New Phishing Attack That Even Most Vigilant Users Could Fall For (view link)
A growing number of hackers are targeting professionals on LinkedIn, according to security firm Symantec.
Its investigation uncovered dozens of fake accounts on the social network, across a variety of industries.
Posing as recruiters, the fake accounts allow hackers to map the networks of business professionals and gain the trust of those in them.
The security firm has worked with LinkedIn to remove all of the fake accounts it identified.
By making these connections, criminals can entice users to give up personal details, direct them to malware-laden websites and, if they can get their email addresses, launch spear-phishing campaigns – targeted emails that aim to steal personal information.
“LinkedIn users expect to be contacted by recruiters, so this ruse works out in the scammers’ favour,” it said in its report.
“Most of these fake accounts have been quite successful in gaining a significant network – one had 500 contacts. Some even managed to get endorsements from others,” Symantec researcher Dick O’Brien told the BBC.
In response LinkedIn said: “We investigate suspected violations of our Terms of Service, including the creation of false profiles, and take immediate action when violations are uncovered.
We have a number of measures in place to confirm authenticity of profiles and remove those that are fake. We encourage members to utilise our Help Center to report inaccurate profiles and specific profile content to LinkedIn.”
The researchers found that the fake profiles tended to be made up of text that had been copied and pasted from the profiles of real professionals. They used photos, often of women, pulled either from stock image sites or of real professionals.
They also used keywords such as “reservoir engineer”, “exploration manager” and “cargo securement training” which are likely to gain them visibility via the site’s built-in search engine.
Many of the terms related to the logistics, information security and oil and gas industries, Symantec said.
Mr O’Brien had some tips for LinkedIn users worried that they might have befriended a hacker.
“You can do a reverse image search by dragging and dropping the profile picture into Google Images and see what it brings up.
“Copying and pasting the job information in Google can also reveal whether it has been taken from somewhere else.”
Twitter and Facebook also have problems with fake accounts but LinkedIn seems to be particularly attractive to hackers, said Mr O’Brien.
“It reveals the greater sophistication of cyber-criminals that they are prepared to play the long game by gaining information for future attacks in this way,” he said.
It is not the first time that researchers have pointed out the dangers of fake LinkedIn profiles.
In October, researchers from Dell’s counter-threat unit identified a network of at least 25 fake profiles that had links to over 200 legitimate ones, belonging to people working in defence, telecommunications, government and utilities.
The fake accounts were linked back to an Iran-based hacker group.
The illegal reproduction and distribution of copyrighted material on the Web is extensive and growing rapidly.
For the 2015 State of Application Security Report, Arxan and iThreat Cyber Group (ICG) analysed data collected over the past 3.5 years that looked at the distribution of pirated software and digital assets on the Dark Web (i.e., the portion of content on the World Wide Web that is not indexed by standard search engines) and indexed sites that are focused on distributing pirates. Thousands of sites were analysed in the process, including over 50 that are in the business of distributing pirated releases.
The report describes:
Read the full press release
In this increasingly data-driven world, corporate security is more important than ever before. This concept is even more prevalent with the rise of the modern smartphone. Although these devices are quite convenient, the chances of proprietary information becoming lost, corrupted or stolen have dramatically increased. An employee could leave a company and no longer be authorised to view private data or a phone may be lost and fall into the hands of criminals and similar fraudsters. Intellectual property theft is therefore a very real concern. When we combine these threats with ever-advancing mobile phone hacks, it becomes clear that powerful solutions need to be put in place. What are some of the latest systems designed to mitigate the risks of this data loss?
Like many other systems, XenMobile addresses the issue of mobile device management (MDM). Secure email, document sharing, cloud-based solutions and the ability to effectively wipe all data should a device be lost are some of the techniques that this software employs.
This mobility suite offers protection at important data access points such as the device, the application and the data layers themselves. Proprietary systems help to ensure that threats such as malware, unauthorised viewing and leakage are adequately addressed. Another key benefit here is that company-centred applications can be located alongside personal apps; neither of which will interfere with the other.
Enterprise-grade security is a defining feature of the enterprise mobility systems provided by Drupa. Cloud-based storage is shielded from third-party eyes through the use of two-factor encryption. This will prevent any unauthorised individuals from viewing important data. Remote deletion capabilities as well as location monitoring can effectively deal with any threat as soon as it becomes known. All of these features are backed up with centralised monitoring; offering management and the end user superior levels of transparency.
IBM MobileFirst offers a number of security solutions which are based around the needs of the business. These include device security and content security. Furthermore, both applications and communications can be hidden from prying eyes thanks to robust levels of encryption alongside systems such as multi-factor authentication (amongst other methods).
This company offers a framework known as Mobile Device Manager Plus. Permissions based upon the role of the employee, the ability to immediately wide remote data, geolocation tracking and the blocking of commercial applications while on company premises are a few mobile security solutions offered by ManageEngine.
The Critical Concept of Encryption
All of these systems share one thing in common. Each employs a proprietary encryption system to dissuade and prevent intellectual property theft from a mobile device. This is important, for many employees may use passwords that are considered to be rather weak. Should an employee copy data onto his or her phone and their PIN number be similarly vulnerable, fraud and theft are an even greater possibility. Whether accidentally or to view this data from the convenience of home with no bad intentions, the threat is just as real.
In these and other cases, encryption will always play an important role. Not only should peer-to-peer (P2P) encryption systems be used, but there can also be times when the data itself is encrypted. This will require another password in order to be viewed. Such a concept is an excellent redundant security feature and many systems will make use of multiple levels of encryption.
Ultimately, mobile security and intellectual property theft are both growing concerns. Due to the sheer number of these devices and the presumption that their presence within the corporate world will continue to grow, companies should take these possibilities very seriously. What also should be mentioned is the rise of 4G connectivity. As this allows massive amounts of data to be downloaded, the potential of such information to be compromised obviously increases. Whether from the loss of a device or an intentional breach of traditional firewalls, more innovative solutions need to be put into place. The examples that we have seen are only a handful of the solutions that now exist. Still, their methods will continue to evolve alongside the threats that will likewise advance.
Mobile device management is an area that must be taken quite seriously by any company. Theft, fraud and data corruption can cost an enterprise untold amounts of money while placing their proprietary information in jeopardy. These solutions are effective ways to address and nullify such threats within real-world scenarios.
Surelock Global Investigators and Security Consultants are also well qualified (with a wealth of experience and knowledge) to provide advice in matters of corporate and personal security.
SnoopWall, a US counterveillance software company released a threat assessment report regarding the top 10 Flashlight/Torch apps in the Google Play Store, and every one of them can potentially be used maliciously.
Flashlights are simple apps that use your mobile phone screen as a torch. They are so simple that the size of the app should be kilobytes in size. If the app you are about to download and install is several megabytes, stop now as it is almost certainly malicious. If you have already downloaded it then uninstall it immediately and perform a hard reset on your phone after you have backed up important data. Seek expert advice if you are unsure about what to do.
Click on the link below for more information:
Read the US FTC (Federal Trade Commission) press release:
Antivirus solutions provider Bitdefender has warned that fake videos spreading across Facebook are leading to malware infections rather than the promised content.
The new Facebook scam takes advantage of Emma Watson’s growing popularity, using the actress as bait. It starts with a Facebook comment promising to reveal private or leaked videos of the celebrity.
The comments are automatically posted by users already infected with the malware. Like many Facebook scams, victims end up as marketers for the fraudsters.
If you click on the malicious links, you are redirected to a YouTube copycat website. You are then asked to update your Flash Player, because an error allegedly prevents you from viewing it immediately.
To make the scam seem more credible, the fake YouTube account uses the Anonymous ‘Guy Fawkes’ mask, which is used by the hacking group often claiming celebrity video leaks.
Besides stealing phone numbers through premium SMS scams, the malware disguised as a Flash Player update also changes your browser settings not allowing you to see your list of extensions and Facebook activity and settings anymore.
In 2012 Watson held the number one spot in MacAfee’s annual “Most Dangerous Cyber Celebrity”.
Read more on the Bitdefender website.
Please note: Surelock is not responsible for the content on external websites.
If you are a victim of fraud you can call Action Fraud on 0300 123 2040 or use Action Fraud’s online fraud reporting tool and receive a police crime reference number.
Whoever you are, whatever you do, you could be a victim of online crime. It’s a growing threat, but there are things you can do to protect yourself from online criminals – whether they’re anonymous individuals an organised crime gang operating in the UK or from abroad or even, sadly, someone you might know.
To help increase awareness of the steps you can take, leading online safety awareness organisation Get Safe Online is delighted to announce the ninth annual Get Safe Online Week 2014, which will be held this year from 20th – 26th October. It describes how anyone, anywhere can be a victim of some kind of online crime, however safe they think they may be.
During the week, Get Safe Online will be launching new research about attitudes to and experiences of online crime, alongside important advice on how to stay safe on your computer, smartphone, tablet or games console. They’d also love you to get your local community involved by setting up your own Get Safe Online Week event to raise awareness of this pressing issue, and play your part in protecting people of all ages from becoming victims of fraud, identity theft, abuse and other issues. Here are some ideas:
Get Safe Online is a jointly funded initiative between several Government departments and private sector businesses and is the Government’s preferred online security advice channel.
A major new vulnerability called Heartbleed could let attackers gain access to users’ passwords and fool people into using bogus versions of Web sites. Some already say they’ve found Yahoo passwords as a result.
The problem, disclosed on 8th April, is in open-source software called OpenSSL that’s widely used to encrypt Web communications. Heartbleed can reveal the contents of a server’s memory, where the most sensitive of data is stored. That includes private data such as usernames, passwords, and credit card numbers. It also means an attacker can get copies of a server’s digital keys then use that to impersonate servers or to decrypt communications from the past or potentially the future, too.
Security vulnerabilities come and go, but this one is extremely serious. Not only does it require significant change at Web sites, it could require anybody who’s used them to change passwords too, because they could have been intercepted. That’s a big problem as more and more of people’s lives move online, with passwords recycled from one site to the next and people not always going through the hassles of changing them.
Yahoo said just after noon PT that it fixed the primary vulnerability on its main sites: “As soon as we became aware of the issue, we began working to fix it. Our team has successfully made the appropriate corrections across the main Yahoo properties (Yahoo Homepage, Yahoo Search, Yahoo Mail, Yahoo Finance, Yahoo Sports, Yahoo Food, Yahoo Tech, Flickr, and Tumblr) and we are working to implement the fix across the rest of our sites right now. We’re focused on providing the most secure experience possible for our users worldwide and are continuously working to protect our users’ data.”
OpenSSL is one implementation of the encryption technology variously called SSL (Secure Sockets Layer) or TLS (Transport Layer Security). It’s what keeps prying eyes out of communications between a Web browser and Web server, but it’s also used in other online services such as email and instant messaging, Codenomicon said. The bug afflicts version 1.0.1 and 1.0.2-beta releases of OpenSSL, server software that ships with many versions of Linux and is used in popular Web servers, according to the OpenSSL project’s advisory on Monday night. OpenSSL has released version 1.0.1g to fix the bug, but many Web site operators will have to scramble to update the software. In addition, they’ll have to revoke security certificates that now might be compromised.
Developer and cryptography consultant Filippo Valsorda published a tool that lets people check websites for Heartbleed vulnerability. That tool showed Google, Microsoft, Twitter, Facebook, Dropbox, and several other major Web sites to be unaffected — but not Yahoo. Valsorda’s test uses Heartbleed to detect the words “yellow submarine” in a Web server’s memory after an interaction using those words.
Should I Change My Password?
Some security experts are saying that it would be prudent to do so although there is a degree of confusion as to when and if this needs to be done.
Many of the large technology firms including Facebook and Google have patched the vulnerability. Confusingly though Google spokeswoman Dorothy Chou specifically said: “Google users do not need to change their passwords.” A source at the firm told the BBC that it patched the vulnerability ahead of the exploit being made public and did not believe that it had been widely used by hackers.
Some point out that there will be plenty of smaller sites that haven’t yet dealt with the issue and with these a password reset could do more harm than good, revealing both old and new passwords to any would-be attacker. But now the bug is widely known even smaller sites will issue patches soon so most people should probably start thinking about resetting their passwords.
“Some time over the next 48 hours would seem like sensible timing,” the University of Surrey’s computer scientist Prof Alan Woodward told the BBC. Mikko Hypponen of security firm F-Secure issued similar advice: “Take care of the passwords that are very important to you. Maybe change them now, maybe change them in a week. And if you are worried about your credit cards, check your credit card bills very closely.”
See full articles at:
Test websites for Heartbleed vulnerability at:
© Surelock, 2018. All rights reserved. Website by Cohoda LTD