models.
Cisco Secure Email protects against fraudulent senders, malware, phishing links, and spam. Its advanced threat detection capabilities can uncover known, emerging, and targeted threats. In addition, it defends against phishing by using advance machine learning techniques, real time behavior analytics, relationship modeling, and telemetry that protects against identity deception–based threats.
Cisco Umbrella unifies multiple security functions in a single cloud service to secure internet access. By enforcing security at the DNS layer, Umbrella blocks requests to malware before a connection is even established—before they reach your network or endpoints. In addition, the secure web gateway logs and inspects all web traffic for greater transparency, control, and protection, while the cloud-delivered firewall helps to block unwanted traffic.
Cisco Secure Endpoint is a single-agent solution that provides comprehensive protection, detection, response, and user access coverage to defend against threats to your endpoints. The SecureX platform is built into Secure Endpoint, as are Extended Detection and Response (XDR) capabilities. With the introduction of Cisco Secure MDR for Endpoint, we have combined Secure Endpoint’s superior capabilities with security operations to create a comprehensive endpoint security solution that dramatically decreases the mean time to detect and respond to threats while offering the highest level of always-on endpoint protection.
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
Payment applications make splitting restaurant bills, taxi fares, and household expenses so much easier. Without having to tally totals at the table or fumble with crumpled bills, you and your companions can spend less stress and more time on the fun at hand.
There are various payment apps available, and the company that may first come to mind is PayPal. PayPal is regarded as a safe platform where security and strong encryption are a priority; however, a recent and advanced phishing scam is putting PayPal users at risk of giving up large sums of money and their personally identifiable information (PII).1
Let’s look at this “triple-pronged” PayPal phishing scam and review some tips to help you identify and proceed should you encounter it.
The typical part of this three-sided scam is the phishing email component. According to one source, the phishing email comes from a legitimate-looking PayPal service email address. Luckily, the typos, odd punctuation, extra spaces, and grammar errors in the body of the email give away that it is a phishing attempt. Remember, phishing emails are often worded poorly or have errors. Large companies, especially ones like PayPal, have teams of content experts vetting all automated messages for such mistakes, so several mistakes in an email should set off your alarm bells. Proceed with caution and do not click on any links in the message.
The email also included wording that encouraged the user to act quickly or be charged a lot of money. That’s another trademark of phishing emails: urgency. Take a deep breath and make sure to reread carefully all emails that “require” a quick response. Don’t be scared by dire consequences. Phishers rely on people to rush and not give themselves time to listen to their better judgement.
The PayPal phishing email included a support phone number that claimed it was toll free. In actuality, it was an international phone number. So, if the recipient of the phishing email didn’t quite believe the message but wanted to follow up, the scam could catch them with what’s called a one-ring phone scam.2 This occurs when someone unknowingly calls an international phone number and then gets charged by their phone company for the long-distance call.
The best way to avoid one-ring phone scams is to never call a number you don’t recognize. Always go to an organization’s official website to find their contact information.
The third dimension of this PayPal scam was the international phone number in the phishing email connected the caller directly with the scammer who posed as the PayPal fraud department. The “customer service representative” then asked prying personal and financial questions to glean enough PII to break into a PayPal account or compromise the caller’s identity. This is the most damaging part of the scam. An excellent customer support team may be able to reimburse you your lost money; however, once your personal details are in nefarious hands, you can’t take them back.
In addition to never calling numbers you haven’t verified, never give out passwords and never give out more personal information than you need to. Even in legitimate customer service calls, it’s not rude to ask why the representative requires the information they’re asking for. In a fake call, questions like that may fluster the scammer, so keep an ear tuned to their tone.
Overall, our best advice for handling suspicious emails is to delete them. If it’s truly important, the sender will contact you again. And if a thief somehow stole money from one of your payment apps, the customer service team should be able to walk you through the steps to recover it.
The transfer and handling of large sums of money would make anyone nervous. To give you peace of mind, consider partnering with a service that can help you recover should you ever fall for a scheme and compromise your PII. McAfee+ Ultimate helps you live your best life in private, and the service includes credit monitoring with all three credit bureaus, security freeze, and expert online support to help you navigate any scams you encounter.
Having McAfee+ can protect you from email phishing scams like this. Here are some of the top agencies to report this scam to, if it happens to you: Paypal Fraud Department, Federal Trade Commision , Cybersecurity & Infrastructure Security Agency USA.gov IC3
“Report it. Forward phishing emails to reportphishing@apwg.org (an address used by the Anti-Phishing Working Group, which includes ISPs, security vendors, financial institutions, and law enforcement agencies). Let the company or person that was impersonated know about the phishing scheme.” – FTC.gov
1ZDNET, “Watch out for this triple-pronged PayPal phishing and fraud scam.”
2Federal Communications Commission, “‘One Ring’ Phone Scam.”
The post A PayPal Email Scam Is Making the Rounds: Here’s How to Identify and Avoid It appeared first on McAfee Blog.
Attackers specifically craft business email compromise (BEC) and phishing emails using a combination of malicious techniques, expertly selected from an ever-evolving bag of tricks. They’ll use these techniques to impersonate a person or business that’s well-known to the targeted recipient and hide their true intentions, while attempting to avoid detection by security controls.
As a result of the requisite expertise needed to combat these complex attacks, email security has traditionally been siloed away in disparate teams and security controls. Practitioners are buried under an ever-growing pile of RFCs, requiring extensive domain-specific knowledge, unending vigilance, and meticulous manual interventions, such as tweaking trust levels and cultivating allow/block lists with IPs, domains, senders, and vendors.
Cisco Secure Email Threat Defense is leading the industry forward with a major shift, elevating email security into a new era; where administration will consist of merely associating specific business risks with the appropriate due diligence response required to remediate against them.
Email Threat Defense has introduced a new Threat Profile that provides the customer with deep insights into the specific business risks of individual email threats and the confidence to act quickly. This new visualization is powered by a new patent-pending threat detection engine. This engine leverages intelligence distilled from Talos global-scale threat research across a massive volume of email traffic into machine learning, behavioral modeling, and natural language understanding.
The detection engine granularly identifies specific underlying threat techniques utilized in the message by the attacker. The identified techniques provide the full context of the threat message as the supporting foundation for the engine to determine threat categorization and the specific risk to the business. These malicious Techniques, together with the threat category and specific business risk, are used to populate the Threat Profile.
Each message’s Threat Profile is identified in real-time, automatically remediated per policy, and surfaced directly to the operator in the message detail views, providing deep contextual insights into the attacker’s intent and the associated risks to the business. As part of a larger Extended Detection and Response (XDR) strategy, the actionable intelligence in Email Threat Defense is integrated with the wider enterprise orchestration of security controls via SecureX, easing the operational burden by decreasing your mean time to remediation (MTTR).
Email Threat Defense delivers a distinct understanding of malicious messages, the most vulnerable targets within the organization, and the most effective means of protecting them from phishing, scams, and BEC attacks. With a clean design and core focus on simplifying administration, Email Threat Defense deploys in minutes to strengthen protection of your existing Microsoft 365 Exchange Online platform against the most advanced email threats.
For more information, visit the Cisco Secure Email product pages, read the Email Threat Defense data sheet, and view the demo video below.
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
Imagine this: Your CEO sends you an email asking for your help transferring $5,000 to a new vendor for an urgent project. You make the transfer, only to find out later that the email was actually from an imposter, and that money is now in the hands of cybercriminals. Oops, right? crickets
Business Email Compromise (BEC) is a type of cybercrime that involves compromising or imitating legitimate business email accounts to carry out fraudulent transactions or steal sensitive information. The goal of a BEC attack is typically to trick the victim into transferring money, clicking on a malicious link, or disclosing sensitive information such as login credentials. BEC attacks can have a devastating impact on organizations of all sizes and in all industries, making it essential for businesses to be aware of the threat, understand the business risk, and take the necessary steps to protect themselves.
According to the latest FBI IC3 report, BEC is “one of the most financially damaging online crimes” and in 2021 was accountable for $2.4 Billion in adjusted losses for businesses and consumers.
One of the most common types of BEC attacks is called impersonating or email spoofing. By pretending to be a trusted colleague or business partner to gain the victim’s trust, the attacker uses social engineering techniques to trick the victim into clicking on a link or attachment in an email that contains malware, takes the victim to a malicious website, and has them transfer funds or change payment information.
BEC attacks can be very sophisticated and are difficult to detect. Many times, what the end-user sees on their email client does not represent the true email address of that sender, or it shows one that has been spoofed.
Typically, the attacker tries to impersonate someone in the organization with enough authority to not be questioned about what he/she is asking to be done.
As with everything in security, to be able to succeed in stopping BEC attacks, additional security layers & techniques should be implemented. There are several options to mitigate or reduce the number of successful BEC attacks. Creating a list of the people who will be likely to be impersonated will provide the best results. Usually, with names from the CxO level, this is known as a High Impact Personnel list. It will be used along with other security analysis engines to make sure any impersonated/spoof emails, along with other threats, get stopped and will not reach the end user.
The Cisco Secure Email Threat Defense solution leverages hundreds of detection engines that utilize state-of-the-art artificial intelligence/machine learning and natural language processing to convict messages from the most creative attackers! On top of this, our customers can define their High Impact Personnel list, and together with the other detection engines, will be able to not only block malicious messages but also understand the reasons and categories of why a message is being convicted as malicious.
In summary, Business Email Compromise (BEC) is a serious threat to organizations of all sizes and in all industries. To protect against BEC attacks, businesses should implement multiple techniques including identifying their High Impact Personnel for their organization, educating employees about the threat, and relying on reporting to understand who is being targeted most frequently so their security policies can be adjusted.
See how Secure Email Threat Defense identifies specific business risk factors to protect your organization.
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
FreshRSS 