Category: Security News

lockyRansomware, what is it? Defined as “malware for data kidnapping,” it is one of the top security issues in the digital and cloud age, wherein the hacker or attacker encrypts data and asks for ransom (usually a Bitcoin payment) for the decryption key.

Today, another ransomware threatens the online community “Locky” that can hit you if you were ‘unlucky.’ It works similarly like the modus conducted by the banking software Dridex.

How Locky works?

A victim will be sent an email with a Microsoft Word attachment disguising as an INVOICE that requires macro.

[By default, Microsoft disables it due to security reasons. So a user normally will see a warning if an attachment contains it.]

Now if you would enable the macro function, it will run and then download Locky to your PC, according to the Palo Alto Networks.

[It is the same modus operandi used by Dridex, a notorious Trojan that steals banking account details.]

There are suspicions that the distributors of Locky are connected to one of the main men of Dridex because both use the same mode of malware distribution.

If you or your organization happens to be the unlucky target, your files will be unrecoverable unless you have a regular backup or if your data has not been touched yet.

Lately, the Hollywood Presbyterian Medical’s computer system was infected by ransomware in which the hackers ask for 9,000 bitcoins (or approximately US$3.6 million).

Reports indicated that the operators behind Locky may have conducted a large attack. Palo Alto Networks revealed that it had detected 400,000 sessions that used the same downloader “Bartallex,” which is the one that deposits the infection onto a computer system. Over half of the targets were recorded in the United States and the rest included Australia and Canada.

Locky utilizes its command-and-control infrastructure for conducting a memory exchange before encrypting the files.

Kevin Beaumont from Medium said that encrypted files have the ‘.locky’ extension. He wrote guidance on how to figure out who among the people in an organization has been infected and recommended that the active directory account of the victim must be locked and its network access must be shut down. Finally, he said that you are more likely to rebuild the victim’s PC from scratch.

Check out the full story here.

globe2As Christmas season approaches, some people prefer the convenience of online shopping. But there are things you must consider to keep you safe from fraud, which also roams around this season. Among these tips include being aware of ‘too good to be true’ deals. Scams may come in many forms but they are not reviewed mostly.

Look for genuine and safe online stores. Use private and secured connections when making payment and purchases. Review your account settings regularly. It is also advised to keep your personal information safe and change passwords regularly. It is also better to have a low credit limit on credit cards.

Source: Global News

MailOnline banking is one of the most convenient way to transfer, withdraw or pay online today. however, it also opens an opportunity for criminals to hack accounts and personal information. The Minnesota Department of Commerce urges online bankers to follow these advices for a safer online banking. First, make sure that your bank uses a multifactor authentication, a method that requires users to type their passcodes twice or more to accessing an account. Use strong passwords, keep it safe, and make sure that your device is protected by an updated antivirus. Do not open unsolicited emails or answer calls that ask for your banking information. Regularly monitor your bank account and log out after every session.

Source: Hometown Focus

 

globe2Action Fraud works with London Police to warn people who meet the love of their lives through online dating. This is amidst the thousands of online dating victims reported across the country. Among the tips to keep safe in online dating include the following.

Do not disclose your personal information when dating online. These include your phone number, address and full name. Next tip is to be aware of scammers’ techniques such as love declaration in a short time. When asked for a meet up, pick a safe and familiar place. Do not give in to fees and other sort of financial transactions. Once spotted an abuser, report it immediately.

Source: Naked Security

 

Dumbarton and the Vale’s police department issued practical advices for its residents on how to avoid fraudsters and scammers like mystery sale offers, card skimming, and fraud callers.

To avoid fraud, residents are encouraged to avoid doorstep conmen who pressure people on buying overpriced items, the pretending workmen maintenance who can rob you at home, subscription traps like ‘free’ trials, and loopholes in computer products.

It also important to safeguard personal information, create strong passwords and use separate ones in different accounts. Make sure to check financial statements and report any suspicious transaction. Lastly, shred any personal or financial documents when disposing them.

Source: Dumbaton Reporter

Screen-exclamationOnline scammers are out for an adventure targeting their victims. According to AARP Fraud Watch Network’s tips, these scammers use the following tactics:

First, they lure their targets with wealth and then establish connections by asking personal questions. Once they got how to trigger the victim’s emotions, they start to play with them by offering products or services that is claimed to be in limited offer. Online scammers try to build trust by stating that they are affiliated to famous personalities and organization – they even speak the same credentials. These individuals will try to gain access to your computer through malicious malware.

As a precaution, check the reputation and legal registration of any online business before any transaction.

Source: CPA Practice Advisor

globe2Online money scam has become more sophisticated overtime – especially in the digital age nowadays. Home settlement, a huge family investment is now being used as the latest online money scam bycyber thieves.This works by a cybercriminal sending an email to the person doing a home settlement with different set of instructions, directing the client to wire the money to a separate account. And before the client knows it, he has wired a ton of money to a thief’s account.

Every client can avoid to be victimized by this fraud by not sending delicate information such as financials over the email and verifying everything before wiring any money to any account. Always clean up your email for any pattern that can hook a hacker. Change your password regularly and install an updated anti-virus. Lastly, report any case.

Source: Washington Post

Computer-Warning2Wayne Bank’s CEO Lewis J. Critelli, a Honesdale-based company, issued some important cyber security tips to help educate online users fight identity theft, a widely act of cybercrime these days. According to the business tycoon, the attractiveness of mobile devices among users makes them vulnerable to cybercrimes.

Among the tips he recommended include using strong passcodes, logging out after each session, installing anti-virus software and software updates. He also discourages mobile users from keeping sensitive information in their mobile devices. He also advised users to refrain from using unsecured public Wi-Fi connections and refrain from opening malicious and untrusted links.

Source: Pocono Record

security1No matter what you and everybody else does, internet privacy is a mockery since internet hackers are continuously able to get into an individual’s or company’s database even with the most up-to-date security software. However, if you are willing to work hard, you can achieve an absolute anonymity on the internet. Many people were shocked when the Ashley Madison hacking incident happened.

More than 37 million of its users were greatly affected, compromising names and email addresses.  Many people were somewhat outrage there were too many people lying to their significant other one way or the other. Many were exposed from this hacking incident. For more information regarding this post, go to the source.

Source: Info World