Archives: Cybercrime Alerts

Cybercrime Alerts news and reviews

The scam works by renaming all of your files with a virus and will then prompt you to spend money to fix the problem

EBAY shoppers are being warned not to open an email which will end up locking their computer and steal their bank account details.

The fake email tells users that they’ve spent a hefty amount of money on the auction site and that they should pay the invoice via a download link

But by clicking on the link, shoppers will accidentally install a Locky Ransomware onto your computer.

Action Fraud issued the warning on Twitter after it received more than 50 reports.

Ransomware is a type of cyberattack that sees hackers take control of computers, tablets or mobile phones and demand a payment.

Often the hackers trick the user into downloading malicious software – using a dodgy email or app – and encrypt the victim’s information.

In most cases, the ransom amount to a few hundred pounds and has to be paid on Bitcoins.

Victims are advised never to pay the ransom as it encourages hackers to keep doing them and doesn’t guarantee that you will get your files back.

Prevention and Advice

  • If you think someone has gained access to your account, change your eBay and PayPal passwords immediately
  • Contact your bank/credit card issuer to cancel unauthorised transactions
  • Make a police report using the Action Fraud website. Even if the police aren’t able to take the matter further, your report will still help them to build up a picture of fraud activity.
  • Contact eBay and inform Customer Services about what has happened – they can provide further useful information and initiate actions against any fraudulent accounts

An investigation was underway on Friday night after the personal data of up to 44 million British consumers was feared stolen by hackers in a massive cyberattack.

The information commissioner said it was investigating how the hack on Equifax, a US credit rating firm, affected UK customers, many of whom will be unaware their data is held by the company.

Equifax and its UK subsidiary companies state on their websites that they represent British clients including BT, Capital One and British Gas.

There are fears that customers of these companies could now be affected. BT said that “many companies in the UK” used Equifax services and said that it was “monitoring the situation closely”.

The Information Commissioner’s Office (ICO) has urged Equifax to alert affected UK customers as soon as possible, and said it will work with the relevant overseas authorities on behalf of British citizens.

Equifax says it holds the personal details of 44 million UK citizens but many British victims will be unaware they have had details stolen as they will not directly be Equifax customers.

Equifax admitted hackers had exposed the personal data of 143 million customers in the US, which was stolen between mid-May and July this year due to a vulnerability on its website.

However the hack was not made public until now.

The stolen information includes names, social security numbers, dates of birth, addresses and, in some instances, driver’s license details. It is also thought that around 209,000 credit card numbers were also stolen.

Equifax said: “limited personal information” from British and Canadian residents had been compromised.

ICO Deputy Commissioner James Dipple-Johnstone, said: “Reports of a significant data loss at US-based Equifax and the potential impact on some UK citizens gives us cause for concern.

A spokesman for BT said: “We are aware of the developing story and are monitoring the situation closely. Like many companies in the UK, BT uses Equifax services. We are working on establishing whether this breach has any impact on those services.”

The attack was described as one of the largest in US history. Avivah Litan, a analyst who monitors ID theft and fraud for the technology and research company Gartner saud: “”On a scale of 1 to 10, this is a 10. It affects the whole credit reporting system in the United States because nobody can recover it, everyone uses the same data.”

Source the Telegraph

On Monday evening, a correctional court in Meaux, France, found a 32-year-old man guilty of advocating terrorism after he liked a piece of ISIS propaganda on Facebook.

According to a report by Le Parisien, the post in question included a disturbing photo of an ISIS fighter decapitating a woman by hand. After the man liked it, the gruesome image started appearing in his friends’ Facebook feeds, which prompted one of them to inform the police of his actions.

The officers quickly decided that the like constituted more than enough evidence to search the man’s home under suspicions of terrorism. Once inside, the police found nothing strictly ISIS-related, but they did recover a variety of airsoft guns and a decent number of pot plants. For these, the man merely received a fine, but the Facebook like still warranted further investigation.

At his trial, the man said that he was merely trying to provoke his relatives by liking the most obscene things he could find. He argued that the propaganda photo was part of a series of disturbing images he had liked that included violence against animals and humans. Somehow, this explanation didn’t win over the members of the court, and he was given a three-month suspended prison sentence.

 

Scammers are swindling previous victims of dating fraud out of more money through Match.com. One regular user of the website who had reported losing £32k in February found the confidence to start using the service again in March.

The victim got in contact with a new Match.com user and whilst in conversation mentioned that they had previously been a victim of this type of fraud. This new fraudster then explained that he was able to recover the victim’s money for them – known as recovery fraud.

Although the recovery fraud was perpetrated by someone with a different dating profile, they knew precisely how much the victim lost on the initial dating fraud, which suggests they may be on a suckers list or part of the same criminal gang.

There has been an average of £10k lost by dating fraud victims in the UK. Learn to spot the signs when looking for love online.

The term “cybercrime” was established in the Budapest Convention of 2001, taking into account realities formerly included in the category of “computer crime” that was referred to by the Portuguese Law (under former Law No 109/91).

Both provisions provide for specific legal types of crime against computer systems or information systems. However, both in common sense and in judicial practice, cybercrime has proved to be much more comprehensive, including many other crimes, of a different nature, which have as their common denominator to be practiced using the technologies. They apply the same methods and models of investigation of cybercrime, being necessary to obtain proof in digital format, sometimes by means of skills. They are within this broad concept of cybercrime, for example, scams on Internet sales platforms, the online dissemination of child pornography and also the insults or defamations committed through information systems.

Two experts in the field were invited to talk about cybercrime, data protection, security measures to protect minors in cyberspace, and research and testing in the digital world.

http://boletim.oa.pt/oa-02/entrevistas

World’s oldest insurance market warns cost to global economy of cyber-attack could be as much as worst natural disasters

Lloyd’s of London has warned that a serious cyber-attack could cost the global economy more than $120bn (£92bn) – as much as catastrophic natural disasters such as Hurricanes Katrina and Sandy.

Published two months after a ransomware cyber-attack that affected NHS hospitals and hit nearly 100 countries, a 56-page report from the world’s oldest insurance market says the threat posed by such global attacks has spiralled and poses a huge risk to business and governments over the next decade.

The most likely scenario is a malicious hack that takes down a cloud service provider with estimated losses of $53bn, according to Lloyd’s. This is the average estimate, but because of the uncertainty around calculating cyber losses it estimates the figure could be as high as $121bn or as low as $15bn.

At the upper end, the cost would outstrip the damage wreaked by Hurricane Katrina in 2005, estimated at $108bn (including $80bn of insured losses). Hurricane Sandy in 2012 is estimated to have caused economic losses of $50bn-$70bn.

Inga Beale, chief executive of Lloyd’s, said: “This report gives a real sense of the scale of damage a cyber-attack could cause the global economy. Just like some of the worst natural catastrophes, cyber events can cause a severe impact on businesses and economies, trigger multiple claims and dramatically increase insurers’ claims costs.

“Underwriters need to consider cyber cover in this way and ensure that premium calculations keep pace with the cyber-threat reality,” she said.

The second-most likely threat stems from attacks on computer operating systems run by a large number of businesses around the world, which could cause losses of up to $28.7bn (the “mass software vulnerability scenario”).

The majority of these losses are not insured, leaving governments and businesses vulnerable if cyber-attacks happen. The uninsured gap could be as high as $45bn for the cloud services scenario, and $26bn for the mass vulnerability scenario.

A major global cyber attack dubbed “GoldenEye” or “Petya” on Tuesday disrupted computers at Russia’s biggest oil company, Ukrainian banks and multinational firms with a virus similar to the ransomware virus that last month infected more than 300,000 computers.

The attack underscores growing concerns that businesses have failed to secure their networks from increasingly aggressive hackers, who have shown they are capable of shutting down critical infrastructure and crippling corporate and government networks.

“Cyber attacks can simply destroy us,” said Kevin Johnson, chief executive of cyber security firm Secure Ideas. “Companies are just not doing what they are supposed to do to fix the problem.

The ransomware virus crippled computers running Microsoft Corp’s (MSFT.O) Windows by encrypting hard drives and overwriting files, then demanded $300 in bitcoin payments to restore access.

It included code known as “Eternal Blue,” which cyber security experts widely believe was stolen from the U.S. National Security Agency and was also used in last month’s ransomware attack, named “WannaCry.”

Victims could have protected themselves from attack by updating computers with security patches from Microsoft and configuring their networks to stop viruses targeting a widely used Windows networking protocol, said Symantec Corp (SYMC.O) researcher Eric Chien.

“This shouldn’t be that big a deal because people should have already patched,” he said.

Some 2,000 attacks were observed as of midday in New York on Tuesday, according to Kaspersky Lab. Russia and Ukraine were most affected, with other victims spread across countries including Britain, France, Germany, Italy, Poland and the United States, the security software maker said.

Security experts said they expected the impact to be smaller than WannaCry since many computers had been patched with Windows updates in the wake of WannaCry last month to protect them against attacks using Eternal Blue code.

Following last month’s attack, governments, security firms and industrial groups aggressively advised businesses and consumers to make sure all their computers were updated with Microsoft patches to defend against the threat.

A Microsoft spokesman said the company was investigating the attacks.

The U.S. Department of Homeland Security said it was monitoring the attacks and coordinating with other countries. It advised victims not to pay the extortion, saying that doing so does not guarantee access will be restored.

The NSA did not respond to a request for comment. The spy agency has not publicly said whether it built Eternal Blue and other hacking tools leaked online by an entity known as Shadow Brokers.

Several private security experts have said they believe Shadow Brokers is tied to the Russian government, and that the North Korean government was behind WannaCry. Both countries’ governments deny charges they are involved in hacking.

 

The UK’s House of Commons spokesperson said on 24th June 2017 it is investigating after unauthorised attempts were made to access user accounts

Parliament has been hit by a “sustained and determined” cyber-attack by hackers attempting to gain access to MPs’ and their staffers’ email accounts. Both houses of parliament were targeted on Friday in an attack that sought to gain access to accounts protected by weak passwords. MPs said they were unable to access their emails after the attack began.

The estate’s digital services team said they had made changes to accounts to block out the hackers, and that the changes could mean staff were unable to access their emails.

An email sent to all those affected, seen by the Guardian, said: “Earlier this morning, we discovered unusual activity and evidence of an attempted cyber-attack on our computer network. Closer investigation by our team confirmed that hackers were carrying out a sustained and determined attack on all parliamentary user accounts in an attempt to identify

“These attempts specifically were trying to gain access to our emails. We have been working closely with the National Cyber Security Centre to identify the method of the attack and have made changes to prevent the attackers gaining access, however our investigation continues.”

The changes are believed to have stopped MPs and their offices from accessing emails on mobile phones and tablets outside Westminster. “Access to systems from the Westminster estate has not been affected,” the email said, before adding that further disruption was likely.

A rogue travel agent who stole thousands of pounds out of unsuspecting holidaymakers with non-existent flights has been jailed for a year.

Anas Ahmed, director of AirBridge Travel Limited (ABT) was brought to justice by Brent Trading Standards in a detailed investigation that involved assessed and analysed reports from us.

Mr Ahmed pleaded guilty at Harrow Crown Court on May 2 and was sentenced to 12 months in prison for defrauding multiple victims out of £42,000.

The court heard that more than 30 would be holiday goers were led to believe they had booked flights through ABT, only to find out these flights had not even been booked.

A witness, from Huddersfield, spoke of his “complete disappointment” after paying £1,000 to fly to Pakistan for his sister’s wedding, only to find out through the airline itself that his tickets had not been booked at all. Not only did he lose the money paid to ABT, but he had to pay out more money for a replacement flight, so that he didn’t miss the wedding.

Customers were told to transfer money directly into their bank account, as ABT would not accept payment through its website. Yet once payment had been received, many customers reported feeling ignored when trying to follow up on the booking.

Comment

It is best to pay for air tickets by credit card or PayPal, and avoid using bank transfers. Check carefully the details of the vender to ensure it is a legitimate business. Remember if the price seems too good to be true then it probably is!

This email is being sent from google.co.uk <info (at) ryukyou.co.jp.

the email comes with an attachment. Do not open the attachment and simply delete the email without replying. It is a phishing attack.

“Google Incorporation

Belgrave House

76 Buckingham Palace Road

London SW1W 9TQ, United Kingdom.

 

Dear Google User.

Attached to this email is your anniversary notification for being an active user of Google.

Sincerely.

Sundar Pichai – Chief Executive Officer (CEO) of Google Inc”