ALERT:

Dell Tech Support Service Tag Hack

 

A number of people using Dell PCs have been contacted by scammers claiming to be Dell Tech Support who had PC-specific data that only Dell could have had.  

 

Every Dell PC sold has a unique service tag number, which the CyberCriminals have gotten somehow.  

Dell posted a warning in October about this phone scam, but did not mention a service tag number hack.  Dell apparently does not know what is going on, and is “investigating”.  

The scam goes something like this…

People are receiving phone calls reporting to be from “Dell Tech Support”.  They have all the correct personal information, including your name, contact numbers, emails, and address, including the computer-specific service tag number, and any ‘ticket’ numbers assigned to any phone calls you made to Dell support, including the issue that the phone calls were about.

They try to manipulate people into downloading software onto their computer that will give the fake “support” access to their computer.  They will not “fix” anything, but you will receive a huge credit card invoice, and may have ransomware infecting your computer.

Ars Technica reports several stories indicating a possible security breach.  

1. Joseph B. called Dell about a problem with his optical drive.  A few months later, he received a call from a CyberCriminal who knew exactly what his problem was (optical drive), his service tag number, computer model and serial number, and other customer-specific information.  
2. Patrick Z. reported on a Dell U.S.A Customer Care Board about receiving similar calls.  He stated the CyberCriminals knew his full name, email address, city, phone number, computer service tag, and a real Dell ticket number.  He called the scammers back at the number they provided, and they answered “Dell Software Support”.  Patrick Z. hung up & called Dell support directly [using a publicly available phone number, such as on the Dell website].  When he asked company reps to explain how CyberCriminals had so much information about him, a company employee answered “Dell is aware of this and other complaints and is investigating.  No, there will not be a public post/blog.  We consider this closed from a Forum perspective.”
   
3. DJ, an unhappy customer posted in June 2015 that [other than a hack], there is no other way the person would have had my name, cell phone number, and know I had a Dell computer if it didn’t come from your company…”

In a 10ZenMunkeys’ blog post published Jan. 4/16, the author reported he had been contacted by CyberCriminals who knew of every problem the author had ever called Dell about.  None of the problems had ever been discussed in public forums, leading the author to share the suspicion that proprietary Dell data had somehow been breached.  The author reports that the CyberCriminals instructed to enter their domain name into the author’s “Run window”, which would have re-directed to a site to download software to allow remote access to their computer.

There are several other Dell customer complaints regarding the same type of scenarios.   

 

If you receive a phone call reporting to be tech support (from ANY company), and they request you to confirm personal/payment information, or to grant them access to your computer —

HANG UP…IMMEDIATELY.

Delete any email they might send you with similar claims.

 

ONLY give out personal information, if you have initiated the call, and looked up the main company number yourself on the company’s main website.  

Do NOT rely on information in pop-ups, ads, in general internet searches, or on another website or forum, unless you can verify it is a valid source and verify it is a valid phone number for that company.  

 

Not sure if your company is safe?  Ask us for a FREE Network Security Assessment!

Check out our “Email Red Flags”  for what to watch for in suspicious emails. 

Ask us about our “Core Security Solutions” package!

You can’t stop CyberCriminals from targeting your company or employees.

But you can be prepared for their arrival, and have full shields up.

Got CyberBugs?

Call 1-204-800-3166

For Cyber-Extermination!

#itthatworks

Top 5 Reasons to Invest in CyberSecurity

 You can no longer stick your head in the sand in the hope that CyberCriminals will go away.  

CyberCrime is now more profitable than the drug trade.  As reported by the 2013 Europol Serious & Organized Threat Assessment,

the “Total Global Impact of CyberCrime [has risen to] US $3 Trillion, making it more profitable than the global trade in marijuana, cocaine and heroin combined.” 

Large companies are no longer the only target of CyberCriminals.  Data breaches happen on a daily basis, and small and medium-sized businesses, and even home computers, are now all potential victims.  The frequency of CyberAttacks is increasing fast and furious, and CyberCriminals are more and more sophisticated, and their attacks are increasingly difficult to detect and counteract.

If you think you haven’t been attacked yet, you can either count yourself lucky, or you just weren’t aware of the attack & you narrowly avoided it.

Top 5 Reasons to Invest in CyberSecurity:

1.  Frequency of Attacks

Industry leaders like Symantec, McAfee, FireEye, and Verizon all report increases in CyberAttack frequency over the last 2 years.  CyberCriminals are more sophisticated, and probe for vulnerabilities more often, with more sophisticated attack vectors, using such exploits as malvertising on major news outlets, poisoned ads, or infected webpages.  Symantec reports that ransomware attacks soared 113% in 2014.  Attacks are moving faster, I.T. defenses are not.

2.  Cost of Attacks

The cost being CyberAttacked not includes the immediate payout, but also includes downtime, loss of data, PR damage, loss of business/revenue, damage to equipment, as well as legal fees and implications.  Statista reports that in August 2015, the average U.S. company lost $15.42 million.  Symantec Corp. reports, 60% of small businesses go bankrupt within 6 months of a cyber attack.  

3.  CyberCriminals Focus on Small- to Medium-Sized Businesses as Attack Targets

Small- to -medium-sized businesses that have been hacked may feel like it was a ‘fluke’.  The reality is that CyberAttackers use both automated software that probes websites for vulnerabilities and flaws that are easily breached, and thoroughly tested, massive phishing campaigns to spread botnets, Trojans and ransomware.  Symantec reports that 60% of all targeted CyberAttacks in 2014 struck small- and medium-sized organizations.

 

4.  The Number of CyberCriminals Are Increasing

As the cost of launching a CyberAttack decreases, the number of attacks increases.  And as CyberWarfare continues, countries are investing billions of dollars in their CyberWar attack capabilites.  CyberCriminals go after whole sectors of the economy – that means degrading organizations, running stock markets, financials, insurance, manufacturing and more.

CyberCrime-As-A Service is taking off.  It is easier than ever for CyberCriminal noobs to obtain the sophisticated tools available from an ever-expanding Cyber-Underground economy.  Existing CyberMafias are moving into this area at CyberSpeed, and the criminal competition is furious.

5.  CyberCriminals are After Low-Hanging Fruit:  Cyber-Uneducated Employees

Amazingly enough, CyberCriminals are business people too.  Their time is worth billions.  So why would they spend 3 weeks to uncover a vulnerability in a popular piece of software, when you can social engineer a cyber-uneducated employee in 10 seconds?  

According to an SVB survey about CyberSecurity completed by 216 C-level executives from US-based technology and life science companies in 2013:

“Just 35% [of businesses] are completely or very confident in the security of their company information.”

Educate your employees as your 1st line of defense against CyberCriminals.

 

Not sure if your company is safe?  Ask us for a FREE Network Security Assessment!

Check out our “Email Red Flags”  for what to watch for, in suspicious emails. 

Ask us about our “Core Security Solutions” package!

You can’t stop CyberCriminals from targeting your company or employees.

But you can be prepared for their arrival, and have full shields up.

Got CyberBugs?

Call 1-204-800-3166

For Cyber-Extermination!

#itthatworks

Resources:

http://www.tripwire.com/state-of-security/regulatory-compliance/pci/cybercrime-is-now-more-profitable-than-the-drug-trade/

http://www.symantec.com/security_response/publications/threatreport.jsp

https://www4.symantec.com/mktginfo/whitepaper/ISTR/21347932_GA-internet-security-threat-report-volume-20-2015-social_v2.pdf

http://www.statista.com/statistics/293274/average-cyber-crime-costs-to-companies-in-selected-countries/

http://www.symantec.com/content/en/us/enterprise/other_resources/b-istr_main_report_v19_21291018.en-us.pdf

 ALERT:  Apple ID Suspension

With massive amounts of Apple devices being sold during the holiday season, CyberCriminals are looking to cash in.  People and businesses are left having to pay the price.

An email claiming to be from Apple Support, is being received that states your Apple ID and iCloud accounts are going to be suspended.  An example is below.

The email claims Apple sent you an earlier email regarding your verification, but it was not returned on time.  The email is nice enough to include a “Verify Now” link that, they claim, allows you to complete the verification process and save your account from suspension.  If you click on the link, you are directed to a fake Apple login page which asks for your credentials, including password.  Once you submit your credentials, you are then directed to a 2nd fake page which asks for personal and financial information, including credit card & banking details.

The fake “Apple” pages are well-designed to look like a legitimate Apple page, and includes information explaining in detail why you need to complete the verification process.  It all looks very official.

This scam even has retaliation against CyberScam investigators testing the phishing emails.  If you enter false data that includes words such as “scam” into fields on the fake form, your browser will automatically redirect you to a preconfigured Google search for pornography.

The best way to check if a link is legitimate, is not to click on the link in the suspicious email, but hover your mouse (don’t click!) over the link to get the link address (shown below).  Then open a new browser window and manually type in the link address.

Not sure if your company is safe?  Ask us for a FREE Network Security Assessment!

Check out our “Email Red Flags”  for what to watch for, in suspicious emails. 

Ask us about our “Core Security Solutions” package!

You can’t stop CyberCriminals from targeting your company or employees.

But you can be prepared for their arrival, and have full shields up.

Got CyberBugs?

Call 1-204-800-3166

For Cyber-Extermination!

#itthatworks

ALERT:  The Top 5 Holiday Scams You Need to Know About!

Like it or not, whether you’re Scrooge or Mr. Claus, the holiday season is upon us. 

And with it…CyberCriminals.

Yes, they are waiting in the shadows, for you to drop your guard…and your money.

Digital identity company ThreatMatrix, reports that it has detected a 25% jump in cyber attacks already this season.

In an effort to thwart CyberCriminals’ attempts to separate us from our money, here are the top 5 Holiday Scams You NEED to Know About!

1.  Black Friday/Cyber Monday

That heavily anticipated and/or dreaded time of year when you can buy almost anything, for next to nothing!  However, online scams use a variety of lures to get unsuspecting buyers to click on links or open attachments.  CyberCriminals build complete copies of well-known sites, send emails promoting great deals, sell products, and take credit card information…but never deliver the goods.  If it looks too good to be true…it probably is.  Sites that have deals even more incredible than normal should be a red flag.  Never click on links in emails, or popups with very deep discount offers (especially for watches, phones, or tablets).  Go to the website yourself through your web browser, and check if the offer is legit.  

2.  Complimentary Vouchers or Gift Cards

A popular holiday scam every year, is big discounts on gift cards.  Don’t fall for offers from retailers or social media posts that offer phony vouchers or gift cards (eg. Starbucks) paired with special promotions or contests.  Some posts or emails may even appear to be shared by a friend (who may have been hacked).  Develop a healthy dose of skepticism this holiday…at least in relation to online scams.

3.  Bogus Shipping Notices from Canada Post, UPS, and FedEx

With the massive online shopping, comes massive shipping, and shipping scams.  You will likely see emails supposedly from Canada Post, UPS or FedEx in your inbox that claim there’s a problem with your package and/or it could not be delivered.  Many of these are phishing attacks that try to make you click on a link or open an attachment.  If you click, your computer will be infected with a virus, or even ransomware which holds all your files hostage until you pay $500 in ransom.

4.  Holiday Refund Scams

Online shopping has increased in the past years, and don’t think that hasn’t escaped the notice of CyberCriminals.  Emails reportedly from retail chains or e-commerce companies such as Amazon or eBay have been received, claiming there’s a “wrong transaction” and prompt you to click the refund link.  However, when you do that and are asked to fill out a form, the personal information you give out will be sold to CyberCriminals who use it against you.  

5.  Phishing the Dark Side

A new phishing email has already begun circulating that tricks people into thinking they could win movie tickets to the highly-anticipated movie, “Star Wars: The Force Awakens,” due out December 18.  However, the email is a phishing attack.  Leading up to the film’s release, and shortly after, you need to stay alert for this social engineering attack.  

Bonus Tips:

1. Never, Ever pay online with debit cards.  Only use credit cards when shopping online.  Why?  If the debit card gets compromised, the CyberCriminals can empty your bank account very quickly.
2. Never use an insecure public Wi-Fi to shop with your credit card.  Only do your online shopping with a secure connection at home.

 

Not sure if your company is safe?  Ask us for a FREE Network Security Assessment!

Check out our “Email Red Flags”  for what to watch for, in suspicious emails. 

Ask us about our “Core Security Solutions” package!

You can’t stop CyberCriminals from targeting your company or employees.

But you can be prepared for their arrival, and have full shields up.

Got CyberBugs?

Call 1-204-800-3166

For Cyber-Extermination!

#itthatworks

ALERT:

New Ransomware Infection “LowLevel04”, Coming Soon to a Computer Near You!

 

The new ransomware called “LowLevel04”, infects your computer, and encrypts your files making them useless to you…unless you pay their ransom demand for a decryption code.  

(Hint:  Backup your important files.  Check out our Managed Backups – they could save your company!)

What’s different about this new version?  For one, the ransom demanded is double the ‘normal’ $500, and demands 4 Bitcoin.  Many victims have also reported that the machines affected were servers, which could cause pandemonium within (or bankrupt) a company.  

Larry Abrams (from techie blog Bleeping Computer”) was the first to report on the new strain.  He stated:

“It appears that once the attacker gains access to a target computer, they download and install a package that generates the encryption keys, encrypts the data files, and then uploads various files back up to the hacker’s temp folder via a terminal services client drive mapping file”.

LowLevel04 scans all mapped drives, including removable and network drives, for data files to encrypt.  When it encounters a file that contains certain file extensions it will encrypt them.  When it’s finished wreaking havoc, the malware cleans up after itself and deletes a number of files used in the encryption process, as well as removing application, security, and system logs.

In each encrypted folder, a ransom note is found.  The note has instructions for the victim to follow, if they want to decrypt their files.  

NOTE:  

Abrams does mention that LowLevel04 does not delete Shadow Volume Copies (yet), so you could use that to get original, unencrypted versions of files back.

 

How To Avoid Becoming A Victim

Ransomware CyberCriminals have used RDP (Remote Desktop Protocol) exploits to gain access in the past, because so many businesses use remote desktop on a daily basis.  So here’s how to avoid becoming yet another victim of ransomware:

1. If You Don’t Need It, Disable It:  It’s a good rule of thumb for everything.  Leaving anything enabled, when you don’t use it, is just leaving another potential back door open for CyberCriminals to gain access to your computer/network.  If you don’t use RDP, disable it.  It’s a huge CyberSecurity hazard.
2. Keep Patches Up-To-Date:  Again, good rule-of-thumb for any electronics that are connected to the Internet (even just for short periods of time).  Keeping Windows patched will help ward off potential RDP exploits.
3. Use What You’re Comfortable With:  If you’re not comfortable with something, you’re not going to use it.  This goes for RDP as well.  If you’re uncomfortable with the out-of-the-box functionality provided by Windows remote desktop software, change to another software you are comfortable with.  Talk to your I.T. provider about options.
4. Use Additional Safety Measures:  Sure, your network security may be good.  But remote desktop is such a huge CyberSecurity hazard that you should have additional security measures in place for each user/computer.  Especially with all the recent hacking, a 2-factor authentication for all remote logins is a absolute MUST.  
5. Security Awareness Training:  Many of the ransomware attacks still arrive via email.  Anyone that has access to anything that contains, or has access to information and the Internet is a CyberSecurity risk and should be put through Security Awareness Training.  This includes everything from computers to mobile devices and receptionist to accountant to CEO.    
6. Backup, Backup, Backup:  The surest solution for that applies to everyone, from the home user to the biggest corporation – BACKUPS.  No defense plan is foolproof – so backup anything you don’t want to chance losing.  Did I mention backups?

Not sure if your company is safe?  Ask us for a FREE Network Security Assessment!

Check out our “Email Red Flags”  for what to watch for, in suspicious emails. 

Ask us about our “Core Security Solutions” package!

 

You can’t stop CyberCriminals from targeting your company or employees.

But you can be prepared for their arrival, and have full shields up.

Got CyberBugs?

Call 1-204-800-3166

For Cyber-Extermination!

#itthatworks

ALERT:  Facebook Dislike Button

At a Q&A session at Facebook on September 15th, Mark Zuckerberg mentioned that Facebook users have been requesting a “Dislike” button, and that Facebook was finally working on this option.  Zuckerberg clarified that this “Dislike” button would not be a “downvote” or meant as a disparaging comment on someone’s post, but rather to communicate a user’s empathy towards another user’s post.

CyberCriminals, in their ever-scamming mood, jumped all over this suggestion.  There have been similar scams in the past, but this time they took Zuckerberg’s comment and ran with it.  CyberCriminals have sent out a deluge of scams trying to lure Fb users to “get the new dislike button” in their Fb profile. 

Facebook users that fall for this scam, end up giving out confidential information, installing malware on their PC or mobile device, installing rogue browser plugins and/or get themselves on a ‘scam list” and end up getting inundated with unwanted phone calls, emails…even snail mail, that tries to sell them various scam products.

The Facebook scam posts could look similar to the scam posts below:

 

 

 

 

 

 

If you receive an email, Fb message, text message, tweet, etc about a Facebook dislike button…

It Is A SCAM.

Do not click on anything, do not open any attachments, do not fill out any forms, do not forward to your friends/Facebook groups.

 Facebook does not yet have a Facebook button.  One is in the works, but has not yet been finalized.

If you receive a post, email, message etc about a Facebook ‘Dislike’ button, to check if it’s the real deal, simply go to Facebook’s Fb page:  

https://www.facebook.com/facebookcanada?fref=ts.  

You can be sure there will be a big announcement.

Not sure if your company is safe?  Ask us for a FREE Network Security Assessment!

Check out our “Email Red Flags”  for what to watch for, in suspicious emails. 

Ask us about our “Core Security Solutions” package!

You can’t stop CyberCriminals from targeting your company or employees.

But you can be prepared for their arrival, and have full shields up.

Got CyberBugs?

Call 1-204-800-3166

For Cyber-Extermination!

#itthatworks