Ensuring protection from phishing attacks has become the most significant cybersecurity challenge in the twenty-first century. The ratio of attacks and preventive measures never seems to reach equilibrium. Hence, keeping abreast of the latest cyber news plays a vital role in the war against adversaries. The following headlines from the cyber world echo of the rising importance of investments in cybersecurity

Chrome 81 Comes With Flaws

Chrome 81, launched on April 7, 2020, has been found with two vulnerabilities – CVE-2020-6462 and CVE-2020-6461. These vulnerabilities allow an attacker to control and compromise any victim’s system.

However, Google has taken the required anti-phishing protection measures and released an updated version of Chrome 81 – 81.0.4044.129. U.S. Cybersecurity and Infrastructure Security Agency (CISA) advises all users to immediately do the update to protect yourself from phishing attacks.

 

Healthcare Sector Attacks Rise

The adversaries have been continuously targeting the U.K.’s National Health Service (NHS), and now they have created a clone of the NHS website.

This fraudulent website intends to steal user data by pretending to offer information on treating COVID 19. The site instructs users to download a file on their device, which is a trojan. This steals sensitive information like passwords, credit card data, etc. and even secretly downloads other malware.

The healthcare sector has failed to incorporate effective phishing prevention measures with a third of the NHS computers still using Windows 7. This alone explains the multitude of attacks on them.

 

Warwick University Conceals Attack

The University of Warwick’s administrative network was attacked last year, but they kept it a secret from all affected students and staff. This breach happened when a staff member had remote-viewing software. Attackers could access personal information of students, faculty, and research volunteers.

Because phishing prevention best practices weren’t employed, the university is incapable of even finding what data has been stolen. A very unskilled person led the University’s I.T. team since 2016, during which period they have endured multiple attacks. They have now employed two new committees to prevent phishing attacks.

 

Hackers Impersonate FBI

Mobile Ransomware Black Rose Lucy is found to be impersonating the FBI despite its rigorous attempts to ensure protection against phishing. In this latest scheme, hackers are encrypting the data on Android phones and threatening victims to forward pornographic material found on their phones to an FBI data center. Victims need to pay $500 to evade this. However, the FBI has notified that it’s all a scam.

 

Shade Operators Release Decryption Keys

The operators of the Shade Ransomware (Troldesh/ Encoder.858) have apologized to people for all the nuisance they have caused. They have released over 750,000 decryption keys. They stopped distributing the ransomware since 2019 and hope that antivirus companies will issue their user-friendly decryption tools to enable users to retrieve their files.

Their post also notified that they have irrevocably destroyed the data related to their trojan source codes. The repository includes five master decryption keys, 750K decryption keys, using instructions, and links to their decryption program.

 

protection from phishing

 

Ransomware Hits CivicSmart

The Sodinokibi Ransomware attacked Milwaukee-based smart parking meter company – CivicSmart in March. The attack could extract 159 GB worth of data. However, the company chose to pay the ransom instead of relying on anti-phishing services silently.

The compromised data includes employee records, bank statements, credit card numbers of customers, and other details like contracts with cities and parking garage vendors. The threat factor remains strong because the affected customers are still not aware of the breach.

 

Beware Of Antivirus Renewal Emails

Hackers have now targeted phishing protection measures and are circulating fake antivirus software renewal messages. These software affiliates earn commissions for every phony sale. Every time an unsuspecting user clicks on the link, a tracking cookie is dropped on the browser, which redirects him to a fraudulent purchase page for Norton or McAfee.

The affiliate earns $10 commission or 20% of the total sale every time a victim pays for the antivirus on the fake site.

 

Data Breach At PrimoHoagies

Westville based sandwich shop chain PrimoHoagies underwent a data breach which affected all customers who made online purchases between July 15, 2019, and February 18, 2020. Now the sandwich chain is facing a lawsuit for taking phishing attack prevention too lightly.

PrimoHoagies was unaware of the breach for seven months before a few customers notified them of unusual payment card activity. The compromised details include names, addresses, payment card numbers, expiration dates, and security codes of customers across 85 eateries in eight states between Florida and New Jersey.

They have contacted payment card brands and are asking customers to check for unusual activities on their payment cards continually.

 

Fake N95 Mask Seller Exposed

A 24-year-old Michigan man – Rodney L. Stevenson II has been recently charged with creating a fake e-commerce company that sells N95 masks online. This website is called EMGeneral.com, and it costs over $40 per “Antiviral N95” mask.

Stevenson created the fake website in September 2019. His false team was led by a “Mike Thomas,” whose identity hasn’t been revealed by Stevenson. While many people complained of not receiving the masks after ordering, others complained of receiving inadequate quality masks that were incomparable with the N95 mask standards.

While punishment is destined for Stevenson, people also must remain vigilant and take all required measures to ensure protection from phishing.

 

Agent Tesla Exploits MS Office Vulnerabilities

Pune (India) based Quick Heal Security Labs recently found Agent Tesla malware to be exploiting M.S. office vulnerabilities CVE-2017-11882 and CVE-2017-8570. This payload is designed to steal sensitive data, log user keys, and to send this data to the SMTP server.

Users must rely on anti-phishing solutions and be on the guard while clicking on links in suspicious emails. Quick Heal advises users to keep their Operating Systems updated at all times.