Archives: Cybercrime Alerts

Cybercrime Alerts news and reviews

 

Portugal – Cyber attacks on organisations rose 81% in 2021 – Check Point

 

Lisbon, Jan. 10, 2022 (Lusa) – The average weekly number of cyberattacks on Portuguese organisations increased last year by 81% year-on-year, with one organisation being attacked 881 times a week, with education and healthcare standing out, according to data from Check Point.

“In 2021, the peak was recorded in December, much due to the vulnerability in Log4J. In Portugal, an organisation was attacked on average 881 times a week, an increase of 81% compared to 2020,” Check Point Research (CPR), the ‘threat intelligence’ area of Check Point Software Technologies, a provider of cybersecurity solutions, indicated in a statement.

In this period, among the most targeted sectors, education, health and public administration/military sector stand out.

Globally, the number of cyber-attacks per week increased by 50 per cent last year, with the peak occurring in December “largely due to the Log4J vulnerability”.

The most affected sectors, worldwide, were education/research (with a 75% increase), followed by healthcare (71%).

According to the analysis released today, Africa, Asia Pacific and Latin America were the top targets for cyber-attacks against organisations.

However, Europe saw the highest percentage increase (68%) in cyberattacks.

“New techniques for penetrating systems and methods of evasion have made it much easier for hackers to carry out their malicious intentions,” said Omer Dembinsky, data research manager at Check Point Software, quoted in the same document, noting that some industries “central” to society are increasingly moving up the list of most attacked.

He also said that the numbers are expected to increase in 2022, “with hackers continuously innovating and seeking new methods to execute cyber-attacks, especially ransomware”.

Omer Dembinsky also recommended downloading ‘patches’, segmenting networks and making employees aware of these issues.

Data and statistics captured by Check Point’s threat prevention technologies were used to conduct this analysis.

Porto, June 14, 2021 (Lusa) – Complaints filed with the Attorney General’s Office (PGR) related to cybercrime in 2020 increased 182% compared to 2019, said today the Minister of State and Presidency, Mariana Vieira da Silva.

“Last year [2020], in Portugal, complaints filed with the Attorney General’s Office, related to cybercrime increased by 182%”, declared Mariana Vieira da Silva, at the opening session of “C Days – Cybersecurity 2021”, that event that takes place between today and next Wednesday, the 16th, at Alfândega do Porto.

The minister, who was not present at the opening session, but sent her presentation via digital, added that “reports of cyber attacks directed at essential services such as health communities that paralyze the provision of public services and cause considerable disturbances in the functioning of societies”.

The government official argued that the development of skills in cybersecurity should be in the “focus of action by public entities”, but also in “private sector organizations”, and recalled that Portugal has “difficulty in training and retaining highly specialized professionals with advanced skills in cybersecurity”.

“The strategy execution reports also highlight the difficulty in training and retaining highly specialized professionals with advanced skills in cybersecurity, as well as the need for greater use of structural funds and other financing instruments to promote digital resilience and transformation for Small and Medium Enterprises”.

Although Portugal has a national cyberspace security strategy that enshrines “several lines of action for training and awareness in cybersecurity”, Mariana Vieira da Silva referred that it is “a work that needs to be “deepened”.

PLEASE BE AWARE AND SHARE

Please be informed that emails are circulating with the subject “Unsuccessful delivery attempt”. It is not a CTT service, but a scheme for collecting personal data.

I thank the person who sent us an example of a false email she received yesterday in the picture. It states they tried to deliver a parcel but the address was incorrect and people have to click a link to pay 1.59 euros and correct the address and get it redelivered.

The email address was CTT xxxxxxxx@posta.hr Subject: informações de envio 63 **** 26

Phishing is an online fraud technique where, through SMS messages, emails or social media posts, you try to obtain confidential information such as login accounts, passwords or bank details, using the identity of trusted institutions as if they were communications officers. The purpose of these communications is to direct the user to a fake website in order for him to provide confidential data.

DO NOT click on any links or reply to any CTT communication that seems suspicious.

CTT Alert here:

The number of incidents recorded by the National Cybersecurity Center (CNCS) increased 101% in the first half, in year-on-year terms, to 689, according to the Cybersecurity Observatory bulletin released today.

“During the first half of 2020, there was a significant increase in the number of incidents between the months of February and April, and then there was a steady decrease between the months of April and June,” says the July Cybersecurity Observatory.

“The increase coincides with the time of confinement due to the covid-19 pandemic”, and, “compared to the same period of 2019, the first half of 2020 registers a 101% increase in the number of incidents”, reads in the document.

In March, 138 incidents had been registered (a year-on-year increase of 176%), in April the number reached 150, which dropped to 138 incidents in May. Last month, 106 incidents were recorded.

According to the document, “34% is the upward trend in the number of incidents recorded by CERT.PT [CNCS service that coordinates incident response] in the second quarter, compared to the first quarter of this year, from 295 to 394” .

In comparison with the second quarter of 2019, “with a record of 176 incidents, there is a growth of 124%”, he says.

In the second quarter, 160 incidents of ‘phishing’ were recorded [computer attack aimed at ‘fishing’ sensitive data from a user], being the most frequent type of incident, followed by the system infected with ‘malware’ (68 incidents) and non-access. authorized (41 incidents).

More than a third (37%) of the ‘phishing’ incidents recorded by CERT.PT in the second quarter of this year “affected the banking sector”.

The Spanish National Police (Policía Nacional) dismantled a large criminal network illegally distributing audio-visual content in Europe, Asia and the Middle East and laundering the criminal proceeds.

The investigation, supported by Europol and Eurojust, also involved law enforcement authorities from Belgium, Canada, Czechia, Denmark, France, Italy, Germany, Luxembourg, Netherlands, Poland, Romania, Sweden, the United Kingdom, and the United States.

On the action day on 3 June 2020, law enforcement authorities across the EU carried out 15 house searches, arrested 11 individuals (4 in Spain, 1 in Germany, 3 in Sweden, 3 in Denmark) and interrogated 16 others for their possible involvement in the illegal scheme.

The suspected leader of the criminal network is among the arrested individuals.  The actions resulted in the seizure of €4.8 million, including properties worth more than two million euros, four cars worth about half a million euros, luxury watches, cash, cryptocurrencies and electronic equipment. Law enforcement authorities took down 50 IP addresses and part of the online criminal infrastructure while 11 bank accounts totalling €1.1 million were also frozen.

The investigation into the activities of the criminal network started in 2019 when the Spanish National Police detected several websites illegally distributing audio-visual content in different countries across Europe, Asia and the Middle East. The distribution of the illegal services, in breach with intellectual property rights, was set-up via Internet Protocol Television (IPTV) and managed from Spain. The criminal network was offering illegally more than 40 000 TV channels, movies, documentaries and other digital content via websites hosted on an international network of servers.

The illegal service was made available through an attractive web environment at prices much more competitive than the ones on the legal market. The criminal network had even put in place a sophisticated technical assistance and quality control through an own customer support online platform. More than 2 million subscribers were receiving these illegal services totalling the profits for the criminal network at an estimated €15 million. The investigation focused on shutting down the servers and disconnecting the IP addresses, and obtaining relevant information to effectively dismantle the criminal group.

Europol assisted the investigation by facilitating the information exchange and supporting the financial investigation. During the action day, a Virtual Command Post was set-up at Europol to facilitate the operational coordination and the real-time information exchange and operational analysis against Europol’s databases.

This is a first example of the synergies created by the merger of different teams comprised of economic and financial experts under the new European Financial and Economic Crime Centre recently created at Europol.

Europol’s IPC3 (Intellectual Property Crime Coordinated Coalition) which supported the investigation is a project co-funded by the EUIPO to combat Intellectual Property Crime.

 

 

The number of incidents recorded by the National Cybersecurity Center (CNCS) in March rose 176% compared to the same month of 2019, to 138, according to the Cybersecurity Observatory bulletin released today.

According to the bulletin, there was an increase of 176% “if we compare March 2019 with March 2020 in the number of incidents registered by CERT.PT [service of the CNCS that coordinates the response to incidents], from 50 to 138”.

From February, the pre-pandemic period, to March, there was an increase of 84% in the number of incidents recorded, from 75 to 138.

The Cybersecurity Observatory also highlights an increase of 217% between February and March this year “in the number of ‘phishing’ incidents [computer attack aimed at ‘fishing’ a user’s sensitive data] recorded by CERT.PT, from 18 to 57 “.

These phishing campaigns, says the Cybersecurity Observatory, “took advantage of the confinement to simulate digital services that have a higher consumption and loyalty, such as, for example, homebanking services, streaming digital content and online stores. ‘”.

The bulletin also states that the complaints received by the Office of Cybercrime of the Public Ministry increased from 20 in February to 46 in March.

“In April, until the 16th, the growth trend became exponential, with 76 complaints until that date (one incident for CERT.PT sets up a campaign, regardless of the number of victims; each complaint at the Public Ministry configures a possible victim. ) “, he says.

The National Cybersecurity Center (CNCS) has recorded “a total of 295 incidents” since the state of emergency was declared, of which almost half (46%) were registered in March, an official source told Lusa

 

People are making more personal and business video conferencing calls during the current lockdowns.  Video conferencing is a live audio and video conversation between 2 or more people in different locations, conducted using phone, tablet, laptop or desktop computer.  Some video conferencing services allow you to share files, pictures, or each other’s screens.  Also, it can collect data on the participants and conversations that can be shared with third-parties.  The following are security recommendations to protect your use of video conferencing solutions:

  • Download Trusted Software: Only download the service software from your phone or tablet’s app store or from the service provider’s official website.
  • Security Controls: Ensure the software version contains the security and privacy controls that you require.  Some “free” versions have limited security controls.
  • Opt Out of Data Sharing: Understand what conference data the service will access.  If there is an option to “opt out” for data sharing, use it.
  • Strong Password: Make sure that your password different to all your other passwords, and difficult for someone to guess.  If there is an option to set up a two-factor authentication, use it.
  • Pre-Test Service: Most services have a ‘test’ function to ensure:  your microphone and camera work correctly, and that your internet connection is fast enough.
  • Know Service Capabilities: Learn how the service works.  At a minimum, know how to mute your microphone, turn off the camera, and manage who can join the call.  This will give you more control over what is shared with others.
  • Conference Information Access: Know what the services is doing with the conference information (audio, files, pictures, messages).  Many services allow you to record the call, share files, or show what is on somebody’s screen.   Find out how to tell if the call is being recorded, what exactly is recorded, and who can access the recordings.
  • Make Only Private Calls: Do not make the calls public.  Connect directly to the people you want to call using your contacts/address book, or provide private links to the individual contacts.  For some video conferencing services, you can set up the call so that a password is required in order to join.  This adds another layer of protection. Do not post the link (or the password) publicly.
  • Know Participants: If you are organising the call consider using the lobby feature to ensure you know who has arrived.  This is especially useful if individuals are joining the call via an unrecognised phone number.  Make sure people are who they say they are before they join the call (the password function described above can help with this).
  • Review Your Background: Take a moment to think about what your camera shows when you’re on a call. Would you want to share that information with strangers?  Consider blurring or changing your background – you’ll find instructions on how to do this on the support website for your video conferencing service.
  • Update All Software: Make sure that all your devices and applications (not just the video conferencing software) are kept up to date.  Applying software updates is one of the most important things you can do to protect yourself online.

 

NCSC:  Video conferencing services: using them securely

How to set up and use video conferencing services, safely and securely

https://www.ncsc.gov.uk/guidance/video-conferencing-services-using-them-securely

Cybercrimes committed in Portugal have multiplied exponentially since the beginning of the covid-19 pandemic and may increase by 300% by the end of April, according to indicators from the Attorney General’s Office (PGR) ).

Data from the PGR cybercrime bureau on the evolution of cybercrime phenomena in Portugal reveal that the number of crimes committed in this area “multiplied very significantly” in March, with an increase of 230%, taking into account February and February figures. even more in April with a 165% increase by 16th.

According to the report, the 165% increase in the practice of this crime until the 16th “allows us to calculate that, if this trend continues, the percentage increase in April may be higher than 300%”.

The complaints of online crimes received by the Cybercrime Office have been “consistently increasing between 2016 and 2019” and, “in addition to the clear progression in the number of complaints” in recent years, “the complaints received in 2020 (until the 16th) have already exceeded those throughout the year 2018 and approach the total number of 2019 ”.

The report shows an exponential increase in complaints about cybercrime received in March and April.

As of April 16, 162 complaints had been received and forwarded to the opening of an investigation 28, while last year 193 situations were reported, of which 67 led to an investigation by the Public Ministry (MP).

In March, there was an increase of 230%, in comparison with the values ​​of February and in the first 16 days of April, the complaints had an increase of 165%.

“If this trend continues, the percentage increase in April may be around 330%”, says the report.

In the first two months of the year, the office received 40 complaints, with nine forwarded to open an investigation.

In March, 46 complaints were received and 13 were sent to criminal investigations, and by April 16, 76 complaints have been received, of which six will give rise to an investigation.

As for the type of crime reported by citizens, these are mostly related to fraud in the use of the MB WAY payment application, the diffusion of email and SMS messages containing malware (computer viruses), ‘phishing’ campaigns and extortion by email .

The office stresses that, in cybercrime statistics, in addition to classic computer crimes, they count scams on online sales platforms, illicit dissemination of photographs, crimes against honour, dissemination of child pornography or crimes against copyright.

“A good part of these criminal practices already existed before, but they came to gain a new space in the communication networks. However, Justice statistics, in general, agglomerate crimes according to legal types (for example scams, crimes against honour, crimes against copyright), not separating those that occur ‘online’ from the others and, therefore, it is not easy to perceive, from a statistical point of view, the real dimension of cybercrime ”, underlines the report.

On Monday, EDP admitted to being the target of a computer attack on its corporate network.

EDP’s president, António Mexia, said this Thursday that the company managed to protect “the essential” in the computer attack that was targeted last Monday, namely the supply of energy and information to customers.

“Our systems detected the attack and protected the essentials,” said the manager, referring that for the company it is essential to safeguard information related to customers, but “above all to guarantee the protection of critical infrastructures”.

António Mexia, who was speaking at a press conference at the end of the general shareholders’ meeting, said that the electricity company recently invested “more than 50 million in security” and stressed that the priority of electricity supply was safeguarded.

Regarding customer data, he explained that “the customer base works on a platform that has not been attacked, but that does not mean that there could have been no interference”.

On Monday, EDP admitted that it was the target of a computer attack on its corporate network, which affected “the normal functioning of part of its services and operations”.

On the news of an alleged ransom request to the company, António Mexia said “not knowing any request”.

Covid 19 has given fraudsters and ideal opportunity to exploit others for personal gain.

Fraudsters depend on vulnerabilities of people in this case the need for protective equipment, gel and facemasks

Scams include: ordering through non-existent companies; financial fraud, non-arrival of equipment; fake or hacked websites; phishing and malware attacks on your computer and so on.

Before replying to any offer Safe Communities STRONGLY recommends:

Never to respond to any adverts or offers immediately – always step back and consider if you really need the item based on DGS advice and availability of their services or that of Infarmed

SOCIAL MEDIA – On social media be very careful – the person up the road maybe offering facemasks for sale, but is that person legitimate: will they be delivered? Are they substandard? IS that person a possible Covid 19 carrier? BE AWARE and avoid unless you can trust that person.

EMAILS – With emails, NEVER reply or click on links except from trustworthy sources. Place your curser over (BUT DO NOT CLICK ON) the link to see who it actually came from. Is the senders email address the same as, or similar to a legitimate company? One full stop can make all the difference!

If you’re making a purchase from a company or person you don’t know and trust, carry out some research first, and ask a friend or family member for advice before completing the purchase.

Never pay for anything by inter – bank transfer or MoneyGram, such as Western Union. Credit card in the best protection.

COMPANIES- is the link or telephone used actually that of the company – google the company and compare? Use Scam Advisor to enter the website URL – it will show their reliability or a possible fake.  Companies showing the HTTPS// are secure. Check carefully the website itself. Do all the links work? Does it have verifiable contact details etc?

POSTAL SERVICES from overseas are heavily disrupted so THERE IS NO GUARANTEE that you will receive the items that you have ordered.

INTERPOL RECOMMENDATIONS

  • Independently verify the company/individual offering the items before making any purchases;
  • Be aware of bogus websites – criminals will often use a web address which looks almost identical to the legitimate one, e.g. ‘abc.org’ instead of ‘abc.com’;
  • Check online reviews of a company before making a purchase – for example, have there been complaints of other customers not receiving the promised items?;
  • Be wary if asked to make a payment to a bank account located in a different country than where the company is located;
  • If you believe you have been the victim of fraud, alert your bank immediately so the payment can be stopped.
  • Do not click on links or open attachments which you were not expecting to receive, or come from an unknown sender;
  • Be wary of unsolicited emails offering medical equipment or requesting your personal information for medical checks – legitimate health authorities do not normally contact the general public in this manner.

 

INTERPOL LINK HERE