This one’s good. It sends a user a notice, indicating that a purchase was made on their Apple ID, and provides a link to a refund request form. It asks for your Apple login info, name, address, date of birth, and full payment card information.
DO NOT EVER FILL THIS OUT FOR A REFUND! Continue reading SCAM: Apple Store Phishing Attempt
(Sorry about the lack of posts recently. I just switched day jobs, and the transition is still under way)
These are really just old tricks with a new twist. KnowBe4 is call them “new”, but this is simply the next evolution in the “Windows Tech Support Scam“. Basically, the scammer calls you and says your computer is infected, or in some other way compromised. They then convince you to allow them to access your computer to perform some remedial repairs. But, if they could detect these infections, didn’t they have access before (this should be the first clue)? Continue reading Tech Support Scams and Scareware
So, with great television shows comes great responsibility – to PAY FOR IT. But some people don’t, and they try to get free shit all the time, despite it being heavily illegal. And, in some cases, dangerous to the thief.
Continue reading SCAM: Illegal Game of Thrones Phishing Attack
So it seems a security company wanted to troll the RNC a little bit, and see who would connect to a potentially malicious Wi-Fi Hotspot. The results were scary…but expected.
(NOTE: This is not about Democrats vs. Republicans. I have no doubt that if this test were performed at the DNC, we’d see similar results)
Continue reading SCAM: RNC Attendees Get Hacked Through Fake Wi-Fi Networks
It’s that time for KnowBe4’s Scam of the Week. This is a way to fool the end user into bypassing two-factor authentication with no more technical knowledge necessary than sending a craftily-worded text message. Continue reading SCAM: Bypassing Two-Factor Authentication
So apparently the 2012 LinkedIn breach of 6.5 million records was inaccurate. Over 117 million records were compromised, and easily decrypted (somebody probably forgot to salt their decrypted records). And now, they’re asking you to reset your password – this is a good thing.
But the bad thing is that hackers are asking you to reset your password, too. And if you use the wrong method, you could get into trouble. Continue reading SCAM: Reset Your LinkedIn Password
So, the FBI declared yesterday that it finally cracked the iPhone of Sayed Farook (one of the terrorists that attacked in San Bernardino) without the help of Apple. This is good. Apple states they will continue to cooperate with law enforcement as per their previous commitment, while still providing security on their products. This is good.
So, the reported crack came not from a government entity, but from a private entity. And that’s all we know about it. We don’t know if it was a person, a company, some super computer, or what. But some sources suggest it may be an Israeli forensic company, Cellebrite. Continue reading FBI Finally Gives Up–Who Wants To Bet They Find ANYTHING?
Brought to us by our friends at KnowBe4, we’re seeing an expected uptick in social engineering attacks targeting employees or their HR departments. KnowBe4 even has a test phishing campaign to help recognize stuff for this (test meaning that it gives off some signals of a phishing email, but doesn’t actually cause any harm if you click on the link). Continue reading SCAM of the Week – TurboTax Phishing
I just got notice of this one in my inbox, but I have been hearing rumors about it for about a week, now. But it is an actual scam, happening to real people in the wild. Continue reading For Any Users of DELL Computers – Scam Alert
So we security professionals have been railing against the idea of the FBI/CIA/NSA/Other 3-and-4-letter agencies having mandated “back doors” into private encryption systems. In fact, FBI Director James Comey has been fighting to get this legislated for years, now. This, despite the fact that the Crypto Wars of the 1990s failed to mandate back doors into encryption systems – and for a very damn good reason.
But these days, another “backdoor” has resulted in what we feared: giving widespread access to those who should never have it.
Continue reading This is Why Back Doors Are Bad…Bad TSA! Very Bad TSA!