Week 08: Social Engineering, Encoding and Encryption

https://www.iol.co.za/business-report/technology/five-cyber-security-threats-to-be-aware-of-17396238

Phishing: Phishing emails look like they are from a recognized source and target you into giving them things like your banking details or login credentials to valuable data sources hence double check the address of the sender, and usually a phishing email is not 100% correct.

Mobile security: Mobile apps are full of spyware, which takes your data and shares it in the background without you having any knowledge that your data is being shared. Also,before you download an app check the permissions it is asking for

Passwords: many people use the same password for many other different sites, and hackers would have access to many of your profiles.

Public and private wifi: Do not use public wifi to access sensitive information such as mobile account because you could connect someone else’s computer and they are collecting people’s information.

Be aware: Beware, cyber-criminals are using face to face or telephone conversations, pretending to be a customer or a person wanting to do business with you to information that they can use.

https://www.fraudconferencenews.com/home/2018/4/10/cybersecurity-expert-speaks-on-social-engineering-techniques-and-gdpr-vulnerabilities

This article has interesting comments about user behavior. and it says that the three “hot states” that fraudsters tap into when attempting their scams in the hopes of clouding your better judgment:

1. Authority: When an email looks like it comes from your boss or someone with a lot of authority or gravitas, you don’t want to challenge them.
2. Curiosity: When social engineers mention salaries and bonuses, or when you receive an email from a friend with pictures of wild party a few weeks ago, you may act on your curiosity.
3. Temptation: When we are made to feel sexually interested in something, we don’t think about a dangerous situation we could be getting ourselves into.

This is a great synopsis of how fraudsters buy and sell stolen credit car credentials.  It’s a good read, and kind of scary when you see how easy and well organized they are.

 

https://krebsonsecurity.com/2014/06/peek-inside-a-professional-carding-shop/

I chose this article because I thought it was funny how the title seems to directly contradict the argument of the last article I posted, which stated that Americans are avoiding companies that get hacked in greater numbers than before. On the other hand, the article focuses on companies that experience data breaches, and not necessarily the theft of customer funds or payment information. This seems to support my suspicion that people care a lot more about a hack involving their wallet, and care much less about hackers gaining access to their personal information.

https://www.securitymagazine.com/articles/89487-nearly-half-of-americans-willing-to-give-brands-a-pass-for-a-data-breach

This is a statistic that frankly surprises me. I don’t know anyone that has actually quit Facebook or any other company after their breaches. On the other hand, this is almost refreshing. In an ideal world, companies that aren’t responsible should get punished by losing their customers. Perhaps this applies to different industries, and not to others at all. For example, it would make sense for people to take breaches particularly seriously when their credit cards are concerned. So, it could be expected that people would avoid shopping websites after a breach. On the other hand, maybe people don’t fully grasp the importance of a breach of a social media platform that collects data about them.

https://www.securitymagazine.com/articles/89501-avoid-a-business-following-breach-and-21-never-return

Cybercriminals are now selling legitimate passports alongside identity verification documents on the dark web. This kind of data could be used by cybercriminals to steal identities, open bank accounts and more. Security experts found that passport scans were being sold on multiple popular dark web markets such as Dream Market, Berlusconi Market, Wall Street Market, and Tochka Free Market.

While the average price of a digital passport scan was around $14, those interested in purchasing a physical passport had to cough up a whopping $13,000. According to researchers at Comparitech, who discovered this dark market sales trend, all of these fake passports – both digital and physical – can be bought using cryptocurrencies like Bitcoin or Monero.

These passports can be used by crooks to open bank accounts, as some banks now require only two ID proof documents. These fake bank accounts can also be used for other illicit transactions in a “bank drop” scam.

https://cyware.com/news/dark-web-criminals-are-selling-legitimate-passport-scans-for-as-little-as-14-b2df2d2d

This is a broader conversation about the implications of private companies collecting tons of data about its users. Tim Cook criticizes companies like Facebook that profit off of selling its users’ data to advertisers and other parties. He also touches upon the risk associated with protecting that much sensitive data about users that could be used to embarrass, blackmail, and threaten people. I’m curious to see if in the future the United States will enact “right to be forgotten” legislation like we have seen in Europe.

https://www.washingtonpost.com/news/powerpost/paloma/the-cybersecurity-202/2018/10/24/the-cybersecurity-202-tim-cook-s-sharp-rebuke-of-data-industrial-complex-draws-battle-lines-in-privacy-debate/5bcf55c41b326b559037d293/?utm_term=.c4954b693ae2

This is a rather alarming piece that explains that county election sites lack the cybersecurity protections that they need. It’s pretty crazy that they are not up to higher standards, based off of issues with our own election and events worldwide that highlight the susceptibility of these machines.

https://thehill.com/policy/cybersecurity/412993-security-firm-finds-county-election-sites-lack-cybersecurity-protections

 

Magecart is a hacker group specializing in skimming credit card information from unsecured payment forms on websites. This hacker group had previously compromised large websites including British Airways and Ticketmaster. They have now turned to vulnerable Magento extensions. As part of this, these attackers insert a small piece of JavaScript code onto the compromised website to steal all of the credit card information.

The hackers conduct a thorough reconnaissance and only then do they inject their code since each attack is specifically tailored for the targeted site. They make sure that their code blends in with the rest of the domain’s resources, thus making them hard to detect.

https://www.securityweek.com/magecart-hackers-now-targeting-vulnerable-magento-extensions

 

• The number of fake support accounts targeting Proofpoint’s global customer base rose 37% from Q1 to Q2 2018.
• More than 65% of the companies that were targeted by email fraud in Q1 had the identities of more than five employees spoofed.
• The number of email fraud attacks per targeted company was 25% higher in Q2 than in Q1, with the government and retail sectors experiencing the largest increase in email fraud attempts.
• Malicious phishing message volume increased 36% between Q1 and Q2 2018.
• Ransomware was back on the scene in Q2 but is still lagging from a volume perspective, accounting for just a little more than 11% of total malicious messages during the measurement period.
• Proofpoint researchers also detected a 30% increase in phishing links on social media.

https://www.wombatsecurity.com/blog/the-latest-in-phishing-october-2018