hackers

COVID-19 Themed Templates for Hackers

Hackers use COVID-19 Themed TemplatesNew, Sophisticated Hacking Techniques in the Age of COVID-19

Hackers are using new methods to create very credible looking, fake websites to steal login credentials. Security firms are seeing an increase in the use of website templates to create phishing websites that look and feel like the real thing. These templates, available on underground forums and marketplaces, are a quick and easy way for criminals to create convincing, fake websites to steal information. The known templates mimic websites from the World Health Organization (WHO), Internal Revenue Service (IRS), Centers for Disease Control (CDC), the United Kingdom government, the government of Canada, and the government of France. Many of these templates have multiple working pages to make them look more realistic. The template that mimics the government of Canada even has English and French segments.

More than half of the phishing campaigns recorded since January are using these new spoof templates to fool consumers. Hackers are using normal phishing techniques, creating urgency by claiming recipients will lose benefits, or reporting a breakthrough on the pandemic. The difference is the use of these templates to create very convincing fake websites. This change in strategy has been effective, resulting in an increase in successful phishing attacks.

Below are some examples of the fake phishing site templates:

This fake CDC site is asking user to authenticate with an email service to generate a vaccine ID.

Fake IRS Page

This fake IRS website created from an available template goes a step further, asking users to enter SSN, DOB, and other private identity information.

Avoid falling prey to these new phishing campaigns by being aware of the links you click on in emails. If an email is creating urgency or preying on emotion (click on this link now or you will lose your vaccine benefits!), the email is probably a scam. Instead of clicking the link, go to the known government website and look for the information. The criminals are making it more difficult to differentiate the fake websites and using emotion to get users to click. Stay informed and think before you click.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Cybersecurity, Information Security, Recent Posts, Small Business

Firefox Private Relay Service

Firefox Private Relay ServiceLiving and working on the internet means exposing your email address to many opportunities for spam. A new service from Firefox aims to give users more control over the exposure of their email address. Firefox is testing a new browser extension named Private Relay Service. The extension would generate private, or ‘burner’ email addresses as needed, and forward the incoming traffic to the user’s actual email address. These burner addresses could be used to sign up for online services, or be used when a website requires an email address for access to content. Often these websites will use the email address provided to send a confirmation email, and then spam or sell the address to other services.

A burner email address could be turned off temporarily, or deleted all together if the user notices a lot of spam coming from a single outlet.

Private Relay adds UI to generate unique, random, anonymous email addresses that forward to your real address. You can use your relay addresses to sign up for apps, sites, or newsletters. When you’re done with that service, you can disable or destroy the email address so you’ll never receive any more emails from it.”

The service would also add a layer of security in the event a company’s database is compromised; giving users more control over who has their email address.

The Firefox add-on is currently in testing, but interested users can install the add-on to Firefox now and create a login to be available for the first round of invitations. Apple announced a similar service earlier in the year called ‘Sign in with Apple.’ This service is also currently in testing.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Cybersecurity, Information Security, Recent Posts, Small Business

Hackers Exploit Coronavirus News

Hackers Exploit Coronavirus NewsHackers prey on human emotion in normal times. They send phishing emails that might appear to come from your healthcare provider, your state government, or Amazon. These emails are generally trying to do one of two things: get you to click on a link that will install malware or persuade you to give them information like a password or credit card number.

As expected, hackers and scammers are using the pandemic and the government response as a way to get money or information from people. There are scams for test kits, scams for masks, and scams for statistics on the virus. There are hackers attacking individuals on Medicare, and of course multiple scams for the government relief checks.

There have been numerous reported attacks over the past few weeks on the healthcare industry. Hackers are posing as the World Health Organization, or the CDC in attempt to infiltrate healthcare networks. These industries are already under a huge amount of stress, so it would be easy for an employee to click on a link in an email that they normally wouldn’t.

The Federal Trade Commission is warning Americans of hackers trying to take advantage of the news of relief money. The FTC advises, “You don’t need to do anything as long as you filed taxes in 2018 or 2019.”and “Do not give anyone your personal information to “sign-up” for your relief check. There is nothing to sign up for.”

This is a good time to familiarize yourself and your employees with phishing red flags.

  1. The email plays on urgency and emotion. “Click here before the end of the day, or else…”
  2. Bad spelling and grammar.
  3. Suspicious links or attachments. Phishing campaigns are either trying to get information from you or get you to click a link or open an attachment that will install malware.
  4. Altered web address or email address from a free service.

During this time while emotions are high, users need to be more aware of what they click on in emails. Employees working from home give hackers even more of an advantage, because many users are not behind the company firewall they used to be. Stay vigilant and be aware that hackers are using the news of the day and high emotions to their advantage.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Cybersecurity, Information Security, Recent Posts, Small Business

Breach Data For Sale on Dark Web

Breach Data For SaleEast Coast convenience store chain Wawa reported a breach of their credit card machines December 19th, now it is believed that data is for sale on the dark web.

The Pennsylvania based retail chain discovered the attack on December 10th, and had it contained by December 12th, but Wawa says the malware started on March 4th, meaning hackers had been collecting credit card information for nine months. The breach exposed the credit card number, the expiration date, and the cardholder’s name. Wawa says the breach did not expose PIN numbers or CVV codes (the three numbers on the back of the card).

At the end of January, a hacker on the dark web announced a stash of 30 million credit cards would be available for sale. Experts believe most of this credit card data is from the Wawa breach. This hacker is well known for selling credit card data, and is only releasing small batches at a time, so as not to inflate the black market.

Gas station scanner hacking is on the rise. Visa released this report with its findings on two recent gas station point of sale attacks. Visa found the hackers gained access through a phishing campaign and installed malware on the gas station network. Once the hackers had access, they could move laterally over the network to access credit card information. Visa cites the greatest reason for these attacks on gas station point of sale systems, are retailers’ slow move toward a chip or more secure system.

 

“…as long as the magnetic stripe readers are in place, fuel dispenser merchants are becoming an increasingly attractive target for advanced threat actors with an interest in compromising merchant networks to obtain this payment card data.”

 

Wawa has teamed up with Experian to offer identity protection to potentially impacted customers.

Steps you can take if you believe your credit card number was compromised:

  • If you shopped at a Wawa retail location between March 4th, 2019 and December 12th, 2019, review your credit card statements for any unauthorized charges.
  • Read the security statement from Wawa here.
  • Now that we know the credit card information is being sold, it may be a good time to request a new card from your cardholder to head off any future issues.

At Quanexus data security is our highest priority for our clients. Is your business in a position where you are questioning the security of your data? Give us a call today to talk through your needs, and how we may be of service.

Quanexus IT Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Cybersecurity, Information Security, Physical Security, Recent Posts, Small Business, Wireless