Ensuring protection against phishing becomes strenuous when over a billion phishing attacks get launched every year. The following headlines from cybersecurity indicate that preparedness alone can ensure phishing protection to a significant extent.
Easyjet Customers To Stay On Guard
In a recent hack, the British airline EasyJet had the email addresses and travel details of 9 million customers compromised. 2,208 customers among them had their credit card details stolen as well. While it’s evident that the 9 million customers are on the radar of attackers, EasyJet is trying its best to adopt phishing prevention best practices.
No personal information has been misused so far. But EasyJet is determined to personally intimate and warn all 9 million customers before May 26th.
Data Breach Hits European Parliament
The European Parliament underwent a significant data breach recently, which compromised the details of hundreds of officials. Several high-profile Members of the European Parliament (MEPs) were targeted in this attack. Data belonging to over 200 members of the European Parliament, European Council, European Commission, thousands of staff members, and 15000 users were stolen.
Such attacks on government institutions aren’t uncommon, but phishing attack prevention measures can help reduce such cyber ambushes significantly.
Mikroceen Targets Asian Nations
A state-sponsored Advanced Persistent Threat (APT) attempted to attack the government institutions in the Central Asian region. They used a backdoor RAT called Mikroceen with individual backdoors like “sqllauncher.dll,” “logon.dll,” and “logsupport.dll.”
These Mikroceen backdoors were targeting organizations in the telecom and gas industries, and governmental sectors that were endpoints in corporate networks. They weren’t targeted as individuals.
Strict anti-phishing measures should be taken by organizations to prevent losses in case of such cyber attacks.
WolfRAT Targets Thai Android Users
A malware called WolfRAT is targeting Thai Android users by hacking their Whatsapp, Facebook Messenger, and Line messaging apps. WolfRAT is believed to be a new variant of DenDroid, which had its source code leaked in 2015.
WolfRAT infects a device by sending fake update alerts from Flash and Google Play. Anyone who falls for this trap enables WolfRAT to get installed in the device. It then spies the victim’s device, collects their data, takes photos and videos, and steals and transfers files to a C2.
Since the trojan targets messenger apps and WhatsApp in particular, people are advised to follow phishing prevention tips and update their devices from official sources only.
Natura Leaves Server Unprotected Online
Security researcher Anurag Sen recently discovered two unprotected Amazon-hosted servers of Brazilian Cosmetics Company Natura left unprotected online. These servers of 272GB and 1.3TB in size contained the personal information of over 250,000 Natura customers, including their Moip payment account details.
Amazon services eventually asked Natura to secure both the servers. Still, it’s unclear whether adversaries accessed the servers before being brought down.
Natura customers are advised to take measures to prevent phishing attacks as the data leak has made them all vulnerable to cyber-attacks.
SSU Overpowers Dangerous Hacker
The Security Service of Ukraine (SSU) has recently stopped a dangerous hacker called Sanix from selling a database with 773 million email addresses and 21 million passwords. The officials who raided Sanix’s house found a device with two terabytes of information stolen from the European Union and North American residents.
The stolen data includes their email passwords, bank card PIN codes, e-wallets of cryptocurrencies, PayPal accounts, etc. Sanix is also guilty of allegedly selling access to universities and the VPN account belonging to the government of San Bernardino, California. This incident screams out to users to protect themselves from phishing attacks by threat actors like Sanix.
Russian Car Owners’ Data Leaked
An anonymous hacker is selling details of 129 million car owners from Moscow in the dark market. The hacker has also leaked some points as proof of quality for interested buyers. The attacker has illegally accessed all the car details from the traffic police registry and is now selling them under different categories.
Anyone who wants access to the full database (containing details such as full names, addresses, passport numbers, dates of birth, and contact information) needs to pay BTC 0.5 or approx. $2,900. Those wanting exclusive access need to pay 1.5 bitcoins or approx. $14,500 for the same.
Attackers Target Railways
The adversaries have been targeting the railways for a long time now. Since railways usually store customer databases, they are a lucrative target, and recent attacks on significant railways across the US, Europe, and Asia prove the same.
What makes phishing prevention all the more difficult is that nowadays, railway networks rely on the internet to monitor and manage railway operations. The technological shift to computers isn’t matched with adequate anti-phishing solutions as a result of which railway customers and employees remain vulnerable to cyber attacks.
Hence, users are advised to refrain from accessing personal bank accounts or other sensitive personal data via public Wi-Fi.
Attackers Target LogMeIn
Cloud service provider LogMeIn has been recently added to the long list of platforms that adversaries are exploiting in the pandemic stricken world. As more people are working from home and using services like LogMeIn, they are facing an influx of attacks risking even their access to the password manager.
The attacker sends a phishing email seemingly from LogMeIn, which notifies users of a patch to a zero-day vulnerability. A link directs users to a phishing page replicating the actual LogMeIn page. Anyone who falls for the trap enables the attackers to materialize their evil schemes. Incorporating email phishing prevention measures before interlinking one’s online accounts goes a long way against cyber attackers.
New Ransomware Alert
When malicious hackers rule, a hacker group by the name of CyberWare has taken it upon themselves to punish scammers. They have introduced new ransomware called MilkmanVictory, which, ironically enough, doesn’t demand a ransom from its not-so-innocent target. The ransomware targets scam companies that promise fake loans to their customers.
CyberWare group sends phishing emails to these scammers with links to executables in the form of PDF files. The ransomware provides no way to connect to the attacker and shows a message notifying the scammer that all his nasty work has been destroyed. This becomes the ransom he needs to pay for his crimes. Protection from phishing was never before ensured more intriguingly!