Zoom meeting job review scam, fake Labor Department email and a new Android threat.
Welcome to Cyber Security Today. It’s Friday May 1st. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.
To hear the podcast click on the arrow below:
 |
 |
 |
Videoconference provider Zoom has toughened its security by making it mandatory for users to enter a password to create a meeting. So scammers are trying new ways of stealing Zoom passwords, which they hope will get them something more valuable: Your email password. According to security firm Sophos, here’s how it works: You get an email invitation to join a quarterly financial meeting seemingly set up by the company human resources, audit or payroll department. The purpose is a performance review, contract suspensions or terminations — topics that are worrisome during the COVID-19 pandemic crisis. The message may also say your participation in the meeting is mandatory. Criminals hope victims will be too worried to be suspicious, and click to log in. If they do they’ll see a page with spaces to fill in an email address and password. Those behind this scam are probably hoping you’ll accidentally enter your email password and not your Zoom password. That gets captured by the crooks. How do you protect yourself? First, if your manager hasn’t verbally told you there’s a meeting like this, be suspicious. Second, if someone emails you a Zoom meeting invitation you don’t have to log into Zoom. Third, if your organization uses Zoom you should enable two-factor authentication so even if a crook has your login credentials that isn’t enough.
Here’s another COVID-19 scam, this one discovered by IBM: People are being sent emails that fakes being from the U.S. Department of Labor regarding the Family and Medical Leave Act. That’s a federal law dealing with a paid leave of absence. What you’re asked to do is click on the attached employee request form — which infects your computer, steals bank login passwords and other information. One tip-off this is a scam is it’s addressed to “Dear employee.” Another is, how does the government know your email address? And there are a few spelling and grammatical errors.
Attention Android users: New malware under development has been detected aimed at stealing your bank or digital wallet login username and password. The security firm Cybereason has spotted early versions of this threat, which hides behind copies of legitimate mobile icons like Adobe Flash and Microsoft Word. Once installed it looks for personal data, passwords and banking information to steal from 200 financial-related apps. What makes this malware threatening is its ability to steal information sent through SMS text messages. That could include the two-factor authentication codes used to confirm logins on many applications.
Apps made by this criminal group have the typical tip-offs of any mobile malware. One is when installing the app asks to run in the background. That’s so you don’t know what it’s doing. Think carefully before saying yes. Another tip-off is the app asks permission to use certain accessibility features. These are features that help disabled people use mobile devices. They include the ability to observe the text you type, to observe your actions or to see the content of any window you have open. If you say yes, then the app can see the passwords and any personal data you type in. If you’re not disabled there’s no reason for an app to use these services. This new strain of malware is still being developed and hasn’t been widely distributed. One way to protect yourself is don’t download Android apps from anywhere but the Google Play Store. Another is to make sure your mobile device has the latest software updates.
That’s it for Cyber Security Today. Links to details about these stories can be found in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cybersecurity professionals. Cyber Security Today can be heard on Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening. I’m Howard Solomon