Archives: Cybercrime Alerts

Computers at the National Defence Institute, under the protection of the Ministry of Defence, were attacked by hackers at the end of February and earlier this month.

This computer attack hit at least two computers of the National Defence Institute (IDN), and, according to Lusa source of the Ministry of National Defence, who supervises the institute. The problem was solved without consequences or losses.

This was the first attack of “hackers” registered by the Ministry of National Defence in 2017.

In 2016, two intrusions were detected in the Defence area, also in March and IDN, described as incidents with no consequences for the ministry.

IDN, headquartered in Lisbon, is a body under the protection of the Ministry of National Defence and is dedicated to research, training and dissemination of the major issues of national defence and international security.

All these cases were communicated to the National Centre for Cyber-Defence, in the dependence of the General Staff of the Armed Forces.

In 2014, the National Centre for Cyber ​​Security was created, part of the National Security Office, which, according to its website, “acts as an operational coordinator and national authority specialized in cybersecurity with state entities, essential service operators And digital service providers “.

According to the Internal Security Report of 2015, meetings were held between the National Cyber-security and Cyber-Defence Centres, as well as “operational meetings” with the Security Information Service (SIS) and the Judicial Police (PJ).

In 2015, a “situation room” was created to accompany “possible hackvistas during the electoral process” of the October legislative elections.

Also in that year, the National Cyberspace Security Strategy was published.

Cybercrime and domestic violence were the most investigated criminal phenomena in 2016 by the Public Prosecutor’s Office of the Lisbon region, according to the annual report released on Tuesday.

The Lisbon District report for the year 2016, published on the MP’s website, states that 3493 cybercrime investigations were registered, of which 167 resulted in prosecution and 3225 in filing.

The MP of the Lisbon region also investigated 3230 inquiries related to marital or equivalent violence, 2767 against men and 463 against women. Of the 3230 investigations instituted, 2025 were closed and 439 resulted in prosecution. The third crime most investigated by the region of Lisbon in 2016 were the prosecutors, with 1347 investigations being initiated, of which 712 were filed and 323 resulted in prosecution.

Economic and financial crime resulted in 872 inquiries in 2016, followed by sexual crimes against minors (paedophilia), which totalled 777, and organized or group crime, which totalled 676.

According to the report, 498 crimes involving officers of the authority were also investigated last year, of which 119 were committed by officers of the authority and 379 against officers of the authority.

Pedro Veiga, coordinator of the National Center for Cybersecurity (CNCS), warned of several ransomware attacks recently detected in Portugal.

The statement was made during a short interview given to Exame Informática in December 2016, whose full content can be accessed in this short cut.

It will be up to business leaders to prevent themselves (through the implementation of appropriate backup management policies) in order to prevent such attacks from endangering their nuclear information which, by virtue of these actions, can simply and simply “to vanish”.

Fortunately, however, some important tools have been made available that can help, and well, combat this scourge.

We talk, for example, of the portal “No More Ransom” which you can access, in the Portuguese version, in this short cut.

As referred to on the website ” No More Ransom” is an initiative of the High Technology Crime Unit of the Dutch Police, Europol’s European Cybercrime Center (EC3) and two cybersecurity companies – Kaspersky Lab and Intel Security – With the goal of helping ransomware victims recover their encrypted files without having to pay criminals. ”

It also refers to the portal, to which our Judicial Police has also associated, that “Ransomware” is “malware” that blocks your computers or mobile devices or encrypts your digital files. When this happens, you cannot recover your data without paying a ransom. However, recovery is never guaranteed and you should never pay! ”

Therefore, have a recovery system always updated and available so that a ransomware infection does not destroy your data forever. This is the first secret to avoid headaches that can be prolonged for long if your computer systems are invaded.

The Australian Embassy in Portugal’s attention has been drawn to instances of fraudulent online advertisements for employment in Australia.

A scam recently reported to the Embassy involves fraudulent job offers in the name of Australian company Woodside Petroleum.

Should you receive such an email, we advise you not to respond and to contact Woodside and the office of the Secretary of State for Communities. You should be aware that Woodside has an alert on its website, which can be viewed here.

Details can also be found on the Australian Embassy website here

The Philippine Embassy in Lisbon has cautioned Filipinos against non-existent jobs in Portugal offered by scammers on the internet.

According to the embassy, the warning was issued due to the rising number of cases of Filipinos who have been victimized or have received e-mails purportedly from Portugal-based law firms or companies that offer jobs or working visa processing services in exchange for money transfer.

“The public is hereby advised to exercise due diligence and caution in dealing with unverified parties to avoid being victimized by these scams,” it said.

In the advisory, it was noted that the scammers pose as representatives of reputable Portuguese firms, copying their websites and replacing their contact information to seek fees for entry clearance certificates, international overseas employment clearances and affidavits of guarantee fund.

In other cases, scammers instruct the victims to transact with a specific travel agency which will supposedly process the visa and paperwork for the employment contract.

The embassy pointed out that none of the documents, for which scammers ask for money, is required by Portuguese authorities.

“Be aware that business companies with international dealings rarely hire employees solely on the basis of curriculum vitae but will always require personal interviews,” the embassy said.

“Prospective employees should likewise be wary of job offers from individuals who ask for monetary fees for testing or processing of documents prior to employment because this is a sure sign of a scam,” it said.

The Philippine Embassy in Lisbon has been coordinating with companies in Portugal and with local police authorities on the matter.

It also advised Filipinos who want to work in Portugal to get in touch with the Portuguese Embassy in Jakarta, Indonesia, or the embassy in Lisbon to be sure of their transactions.

Criminals are attempting to defraud members of the public by impersonating the customer’s bank and according to a convicted fraudster the methods used by them are evolving.

Police in the UK have been made aware that fraudsters are now using background music, similar to that used by the bank, when the customer is put on hold. The fraudsters use this music as an attempt to convince the customer that the call is genuinely from the bank.

Advice

The banks say they would never call and ask for your account details or PIN numbers. My advice is never speak to anyone who calls you about your account, even if there is background music or other similar factors. If you have any concerns go to a branch or hang up and call the bank direct.”

If you receive an unsolicited email or phone call from what appears to be your bank or building society asking for your security details, never reveal your password, login details or account numbers. Most banks will not approach their customers in this manner.

If you are concerned about the source of a call, hang up and call your bank back on the legitimate phone number printed on your bank statements or other official bank documents/sources.

Check your statements carefully and immediately report anything suspicious to the financial institution concerned.

Comment

Although this originates from the UK, many people receive cold callers from people pretending to be from Microsoft or a bank.  Please follow the advice.

A corporate email account is much more likely to receive malware, phishing and spam emails than a personal inbox, according to an analysis conducted by Google.

Google’s Gmail service has more than one billion active users and the company says it blocks hundreds of billions of attacks aimed at these accounts every week. At the RSA Conference this week, the search giant shared some insight on the threats targeting corporate inboxes and how the numbers compare to other types of accounts.

Data collected so far this year (February 2017) shows that a corporate email account is 4.3 times more likely to receive malware, 6.2 times more likely to receive a phishing email, and 0.4 times more likely to receive spam compared to personal inboxes.

While corporate accounts seem to be attackers’ favourite targets when it comes to spam and phishing, non-profit, education and government organizations are more likely to see malware attacks compared to businesses.

The entertainment, IT, and housing sectors are the most targeted in spam campaigns, but phishing attacks are more likely to be aimed at the finance and insurance sector. When it comes to malware attacks, real estate was by far the most targeted sector.

The industries most targeted by malware attacks so far in 2017 in descending order are: real estate; transportation; construction; utilities and the retail trade.

Holidaymakers were urged today to be wary of “fake” booking websites that are fleecing customers of significant sums of money.

Several new alleged scams have been detected this month after hundreds of travellers were taken in by similar sites last year, the boss of a leading holiday booking website today warned.

A UK police source said two websites, luxuryrentalsvilla.com and cycladesrentals.com, were being shut down in response to an alleged fraud.

The source said: “We are using the tools available to protect other holidaymakers from falling prey to the same scam websites. Any prosecution of the website owners will be a longer job to prepare.”

In 2016, a report by police revealed fraudsters stole £11.5 million from holidaymakers, mainly booking overseas, and other travellers in 2015, a 425 per cent increase on the previous year.

The most common types of fraud related to accommodation, with scammers conning travellers by setting up fake websites, hacking legitimate accounts and posting fake adverts on websites and social media.

Comment

It is not known if the two fake sites were advertising villas/holidays in Portugal.

We have received information concerning fake villa rental booked on the Airbnb website. It appears that criminals are placing fake adverts using stolen photos of genuine properties.

People have paid deposits or the full price only to find the villa does not exist. Airbnb says it is ‘extremely rare’ for customers to lose money to fraudsters. It carries out checks to weed out fake listings and searches the internet to see if photos are duplicates.

However despite this there are cases where people have lost over £3000.  Under the site’s rules, users must arrange and pay for their holiday through its own messaging and payment system. This allows the firm to keep track of bookings and any money paid.

Always book via Airbnb’s messaging and payment system. If you don’t, the company won’t refund you.

Check that the website address begins with airbnb.com — anything else is a fake site.

Don’t respond to emails purporting to be from Airbnb that ask you to enter bank details or your address.

Avoid emails that urge you to act immediately to stop your account being disabled — these are scams.

If in doubt, report the owner to Airbnb.

The scammers are making carbon copies of legitimate profiles in order to trick users into revealing financial and personal details, in a tactic known as ‘cloning’.

By creating a new account using the exact same name, personal information and profile and cover photos included on your own profile – even going as far as copying your statuses – they can do a convincing job of imitating you online.

The scheme allows them to confidently approach your friends and family members, who could unknowingly accept a friend request from the clone account and eventually share private information with it, depending on how convincing their messages appear.

Fortunately, there are way to protect yourself.

It’s worth being wary of friend requests from seemingly random accounts and making sure that your privacy settings hide your personal details from users you don’t know.

If, however, your profile has already been cloned, you can report a rogue account to Facebook by heading to their profile, hitting the options button next to Message and selecting Report.