Email passwords of executives for sale, a ransomware attack on industrial systems manufacturer and more online shopping advice.
Welcome to Cyber Security Today. It’s Monday November 30th. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.
To hear the podcast click on the arrow below:
Today is Cyber Monday, when the Internet will be filled with supposed bargains and quick clearance sales. Some of those bargains will come from crooks. Be careful. Know the prices of the things you want to buy. If a deal is too good to be true, it’s probably fake — especially if it’s from a site or seller you’ve never heard of. Another scam is to offer a deep discount, but it comes with high shipping and handling fees.
Remember criminals are sending fake emails that look like they came from Amazon. Some offer deals. Others pretend there’s a problem with your Amazon account and ask you to click on a link to verify your information. The goal there is to steal your login password. And scammers still use phone recordings as traps. There are recorded calls going out now pretending to be from Amazon saying they’re about to charge you for being an Amazon Prime member. This, too, is a trick to get you to give away your password.
Many people are ordering products online at this time of year, so they’re expecting parcels. That’s why scammers are also now sending out emails with package delivery scams — like ‘Our courier couldn’t deliver your parcel today. Click here to see the delivery notice.’ Check if the email really is from a courier you are expecting.
Finally, make sure the device you use for buying — computer, smartphone or tablet — has the latest security updates. That’s just in case you make a mistake. You don’t want to get infected.
Hackers don’t always immediately exploit an email account they’ve cracked. Sometimes they just sell the passwords to other crooks to use. In the latest example a hacker is selling what they say are the passwords to Microsoft email accounts of hundreds of high-level executives from around the world. According to the ZDNet news service, the data is being sold on a closed-access underground forum for Russian-speaking hackers. Prices range from $100 to $1,500 each, depending on the company size and the person’s title. The news service says one account seems to be for the CEO of a medium-sized American software company. Regardless of this news, if you’re a high-level executive or work in the financial or IT departments you must protect your email account with two-factor authentication in case your password has been exposed.
A ransomware gang called Conti has started publishing data stolen from Advantech, a Taiwan-based maker of internet-connected industrial equipment, according to The Bleeping Computer news service. It says the manufacturer was hit with ransomware earlier in the month. The is gang demanding about $14 million to get the decryption key or the stolen data would be publicly released. Advantech hasn’t commented publicly at the time this podcast was recorded. Advantech products are used in a wide-range of industrial systems.
IT security professionals are being warned that hackers continue trying to infiltrate organizations through an old backdoor exploit. It’s known in the security industry as Bandook. It’s being done by tricking victims into downloading an infected file with malware that ends up installing the backdoor, Through the backdoor the attacker can secretly get inside a computer network. Security vendor Check Point Software says one of the latest techniques is to convince the victim in an email to download a ZIP file that includes an infected Microsoft Word document. If the user has followed proper security procedure and turned off macros, the document asks that they Enable Content or Enable Macros. That, of course, enables the malware to run. What the victim sees is a supposedly important document. Windows should prevent many malicious pieces of software from running. But in the latest version of this scam the bad software has a valid digital signature called a certificate that fools Windows. The report’s authors suspect this malware has been created by one attacker who sells it to others. Recently organizations in the U.S., Germany, Italy, Singapore, and other countries have been targeted by this attack.
Employees need to be reminded to be careful before clicking on link and attachments.
That’s it for Cyber Security Today. Links to details about these stories are in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cybersecurity professionals.
Cyber Security Today can be heard on Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening.