New credit card phone scam, more ransomware and a return of a malware gang.
Welcome to Cyber Security Today. It’s Wednesday September 9th. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com. To hear the podcast click on the arrow below:
For years criminals have been using recorded phone calls to start credit card scams. The recorded voice says the caller is from Visa or Mastercard about an offer or a problem, and asks you to press 1 to proceed. Those who do get connected to a live person. Crooks are going one step further: They’re hiring people to make completely live phone calls. Here’s how one of them works: You answer the phone and the caller asks for you by name. They say they are from “Card member services: Visa, Mastercard department on behalf of the bank. We are reducing the 19 per cent interest rate of your present credit card almost down to zero per cent.” The caller then says they need information to verify they are talking to the right cardholder, and ask for your card’s expiry date and the full credit card number. After that they will ask for the card verification number on the back of your card. The caller may emphasize they don’t want personal information. But they already have your name. If you give what they want they’ll have enough to use your card for fraud. Note also the caller never says what bank they are calling from. They say they’re calling on behalf of “the bank.” But if they know you, they should know the bank that issued the card and the card number. More importantly your bank won’t call you about a credit card offer — they’ll send you a letter. If you get one of these calls hang up, and call the Canadian Anti-Fraud Centre or the FBI.
More news on ransomware attacks: The public school board in Hartford, Connecticut was forced to cancel the opening of schools yesterday because of a ransomware attack. Among other things it crippled the system the board uses to communicate with the school bus company. Instead schools were scheduled to open today. The mayor told reporters that spending about $400,000 on new cybersecurity software last year significantly limited the damage of the attack. The incident also impacted the Hartford police and fire systems. The city is refusing to negotiate with the attackers.
In England, Newcastle University is trying to recover after being hit by a ransomware attack that started August 30th. In an update yesterday the university said complete restoration will take several weeks. Although Microsoft Office applications including email and the Canvas virtual learning system are up, many IT systems are still not operating.
Schools and universities are targets for cybercriminals who hope the personal information on students and staff as well as research information will be seen as valuable enough for institutions to pay a ransom.
Meanwhile in Chile, BancoEstado had to shut all branches on Monday. According to the ZDNet news service, it suffered a ransomware attack last Friday.
Several government cybersecurity agencies around the world are warning of a new attack from an old group. The group is behind malware called Emotet. Originally Emotet was specialized malware that focused on stealing passwords for bank accounts. Over the years its capabilities have been growing. However, for six months this year distribution of Emotet was subdued by a security company called Binary Defence, which found a vulnerability and quietly told other firms. But several countries are now reporting that Emotet is back and with a deadlier threat: Not only does it steal email passwords and lists of email contacts to spread the malware, the group will also look for email conversations between people and then impersonate someone to insert an infected attachment into the thread. As always, you should be careful opening attachments that are supposed to be invoices, financial documents, shipping information, resumes or information on COVID-19. Messages that come from someone you don’t know should always be treated with suspicion, but these may come from the hacked accounts of people you do know.
Users of the MoFi 14500-series of rugged routers are being warned to take precautions after the discovery of several critical vulnerabilities. Researchers at security firm Critical Start say that while the company has issued patches to fix some of the problems, they created new vulnerabilities. These routers may be used in cars and trucks for Internet connectivity through LTE. Users should take precautions listed in a link in the text version of this podcast at ITWorldCanada.com.
Finally, Adobe has issued security updates to its InDesign, Framework and Experience Manager suites.
That’s it for Cyber Security Today. Links to details about these stories can be found in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cybersecurity professionals. Cyber Security Today can be heard on Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening. I’m Howard Solomon