Cybersecurity Blog

Consider getting Rid of Your Yahoo Account – 12/16/16

With more information everyday coming out about the extent of the hack at Yahoo it may be time to dump your Yahoo account. The scariest part about the breach? It has been determined that the hackers got a hold of Yahoo’s code for cookies and have the possibility to forge them. Why is that so scary? It allows the hackers to access user accounts without passwords, making changing your password a useless exercise. Yahoo is contacting users who may have had their cookie information stolen. However, do they really know which users have been effected and to what extent?

Have a Yahoo account, but you aren’t sure how to proceed?  Check out this article from KrebsOnSecurity.

Dailymotion Accounts Hacked – 12/07/16

Hack concept

Around the 20th of October, 85 million usernames and emails were taken from Dailymotion servers along with 18 million hashed passwords. For those of you who don’t use Dailymotion, it is popular video sharing website. Because the passwords were encrypted, it will take some time for the cyber criminals to crack them. This gives users time to change their passwords on their Dailymotion account as well as change the password for any other accounts using the same password.

Once again this drives home the importance of having a different password for each account. It is not a matter of if one of your accounts will get hacked, it is a matter of when. Limit the damage…use unique passwords.

How to Avoid ATM Fraud – 11/28/16

As the Christmas shopping season goes into full swing, cyber criminals are upping efforts to steal your hard earned cash. Most people have heard the horror stories of devices called card skimmers being placed on ATM card slots. These devices scan the magnetic strip on your card while tiny cameras capture your finger movements as you enter your pin.  The majority of you have been educated enough to not use ATMs that have large plastic thingy’s sitting over the  card slot.

However, the latest card skimmers are so thin they are inserted inside the card slot and are impossible to detect.  Check out this video.

How do you protect yourself from such ingenious technology? Simple, cover the pin pad as you enter your pin number. The information that a skimmer scans from your card is useless without the pin. If you cover the pin pad, the criminals camera is unable to record your pin regardless of where it is placed.

Want to reduce your chances of encountering skimmers at all? Only use ATMs that are physically installed in a bank, they are harder to hack. Also, try and avoid using ATMs on weekends. Thieves tend to install these devices on a Friday when they know the bank won’t be open for a while.

Technology is every changing and so are the criminals methods. As careful as we may be, a breach may still happen. Reduce the damage by keeping an eye on your bank statements and disputing any unauthorized charges immediately.

Happy Shopping!!

 

What happens when a cyber criminal steals your account? – 11/21/16

Crime identity hacking

So, the worst has happened…someone has hacked your account and taken it over.  You have called the help desk and had the password reset.  All is good right? Wrong. When a cyber criminal gets ownership of your account whether it is an email, social media profile or gaming account they typically do the following:

  • Change your name
  • Forward any mail to another account
  • Delete/steal your mail or delete/steal content or credits
  • Change your signature
  • Add secondary email addresses to the account
  • Steal any stored credit card data.

This means when you get your account back you have to:

  • Make sure the correct name is associated with the account
  • Check to see if mail is being forwarded
  • Ensure the email signature is correct
  • Look for secondary email addresses that have been added and delete them
  • Cancel any credit cards associated with the account

If that isn’t irritating enough, lets add one more goody to the list of annoyances that come with a compromised account…if your account was used for spamming, you will have the joy of receiving hate mail as well as having a lot of messages that you send to others bounce back due to spam blockers. Unfortunately there is no way to re-mediate that. For this reason, most people who have their accounts hacked will end up abandoning them and creating a new one. But hey…you got your account back.

AdultFriendFinder Hacked! – 11/16/16

aff

A massive data breach of the adult dating and entertainment company Friend Finder Network has exposed more than 412 million accounts, including (and this is really bad) over 15 million “deleted” records that were not purged from the databases. Over the weekend it became clear that 339 million names, addresses and phone numbers of registered users at the AdultFriendFinder site were hacked. All these records are now owned by cyber criminals, exposing highly sensitive personal information. On top of the AdultFriendFinder records, 62M accounts from Cams.com, and 7M from Penthouse.com were stolen, as well as a few million from other smaller properties owned by the company.

Cyber criminals are going to leverage this event in a lot of different ways: (spear-) phishing attacks, bogus websites where you can “check if your spouse is cheating on you”, or ways to find out if your own extramarital affair has come out.

Any of these 339 million registered AdultFriendFinder users are now a target for a multitude of social engineering attacks. People that have (had) straight or gay extramarital affairs can be made to click on links in emails that threaten to out them.

There will be phishing emails that claim people can go to a website to find out if their private data has been released. This is a nightmare that will be exploited by spammers, phishers and blackmailers who are now gleefully rubbing their hands, let alone the divorce lawyers and private investigators that are going to pour over the data.

Be on the lookout for threatening email messages which slip through spam filters that have anything to do with AdultFriendFinder, or that refer to exposing your activity on the site and delete them immediately, both in the office or at the house.

Do not click on any links or open attachments in emails that appear to come from AdultFriendFinder. Instead, go directly to the website to change a password or get more information.

Please forward this to friends, family, colleagues and peers.

Read the Phishing Email that did Podesta in – 10/28/16

Poor John Podesta, he checked with his security team and they let him down.  Check out the email thread from Wikileaks and see how his team was fooled.  This one is very sophisticated. The sender address looks completely legit. The only way you know it is a phishing email, is the CHANGE PASSWORD link (the link appears as a URL), does not take you to google.  His staffers did tell him to go to the site directly to change his password, but being the busy guy he is he used the link.

How do you avoid being compromised like John?

  1. Do not click on links in unsolicited emails.
  2. If you feel the email is legitimate, go to the site directly using a URL that you know is legitimate. Do not use the URL in the email. Do not use a link in the email.

The New Posterboy of CyberInsecurity: John Podesta Fell For Social Engineering Attack 10/24/16

Motherboard has a great article explaining just how Podesta, Chairman of the 2016 Hillary Clinton presidential campaign got  hacked.  The man fell for social engineering: a Google credentials phish — one of the most common phishes .

The other thing of note here is that this particular phish spoofed a security alert notice from Google .

In Podesta’s case the bad guys used a bit.ly link , which is very common. And the landing page for the credentials phish probably looked something like the one below…

google_cred_Phish.png

It is a textbook example of how John Podesta became a Cyber-Insecurity poster child:
  • Using a terrible password to begin with
  • Re-using that password for multiple sites/accounts
  • Sharing the password with assistants
  • Asking an assistant to email him his password when he forgot it
  • Not turning on two step verification
  • Not changing passwords after one account was known to be compromised

(Taken from KnowBe4)

Dropbox and Adobe Breach Affects Mount Royal Users 10/24/16

In 2012 there was a very large breach of Dropbox  and Adobe credentials. At that time, Dropbox and Adobe passwords were compromised. We have been notified that Mount Royal email addresses were associated with this breach. As a result, we are concerned that some users may have used their Mount Royal password for their Dropbox or Adobe login as well.

If there is any chance that you used your MyMRU password for Dropbox or Adobe we are asking you to change your MyMRU password immediately. This will also change your Mount Royal Gmail/Google and Blackboard passwords. To change your password, please use the “Change your password” link located on MyMRU.

As login credentials for any site can be compromised, we are encouraging everyone to always use a unique password for each of their accounts. Using a password manager such as KeePass is an easy and safe way to generate, keep track of and store your passwords.

For tips on creating strong, secure passwords and using KeePass, please refer to the Creating Passwords section of the mru.ca/itsecurity webpage.  

We thank everyone for doing their part to keep their accounts secure.

Security on Dating Sites – 10/4/2016

 

Dating sites are popular ways to meet new people. However, not all sites have adequate security. A database containing data from users of HaveAFling, HaveAnAffair and HookUpDating was found on the open web unsecured. The information could be accessed without using a password. The data that could be accessed included names, contact information and bios. The company has since rectified the situation, however if you were one of the users of HaveAnAffair, you may be getting an angry text from your significant other.

Surprised woman standing and looking on laptop screen over white background

When deciding to post personal information on a site or through an app, stick with larger companies who have been around for a while, invest in data security for their users and are reputable.  Better yet, date the old fashioned way and ask out the cutie strolling down Mainstreet.

Want to know more about the data breach?  Check out the ZDNET article.

 

What to do about Yahoo’s security breach – 9/23/16

Yahoo announced that 500 million of their accounts were hacked and sold to internet criminals.  Yahoo is responding by sending emails to their users suggesting they change their passwords and account information.  The problem is they are including links in the emails, giving cyber criminals a template for phishing emails they can use to initiate a cyber attack. If you are a yahoo user, protect yourself by doing the following:

  • Navigate to the Yahoo website directly without using an email link and change your password. Make sure it is long, strong and unique.
  • If your Yahoo password was used on other sites, go to those sites directly to change their passwords. Each site should have a unique password.
  • Check your security questions on these sites and make sure the answers aren’t obvious.
  • Be on the watch for any emails from Yahoo. Do not click on any links within these emails. Contact Yahoo directly to verify all communication.
  • Consider using a password manager to generate and store hard to hack passwords.
  • Although Yahoo currently states that no credit card information was taken, stay safe and check your credit card statements for unauthorized transactions.

Although these precautions are directed at Yahoo users, everyone can benefit from following them.