Apparently geeks go after their own now…

ALERT:

Enter to Win FREE Tickets to Star Wars

The upcoming December of the next Star Wars Episode VII:  The Force Awakens movie has been eagerly anticipated, and is scheduled for mass release in the U.S. on December 18, 2015.  

CyberCriminals are using this anticipation, and are trying to trick people by offering free tickets to the upcoming theater release.  

Over the next 2 months computers everywhere will be deluged with scams.  Until the December 2015 release (and likely for weeks afterwards) people will receive emails that ask you to enter sweepstakes, fill out surveys, or enter information to win coupons for free movie tickets.  CyberCriminals will employ every trick in the book to get you to open their emails, click on attachments, or open zip files.

Do NOT fall for these tricks.  

Instead of free tickets, all you will win is a bill from your friendly neighborhood computer geek, because you will be downloading and infecting your computer (and possibly the whole computer network, if you’re at work!) with malware or a virus.  If you’re using a work computer, you risk infecting the whole network. 

Technology by Design clients that have purchased our Spam Filter don’t have to worry, the spam emails will not get through.

However, they cannot open things willy-nilly.  A well-intentioned friend in your contacts can still directly email you the link/entry form/etc.

Not sure if your company is safe?  Ask us for a FREE Network Security Assessment!

Check out our “Email Red Flags”  for what to watch for, in suspicious emails. 

Ask us about our “Core Security Solutions” package!

You can’t stop CyberCriminals from targeting your company or employees.

But you can be prepared for their arrival, and have full shields up.

Got CyberBugs?

Call 1-204-800-3166

For Cyber-Extermination!

#itthatworks

ALERT:  FBI Public Alert

The FBI released a warning recently against a new CyberCriminal I.T. crime wave that is so prevalent and so devastating to companies, that the FBI have named it:

“CEO Fraud”

This scam is also known as “Business Email Compromise“, which we sent out an ALERT for in January.  

“CEO Fraud”:  CyberCriminals impersonate a company’s CEO, using the company’s own spoofed domain name.  The fake CEO contacts company employees in charge of money transfers, and orders them to transfer large amounts of money out of the country.

CyberCriminals take employee email addresses and other information from the target company’s website to help make the emails more convincing.  In the case where executives or employees have their inboxes compromised by the thieves, the crooks will scour the victim’s email correspondence for certain words that might reveal whether the companies routinely deals with wire transfers (searching for messages with key words like “invoice”, “deposit” or “president” or “CEO”).

CyberCriminals monitor the email account of a company’s CEO for months, waiting for the right time to kick this fraudulent event off.  The “right time” is usually a time where the CEO is out of town, or can’t be easily reached.  

The CyberCriminals spoof the name of the company’s own domain (eg. “tbyd.co” instead of “tbyd.ca”) to make the emails more convincing, which can be done easily if your email server is not configured properly.

(One reason to get a professional I.T. organization to manage and maintain your I.T. network!)

The CyberCriminals, once they have spoofed the company’s domain, and have confirmed (by monitoring the CEO’s email account) that the CEO cannot easily be reached for confirmation, send URGENT emails that look legit.  The emails look like they are coming directly from the CEO, and are ordering the employee to send wire transfers.  

This email fraud is targeting small and medium-sized companies, and the current loss is tallied at $1.2 Billion.

“The scam has been reported in all 50 states and in 79 countries,” the FBI’s alert notes.  

“Fraudulent transfers have been reported going to 72 countries; however, the majority of the transfers are going to Asian banks located within China and Hong Kong.”

How To Prevent Becoming a Victim

The FBI suggests the following tips for businesses to avoid being victimized by this scam (a more complete list is available at:  www.ic3.gov).

1. Verify changes in vendor payment location and confirm requests for transfer of funds.
2. Be wary of free, web-based email accounts, which are more susceptible to being hacked.
3. Be careful when posting financial and personnel information to social media and company websites.
4. Regarding wire transfer payments – Be suspicious of requests for secrecy or pressure to take action quickly.
5. Consider financial security procedures that include a two-step verification process for wire transfer payments.
6. Create intrusion detection system rules that flag emails with extensions that are similar to company email, but not exactly the same.  For example “.co” instead of “.com”.
7. If possible, register all Internet domains that are slightly different than the actual company domain.
8. Know the habits of your customers, including the reason, detail, and amount of payments.  Beware of any significant changes.

Not sure if your company is safe?  Ask us for a FREE Network Security Assessment!

Check out our “Email Red Flags”  for what to watch for, in suspicious emails. 

Ask us about our “Core Security Solutions” package!

You can’t stop CyberCriminals from targeting your company or employees.

But you can be prepared for their arrival, and have full shields up.

Got CyberBugs?

Call 1-204-800-3166

For Cyber-Extermination!

#itthatworks

ALERT:  Drowned Syrian Boy Scams

The news, Internet, and social media have been confronted with some disturbing images this week.

Graphic photos of 3-year-old Alyan Kurdi, lying lifelessly on  a beach off the coast of Turkey, have been shared prolifically across social media platforms, such as Facebook.  The boy, along with his family and other Syrian refugees, was trying to reach Greece.

The graphic photos have reached millions of people, being passed from friend to friend.  Justified by the reasoning that we cannot hide away from the very real, very serious nature of this situation.

As with all tragedies, CyberCriminal lowlifes are willing to exploit this graphic photo, for their own profit.  

And they have several scams currently being used, to do just that.

Phishing Scams

Phishing email attacks are sent out randomly to a mass amount of people:

1. Trying to trick people into either giving a charitable donation at a bogus website, or
2. Trying to trick people into clicking on a link that downloads malware onto your PC.

Social Media Scams

Facebook, Twitter, etc:  Asking you to share/like/retweet etc their post

1. They tell you that if you care at all you will share/like etc –  “1 share = 1 prayer”
2. Asking for your help, they tell you that if they get 1000 shares/likes etc, so and so will donate a specific amount of money

Called “Like-Farming Scams“ – They collect “likes” or “shares” etc.  The list of followers can be used by the CyberCriminals for further spear-phishing, or sold to other CyberCriminals for their spamming use, or to marketing outfits.

Not sure if your company is safe?  Ask us for a FREE Network Security Assessment!

Check out our “Email Red Flags”  for what to watch for, in suspicious emails. 

Ask us about our “Core Security Solutions” package!

You can’t stop CyberCriminals from targeting your company or employees.

But you can be prepared for their arrival, and have full shields up.

Got CyberBugs?

Call 1-204-800-3166

For Cyber-Extermination!

#itthatworks

ALERT:  Massive Internet Ad Poisoning

The same CyberCriminals that infected the Yahoo site a few weeks ago, have struck again.  This time, infecting sites like DrudgeReport.com and Weather.com.  Both sites have hundreds of millions of visitors per month, and both were serving poisoned web ads  to their visitors, which either dropped CryptoWall ransomware or infected the person’s PC with adware.

How It Works

Website advertisers do not sell their website ad-space to one website at a time.  Websites that want to make money, sell their advertising space to an Ad Network.  Advertisers sign contracts with Ad Networks, which then displays the ads on the websites that they bought ad-space on.  The Ad Network sits in the middle between the advertisers and the websites, and they manage the traffic and the payments.

CyberCriminals fool the Ad Networks into thinking that they are a legitimate advertiser, but the ads they give the Ad Network to display are Poisoned.  Once an ad network is subverted, hundreds of millions of poisoned ads are displayed in real-time.  Many of these ads initiate a drive-by attack without you having to do anything.  If you browse to a page with a Poisoned ad on it, it runs the risk of having your PC encrypted with ransomware (which will cost you a minimum of $500 to rid yourself of, unless you have a very recent backup!).  The attack infects the computer literally in seconds.

What to Do

For Single Computers:

1. Disable “Adobe Flash” on your computer.  Or, at least set the Adobe Flash plug-in to “click-to-play” mode – which blocks the automatic infections.
2. Update your security patches, and install them as soon as they come out.  A majority of infections are due to security patches not being updated.
3. Download and install “Ad Blocker” plug-ins for your browser.  These prevent the ads from being displayed in your browser to begin with.  With the massive increase of PC infections, ad blockers are becoming increasingly popular.

For Computer Networks:

1. Get rid of “Adobe Flash” altogether.  This is a frequent solution for many businesses.
2. Deploy ad blockers using group policy.  Here is a forum post at the AdBlockPlus site where it is explained how this can be done:  https://adblockplus.org/forum/viewtopic.php?t=29880

Not sure if your company is safe?  Ask us for a FREE Network Security Assessment!

Check out our “Email Red Flags”  for what to watch for, in suspicious emails. 

Ask us about our “Core Security Solutions” package!

You can’t stop CyberCriminals from targeting your company or employees.

But you can be prepared for their arrival, and have full shields up.

Got CyberBugs?

Call 1-204-800-3166

For Cyber-Extermination!

#itthatworks

ALERT:  Security Firm Warns Search Toolbar is Malware Conduit

The toolbar distributed by Chinese-language search engine Baidu, is being targeted by opportunistic attackers and use to exfiltrate corporate secrets, says Rob Eggebrecht, president and CEO of security firm InteliSecure.

Baidu, like all major search engines, including Bing, Google, and Yahoo, distributes a toolbar that can be used to speed up search engines.  But Eggebrecht says that multiple organizations have traced data breaches to an intrusion that began when outsiders used the Baidu toolbar to sneak data-stealing malware into their company.  Refusing to specify, he says that one recent victim was a U.S. pharmaceutical firm, from which attackers compromised research and development work worth millions of dollars.

Eggebrecht’s firm believes that the attacks can be traced back to individuals associated with the Chinese government.  

“Our take on it, not trying to directly pick on the Chinese, is that…when users hit certain links, attackers drop down…malware, or phone-home technology, that starts capturing information.”

Eggebrecht states the toolbar-enabled data exfiltration comes at a time when his firm has witnessed a spike in attacks against corporate networks – and not just those targeting toolbars – by what appear to be attackers with ties to China.  To date, hacking U.S. and Canadian organizations seems to trigger few, if any, penalties against either Chinese individuals or the government itself.

APT-style attacks – often beginning with a phishing email, and relying on targets to execute attachments and thus infect their systems with malware – are seen as the hallmark of corporate espionage.  But attackers have never been adverse to employing simpler options when available.  Eggebrecht states:

Targeting the toolbar “was an opportunistic way for the Chinese government to capture information in a very nonchalant manner, because…they know they have a good expat user base in the research community” that is going to rely on a Chinese-language search engine.  

All browser toolbars should be blocked by default, states Alan Woodward, a computer science visiting professor at the University of Surrey, and a cybersecurity adviser to Europol, the association of European police agencies.  

“These so-called ‘helper’ add-ins, I mean, god knows what they’re doing.  It’s a well-known attack vector.”

Ask your I.T department if toolbars are blocked through your security settings.

Ask us about our Core Security Solution Package!

You can’t stop CyberCriminals from targeting your company or employees.

But you can be prepared for their arrival, and have full shield up.

Got CyberBugs?

Call 1-204-800-3166

For Cyber-Extermination!

#itthatworks

ALERT:  

Microsoft Windows 10 Upgrade Offer

Installs Ransomware!

 Microsoft is in the process of releasing their new Windows 10 Operating System (OS).  This is an upgrade you do not pay for, and promises to fix problems with earlier versions, and claims to be more secure.  They plan to upgrade over 1 billion computers, causing inevitable confusion among PC users.

Cybercriminals are trying to exploit this confusion, with phishing scams and criminal call centres.

• Criminals are making phone calls, claiming to be from Microsoft tech support.  They ask for your credit card number “in order to charge you for the upgrade”.
• CyberCriminals are sending emails claiming to be from Microsoft, with links claiming to link you to “your Windows 10 Upgrade”.  When you click on the link, you download CBT-Locker Ransomware onto your computer.

If you would like the Windows 10 Upgrade, go directly to the Microsoft website for more information.

Here is the direct link, or copy & paste the link into your address bar:  http://www.microsoft.com/en-us/windows/windows-10-upgrade.

However, you might want to wait on upgrading to Win10, until more field-testing is completed.  See why on our review.

You can’t stop CyberCriminals from targeting your company or employees.

But you can be prepared for their arrival, and have full shield up.

Got CyberBugs?

Call 1-204-800-3166

For Cyber-Extermination!

#itthatworks