Cybersecurity Blog

AdultFriendFinder Hacked! – 11/16/16

 

A massive data breach of the adult dating and entertainment company Friend Finder Network has exposed more than 412 million accounts, including (and this is really bad) over 15 million “deleted” records that were not purged from the databases. Over the weekend it became clear that 339 million names, addresses and phone numbers of registered users at the AdultFriendFinder site were hacked. All these records are now owned by cyber criminals, exposing highly sensitive personal information. On top of the AdultFriendFinder records, 62M accounts from Cams.com, and 7M from Penthouse.com were stolen, as well as a few million from other smaller properties owned by the company.

Cyber criminals are going to leverage this event in a lot of different ways: (spear-) phishing attacks, bogus websites where you can “check if your spouse is cheating on you”, or ways to find out if your own extramarital affair has come out.

Any of these 339 million registered AdultFriendFinder users are now a target for a multitude of social engineering attacks. People that have (had) straight or gay extramarital affairs can be made to click on links in emails that threaten to out them.

There will be phishing emails that claim people can go to a website to find out if their private data has been released. This is a nightmare that will be exploited by spammers, phishers and blackmailers who are now gleefully rubbing their hands, let alone the divorce lawyers and private investigators that are going to pour over the data.

Be on the lookout for threatening email messages which slip through spam filters that have anything to do with AdultFriendFinder, or that refer to exposing your activity on the site and delete them immediately, both in the office or at the house.

Do not click on any links or open attachments in emails that appear to come from AdultFriendFinder. Instead, go directly to the website to change a password or get more information.

Please forward this to friends, family, colleagues and peers.

New Tech Support Scam – 11/07/16

 

The latest tech support scam pushes malicious code through a compromised webpage ad. When you visit a site instead of seeing a regular ad, you get a large pop that appears to be from Microsoft warning you that your system has been infected and asking you to call tech support to resolve the issue. No matter how your try you cannot get rid of the pop up.  The malicious code uses up all your computer resources freezing your computer.

The pop up looks just like it comes from Microsoft…how do you know for sure that it is a scam and not a legitimate warning from Microsoft? There are several tells that indicate this is not a legitimate warning:

  1. Anti-virus/malware warnings do not appear from within a web page or browser.
  2. Microsoft does not send  warnings of systems being infected.
  3. Legitimate anti-virus/malware warnings from your anti-virus software do not ask you to call tech support.
  4. You cannot get rid of the pop up.

If you encounter this annoying scam, what do you do? The good news is all the code is doing is using up computer resources, it isn’t actually harming your computer. To get rid of the pop up and free up your computer, just launch your Task Manager and shut down the browser. If you cannot launch the Task Manager, turn the computer off.  Whatever you do, do not call the tech support number. They are scammers and will simply rob you of hundreds of dollars.

Dropbox and Adobe Breach Affects Mount Royal Users 10/24/16

 

In 2012 there was a very large breach of Dropbox  and Adobe credentials. At that time, Dropbox and Adobe passwords were compromised. We have been notified that Mount Royal email addresses were associated with this breach. As a result, we are concerned that some users may have used their Mount Royal password for their Dropbox or Adobe login as well.

If there is any chance that you used your MyMRU password for Dropbox or Adobe we are asking you to change your MyMRU password immediately. This will also change your Mount Royal Gmail/Google and Blackboard passwords. To change your password, please use the “Change your password” link located on MyMRU.

As login credentials for any site can be compromised, we are encouraging everyone to always use a unique password for each of their accounts. Using a password manager such as KeePass is an easy and safe way to generate, keep track of and store your passwords.

For tips on creating strong, secure passwords and using KeePass, please refer to the Creating Passwords section of the mru.ca/itsecurity webpage.  

We thank everyone for doing their part to keep their accounts secure.

ALERT – Increased number of emails with malicious links

University email addresses are receiving an increased number of malicious emails today due to several compromised @mtroyal.ca accounts.

Here is what you need to know:
1. Please be extra vigilant about opening links and documents that you did not expect, even if you know the sender.
2. As a temporary measure to address this issue, internal mail is being checked by Google’s spam filters. Usually, internal messages bypass spam checking, so please check your spam folder if you think that a legitimate email may have been flagged as spam by accident.
3. If you have already clicked on a suspicious link today, please change your password and contact ITS as soon as possible.
If you need assistance or have other questions, contact the IT Service Desk.