The struggle to prevent phishing attacks is constant, but here are the top headlines from cybersecurity that shall brief you about the significant events from the past week:
Impersonation Scam On Red Kite Community Housing
Scammers impersonated a genuine contractor’s email who was associated with the Britain based charity firm Red Kite Community Housing in August 2019 and sent misleading emails to Red Kite. The charity fell into the trap and lost over $1 million in the process. They disclosed this attack in a statement on 28th January 2020. These spoofed emails appeared to be from associates who were in the good books of Red Kite.
The charity confessed that the attack was induced by a faulty email phishing protection measure on their part and are now taking stringent measures to strengthen their security and train their staff.
US & UK Beware Of Coronavirus Phishing Attacks
While the Wuhan coronavirus terrorizes the world, the adversaries have used this global crisis to their benefit by circulating phishing emails that have been seen in the US and UK so far. These phishing emails claim to have advice for the recipient on ensuring protection from the Coronavirus. However, these are in reality malicious emails with corrupt attachments or links that either download trojan or lead to fraudulent websites.
To protect yourself from phishing attacks like this, adopt adequate phishing prevention measures such as using strong passwords and disabling attachment macros.
Adversaries Target Security Flaws In Linear eMerge E3
Nortek Security & Control’s (NSC) Linear eMerge E3 devices have been found with a vulnerability called CVE-2019-7256, which is extremely easy to break through and can be used by even a novice hacker to launch malware and DDoS attacks.
Linear eMerge E3 devices are used to facilitate smart building access control systems that monitor employee and visitor access for doors and rooms based on their credentials. These devices are used in corporate headquarters, factories, or industrial parks, but the command injection flaw (CVE-2019-7256) for which NSC hasn’t yet released any patch can be exploited by anyone who knows how to evade anti-phishing measures.
Racine City Hit By Ransomware
The website, email system, and online payment collection systems of Racine city, Wisconsin, were brought down by a massive ransomware attack last Friday. The only services unaffected by the attack were the city’s tax collection, 911, and public safety systems.
As a result of this attack that kept systems offline till 3rd February, the city police were unable to process fee payments, provide copies of accident reports and other such official work. The city’s information management department is presently working to establish anti-phishing protection and to bring the systems back online.
Iranian Attackers Impersonate Journalists
In yet another hacking scheme, attackers have impersonated journalists and are trying to gain access to noted US personnel’s Google accounts via fake emails. The victim who identified the attack was the German academic Erfan Kasraie. Kasraie received a suspicious email from Farnaz Fassihi of the Wall Street Journal inviting him for an interview and asking him to enter his Google password to see the questions.
It is suspected that Iranian hackers are behind the scam, considering the present relations between Iran and the US. However, Kasraie being a cautious academic who takes protection from phishing very seriously sensed that something was fishy about the email. The fact that he was aware of Fassihi’s transfer to The New York Times was an added hint.
Ransomware Hits Dundee And Angus College
Dundee and Angus College in east Scotland underwent a massive ransomware attack last Thursday from which it is yet to revive fully. The college authorities asked the students to remain offline and change their passwords as an anti-phishing protection measure. Struck by this attack, the college canceled its classes on 4th February (Tuesday) 2020. The entire IT system of the college was brought down, and this has hindered the learning of students who earlier studied from the college’s online learning resources.
The 5000 students registered with the college are worried about a prospective loss of Grade Unit, which is sure to hamper their careers. The college finds this attack more challenging than it seemed earlier and struggles to reestablish their online portals.
Malware Hits Fondren Orthopedic Group, Texas
Fondren Orthopedic Group of Texas recently discovered the intrusion of malware in its systems. This attack led to the compromise of the medical records of around 30,049 patients. They found the breach in November and aren’t able to retrieve the medical records of patients ever since.
The compromised details include the names, addresses, telephone numbers, diagnosis and treatment information, and health insurance information of patients. Apart from investing in anti-phishing services, the Fondren Orthopedic Group has asked the affected patients to prepare new patient forms with detailed medical histories.
Ransomware Hits Australian Toll Group
Last Friday, the Australian logistics company Toll Group underwent a severe ransomware attack that compelled it to shut down some of its systems as a phishing protection measure. They have informed the law enforcement, the Australian Cyber Security Centre, and cybersecurity organizations, which are working steadily to reestablish their systems. Meanwhile, some sectors are working manually to clear the backlog of undelivered goods.
With an employee base exceeding 40,000 people, Toll has claimed that their investigations haven’t found any incidents of personal data loss so far. They have also informed that customers across the globe are now able to access their services such as freight, parcels, warehousing and logistics, and forwarding operations.
Diabetic People Beware Of Android Malware
Adversaries are not far behind either when it comes to innovation; this time the attackers have come up with an Android malware (detected as Android/FakePlayer.X!tr by FortiGuard Labs) that functions under a program called “Treatment for Diabetes”. This malicious app pretends to provide information about diabetes that includes facts and myths and other data about diabetes, such as diagnosis methods, treatment options, and insulin. But in reality, the app was secretly using a Trojan dialer to send messages in an attempt to steal the victim’s data and money.
Fake Coronavirus Story Leaked In US Military
Perhaps to defame NATO, Russian operatives hacked into the content management system of Lithuania’s “Kauno Diena” newspaper and posted a fake story claiming that an American soldier deployed to Lithuania was infected with Coronavirus. Although this news was streaming-only for ten minutes before being brought down, it marks the first successful hacking attempt which could get through Kauno Diena’s system. This isn’t the first instance of fake news being spread; disinformation campaigns have always targeted NATO. They are now adopting phishing attack prevention measures to fight fake news and other cybercrimes.