Cybersecurity can be ensured when netizens act proactively and take anti-phishing protection measures well in advance. The following headlines from the world of cybersecurity shall enable the reader to plan their phishing prevention measures better.
Data Breach at Edureka
Bangalore-based Indian ed-tech platform Edureka recently underwent a data breach that has publicly exposed over two million users’ details. The breach was due to an unprotected US-based Elasticsearch server left online for over a week. Security researchers from the SafetyDetectives first discovered the vulnerability on 1st August and approached Edureka regarding the same on 6th August.
Upon receiving no response from the company, they approached the Indian Computer Emergency Response Team (CERT-In), who then adopted anti-phishing solutions and secured the server on 13th August. Among the exposed information were the usernames, addresses, and phone numbers of the company’s customers – mostly based in India. However, Eureka has denied the possibility of any personal information of users being compromised.
Data Breach at Gulf Coast State College
The Gulf Coast State College underwent a data breach recently, which has exposed several employee email accounts to the adversaries. Resultantly, some students’ and employees’ records may have been compromised. As a part of its anti-phishing measures, the college sent out emails to affected students on 28th September and provided a year of free credit monitoring to the victims.
The social security number of victims too may have been compromised. Hence, the college advises all students to keep monitoring their account statements and credit reports. The college I.T. Department was prompt to take phishing attack prevention measures, and the college also hired an independent forensic team.
Although it isn’t sure whether any other personal information was accessed, the college nonetheless advises its staff and students to remain vigilant.
POS Malware Attack On Two Merchant Using VISA
The U.S. payments processor Visa recently disclosed that malware had infected two unnamed North American hospitality merchants back in May and June. Strains of point-of-sale (POS) malware were detected by the Visa Payment Fraud Disruption (PFD) in the two North American merchants’ POS terminals. While the first attack employed the malware variant TinyPOS, the second used a mix of RtPOS, MMon, and PwnPOS.
The technical details have been forwarded to both the merchants for further investigation and take phishing protection measures if the threat actors are found in their network.
Salary Of Swiss University Employees Stolen
Hacks on educational institutions aren’t uncommon, and the recent hack targeted Switzerland’s University of Basel along with at least two other universities. The adversaries have succeeded in stealing employee salary payments at several Swiss universities and the amount thus transferred is a six figured number now moved into a foreign account.
The hackers first compromised the university systems and then hijacked the employee salary transfers by changing the beneficiaries’ accounts. This hack serves as a lesson to all universities to strengthen their anti-phishing tools. The University of Zurich was vigilant enough to evade such a phishing attempt, but everyone else who fails to recognize suspicious activities is up for huge losses.
Ransomware Hits Ardonagh Group
A ransomware attack has compelled the Jersey-headquartered insurance company Ardonagh Group to suspend 200 of its internal accounts with admin privileges. The attack at this time when Ardonagh Group had just announced a loss of approx. £94 million is not a good sign, but the firm has been proactive in taking measures for protection against phishing.
Although they haven’t disclosed details about the attack, the firm has mentioned its routine comprehensive monitoring, which helped identify the attack. They are now executing their Business Continuity Plans and have collaborated with third-party forensic and I.T. experts for further investigation.
Bazaloader Exploits Trump’s COVID Diagnosis
Hackers have used U.S. President Donald Trump’s COVID-19 diagnosis to launch an email phishing scam that fools people in clicking a malware-infected link. This is an old and effective technique that the adversaries have employed to exploit the COVID 19 anxieties among people for the nth time.
Several U.S. and Canadian organizations have become victims of this latest email campaign that sends emails with subject lines like “Recent materials pertaining to the president’s illness.” Within the email rests a hyperlink to an attached document which downloads a corrupt Excel spreadsheet unto the users’ device. This sheet installs BazaLoader (a trojan linked to the TrickBot hacking tool) on the device designed to take over corporate networks. Phishing email prevention is a primary cybersecurity measure that ought to be deployed by every individual and organization.
Ricoh Acquires MTI Technology
In a recent acquisition, ownership of Japanese firm MTI Technology has been transferred to Ricoh. CEO Scott Haddow believes that this move shall strengthen its I.T. capabilities across Europe while still sustaining its brand identity.
Adopting the phishing prevention best practices doesn’t always imply investing in tools or infrastructure; it sometimes comes in the form of a merger with bigger and better brands that can enrich one’s I.T. systems and aid customers experience a higher level of security and privacy.
Ricoh has expressed its plans regarding MTI and says that MTI customers shall only benefit from their global reach. The acquisition seems like a win-win for all as MTI gets to keep its leadership team intact, and Ricoh gains an efficient group of leaders.
Hackers Impersonate FINRA
U.S. government authorized NPO Financial Industry Regulatory Authority (FINRA) has notified members to watch out for email phishing attacks that employ surveys to harvest information from member brokerage firms.
They have notified members of a fake FINRA domain that is asking member firms to fill a survey before 13th October so that FINRA can update its so-called “conduct and supervisory rules.”
FINRA has asked all members who clicked on any link or image embedded in the email to take necessary security measures in its phishing prevention tips. The NPO has also approached NameCheap (the platform used by adversaries to register the fake FINRA domain) and urged them to suspend the fake domain.
Hackers Target Wisepay
The online payment website Wisepay used extensively by guardians of U.K. school and college students to top their accounts for meals, or school trips, has been down since Sunday.
Wisepay has shut its website, citing ‘maintenance’ to stop the adversaries from spoofing its card payment page. The website has approached the U.K. Information Commissioner’s Office and collaborated with a cyber forensic agency to investigate the malicious URL manipulation attempt. Although much inconvenience has been caused to the parents, this move was taken to ensure protection from phishing attacks.
While it seeks alternative payment options, the Monk’s Walk School (a customer of Wisepay) has instructed parents to monitor their account statement if they used the Wisepay between the 2nd and 5th of October.