Cybersecurity has become an issue of concern in recent years. Every day thousands of attacks are launched on companies and organizations that cannot always be stopped via phishing prevention measures. Here’s a list of the major attacks that took place this week:
Attackers Store Card Details In Barcodes
The U.S. Secret Service recently found that attackers now use barcodes affixed to fake reward cards to hide the stolen credit card details. This was revealed when a fake club membership card in Texas was found with a barcode, card expiration date, and CVV printed below the barcode. This was immediately reported to law enforcement.
This technique goes undetected by cashiers who believe it to be a new payment method to be used at specific stores. The adversaries can evade anti-phishing measures through these schemes because the transaction gets recorded under the card-not-present category. It was further revealed that these barcodes could also store the victim’s cell phone number.
Windows 7’s Vulnerability To Malware Increases
The Webroot Threat Report for 2020 revealed some serious cybersecurity statistics based on a study of over 37 billion URLs, 4 billion I.P. addresses, 842 million domains, and 31 million active mobile apps. The report revealed that phishing URLs grew by 640% in the past year, with around 8.9 million URLs hosting some cryptojacking script.
Facebook, Microsoft, Apple, Google, PayPal, and Dropbox were among the leading sites impersonated emails in attacks. However, the statistics for Windows 7 devices were the most alarming. The study revealed that 93.6% of the detected malware was unique to a single P.C. – the highest rate ever observed. Exploits of Windows-related I.P. addresses grew by 360 percent, and they primarily targeted the operating systems without the latest updates.
Commenting on the findings of the 2020 Webroot Threat Report, Hal Lonas, Senior V.P., and CTO, SMB, and Consumer, OpenText said that consumers of the internet must adopt proper measures to ensure protection from phishing.
Ryuk Attacks Port Lavaca City Hall
In a failed phishing email prevention scheme, the Port Lavaca City Hall lost $50,000 to attackers. Although they are resisting the full ransom payment of $200,000 demanded by attackers, the city has undergone much already.
The city’s billing systems and auto-pay systems, along with the government server, were brought down by the attacks. However, the water, sewer, and police department’s systems were marked safe.
Mayor Jack Whitlow claimed that no data was compromised in the attack and that they are now working to restore all systems. The city is purchasing new servers, routers, and computers to replace the infected software. They are determined to enter information manually if required but are certainly not ready to pay the ransom.
Smishing Emotet Goes Viral
IBM X-Force researchers recently found that SMS messages seemingly from local U.S. numbers are used to impersonate renowned banks and notify users about a locked account. The message leads the user to shabon[.]co – a domain well known for distributing Emotet.
This phishing page impersonates that of a bank’s mobile banking page. It is an old trick used by adversaries to evade phishing protection measures. Researchers assume that this attack might also be a campaign designed to spread the TrickBot Trojan.
Big Brands Beware Of Phishing Attacks
The Malware Hunter Team recently discovered a phishing attack scheme wherein the attackers are targeting twenty-seven renowned companies using SLK attachments. The attackers wish to gain access to the corporate networks of these companies mainly to launch their many malicious attacks later.
The attackers impersonate the company’s vendor or client and try to trap the victim company in an email phishing campaign. Some of the vulnerable companies are Columbia Sportswear, J.C. Penney, Glad, and Hasbro.
The attackers make the victim download NetSupport Manager on their computers, which enables them to control the victim’s computer. It also lets the adversaries attack other hosts on the network. To prevent phishing attacks of this kind, every company must contact the sender at their corporate number to cross-check.
U.S. And Ransomware Attacks
Perhaps a result of inadequate anti-phishing tools, ransomware attacks have been a constant problem in the health sector of the United States for over three decades. A Comparitech report states that the healthcare industry in the U.S. lost over $157 million to ransomware attacks in the last four years. However, only 11% of this amount was paid in ransom; the rest was used to restore systems.
All five U.S. states have been attacked; however, California underwent the highest number of attacks, followed by Texas. The study indicates that over 6.6 million records have been compromised because of these attacks.
Security Breach By Photosquared
The photo printing app, PhotoSquared, was recently found with a security flaw that exposed the customer photos, addresses, and orders details of many users. High-resolution user-uploaded photos and shipping labels were compromised because of their misconfigured AWS storage bucket.
The exact duration of the bucket being publicly available isn’t yet known, but PhotoSquared authorities have assured that they have now adopted anti-phishing protection measures.
Italians Beware Of Dharma
Known for the severe damages it does, the Dharma Ransomware was recently found in circulation among Italian users. Security researchers JAMESWT, T.G. Soft, and reecDeep were the first ones to report the spam emails sent by attackers spreading Dharma. These emails pretended to contain an invoice and were written in Italian with subjects like ‘Fattura n. 637 del 14.01.20’.
Although no phishing attack prevention measure can retrieve files encrypted by Dharma, yet it is wise to have backups, lest you wish to spend millions on ransom payment.
Data Of 69,000 Public Servants Compromised
The Phoenix pay system fiasco has compromised the personal details of over 69,000 public servants. This was induced by an accidental email of the employee details to the wrong federal departments. The faulty electronic payroll system has overpaid several employees and underpaid many for years now. The department assured its adoption of measures for protection against phishing. They are determined to stop such mishaps from happening again.
Is Your WordPress Theme Safe?
Attackers have been infecting WordPress sites with trojan versions of premium themes and plugins for over three years now. Over 20,000 WordPress sites have been attacked from different unofficial marketplaces, promoting fake WordPress components.
Once a victim falls into the vicious trap and uploads a compromised component to the web server, the attacker can add an administrative account and launch the various stages of an attack. Over 30 websites are promoted by the attacker, which contains two malicious PHP files – ‘class.theme-module.php’ and ‘class.plugin-modules.php’. Hence, it is always advisable to rely on anti-phishing solutions before downloading any random thing found online.