Cybersecurity Blog

Scam pretends to lock your phone – 08/10/18

 

Windows users have heard about the tech support scam that informs them their computer has a virus and they need to call a 1-800 number to unlock it. Creative criminals are now using the same tactic with iphone users. They have seeded several porn sites with malware.  After your visit, a large dialog box appears on your phone informing you that your phone has been locked because you visited an illegal porn site. It all looks very official as it correctly displays the model of your phone and the URL of the porn site. It then gives you a hyperlink to a number to call to get your phone unlocked.

In reality, your phone isn’t locked at all. If you call the number you get connected to a hacker who then attempts to get information and money from you.  Although this scam leverages a visit to a porn site, a similar scam can be set up with any type of website.  It can also target any kind of phone.  It may be iphone users that are currently targeted, but it won’t take long for this scam to show up on Android phones as well.

Never call a number that shows up in an alert or notification on your phone.  Never click on security warning links either. If you do connect to a call center and start to feel uncomfortable, hang up. Apple will never lock your phone and then ask you to call a number to get it unlocked. Come to think of it, neither will Google or Android.

 

When a stranger calls, it may not be who you think – 07/19/18

 

Have you checked on the computer? *Tech support scams are the bread and butter of many criminals organizations.  The latest version is rather creative.  It starts with you clicking on something you shouldn’t which installs malware on your machine.

The malware waits for you to type “bank” in the browser. When it sees you going to your banking login page, it redirects you to a fake banking web page that records your credentials while you try to login.  It then slows your computer down making you think there is something wrong with it.  Then a pop up conveniently appears telling you that you have a technical problem and asks you for your name and phone number so tech support can call you.

Surprise, a real life bad guy calls and tries to manipulate you into giving them more information so they can immediately transfer money out of your account. It is a rather slick scam. You would admire them if they weren’t stealing money from you.

This is just another reminder that no legitimate tech support company will ever call you or prompt you to call them.  If you get a 1-800 number,  are offered technical assistance without asking for it or have someone call you to offer help; the stranger is there to help themselves, not you.

 

*I am hoping you get the reference. If not, this will help.

Source : https://blog.knowbe4.com/alert-there-is-a-new-hybrid-cyber-attack-on-banks-and-credit-unions-in-the-wild?utm_source=hs_email&utm_medium=email&utm_content=63936946&_hsenc=p2ANqtz–Lu3QkGYcRkjzH-KDpYeGQLy41mfHaS4MgK7rbDIoBHwAw0BrbU5HwxlZAioadMBoGis9xB0uePy8yw7mUMBwXdMNC9Q&_hsmi=63936946

 

Is that email really from your real estate broker ? – 06/19/18

 

A couple from the US were devastated when they called their broker to find out that the $500 000 they had wired had not arrived. In fact the broker had not even requested funds. Upon further investigation, it was discovered that the email that they had received with the fund request had come from an email address that was just one letter off from their broker’s. The money that they had wired was now sitting in a scammer’s account.

What made the email so convincing was that it included relevant details. The email not only looked like it had come from their broker, but it sounded like it to. So much so, the couple didn’t even pause to double check the email address. How did the criminals construct such a believable email?  They had done their homework. They had gained access to the couple’s email and used information from previous messages to construct the fake one.

The sophistication of this attack goes beyond just sending a fake email. Once the criminals knew the money was on its way, they jammed the couple’s internet access and diverted some phone messages so they couldn’t contact authorities and stop the wire. These are tactics that were once reserved for large organizations but are now being used on the regular consumer. You can no longer sit back and feel assured that your simple little life isn’t a target for criminals. Today, EVERYONE is a target.

To protect yourself, do no rely on being able to identify a fake email.  Scammers are getting better and better at creating emails that look perfectly legitimate. Instead, call the email sender to verify the legitimacy of any email that makes a request for money or personal information.  Even if you are expecting that email, it is better to be safe than sorry. Just remember to use a phone number that you have used before and you know is legitimate . Be safe. Pick up the phone and call.

Adidas is not giving away free shoes – 06/19/18

 

From the Too Good to Be True file, comes the Adidas anniversary giveaway.  Messages are  currently circulating in WhatsApp promising a free pair of Adidas shoes in celebration of their anniversary.  Initially messages referred to a 93rd anniversary, however the hacker decided to do some basic math and more recent messages correctly refer to a 69th anniversary.

You might be asking, why on earth would someone fall for this? Well once the scammers sorted out their math, they were clever enough to spoof the official Adidas site. The fake URL is exactly like the legitimate one with only the i replaced with a vertical line with no dot.  This is an easy thing to miss when one is being tempted with free footwear.

In addition the scam is quite sophisticated.  They don’t just come right out and say, give me your personal information and I will give you free shoes. Instead, they give the whole thing a legitimate feel by making the victim qualify first by answering a short survey and requiring them to share the offer with their WhatsApp contacts (just for the record, there is no way for them to determine if you have shared a message or not). Once you qualify, you are told you can claim your shoes for a dollar. Of course as payment is now required (but it’s only a dollar, so it’s nearly free), you are sent to a webpage that collects your payment card information. Having jumped through multiple hoops to claim your prize, you now feel like you have earned the free shoes and all thoughts that this are a scam are gone from your mind.

That is until you see the confirmation of payment web page that includes a line in the footer saying you will be charged $50 per month if you don’t cancel your subscription in seven days.  Of course they now have your payment card information and will charge you what they want for as long as they want until you cancel the card.  Even worse if you fail to read the footer, they will have access to your card until you notice the charges.

Anytime someone is giving something away, assume it is a scam. If you are tempted by the sparkly giveaway being dangled in front of you, visit the company’s website using a bookmark or search engine result. If they are giving something away, it will be advertised on their official site.  Remember if it is too good to be true, it probably is.

Chinese Consulate General warns about phone scam targeting Calgary- 05/28/18

 

Got a call from someone speaking Mandarin and the call display says it is from Calgary? There is a an aggressive phone scam making the rounds. Currently their target is Canadian Chinese but there is concern it could spread.

Fraudsters are impersonating government agencies calling victims and telling them their personal information has been compromised and as a result they are suspected of laundering money or extortion. The victims are told the only way they can clear their names is by transferring money to a special account for financial review. In two cases, the criminals were able to convince Calgary college students to cut off all contact with everyone except the fraudster and call family telling them they had been kidnapped and ransom needed to be paid. Fortunately, the Calgary Police Service were able to locate the fake kidnapping victims, however a large number of resources were consumed at tax payers expense.

If you receive a phone call threatening you with arrest or legal action get the name of the individual and the agency they are calling from, then tell them you will call them back and hang up. Do a Google search to find the contact information for that agency and call them asking for the individual who called. Do not use a phone number that someone on the phone has given you. If they are a legitimate agency, you will be able to contact them from the information you find in a Google search.

Source:

  • (2018, May 28) Lu Xu,  ‘ Calgary being haunted by “virtual kidnappings”‘
    The Calgary Herald, A9

 

New twist added to the tech support scam – 05/09/18

 

The latest round of tech support scams compromise legitimate websites, sending the site’s visitors to a web page that locks their browsers and displays a fake virus warning. However, the cyber criminals have decided fake virus warnings on their own are not threatening enough. They have added an additional warning that your hard drive will be wiped out for security reasons if the 1-800 number isn’t called before the count down timer runs out.

To make things extra fun, some of these fake warnings have a fake close button that either shifts the browser window to full screen when clicked or creates a popunder that constantly refreshes the main open tab.

As with other tech support scams,  use the Task Manager to shut down the locked browser. When you restart your browser, you will be good to go. That is unless you have your browser set at startup to display the pages you last viewed.  Then you will be redirected to the same compromised web page and have your browser locked up all over again.  At that point your only option is to uninstall and then reinstall the browser.

 

Tech support scams are on the rise, here’s how to protect yourself – 05/03/18

 

The scammers are ramping up their tech support scams and raking in the dough.  There are two in high circulation right now.  In the first the scammers masquerade as Microsoft support, calling unsuspecting victims and telling them their computers security has been compromised but can be fixed for a fee.  In the second, a dialog box appears on the victims machine claiming that it is infected with a virus and they must call a 1-800 number to have it removed. In both cases the scammers ask you to download software which allows them to gain control of your machine so they can “fix” your problem.

Of course they are doing no such thing as there is nothing wrong with your machine. In the best case scenario, they are simply faking a fix and then demanding payment for their non-service. In the worst case, they are loading malware onto your machine so they can record every key stroke you make and gain access to your banking information and anything else they fancy.  Once they get a hold of your personal information they can request bank transfers, apply for credit cards and open new bank accounts using your identity.

To add insult to injury, scammers are no longer satisfied with defrauding their victims only once.  While their victims are feeling overwhelmed and violated from the initial scam, the criminals strike again posing as government officials  or law enforcement offering to recover lost funds for a fee.

This is a reminder:

  • There is no way someone can tell that your computer is compromised without actually connecting to it.
  • If they connect to your computer without your permission, they are a hacker not tech support.
  • Microsoft does not make support calls.
  • No legitimate anti-virus software will give you a 1-800 number to call to get rid of a virus.
  • No legitimate company will call you saying your computer is compromised and offer to fix it.
  • Neither government nor law enforcement will accept payment for services. That is called a bribe and it is illegal.

If you are a victim of a tech support scam:

  1. Uninstall any software that the scammers asked you to download and run a virus scan.
  2. Contact the Calgary Police Service to obtain a police case number.
  3. Call the credit card company immediately and have the charges reversed. Give them your police case number.
  4. Contact your financial institutions and inform them of the incident. Give them your police case number.
  5. Contact a credit monitoring company such as TransUnion or Equifax  and have a fraud alert added to your credit file. Give them your police case number.
  6. Contact the Canadian Anti-Fraud Centre and report the incident.
  7. Keep an eye on your bank and credit card statements.

 

 

 

Cyber Safety Summit 2018 – 04/23/18

The Cyber Safety Summit 2018 will be held on October 2, 2018 at the Lincoln Park room in the Main Building of Mount Royal University’s campus.   The summit will include experts speaking on home security, social engineering, fraud protection and how to recover from a cyber attack.  In addition  we are  adding a new topic this year, protecting your privacy.  Registration is free.

Spend the whole day with us or just come by for your favourite session. Either way you have the opportunity to hear from the experts themselves how to keep your family and home cyber safe.  Come with your questions and concerns, leave armed with the knowledge you need to keep hackers at bay.

Can’t attend the summit? We will be live streaming all sessions.  Visit the website to review last year’s program and to sign up for Summit updates.

Mark your calendars now!!  See you on October 2, 2018!!

 

How to spot fake businesses on Google Maps – 04/18/18

 

Cyber security expert Bryan Seely did some digging and discovered that large numbers of service businesses listed on search engines were fake businesses. They have no office location or business license. They simply answer calls and dispatch servicemen. However, when the service is provided customers are often charged much more than the quoted amount.  In addition, if the consumer has a complaint later the business listing has often disappeared.  Because these fake listings are so well marketed, they take customers away from legitimate businesses significantly affecting their viability.

When he brought this information to the search engines attention he was ignored. When he tried to engage media, he was ignored. However, when he wiretapped the Secret Service he finally got someone’s attention and Google Maps responded with a temporary fix. Unfortunately the bad publicity wasn’t enough to get them to do what needs to be done to fix the problem permanently.

So where do you turn if you are looking for a service business? Fortunately, the majority of service businesses in Yelp’s top listings  are legitimate. Yelp works a bit differently than Google Maps and others, they create the listing and the business owner claims it. This model greatly reduces the number of fake businesses on the site.  However, they still have their share. So how do you determine whether the business you are calling is legitimate or a fake?

  1. The business name is the name of the city followed by the name of the service. For example,  New York Locksmith.  Fake businesses select business names that will get the most search engine hits.
  2. Stock photography is used for the business photos or the photos are similar to those found on other sites. There is no real business so they have no photos of it to post.
  3. The have less than double digit reviews. A business that is legitimate will have been online for some time and have double digit reviews.
  4. The reviews are all 4 or 5 star. Most businesses will have a variety of reviews not just top rated ones.
  5. The reviews don’t span the life of the business. If they only have reviews listed for one year and they have been in business for 5, there is something wrong.
  6. If you click on the person who left the review and they have reviewed several businesses of the same type.  Someone who has left 7 reviews for locksmiths is either getting paid to write reviews or locks their keys in their car an awful lot.
  7. They don’t have a business license. Most legitimate businesses will be licensed.
  8. They are hiding their address. Scammers will hide their addresses so it is more difficult to report them to Google and the consumer cannot see that it is just a post office box.
  9. The website looks very similar to other websites. Scammers will often set up several fake businesses with websites that are identical except for the name and a few graphics.
  10. The price advertised is too good to be true. Fake businesses will list ridiculously low prices for a service and when they show up to perform it, suddenly change the price.

Unfortunately, some legitimate businesses will meet some of the criteria. However, only fake businesses will meet most of them. If you aren’t sure if a service business is legit, call them and ask them about their business license, if they are bonded or insured, where they are located, for a written service quote and how to identify their employees. If they balk on any of those questions, hang up and look for another one.

Beware, the locked browser tech support scam is back- 03/13/18

 

Malwarebytes has discovered an old tech scam that has resurfaced.  Hackers are compromising legitimate web sites. When you visit one of these sites, a pop-up appears on your computer telling you that you have a virus and you need to call a 1-800 number. To make it look like there is something wrong with your computer, the browser is locked and doesn’t respond to clicks.

If you call the number, you are asked to download diagnostic software that gives the hackers control of your computer. They then appear to find the virus on your machine and proceed with a hard sell trying to get you to pay to have it removed. In reality there is nothing wrong with your machine.

No software will magically detect issues on your computer without being installed. No browser can detect issues with your computer.  Microsoft does not send out alerts to let you know your computer is not working properly or has been compromised. Anytime you receive an alert of any kind with a support phone number, it is a scam.

The good news is, with this particular scam there is nothing wrong with your computer. All you need to do is shut down your browser through the Task Manager and everything goes back to normal. Just remember not to visit the same website again.

To shut down your browser in the Task Manager:

  1. Press CTRL + ALT + Delete 
  2. Select Start Task Manager
  3. On the Tasks tab, select your browser
  4. Click the End Task button.