cyberattack – PSafe Blog

Coronavirus: Remain On High Alert For Scams & Disinformation

PSafe Newsroom — Mon, 06 Apr 2020 17:40:54 +0000

As we’ve crossed into the month of April, the count of patients infected with coronavirus continues to grow at a sobering pace, and shows no signs of slowing anytime soon. At the same time, people are trying to adjust to the “new normal” of sustained social distancing.

A Perfect Storm For Scams and Disinformation

The behavioral and psychological changes required to make social distancing work are significant: everything from sharing a home or apartment for an entire day (and with more people, especially if you have kids), to figuring out how to go to the grocery store and shop safely. The combination of emotional, physical, and psychological stressors, combined with significantly increased internet and email “screen-time” for most people, has created a kind of perfect storm for online scams, con-artists, and disinformation. Another powerful factor driving this storm is curiosity: people are extremely hungry to hear news, and hopeful / practical news in particular. Scammers have stepped into make the most of these factors, and as Emilio Simoni, Research Director at the dfndr Lab explains: “What we’re seeing is cybercriminals redoubling their efforts to create more, increasingly sophisticated scams, in order to reap profit from baseless, sensational ads or news — or through thefts of personal and financial data. The information they offer is almost invariably false, and sometimes the information itself is immediately dangerous to victims who act on it.”

No Slowing Down: Scammers Are Busier Than Ever!

The pace and inventiveness of coronavirus scams appears to be picking up. Emilio Simoni and the dfndr Lab Security Team have gathered the following examples together. Note that these items by no means constitute a complete list of scams in operation. We share these with you so you can get a richer sense of the variety of these scams, and the methods they employ.

A multilingual scam using the Nike brand name was discovered by the dfndr Lab Security Team (see image above). The scammers used geolocation to adapt the language used to the victims: it showed messages in Portuguese, English, or Spanish, depending on the visitor’s locale. Some generic questions were used to draw people in, and after they were drawn in they were automatically redirected to another domain, full of ads. It was through impressions of these ads that the cybercriminals reaped their profits.

Emilio also notes that “Cyberattacks are becoming more and more sophisticated. One of the most popular scams leveraging the pandemic is the one that falsely promoted a free 1-year subscription for Netflix. The cybercriminals study how official companies and websites offer promotions and sales, then mimic their approach, which can help to create a extremely convincing page.” You can see the example Emilio cites, immediately above.

The dfndr Lab Security Team has also discovered cyberattacks connected to fake profiles on Facebook, also known as bots. These bots are especially prevalent in Facebook Private Groups. Of 3 bots discovered and analyzed by the dfndr Lab, one had engaged more than 10k interactions. These bots used intelligent techniques to persuade the victims, “talking” through pre-recorded messages that request personal information. The most common themes used by these bots to attract new victims were 1) registration to receive the government social security benefits, and 2) offering a map to check the coronavirus spread around the world. The dfndr Lab also notes that many scams in the US are being disseminated through Facebook Messenger. So be careful!

Paypal phishing attacks have also grown exponentially since the beginning of the pandemic. Dfndr lab stipulates that during the month of March, scam emails fraudulently claiming to be from PayPal, and seeking private information, reached over 1.4k users in the US alone.

With people all over the world sheltering in place, virtual meeting providers Zoom, has been in high demand. The dfndr Lab detected 4 fake domains using their name. The URLs were hiding trojans that could act in different ways: seeming to install the Zoom app, but redirecting victims to another website full of ads, and rapidly consuming your phone battery.

What Can You Do?

This is a story that will continue to move fast, so the examples above will be joined by new and different examples by time you read this. As Emilio Simoni pointed out, hackers all over the world are in HIGH PRODUCTION mode during this crisis. They’re going to keep inventing new and more devious ways to get information, and steal from you.

You need to protect yourself. So make sure you’re using a security solution that’s built to alert you immediately when you access a scam site, or interact with a known digital virus “carrier.” dfndr Security has an excellent Anti-Hacking feature you can activate.

If you upgrade to the dfndr Pro version, you’ll get the added benefit of a Safe App Installer (which warns you if an app you’re about to install may be a vector for malware). It also offers Identity Theft Protection to keep your email safe as well.

Consider Going Pro

One of the best ways to protect yourself right now is to upgrade your dfndr app (if you haven’t already) to dfndr Pro. Pro gives you these added protections:

Unlimited Identity Theft Reports: You can check if any of your account credentials have been leaked on the internet.

Anti-theft protection: In case of theft or loss, you can lock down your device remotely, find the phone on a map; or, activate a loud alarm to find it nearby. You can also get a picture of the thief, and wipe the phone of your personal data.

Safe App Installer: You’ll know if an app has previously had data breaches before installing.

App Privacy Scan: You can locate on a map where your app data is going and how it might be used by third-parties.

Ads free version: Totally ad-free

Use this link to learn more about dfndr Pro, and consider upgrading.

Everyday Digital Hygiene Matters Now Too

Just as avoiding coronavirus requires that you keep your hands clean (and keep them away from you face!) — digital hygiene is achieved through simple steps as well. Now’s a time to make doubly sure that you:

NEVER click on links sent to you from unknown people.
Look very closely at emails: If the source looks or sounds like someone you know but the name or email address seems even slightly off…stay away! Leveraging contact and friend information is one of the most common paths for scammers to load malware or get your private information.
Only download or install software from trusted sources. Make sure you double check url’s! The Anti-Hacking feature on dfndr will protect you from malware and known hacking sites.
Use reliable sources, such as legitimate government websites, to get real, fact-checked stories and information on COVID-19. Be aware that scammers will be pulling at you emotionally. This is a hard time for everyone, but do everything you can to stay cool and grounded: your ability to “count to three” before clicking or responding to a link or headline is more important now than ever.

We’re going to keep working to keep you informed and up to date. Until next time, we hope you and yours can stay safe and stay well!

Massive Global Cyberattack Has Ties to the NSA

PSafe Newsroom — Wed, 17 May 2017 21:00:27 +0000

On Friday, May 12, a massive cyberattack hit worldwide, engineered by an unidentified hacker group. The Russian cybersecurity firm, Kaspersky Lab, said it recorded approximately 45,000 attacks in as many as 74 countries. The attackers used emails with links carrying ransomware, a type of malware that encrypts data, thereby, locking users out of a computer. Several entities were grossly affected, including Spain’s Telefónica, Britain’s NHS system, and FedEx. Although computers with Microsoft systems were compromised, don’t be fooled that your Android device is safe. With the BYOD (Bring Your Own Device) philosophy being implemented in many companies, it’s vital to run scans and protect against hackers, like the ones that masterminded this attack. Activate Full Virus Scan now to check for any threats when you’ve clicked on a link in an email:

Full Virus Scan will check your smartphone’s files and programs that are in your device’s memory and SD card, alerting you of any breaches or viruses. Although the identity of the hackers is currently unknown, links to the NSA surfaced. A group referred to as the Shadow Brokers originally leaked the hacking tools used in the British NHS attack — these tools were stolen from the NSA last year. The hackers took advantage of organizations that failed to patch vulnerabilities in their computer systems.

Ransomware Attacks Are Increasing
The type of ransomware used in the attacks is called Wanna Decryptor, which encrypts a computer’s files and then deletes the originals. The hackers demanded $300 in Bitcoin to decrypt the files, with the price doubling after three days. After seven days, the files will not be able to be recovered.

Hackers are typically able to infect an entire system with malware and hold it for ransom by targeting individual employees at an organization. This can be accomplished through phishing or social engineering attacks — all it takes is one employee clicking on a malicious link or attachment from an email. Click here to use Anti-Hacking to protect yourself against phishing attempts on your work phone:

Anti-Hacking will also block you from malicious websites and warn you of any deceptive sites so that you don’t fall prey to malware. It is now more important than ever to protect yourself from social engineering attacks as they become cleverer and more frequent — especially if your business is a likely target for cyberattacks.Ransomware attacks, in particular, have increased by about 6,000% since 2015, according to a study by IBM.

A worldwide cyberattack of this scale is a strong reminder that not only are work or home computers at risk, but malware attacks on mobile devices are gaining as well. Be vigilant and aware, and above all else — protect all your devices, not just one.

Everything You Need to Know About Cybersecurity Insurance

PSafe Newsroom — Fri, 11 Nov 2016 22:00:37 +0000

It seems like every week we learn about a new cyberattack. Cyberattacks can be massive — as seen in the case of Yahoo’s stolen account information — and damaging to a company’s value, future business, and reputation. Also in the case of Yahoo, it could be years before a company can confirm that a security breach happened. Cybersecurity insurance can then help to repair the damage from a massive security breach.

What Does Cybersecurity Insurance Offer?

Obtaining cybersecurity insurance is a crucial step to take for a business. It will help to reduce most losses from cyberattacks, such as network damage and data breaches, among other issues. The insurance will cover many necessary steps needed after a cyberattack, such as taking measures to secure a company from further damage, in addition to informing any clients, paying fines, and investigating the security breach. Cybersecurity insurance also works to prevent cyberattacks and data breaches by having companies adopt safe practices. In exchange for these preventative measures, a company might receive a reduced rate or more coverage. In addition, companies like Cisco, that offer data encryption through VPN services, often come with cybersecurity insurance for their clients (which could be a major hospital, for example).

What Cybersecurity Insurance Doesn’t Offer

Cybersecurity insurance usually doesn’t cover damage to a company’s reputation. Hopefully the company will take the necessary measures for rebuilding their reputation, such as immediately informing clients of the security breach and ensuring clients that their company will actively work to prevent future attacks. In addition, cybersecurity insurance won’t make up for lost business from the security breach.

Coverage can also be limited due to the indefinite nature of a cyberattack. It can be difficult to quantify a company’s chance of being victim to a cyberattack or the value of their data. It doesn’t help, either, that technology is ever changing and that safe cybersecurity practices need to compete with this rapid development. An inability to adopt the latest safe practices within a certain time frame could come across as negligence.

Protect Your Device with PSafe

While companies focus on safer cybersecurity habits, so should those companies’ clients — and beyond. It’s important for all of us to stay up to date on the latest cyber threats and best practices for preventing a cyberattack. One way that you can increase your cyber-awareness is by utilizing antivirus software. Download PSafe Total for your Android and PSafe Total Windows for your computer to protect your devices against security threats 24/7.