Category Archives: Scam

Netflix Scam Warning

via: malwarebytes

Always be on your toes

While we are used to receiving scam attempts pretending to be from banks, online shops, credit card companies, and international courier services that does not mean all the other emails are safe. Far from it. To demonstrate this point we will show you a scam aimed at Netflix customers which has been used in the Netherlands and is now doing the rounds in the UK but could just as easily spread to the US.

The mail in question

The sender address, in this case, was supportnetflix@checkinformation[.]com and the content of the email informs us that there has been a problem with our last payment. Obviously to those of us who are not customers of Netflix this is the first red flag. The fact that the domain name checkinformation[.]com does not belong to Netflix is another big red flag. In fact, the domain is for sale at the moment of writing.

phishing mail

Netflix

Account disabled!

Dear User,

We’re having some trouble with your current billing information. We’ll try again. But in the meantime you may want to update your payment details. During the next login process, you will be required to provide some informations like (billing info, phone number, payment info)

 

So the email asks us to fill out our payment details on a site. This should always be a red flag for everyone. A security-aware company does not provide you with a clickable button to their site. They will tell you to log into their site and provide you with instructions on how to proceed. They will not provide a direct link to a page with a form to fill out asking for billing information and what not.

Pay attention to

When you have to provide such details always look for the green padlock in the address bar of your browser.

green padlock

Remember that the green padlock is not the sole condition, but it is a must before you proceed.

Another telltale sign is spelling errors, but again, the lack of them is not a definite green light to proceed. Scammers have learned that their efficiency goes up if they pay attention to their spelling.

Also never judge a site by its looks, because phishers are masters in the art of copying the layout and images from legitimate sites. In fact, they usually link to the actual layout and images of the website they are pretending to be.

source: https://blog.malwarebytes.com/cybercrime/2017/09/netflix-scam-warning/

MacEwan University loses $11.8 million to scammers in phishing attack

Via: edmontonjournal.com

Low-level MacEwan University staffers were tricked into transferring $11.8 million into scammers’ bank accounts in what one expert said is among the largest publicly disclosed phishing scams.

The majority of the money, $11.4 million, has been traced to bank accounts in Montreal and Hong Kong.

“We are fairly confident that we will be able to recover those funds, the $11.4 million,” MacEwan spokesman David Beharry said Thursday. “It’s a question of how long will it take for the university to retrieve that money.”

He said $6.3 million has been seized from the account in Montreal, and actions are underway to freeze the two accounts in Hong Kong.

The $11.8 million loss represents about one-10th of what MacEwan receives as an annual operating grant from the government of Alberta. In the 2015-16 financial year, the university received $118 million from the province out of its $237.1-million budget.

“I think it’s safe to say that there was a lot of disappointment and frustration because this came down to human error,” Beharry said.

The fraud was discovered Aug. 23 after a supplier said it had not been paid. Beharry would not identify the supplier.

Fraudsters had created a website that resembled the domain site of one of the university’s major supplier. Using that site, the fraudsters impersonated the supplier, asking the university to transfer accounts payable to a new bank account the fraudsters controlled.

Three MacEwan staffers made three payments to the bogus account over a nine-day period ending Aug. 19. The university paid out $1.9 million, $22,000, and finally $9.9 million.

Beharry would not say if the staffers have been disciplined or fired.

“The university does not believe there has been any sort of collusion,” he said. “We really believe this is simply a case of human error.”

The university is working with lawyers in Montreal, London and Hong Kong on civil action to recover the money. The status of the remaining $400,000 is not known.

MacEwan conducted an audit of its business processes after discovering the fraud and put controls in place “to prevent further incidents.” An internal audit group will also investigate the incident.

An early assessment determined that “controls around the process of changing vendor banking information were inadequate, and that a number of opportunities to identify the fraud were missed.”

David Shipley, CEO of Beauceron Security and former cyber-security lead at the University of New Brunswick, said MacEwan was likely the victim of what’s known as a business email compromise scam.

“It’s the single largest publicly disclosed amount I’ve seen,” he said. “That’s not to say there aren’t private companies that aren’t required to disclose this stuff that haven’t had (larger) losses.”

MacEwan spokesman David Beharry says “the university does not believe there has been any sort of collusion.”

Shipley said Facebook and Google fell victim to similar scams, transferring “in the $100-million range” after being invoiced by fake suppliers.

“This is the intersection of people, process and technology,” he said. “People in that they got tricked, process in that being able to transfer that amount of money should have required additional financial controls. Technology played the smallest role — as in why didn’t their email filter it or alert them that (the sender) wasn’t who it said it was.”

Beharry said the university has funds to pay the supplier. The loss would not impact students, he said.

In a statement, Advanced Education Minister Marlin Schmidt said he is “disappointed” the university fell victim to the scam and has instructed all post-secondary institutions to review their financial controls.

“I expect post-secondary institutions to do better to protect public dollars against fraud,” Schmidt said.

Source: http://edmontonjournal.com/news/local-news/11-8-million-transferred-from-macewan-university-accounts-in-phishing-attack

Alert: Potential Hurricane Harvey Phishing Scams

Via: US-CERT

Updated blog post at this link

Original release date: August 28, 2017

US-CERT warns users to remain vigilant for malicious cyber activity seeking to capitalize on interest in Hurricane Harvey. Users are advised to exercise caution in handling any email with subject line, attachments, or hyperlinks related to Hurricane Harvey, even if it appears to originate from a trusted source. Fraudulent emails will often contain links or attachments that direct users to phishing or malware-infected websites. Emails requesting donations from duplicitous charitable organizations commonly appear after major natural disasters.

US-CERT encourages users and administrators to use caution when encountering these types of email messages and take the following preventative measures to protect themselves from phishing scams and malware campaigns:

  • Do not follow unsolicited web links in email messages.
  • Use caution when opening email attachments. Refer to the US-CERT Tip Using Caution with Email Attachmentsfor more information on safely handling email attachments.
  • Keep antivirus and other computer software up-to-date.
  • Refer to the Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.
  • Review the Federal Trade Commission information on Charity Scams.
  • Verify the legitimacy of any email solicitation by contacting the organization directly through a trusted contact number. You can find trusted contact information for many charities on the BBB National Charity Report Index.

Source: https://www.us-cert.gov/ncas/current-activity/2017/08/28/Potential-Hurricane-Harvey-Phishing-Scams

Alert: Online Scammers Require Payment Via Music Application Gift Cards

Via: IC3

Source: https://www.ic3.gov/media/2017/170801.aspx

“Wire Transfer” Scam Email Sent to the Fordham Community on July 5, 2017

This is a Scam email that has been reported. This message was
received on or about July 5, 2017. Please DO NOT respond to this message or anything that looks like it. You may disregard and delete this message. If you have any questions about the validity of this email please contact IT Customer Care at 718-817-3999 or via email: helpit@fordham.edu.
———————-———-——Begin Message ——–——————————

From: <CustomerService@interaudibank.com>
Date: July 5, 2017 at 10:51:32 AM EDT
To: <user@fordham.edu>
Subject:Wire Transfer

A wire request has been sent to Interaudi Bank on 07/05/17 at 08:13:59 AM to transfer 10000.00 to your account.
The confirmation ID for this request is ******.
Please do not respond to this confirmation. This is an unmonitored mailbox, and replies to this email cannot be read or responded to.

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

The information contained in this message is privileged and confidential and protected from disclosure.

If the reader of this message is not the intended recipient, or an employee or agent responsible for

delivering this message to the intended recipient, you are hereby notified that any dissemination,

distribution or copying of this communication is strictly prohibited.

If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer.

Thank you.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

———————-———-——End of Message ——-———-———————

Alert: Easter Holiday Phishing Scams and Malware Campaigns

Via: US CERT

“Original release date: April 11, 2017

As the Easter holiday approaches, US-CERT reminds users to stay aware of holiday scams and cyber campaigns, which may include:

  • unsolicited shipping notifications that may actually be scams by attackers to solicit personal information (phishing scams),
  • electronic greeting cards that may contain malicious software (malware),
  • requests for charitable contributions that may be phishing scams or solicitations from sources that are not real charities, and
  • false advertisements for holiday accommodations or timeshares.

US-CERT encourages users and administrators to use caution when reviewing unsolicited messages. Suggested preventive measures to protect against phishing scams and malware campaigns include:

  • Do not click web links in untrusted email messages.
  • Refer to the Shopping Safely Online Tip.
  • Use caution when opening email attachments. Check out the Using Caution with Email Attachments Tip for more information on safely handling email attachments.
  • Review the Federal Trade Commission’s page on Charity Scams. Use the links there to verify a charity’s authenticity before you donate.
  • Read the Avoiding Social Engineering and Phishing Attacks Tip.
  • Refer to the Holiday Traveling with Personal Internet-Enabled Devices Tip for more information on protecting personal mobile devices.”

Source: https://www.us-cert.gov/ncas/current-activity/2017/04/11/Easter-Holiday-Phishing-Scams-and-Malware-Campaigns

Scam Campaign Targeting University Communities

Please be advised that there are scam campaigns targeting University communities. We have received reports of phone calls claiming to be Apple, reporting suspicious activity on accounts and requesting to call them back.

This is not a legitimate call, if you receive it and have any concerns about your account please contact Apple directly and not the number given in this message.

Unfortunately, this is not the only campaign masquerading as Apple support so please be diligent and avoid giving any personally identifiable information over the phone or through email.

Please remember that Fordham IT will NEVER ask you for your username and password or ask you to click any links to validate or verify your account or password. If you receive questionable or suspicious communications, contact IT Customer Care and allow the University Information Security Office (UISO) to validate the legitimacy of these communication attempts.

“Help…………………..Paul Williams” Scam Email Sent to the Fordham Community on March 30, 2017

This is a Scam email that has been reported. This message was
received on or about March 30th, 2017. Please DO NOT respond to this message or anything that looks like it. You may disregard and delete this message. If you have any questions about the validity of this email please contact IT Customer Care at 718-817-3999 or via email: helpit@fordham.edu.
————————————Begin Message ————————————
From: “Paul Williams” <Pppandpw@aol.com>
Date: Mar 30, 2017 10:14 AM
Subject: Help…………………..Paul Williams
To: <user @ fordham.edu>

Good Morning,
I thought i could reach out to you to help me out, I made a quick trip out of the country for a conference, unfortunately i had my bag stolen from me with my phone on my way back to my hotel room. I need your urgent help before my return flight.I will forever be grateful if you can help me.
Paul Williams

————————————End of Message ————————————

Article: How to protect yourself while online shopping for the holidays

A recent article from Mashable provides researched geared towards protecting yourself online while shopping for the holidays:

—Begin—

With many retailers offering internet-only promotions to go along with their in-store doorbusters, more Americans than ever seem to be choosing to stay home to take advantage of the best deals of the season.

Research from Visa projects an 18 percent increase in online holiday spending this year, which follows 16 percent growth over the 2015 season from the year before. That uptick in 2015 resulted in about $11 billion of online sales over the five-day Thanksgiving weekend period (Thanksgiving Day through Cyber Monday). That’s why it’s essential that shoppers protect themselves and their personal information more than ever in 2016. Especially since “25 percent of all security breaches [are] taking place in the retail sector,” said Experts Exchange COO Gene Richardson in a statement to Mashable.

As a former head of the data security teams of IBM, Charles Schwab and Motorola, Richardson has extensive experience advising companies and consumers alike on how to avoid fraud and protect their identities online.

With that in mind, he’s assembled a set of helpful online shopping safety tips:

1. Ensure that the website address is secure and has a valid encryption certificate. It will usually display a “locked, green” indicator in front of the website name. If it doesn’t have that, it does not have a higher level of security that has been guaranteed by a known entity like Verisign, Symantec and others.

2. Ensure your system has the most recent recommended system and security patches.

3. Always use a credit card that is not tied directly to your personal bank account(s), even if you are using PayPal, Bitcoin or some other payment method.

4. Never give anything other than name, address and phone number. You should not need to answer security or privacy questions when making a purchase or checking out. If they ask, see if you can checkout as a “guest” instead.

5. Monitor your credit through a third party for identify theft and have SMS and email alerts sent to you immediately.

6. Set-up alerts with your credit card company that send both SMS and emails when any purchases are made and the credit card was not scanned (meaning, it wasn’t in someone’s hand when the charge was made). Set them as low as $25 per purchase. Also, set-up alerts for total purchases over $500 in a billing period to protect multiple $24.99 purchases. And if possible, a maximum amount of purchases allowed in a billing period such as $1500 before card will get declined.

7. Ensure that you have a reputable Antivirus program running on your computer and that your browser has an Ad blocking plug-in.

8. Ensure that the network your computer/device is on is secure and you know who has access to your network. This is usually done with your router. You want to lock down your router so that traffic can be initiated from the inside-out but you do not want traffic to be initiated from the outside-in. If you are using a WiFi connection, make sure that network is also secure and requires a password to join. If it is a public WiFi network that doesn’t require a password, then the traffic coming from your device can be monitored and stolen.

9. Any passwords that you use should be strong, hard to guess ones. Or, even better, hard to guess, but easy to remember.

10. Don’t click on unfamiliar links to sites advertising sales, coupons, etc.

11. Use two-factor authentication/verification, if it is offered.

Mobile Concerns

To stay safe while shopping on your phone or tablet, be sure to follow these tips, according to RiskIQ:

1. Only download apps from official app marketplaces like Google Play or Apple’s App Store.

2. Be wary of applications that ask for suspicious permissions, like access to contacts, text messages, administrative features, stored passwords, or credit card info.

3. Check out the background of an app before downloading. Research the developer and be cognizant of the spelling of brand names.

4. Make sure to take a deep look at each app. New developers, or developers that leverage free email services (e.g., @gmail) for their developer contact, can be enormous red flags — threat actors often use these services to produce mass amounts of malicious apps in a short period. Also, poor grammar in the description highlights the haste of development and the lack of marketing professionalism that are hallmarks of mobile malware campaigns.

Common Sense

Just like any other time of the year, a deal found online over Thanksgiving weekend that seems too good to be true might be just that.

In addition to Richardson’s first tip about web page encryption certificates, always check website addresses after following links on Twitter, Facebook or even Google to be sure you haven’t been redirected. Legitimate retailers will almost always be determined by the “S” in HTTPS at retail sites.

Finally, keep your personal and financial information close at hand. Never provide anything until you’ve done your homework on a site or app, and even then never input anything until you’ve selected your purchase and are checking out.

With a measured approach to online shopping, you can dodge the in-store lines and the security risks this holiday season.

—End—
Source: http://mashable.com/2016/11/21/online-shopping-safety-black-friday-cyber-monday/#6OHl_1zRaqql

Article: Random text? Wait, wait, don’t click that!

“Here’s a tip that’s worth repeating:

Don’t click on a link in a text message you get on your phone that says you’ve won a terrific prize or a gift card, or that asks you to click on a link. Don’t reply either. It’s probably a scam.

The Federal Trade Commission settled charges with a group of marketers that were part of a scheme that sent millions of unsolicited spam text messages promoting supposedly free merchandise like $1,000 gift cards for Wal-Mart and Best Buy.

People who clicked the links in the messages didn’t get the promised prizes. Instead, they were taken to websites that asked them to give personal information and sign up for multiple offers, often involving purchases or paid subscriptions.

What can you do about unwanted text messages?

  • Delete unwanted text messages that ask you to enter a special code, or to confirm or provide personal information. Legitimate companies won’t send you a text asking for sensitive information.
  • Don’t click on links in the text message. Links can take you to spoof sites that look real but will steal your personal information.
  • Report spam texts to your carrier. Copy the original message and forward it to 7726 (SPAM) free of charge, if you are an AT&T, T-Mobile, Verizon, or Sprint subscriber.”

Though scams involving free gift cards and merchandise are common there are also other types of scams prevalent via text messages. Below is an example of  a scam text message.

textscam

Source: https://www.consumer.ftc.gov/blog/random-text-wait-wait-dont-click