scam – PSafe Blog

Coronavirus: Remain On High Alert For Scams & Disinformation

PSafe Newsroom — Mon, 06 Apr 2020 17:40:54 +0000

As we’ve crossed into the month of April, the count of patients infected with coronavirus continues to grow at a sobering pace, and shows no signs of slowing anytime soon. At the same time, people are trying to adjust to the “new normal” of sustained social distancing.

A Perfect Storm For Scams and Disinformation

The behavioral and psychological changes required to make social distancing work are significant: everything from sharing a home or apartment for an entire day (and with more people, especially if you have kids), to figuring out how to go to the grocery store and shop safely. The combination of emotional, physical, and psychological stressors, combined with significantly increased internet and email “screen-time” for most people, has created a kind of perfect storm for online scams, con-artists, and disinformation. Another powerful factor driving this storm is curiosity: people are extremely hungry to hear news, and hopeful / practical news in particular. Scammers have stepped into make the most of these factors, and as Emilio Simoni, Research Director at the dfndr Lab explains: “What we’re seeing is cybercriminals redoubling their efforts to create more, increasingly sophisticated scams, in order to reap profit from baseless, sensational ads or news — or through thefts of personal and financial data. The information they offer is almost invariably false, and sometimes the information itself is immediately dangerous to victims who act on it.”

No Slowing Down: Scammers Are Busier Than Ever!

The pace and inventiveness of coronavirus scams appears to be picking up. Emilio Simoni and the dfndr Lab Security Team have gathered the following examples together. Note that these items by no means constitute a complete list of scams in operation. We share these with you so you can get a richer sense of the variety of these scams, and the methods they employ.

A multilingual scam using the Nike brand name was discovered by the dfndr Lab Security Team (see image above). The scammers used geolocation to adapt the language used to the victims: it showed messages in Portuguese, English, or Spanish, depending on the visitor’s locale. Some generic questions were used to draw people in, and after they were drawn in they were automatically redirected to another domain, full of ads. It was through impressions of these ads that the cybercriminals reaped their profits.

Emilio also notes that “Cyberattacks are becoming more and more sophisticated. One of the most popular scams leveraging the pandemic is the one that falsely promoted a free 1-year subscription for Netflix. The cybercriminals study how official companies and websites offer promotions and sales, then mimic their approach, which can help to create a extremely convincing page.” You can see the example Emilio cites, immediately above.

The dfndr Lab Security Team has also discovered cyberattacks connected to fake profiles on Facebook, also known as bots. These bots are especially prevalent in Facebook Private Groups. Of 3 bots discovered and analyzed by the dfndr Lab, one had engaged more than 10k interactions. These bots used intelligent techniques to persuade the victims, “talking” through pre-recorded messages that request personal information. The most common themes used by these bots to attract new victims were 1) registration to receive the government social security benefits, and 2) offering a map to check the coronavirus spread around the world. The dfndr Lab also notes that many scams in the US are being disseminated through Facebook Messenger. So be careful!

Paypal phishing attacks have also grown exponentially since the beginning of the pandemic. Dfndr lab stipulates that during the month of March, scam emails fraudulently claiming to be from PayPal, and seeking private information, reached over 1.4k users in the US alone.

With people all over the world sheltering in place, virtual meeting providers Zoom, has been in high demand. The dfndr Lab detected 4 fake domains using their name. The URLs were hiding trojans that could act in different ways: seeming to install the Zoom app, but redirecting victims to another website full of ads, and rapidly consuming your phone battery.

What Can You Do?

This is a story that will continue to move fast, so the examples above will be joined by new and different examples by time you read this. As Emilio Simoni pointed out, hackers all over the world are in HIGH PRODUCTION mode during this crisis. They’re going to keep inventing new and more devious ways to get information, and steal from you.

You need to protect yourself. So make sure you’re using a security solution that’s built to alert you immediately when you access a scam site, or interact with a known digital virus “carrier.” dfndr Security has an excellent Anti-Hacking feature you can activate.

If you upgrade to the dfndr Pro version, you’ll get the added benefit of a Safe App Installer (which warns you if an app you’re about to install may be a vector for malware). It also offers Identity Theft Protection to keep your email safe as well.

Consider Going Pro

One of the best ways to protect yourself right now is to upgrade your dfndr app (if you haven’t already) to dfndr Pro. Pro gives you these added protections:

Unlimited Identity Theft Reports: You can check if any of your account credentials have been leaked on the internet.

Anti-theft protection: In case of theft or loss, you can lock down your device remotely, find the phone on a map; or, activate a loud alarm to find it nearby. You can also get a picture of the thief, and wipe the phone of your personal data.

Safe App Installer: You’ll know if an app has previously had data breaches before installing.

App Privacy Scan: You can locate on a map where your app data is going and how it might be used by third-parties.

Ads free version: Totally ad-free

Use this link to learn more about dfndr Pro, and consider upgrading.

Everyday Digital Hygiene Matters Now Too

Just as avoiding coronavirus requires that you keep your hands clean (and keep them away from you face!) — digital hygiene is achieved through simple steps as well. Now’s a time to make doubly sure that you:

NEVER click on links sent to you from unknown people.
Look very closely at emails: If the source looks or sounds like someone you know but the name or email address seems even slightly off…stay away! Leveraging contact and friend information is one of the most common paths for scammers to load malware or get your private information.
Only download or install software from trusted sources. Make sure you double check url’s! The Anti-Hacking feature on dfndr will protect you from malware and known hacking sites.
Use reliable sources, such as legitimate government websites, to get real, fact-checked stories and information on COVID-19. Be aware that scammers will be pulling at you emotionally. This is a hard time for everyone, but do everything you can to stay cool and grounded: your ability to “count to three” before clicking or responding to a link or headline is more important now than ever.

We’re going to keep working to keep you informed and up to date. Until next time, we hope you and yours can stay safe and stay well!

Can You Ever Really Browse the Web Secretly?

PSafe Newsroom — Sun, 09 Jul 2017 21:06:54 +0000

When you’re surfing the Internet, sometimes it’s best that you hide your online activity. Users crave privacy for a lot of reasons. Maybe you’re logged into a shared computer, your work laptop, or a public Wi-Fi hotspot, and you want to reinforce your security. There are also personal motivations, like trying to surprise your partner with a birthday gift you bought online. Whatever the case, there are steps you can take to keep your browsing secret. You should also make an effort to make your browsing safer, too. Click here to use Anti-Hacking to browse the web safely:

Anti-Hacking will block you from malicious websites and phishing attempts designed to steal your personal information or money. You’ll also receive warnings about deceptive websites so that you never compromise the security of your device.

Use Incognito Mode

If you don’t want your history saved, Chrome’s Incognito mode is great for casual use. It also doesn’t keep any of the cookies from your browsing session. Everything disappears as soon as the Incognito window closes. However, Incognito isn’t a great option for using in your workplace. The websites you access will still be visible in your company’s log.

Get a Proxy Network

If you want to go a step further, another great option is using a proxy network. Known more commonly as virtual private networks (VPN), they work by hiding your IP address and assigning you a new one. When you’re browsing the web, an IP address is your online fingerprint, which can be easily traced back to you. Proxy networks are effective, because they retrieve the websites before displaying them for you. So, the remote server only sees the proxy network’s data — not yours!

Disable and Delete Cookies

Cookies are often the culprits when it comes to online tracking. For instance, even Flash Player uses cookies to take note of your browser’s movements. These so-called “super cookies” can actually reload third-party cookies that you may have deleted. Unfortunately, Flash is everywhere. If a website shows any type of video loop — from a news stream to advertisements — you better believe that Flash is powering them.

Remove Online Trackers

A lot of major sites will track your activity. That’s why opting out, blocking them, or changing your settings manually is advised. For example, Google’s targeted ads can be an annoyance, especially since Google has a monopoly on many users’ personal information through Gmail, Google+, YouTube, and Google searches. Luckily, turning off these targeted ads is pretty easy. In the “Activity” section of your Google account, you just need to opt out of “Shared Endorsement” and turn off the personalization feature.

How to Quickly Double-Check a URL Address

PSafe Newsroom — Thu, 13 Apr 2017 16:00:13 +0000

Does the following scenario sound familiar? You receive an email saying your web browser’s security has been compromised. You’re asked to click on a link. However, when you click the link, you aren’t taken to the website you expected to go to, but instead to the website of a scammer. Make sure you’re protected online — even if you click on a dangerous link by accident. Use Anti-Hacking to secure your web browser against malicious websites, pop-ups, and phishing scams:

We don’t often think about whether a URL is correct before we click on a link or paste a URL into our web browsers. DFNDR’s Anti-Hacking tool ensures that you won’t reveal account information on false sites, like the ones you could run into by using an incorrect URL. But, just like you always double-check a site’s security before shopping online, you also want to double-check any link you visit, even if you don’t intend to enter sensitive information on the site. The following will give five simple tips for ensuring that a URL is correct before clicking a link or pasting it into your browser.

Make Sure You Remember the Beginning of the URL

The letters and symbols at the beginning of a URL are important. Don’t forget to include the forward slashes after the colon in “http://.” Additionally, don’t forget to include a “www” if your website isn’t loading properly; sometimes your website won’t load without these letters.

Don’t Forget the Ending of the URL, Either

Don’t forget to check if your domain name is “.com,” “.net,” or “.org.” The wrong ending means that your website won’t load properly.

Check for Case Sensitivity

Did you know that everything after the third slash in a URL is case sensitive? That means if you’re typing in a URL after the third slash, you need to make sure that you’re checking which letters should be capitalized and which shouldn’t.

Are You Spelling the Website’s Name Correctly?

A common hacking scheme is to change the letters in a website just slightly to dupe people. Don’t let this happen to you. If you’re familiar with the name of a website, double-check that the name is spelled correctly in the URL.

Look for Punctuation

If you’re copying and pasting a URL from an email or website, check to see that you haven’t also copied additional punctuation, like commas or periods. These pieces of punctuation will cause the page to load incorrectly.

Scams: What to Look For and How to Stay Protected

PSafe Newsroom — Fri, 08 Jul 2016 21:11:48 +0000

There are a lot of scams out there, but lately they’ve been going from the real world to the digital. Did you know some scammers specifically target Android phones? Stay ahead of the curve, and keep an eye out for the following:

Facebook Cloning Scam

You’re on Facebook, playing basketball on the Messenger, sharing status updates, and liking everything in sight. Sounds nice, right? But, some scam artists are using Facebook to obtain your personal information. If you receive an invite to connect with a family member, or friend you thought you were already connected to, be wary. There are scammers out there who’ll use the profile image, and basic information from a connection’s page to create a convincing copy. Then, they’ll reach out to you with a sob story about how they need money wired to them. Don’t fall for it. Instead, make sure you call, and speak with the person behind the profile to make sure it really is your sister asking for help, and not a scammer!

You’ve Won!

It feels good to win, doesn’t it? That’s the positive feeling scammers are banking on when they send you a text message telling you that you’ve won a prize. For some, the idea of a freebie is too good to pass up. Sometimes, these scammers even offer a trial period for “free” software (most likely malware), while others request money to increase your odds of winning a mega huge prize. It’s illegal to ask for cash in order to win a prize. Practice smartphone safety. Delete these bogus messages, and move on.

Phishing Scams

What do you do when your bank sends you a text saying your account has been compromised? Absolutely nothing, because that isn’t how banks work. Yet, that’s exactly what a con artist would have you believe. These scammers won’t start off by asking for your personal information. They will wait until they lull you into a false sense of security, and link you to a form where you can enter in your bank account information, and PIN number. Bad move. They make off with your cash, and you end up in the red. Protect your data. Call up your bank directly to avoid any confusion.

Stay Alert and Avoid the Scammers

Shady scammers are out there, and every day they find new ways to trick people into revealing their personal information. In the chance you let one of these scammers slip through the cracks, keep your Android protected with PSafe TOTAL. Through its antivirus protection, your smartphone will be in better hands.