Cyber Security Today, July 6, 2022 – Phishing test fails, ransomware developer AstraLocker quits, and Wi-Fi warning sent to people sitting in airports
A failed phishing test, AstraLocker ransomware developer quits, and a Wi-Fi warning to those sitting in airports.
Welcome to Cyber Security Today. Today is Wednesday, July 6, 2022. I’m Howard Solomon, Contributing Cybersecurity Reporter for ITWorldCanada.com.
Even the smartest people may fail a phishing test. I know one: he’s a friend who was a journalist and now works for a computer research company. His company recently sent a phishing test email telling him that his company laptop needed to be replaced. To register to receive the new one had to click on a link. The message looked real – it had the search company’s logo and the sender’s email address seemed legitimate. But there were three clues that the message was fake: First, while the sender’s email was close to the company’s domain, it wasn’t identical. Hackers can do this easily by creating a fake domain like “widget.co” instead of “widget.com”. Second, the message misspelled the word “your” as “you are”. And third, the message didn’t end with the usual phrasing of the company’s IT team. Fortunately, it was a test, but it contained typical elements of a genuine phishing message. The lesson: Hackers rely on people making mistakes because everyone reads their emails quickly. It’s easy to be suspicious of messages you receive from strangers. But it’s also important to pay attention to messages from senders that seem familiar to you. You cannot completely rely on your organization’s email filtering to detect all scams. Each of us must also take personal responsibility for cybersecurity.
The person or group behind AstraLocker ransomware has apparently gone out of business. The Bleeping Computer news site reports that the developer told them that they release decryptors for any organization or person whose data was encrypted by the ransomware. That’s the good news. The bad news is that the developer says it is turning to stealing cryptocurrency from victims.
British Army Twitter and YouTube accounts were hacked earlier this week to promote online scams involving non-fungible digital tokens, or NFTs. Like digital currency, NFTs are tokens on a blockchain. Usually they represent ownership of artwork, trading cards, comic books, sports collectibles, games and more. In this case, those on the Army’s Twitter site saw promotions for trendy NFT digital artwork in a sweepstakes. Those on the Army’s YouTube site saw ads promoting “double your cryptocurrency” scams. The British Army soon regained control of the accounts. There was no immediate explanation for how the military lost control of what are believed to be limited-access accounts.
The news is full of stories these days about chaos at airports. Having to spend a lot of time in queues before a flight and then having to find luggage after a flight pushes people to do something to avoid being bored. And often, they connect to the airport’s free Wi-Fi network to follow their e-mails, Twitter or the news. But it’s a great opportunity for hackers to set up fake airport hotspots to capture people’s usernames and passwords. Robert Falzon of cybersecurity provider Check Point Canada warns air travelers to be careful with Wi-Fi in general, including at airports. Your cellular network is more secure, even if it means consuming your data quota. Before going to the airport, turn off Wi-Fi and Bluetooth services. If you must use public Wi-Fi, avoid using personal accounts such as email accounts and bank accounts. It also reminds travelers that cybersecurity awareness begins when planning a trip. Make sure the airline, accommodation or car rental site used is legitimate. If a deal sounds too good to be true, it probably is. And don’t tell the world on social media that you’re not home. Enjoy your vacation when you return.
Meanwhile Israel’s Privacy Authority has taken over a company’s travel booking sites after the sites were hacked by Iranian attackers. According to The Times of Israel, attackers copied the personal data of more than 300,000 customers last month. The new site quotes the regulator saying it acted because the security changes it demanded were not made by the websites owner.
Microsoft warns Smartphone users should be careful when downloading software from untrusted app stores. Those who are not careful unknowingly install bad apps that automatically sign up phones to paid services that pay crooks money. Called phone fraud malware, this billing fraud cuts off the victim’s access to Wi-Fi networks and forces the phones to use the mobile operator’s network. Some malware can even intercept the multi-factor authentication process required for a subscription so that the user is not aware of fraudulent transactions. To avoid being a victim, only download apps from an authorized site like the Google Play Store. Whenever you get an app, avoid giving it SMS permissions, notification listening access, or accessibility access unless necessary. If you’re the type of person who downloads a lot of apps, consider installing an anti-malware or antivirus solution. Just make sure it’s a trusted source.
To finish, There is a security update from Google for Chrome browser users.
Remember that links to podcast story details are in the text version at ITWorldCanada.com.
Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening. I am Howard Solomon