Digital Article Repository: CyberSecurity

NASCUS Report Article Repository: Cybersecurity

 


 

April 29, 2022

Think It Can’t Happen to You? Spoofing, Phishing, and Smishing

Related Readings:


Social Media a Gold Mine for Scammers
According to a data spotlight authored by the Federal Trade Commission, “Social media permeates the lives of many people – we use it to stay in touch, make new friends, shop, and have fun. But reports to the FTC show that social media is also increasingly where scammers go to con us. More than one in four people who reported losing money to fraud in 2021 said it started on social media with an ad, a post, or a message. In fact, the data suggest that social media was far more profitable to scammers in 2021 than any other method of reaching people.

Social FraudMore than 95,000 people reported about $770 million in losses to fraud initiated on social media platforms in 2021. Those losses account for about 25% of all reported losses to fraud in 2021 and represent a stunning eighteen-fold increase over 2017 reported losses. Reports are up for every age group, but people 18 to 39 were more than twice as likely as older adults to report losing money to these scams in 2021.

For scammers, there’s a lot to like about social media. It’s a low-cost way to reach billions of people from anywhere in the world. It’s easy to manufacture a fake persona, or scammers can hack into an existing profile to get “friends” to con. There’s the ability to fine-tune their approach by studying the personal details people share on social media. In fact, scammers could easily use the tools available to advertisers on social media platforms to systematically target people with bogus ads based on personal details such as their age, interests, or past purchases.”


Fishing with Fake Accounts
Courtesy of Rachel DePompa and Daniela Molina, Gray Media Group, Faked Out: Con artists copycatting social media profiles lure family and friends into scams”

Your pictures, your videos, your memories – all come together to create your social media identity. The authors have uncovered scammers targeting your online accounts to create a whole new you, all designed to scam your closest friends out of their money.

In the tech world it’s called “spoofing,” a hacking technique where scammers take your online content and create a duplicate fake profile with the goal of drawing your friends and followers into a web of deceit.

According to Facebook’s transparency page, in late 2021 around five percent of monthly active users worldwide were fake, which means there were around 140 million fake accounts at any given time. Meta, Facebook and Instagram’s parent company, said it took action against 1.7 billion fake Facebook accounts during that same time.

How can you protect yourself: Report the duplicate account to the social media company and follow the steps listed on its website.

  1. Go into Settings and make your account private (for the time being)
  2. Set up two-factor authentication on all your social media devices
  3. Freeze your credit (even your dependents and children too)
  4. Report identity theft to the IRS to prevent hackers from committing crimes under your name

Baiting with Bitcoin

James Lee, COO of Identity Theft Resource Center (ITRC), said once scammers create the fake account, they will post on Instagram about Bitcoin investments to attract other users. Anyone who clicks on certain links in that post automatically shares their credentials. At that point, hackers can step in and message the followers of anyone who clicked on the link to join the Bitcoin scam.

According to cybersecurity firm Digital Shadows, the cost of a hacked Instagram account on the dark web is $45. ITRC said it received 316 complaints about social media account takeovers in 2021. Already in 2022, the organization has seen 201 complaints, an 11% increase from this time last year.


Smishing: Phishing with a Different Bait
Courtesy of David Lott, Federal Reserve of Atlanta

The Retail Payments Risk Forum team is always on the lookout for changes in attack patterns by the criminal element regarding payments. Our sources of research include industry news, networking with payments stakeholders, third-party reports, and our internal security warnings. One other source we have is our own personal experience.

Unlike phishing, which uses email, smishing uses SMS text messages to entice you to click on a malicious link that either loads malware on your phone or, more likely, directs you to a fake website to capture your login information. (Simply opening the text message poses little risk.)

A cybersecurity firm that claims to handle 80 percent of mobile messages in North America has reported that the number of smishing attacks during the third quarter of 2020 had increased 328 percent over the previous quarter. The FBI’s Internet Crime Complaint Center (IC3) doesn’t separate smishing from phishing, vishing (phone calls), or pharming (redirection to a fake website) incidents, but the IC3’s Internet Crime Report 2021  shows that these complaints increased 34 percent from 2020 to 2021.

The warning signs for a smishing message are quite similar to those of a phishing attack and may include the following:

  • A sense of urgency, pushing you to respond right away. As we are now in income tax season, these messages may include references to past due taxes or a suspended refund.
  • An offer of a reward such as a gift card, rebate, or a coupon for a future purchase from the retailer
  • Poor English grammar or improperly formatted phone numbers
  • An unknown sender. It is best to report or delete messages you weren’t expecting from people you don’t know.

Be aware that what appears to be the sender’s phone number is often spoofed. It may be a familiar number or at least may have a local area code. This is intended to increase your trust and thus the likelihood that you will respond.

Likewise, the protective measures you should take to protect yourself against falling victim to a smishing attempt are similar to any other safeguards you take:

  • Keep your mobile device software and browsers updated with the latest security upgrades.
  • If you are in doubt about the legitimacy of the message, do not use the link or phone number provided in the text to contact the sender. If the message appears to be from someone you know or a business you are familiar with, find their number in your contacts or online and contact them directly.

Phishing During the Great Resignation: LinkedIn Accounts for Half of all Phishing Attempts Worldwide
Courtesy of the Check Point Blog 

Check Point Research issued its Q1 Brand Phishing Report, highlighting the brands that hackers most often imitate to lure people into giving up their personal data and highlights the brands which were most frequently imitated by criminals in their attempts to steal individuals’ personal information or payment credentials during January, February and March 2022.

Social media networks have now overtaken shipping, retail and technology as the category most likely to be targeted by criminal groups.

So far this year, LinkedIn has been related to more than half (52%) of all phishing-related attacks globally, marking the first time the social media network has reached the top of rankings. It represents a dramatic 44% uplift from the previous quarter, when LinkedIn was in fifth position and related to only 8% of phishing attempts. LinkedIn has now overtaken DHL as the most targeted brand, which has now fallen to second position and accounted for 14% of all phishing attempts during the quarter.

Top phishing brands in Q1 2022

Below are the top brands ranked by their overall appearance in brand phishing attempts:

  1. LinkedIn (relating to 52% of all phishing attacks globally)
  2. DHL (14%)
  3. Google (7%)
  4. Microsoft (6%)
  5. FedEx (6%)
  6. WhatsApp (4%)
  7. Amazon (2%)
  8. Maersk (1%)
  9. AliExpress (0.8%)
  10. Apple (0.8%)

Check Point Illustrates an emerging trend toward threat actors leveraging social networks, now the number one targeted category ahead of shipping companies and technology giants such as Google, Microsoft and Apple. As well as LinkedIn being the most targeted brand by a considerable margin, WhatsApp maintained its position in the top ten, accounting for almost 1 in 20 phishing-related attacks worldwide.

 


 

March 25, 2022

 How Are State Agencies Preparing in the Cyber Space?

This week, the White House issued a fact sheet regarding potential cyberattacks resulting from “evolving intelligence” around the Russia/Ukraine situation. Additionally, the President echoed concerns regarding the potential for Russian cyberattacks and directed companies to “harden your cyber defenses immediately.”

This step follows actions taken by several Governors across the country to take proactive steps in safeguarding against potential attacks, including

  • New York Gov. Kathy Hochul commented that her state was “on heightened alert with respect to cybersecurity and our own defenses.” Additionally, New York launched a Joint Security Operations Center to improve coordination and bolster cybersecurity efforts by bringing federal, state, county, and local governments, together with critical infrastructure partners.
  • Colorado Gov. Jared Polis directed the Office of Information Technology to focus on protecting the state’s critical infrastructure from Russian cyberattacks or misinformation efforts through an executive order
  • North Carolina Gov. Roy Cooper instructed the Joint Cybersecurity Task Force to increase outreach and assistance. 
  • Texas Gov. Greg Abbott ordered state IT and public safety officials to “make sure cyber incident response teams are ready and that a potential cyber intrusion can be quickly detected through antivirus and other software.”
  • In an interview with Stateline Connecticut, Chief Information Security Officer Jeff Brown commented that the state has been “very aggressively” blocking Russian IP addresses. 

While state governments have not received any credible threats to date, state executives are focused on ensuring proper procedures to protect state systems and the public.

Published in a recent article by the Pew Charitable Trust. titled “Ukraine War Puts US Cities, States on Cyber Alert”:

“Since Russia’s attack on Ukraine, the Multi-State Information Sharing and Analysis Center, a federally funded group that helps state and local governments prevent and respond to digital threats, also has boosted its efforts, said Randy Rose, a senior director. The group sent information to every state about ways to take defensive actions.

But states shouldn’t just focus on Russia, Rose noted, because other cybercriminals and “state actors” may attempt to take advantage of the increased focus on Russia “to slip in unnoticed.”


What Can You Do Today?

Together, the FBI and Cybersecurity and Infrastructure Security Agency issued a joint Cybersecurity Advisory  that provides information malware “as well as open-source indicators of compromise (IOCs) for organizations to detect and prevent the malware.”

Actions to Take Today:

  • Set antivirus and antimalware programs to conduct regular scans.
  • Enable strong spam filters to prevent phishing emails from reaching end users.
  • Filter network traffic.
  • Update software.
  • Require multifactor authentication.

Furthermore, the U.S. Cybersecurity and Infrastructure Security Agency has issued a “Shields Up” warning about this evolving threat. Advising every organization, including state and local governments, to “adopt a heightened posture” and be prepared to respond to disruptive cyber activity.

Stay Up-to-date on Cyber Alerts and Resources

Additional Reading/Resources

 


 

March 4, 2022,

Global Cybersecurity Awareness

Highlights necessary cyber alerts/awareness as the entire cybersecurity community is on high alert following events in Ukraine. Links curated for this week include: