An email gift card scam, please stop re-using passwords and more open data found on Amazon storage.
Welcome to Cyber Security Today. It’s Friday December 6th. I’m Howard Solomon, contributing reporter on cyber security for ITWorldCanada.com.
To hear the podcast, click on the arrow below:
After criminals hack an email account they try to make money from it in many ways. Often they’ll send phishing messages with attachments like infected photos or greeting cards to people on the victim’s contact list. They’re hoping recipients will see and trust the address of the sender and will click on the attachment. I’ve come across another scam: The hacker pretends to be so-called friend and asks you to buy something for them. In this case the message went like this: “I need to pick up four Google Play gift cards for my niece, Its her birthday but I can’t do this now because I’m currently out of town. Can you get it for me from any store around you? I’ll pay back next week when I get back home.” When the victim emails back that the cards have been bought the so-called friend will say they can’t pick up the cards now; instead they ask for the serial numbers. Of course, that allows the criminal to cash in the cards.
One other thing: If your email is hacked, the attacker will likely try to forward a copy of all your mail to their account. That way they can see if your mail has valuable information, as well as whether you know about the hack and are trying to alert people. So, periodically check your email account and make sure email forwarding is not enabled. If it is, that’s a sign you’ve been hacked.
A lot of people still are using the same username and password for several accounts. That’s dangerous because once a hacker gets your login credentials they’ll try them on all sorts of web sites, including banks. How common is password re-use? Well, according to the ZDNet news site, Microsoft recently compared the login credentials of all users of its products against a database of three billion stolen usernames and passwords. Of those there were 44 million matches. That means millions of people still aren’t getting the message. If that’s you, please make different passwords for everything, and use a password manager to keep track of them. Do an Internet search if you don’t know what a password manager is. There’s lots of them. Some antivirus or anti-malware products you already use offer them. And, where you can enable two-factor authentication in addition to your username and password.
I’ve talked before about companies poorly protecting data they store on Amazon Web Services. Here’s the latest example: The news site Tech Crunch reports that a security company recently found an open storage bucket on Amazon with more than 261,000 documents including phone bills of customers of American cellphone carriers AT&T, Verizon and T-Mobile. The bills had people’s names, addresses, phone numbers and call histories. The data belonged to a company called Deardorff Communications apparently doing work for a competing carrier, Sprint, on ways to get customers to switch providers. Employees use Amazon Web Services and other cloud storage providers for processing. Or sometimes the entire business is run in the cloud so they don’t have to build a data centre. But managers have to make sure employees using these services understand how to secure data.
Coincidentally, this week Amazon took more steps to help companies protect their data. It released Amazon Identity Access Analyzer which helps IT administrators keep an eye on who has permission to access resources stored on Amazon servers. Of course, it only works if companies have a policy allowing staff to use Amazon storage with supervisor permission. That way any data that goes to Amazon is watched on a dashboard. However, if a staffer uploads data to Amazon storage without company knowledge, no policy will help.
Finally, if you use the OpenBSD operating system in company products, or on your own computer, make sure it’s updated. Four big vulnerabilities have been found. Patches are now available.
That’s it for Cyber Security Today. Links to details about these stories can be found in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cyber security professionals. Cyber Security Today can be heard on Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening. I’m Howard Solomon