is targeting businesses and consumers who use Office 365 email services . Fraudsters are gaining accessAttack.Databreachto Office 365 accounts by stealingAttack.Databreachlogin credentials obtainedAttack.Databreachusing convincing fake login screens . Fraudster email attacksAttack.Phishingare becoming increasingly sophisticated – often appearing to be sent fromAttack.Phishinga business , organization , or individual the victim normally emails or does business with . The fictitious emails contain malicious links or attachments that redirectAttack.Phishingthe victim to a fake login page asking for their email username and password . Once the information is entered , fraudsters then use the stolen credentials to log into Office 365 and sendAttack.Phishingfraudulent emails to the victim ’ s contact list , perpetuating the scam . If you use Office 365 for email , we encourage you to be extra vigilant . Emails containing hyperlinks or attachments that require additional actions by you should be carefully vetted before proceeding . If you are unsure if an email you received is legitimate , do not click on any links , attachments , or provide any information . We also encourage you to contact any of your email contacts via phone or a safe email address to inform them that your email account has been compromisedAttack.Databreachand to let them know they may receiveAttack.Phishingfraudulent emails appearing to be sentAttack.Phishingby you . While Office 365 is the most recent phishing target , these types of scams regularly impact other email applications and platforms as well . Always be cautious when opening any emails that were not expected , are coming from someone you do not know , and contain links or attachments you were not expecting . Take advantage of added security measures that your email provider offers .. If you ever feel information related to your financial accounts with us has been compromisedAttack.Databreach, please notify us immediately so that we can assist you with protecting your accounts and notifying the appropriate authorities .
Fraudulent emails are being receivedAttack.Phishingby individuals and/or companies with the subject title similar to `` Reinstate Your Account '' or `` [ Audit ] Reinstate Your Account '' . This email appears to beAttack.Phishingfrom UVA Community Credit Union telling them that an account is dormant and needs to be reinstated . The email includes a link that redirects the individual to a fraudulent web page and may contain a virus or malicious software , or solicit password information . If you receiveAttack.Phishingan email like this , do not click on the link as doing so may open your system to damage from viruses . If you clicked through to this fraudulent website , you may be at risk for subsequent fraud . Change passwords to your Online Banking and Email accounts . You should ensure that you have the latest updates from your anti-virus vendor and run a full system scan . Please note that not all anti-virus vendors receive or update the latest virus signatures at the same time . Best practices are to configure your anti-virus software to automatically update and scan your computer on a regular basis . As always , you should closely monitor your accounts for suspicious activity . Visit our Security Center to learn more about protecting your computer , or if you believe you have been a victim of identity theft . UVA Community Credit Union will never contact you by email , cell phone , text message , or telephone asking for your personal information . If you have been a victim of a scam and think your UVA Community Credit Union account information may have been compromisedAttack.Databreach, contact us immediately at 434-964-2001 or toll-free , 1-888-887-9136 .
Cybercriminals prey on naivety , and a new scam campaign that attempts to trickAttack.Phishingpeople into providing bank details to pay for a fake WhatsApp subscription does just that . WhatsApp did once charge a subscription fee of $ 0.99/£0.99 , but stopped the practice in January 2016 . However , the fraudsters behind this latest scam are looking to take advantage of the fact WhatsApp -- which has over a billion users -- did once rely on a subscription service to dupeAttack.Phishingvictims into handing over their banking information . The UK 's fraud and cybercrime centre Action Fraud and the City of London police have issued a warning about the campaign . Emails purporting to beAttack.Phishingfrom 'The WhatsApp Team ' claim that `` your subscription will be ending soon '' and that in order to continue to use the service , you need to update your payment information . Victims are encouraged to sign into a 'customer portal ' with their number and to enter payment information . Naturally , this is a scam -- with spelling errors in the text a huge giveaway -- and all the victims are doing is providing criminals with their financial details . Criminals could use these to simply make purchases or as a basis for further fraud . Scammers have also been known to use text messages in an effort to dupeAttack.Phishingvictims into paying for a fake subscription . Those who receiveAttack.Phishingthe email are urged not to click on any of the links , but to instead report it to the police . Action Fraud also offers advice to those who have already fallen for the scam , telling victims to `` run antivirus software to ensure your device has not been infected with malware '' . Scammers often attempt to lureAttack.Phishingvictims into handing over their credit card information -- or installing malware onto their machines -- often with authentic-looking phishing emails claiming to be fromAttack.Phishingreal companies . Previously , Action Fraud has warned about scammers attempting to stealAttack.Databreachcredentials from university staff with fake emails about a pay rise , while police have also issued a warning about cybercriminals attempting to infect people with banking malware using emails that pretend to beAttack.Phishingfrom a charity .
The Indiana Department of Revenue and the Internal Revenue Service is warning individuals and businesses about emails that use tax transcripts as baitAttack.Phishingto enticeAttack.Phishingusers to open attachments . These scams are problematic for businesses or government agencies whose employees open the malware infected attachments , putting the entire network at risk . This well-known malware , known as Emotet , generally poses asAttack.Phishingspecific banks or financial institutions to trickAttack.Phishingindividuals into opening infected documents . It ’ s been described as one of the most costly and destructive malware to date . Both the DOR and IRS have several tips to help individuals and businesses stay clear of these scams : - The DOR and IRS do not contact customers via email to share sensitive documents such as a tax transcript - Use security software to protect against malware and viruses , and make sure it ’ s up-to-date - Never open emails , attachments , or click on links when you ’ re not sure of the source If you receiveAttack.Phishingan email claiming to beAttack.Phishingthe IRS , delete it or forward the email to phishing @ irs.gov < mailto : phishing @ irs.gov > . If the email claims to beAttack.Phishingfrom the DOR forward it to investigations @ dor.in.gov < mailto : investigations @ dor.in.gov > . Emotet is known to constantly evolve , and in the past few weeks has masqueraded asAttack.Phishingthe IRS , pretending to beAttack.Phishing“ IRS Online ” . The scam email includes an attachment , with the subject line often including “ tax transcript ” .
Global software industry advocate BSA | The Software Alliance is warning Australian organisations to be mindful of the security risks involved with using unlicensed software after it settled with a record number of infringement settlements last year . A total of 28 case settlements for the use of unlicensed software occurred in 2017 – twice the amount in 2016 . The 28 settlements were worth more than $ 347,000 in damages against businesses across Australia . BSA warns that with the Notifiable Data BreachesAttack.Databreachlegislation now in effect , this is a good time for organisations to consider the risks unlicensed software bring to their business . “ Businesses need to remember that unlicensed software , or software downloaded from an unknown source , may contain malware which puts an organisation and its customers at significant risk of becoming the victim of a data breachAttack.Databreach, ” comments BSA APAC ’ s director of compliance programs , Gary Gan . “ Without properly licensed software , organisations don ’ t receiveVulnerability-related.PatchVulnerabilitypatch updates which strengthen the software ’ s security and addressVulnerability-related.PatchVulnerabilityvulnerabilities , which otherwise would leave the business exposed. ” One of the 28 settlements involved a Western Australia-based energy company that was found using unlicensed software . The settlement amounted to more than $ 40,000 . Every business caught using unlicensed software had to purchase genuine software licenses for ongoing use on top of the copyright infringement damages . “ It ’ s especially important that organisations are ensuring they ’ re doing all they can to protect their data given the recent introduction of NDB legislation . In order to stay on top of their software licensing , businesses should consider investing in SAM tools . The potential consequences faced by businesses that are found to be using unlicensed software far outweighs the cost of investment into SAM , something that all businesses should be considering , ” Gan continues . The BSA continues to clamp down on unlawful use of its members ’ software . Members include Adobe , Apple , IBM , Microsoft , Okta , Oracle , Symantec , Trend Micro and Workday , amongst others . BSA offers up to $ 20,000 to eligible recipients who disclose accurate information regarding unlawful copying or use of BSA members ’ software . Potential recipients must provide assistance and evidence to support the information , as may be required by the BSA ’ s legal advisers , in connection with any claim or legal proceedings initiated by the BSA members . BSA says it remains committed to its role in raising awareness of the risks to businesses when using unlicensed software and the damaging effects that software piracy has on the Australian IT industry .
Criminals are attempting to trickAttack.Phishingconsumers into handing over passwords and credit card details by taking advantage of the flood of emails being sent outAttack.Phishingahead of new European privacy legislation . The European Union 's new General Data Protection Regulation ( GDPR ) come into force on 25 May and the policy is designed to give consumers more control over their online data . As a result , in the run-up to it , organisations are sending outAttack.Phishingmessages to customers to gain their consent for remaining on their mailing lists . With so many of these messages being sent outAttack.Phishing, it was perhaps only a matter of time before opportunistic cybercriminals looked to take advantage of the deluge of messages about GDPR and privacy policies arriving in people 's inboxes . A GDPR-related phishing scamAttack.Phishinguncovered by researchers at cyber security firm Redscan is doing just this in an effort to steal data with emails claiming to beAttack.Phishingfrom Airbnb . The attackers appear to beAttack.Phishingtargeting business email addresses , which suggests the messages are sentAttack.Phishingto emails scraped from the web . The phishing message addresses the user as an Airbnb host and claimsAttack.Phishingthey 're not able to accept new bookings or sendAttack.Phishingmessages to prospective guests until a new privacy policy is accepted . `` This update is mandatory because of the new changes in the EU Digital privacy legislation that acts upon United States based companies , like Airbnb in order to protect European citizens and companies , '' the message says , and the recipient is urgedAttack.Phishingto click a link to accept the new privacy policy . Those who click the link are asked to enter their personal information , including account credentials and payment card information . If the user enters these , they 're handing the data straight into the hands of criminals who can use it for theft , identity fraud , selling on the dark web and more . `` The irony wo n't be lost on anyone that cybercriminals are exploiting the arrival of new data protection regulations to stealAttack.Databreachpeople 's data , '' said Mark Nicholls , Director of Cyber Security at Redscan . `` Scammers know that people are expecting exactly these kinds of emails this month and that they are required to take action , whether that 's clicking a link or divulging personal data . It 's a textbook phishing campaignAttack.Phishingin terms of opportunistic timing and having a believable call to action '' . Airbnb is sending messages to users about GDPR , but the messages contain far more detail and do n't ask the users to enter any credentials , merely agree to the new Terms of Service . While the phishing messages might look legitimate at first glance , it 's worth noting they do n't use the right domain - the fake messages come fromAttack.Phishing' @ mail.airbnb.work ' as opposed to ' @ airbnb.com ' . Redscan has warned that attackers are likely to use GDPR as baitAttack.Phishingfor other phishing scamsAttack.Phishing, with messages claiming to beAttack.Phishingfrom other well-known companies . `` As we get closer to the GDPR implementation deadline , I think we can expect to see a lot a lot more of these types of phishing scamsAttack.Phishingover the next few weeks , that 's for sure , '' said Nicholls , who warned attackers could attempt to use the ploy to deliver malware in future . `` In the case of the Airbnb scam email , hackers were attempting to harvestAttack.Databreachcredentials . Attack vectors do vary however and it 's possible that other attacks may attempt to infect hosts with keyloggers or ransomware , for example . '' he said . Airbnb said those behind the attacks have n't accessedAttack.Databreachuser details in order to sendAttack.Phishingemails and that users who receiveAttack.Phishinga suspicious message claiming to beAttack.Phishingfrom Airbnb should send it to their safety team . `` These emails are a brazen attempt at using our trusted brand to try and stealAttack.Databreachuser 's details , and have nothing to do with Airbnb . We 'd encourage anyone who has receivedAttack.Phishinga suspicious looking email to report it to our Trust and Safety team on report.phishing @ airbnb.com , who will fully investigate , '' an Airbnb spokesperson told ZDNet . Airbnb also provided information on how to spot a fake email to help users to determine if a message is genuine or not .
There ’ s a new LinkedIn scamAttack.Phishingdoing the rounds , involving phishing emails and a fake website designedAttack.Phishingto harvest the information you have in your CV . In the first stage of the scam , you receiveAttack.Phishinga phishing email disguised asAttack.Phishinga LinkedIn email . Here are just a few of the giveaways that this is a phishing email : Clicking either of the two links in the spam email will send you to https : //linkedinjobs ( dot ) jimdo ( dot ) com . We scanned the link with VirusTotal , and most of the security solutions found it to be clean , with the exception of a less well known scanner , AutoShun . Clicking on the website itself will take you to a simple page , where the main focus falls on a form for uploading your CV . Your CV contains a wealth of personal data which a cybercriminal uses to make a profit at your expense . Phone numbers can be sold for companies doing promotional cold calling . Or , the cybercriminal might call you himself in a vishing attackAttack.Phishing. Sometimes however , the attacker targets a company you worked at ( or a future company you want to work for ) . Using the information found within your CV , the attacker might impersonateAttack.Phishingyou in order to launch spear phishing emails against people in those companies , such as the CEO or the accounting department , in order to illegally obtain funds or money transfers . In 2016 for instance , the CEO of an Austrian airplane component manufacturer was fired after he got trickedAttack.Phishingby a spear phishing attackAttack.Phishingthat led him to transfer around 40 million euros to the scammer ’ s account . This isn ’ t the first time LinkedIn has been used a cover for a phishing campaignAttack.Phishing. Another similar situation was encountered in 2016 , which we also covered . It ’ s difficult ( if not impossible ) for companies alone to prevent these scams from taking place . In these cases , users too should contribute to keeping the Internet safe . In cases involving LinkedIn , the best course of action is to report these to the company : LinkedIn itself also offers a thorough set of tips and advice on how to recognize various scams over the network , such as inheritance or dating scams . When you ’ re actively searching for a job , being offered one in such a compelling tone might seem appealing . Because you expect to receive such messages ( indeed , you welcome them ) you ’ re tempted to let your guard down , and that ’ s exactly when a scammer strikes .
Cyber Monday is here ! If you avoided the retail stores and skipped their Black Friday deals , do n't worry , you 'll get another chance for major savings today . From clothing to travel to exclusive online-only deals , Cyber Monday still has tons to offer . But just in time for the Cyber Monday shopping rush , watch out for sinister phishing scamsAttack.Phishingthat are making the rounds . With more online shoppers this time around - searching every nook and cranny of the web in search of the best Cyber Monday deals - crooks are again looking to dupeAttack.Phishingunsuspecting bargain hunters . Stop and Think , Did I order this ? One of the most effective tools for a cybercriminal is the phishing scamAttack.Phishing. This is when a scammer poses asAttack.Phishinga trustworthy entity and tries trickingAttack.Phishingyou into clicking on a malicious link . Their ultimate goal , of course , is to stealAttack.Databreachyour sensitive information such as credit card details , usernames and passwords . With this year 's holiday online shopping numbers projected to be the biggest ever , millions of items will be processed and shipped . With this surge in shipping activity , consumer protection groups are warning everyone to watch out for fake delivery notices and package verification scams . For example , if you receiveAttack.Phishingan email from `` Amazon '' saying that you have a pending delivery that needs verification from you , then that is most likely a phishing scamAttack.Phishing. Other email phishing scamsAttack.Phishingmay also pretend to provideAttack.Phishingyou with a link for shipping updates or special discount coupons and offers . Another popular ploy is the phantom order scam . These alarming emails are meant to get you clicking by pretendingAttack.Phishingyou ordered thousands of dollars of merchandise . But before you click that link , look out , these deceitful messages can be extremely convincing . Fake delivery and shipping notifications can look just likeAttack.Phishingthe real thing , using real logos and art from company websites . These cybercriminals will even set upAttack.Phishingfake websites that look likeAttack.Phishingthe real deal to lureAttack.Phishingyou into giving away your personal information and credit card details .
Aspiring Netflix users who don ’ t want to actually pay for the popular video on demand service are being targeted with a new type of ransomware . Detected as Netix by Trend Micro , the ransomware is hidden in an executable ( Netflix Login Generator v1.1.exe ) that poses asAttack.Phishinga software for creating valid Netflix login credentials . The file is usually offered for download on sites sharing crackers and free access to paid online services . Users who download and run the file will be faced with the above screen . Clicking the “ Generate Login ! ” button will open another one , offering a username and password . Whether the login credentials actually work or not is unknown . But the other executable dropped by the initial one does work , and it starts encrypting a variety of file types in the machine ’ s C : \Users directory , including images , videos , archive files , and Office documents . “ The ransomware employs AES-256 encryption algorithm and appends the encrypted files with the .se extension . The ransom notes demandAttack.Ransom$ 100 worth of Bitcoin ( 0.18 BTC ) from its victims , ” Trend Micro warns . The ransomware needs to connect to a C & C server to work and to receiveAttack.Ransomthe ransom note and warning to display : Interestingly enough , only users of Windows 7 or 10 are in danger from this particular piece of ransomware , as it won ’ t run on other versions of the OS . Victims are urged by the crooks to pay the ransomAttack.Ransomin order to receive the decryption key , but should know that even if they do , there is no guarantee they will get the key . Regularly backing up important files is the best way to assure yourself that even if you fall for social engineering approaches such as this one , you ’ ll be able to avoid paying the ransomAttack.Ransomand losing your files forever
A series of remotely exploitable vulnerabilities exist inVulnerability-related.DiscoverVulnerabilitya popular web-based SCADA system made by Honeywell that make it easy to expose passwords and in turn , give attackers a foothold into the vulnerable network . The flaws exist inVulnerability-related.DiscoverVulnerabilitysome versions of Honeywell ’ s XL Web II controllers , systems deployed across the critical infrastructure sector , including wastewater , energy , and manufacturing companies . An advisory from the Department of Homeland Security ’ s Industrial Control Systems Cyber Emergency Response Team ( ICS-CERT ) warned aboutVulnerability-related.DiscoverVulnerabilitythe vulnerabilities Thursday . The company has developed a fix , version 3.04.05.05 , to addressVulnerability-related.PatchVulnerabilitythe issues but users have to call their local Honeywell Building Solutions branch to receiveVulnerability-related.PatchVulnerabilitythe update , according to the company . The controllers suffer from five vulnerabilities in total but the scariest one might be the fact that passwords for the controllers are stored in clear text . Furthermore , if attackers wanted to , they could discloseAttack.Databreachthat password simply by accessing a particular URL . An attacker could also carry out a path traversal attack by accessing a specific URL , open and change some parameters by accessing a particular URL , or establish a new user session . The problem with starting a new user session is that the controllers didn ’ t invalidate any existing session identifier , something that could have made it easier for an attacker to steal any active authenticated sessions . Maxim Rupp , an independent security researcher based in Germany , dug upVulnerability-related.DiscoverVulnerabilitythe bugs and teased them on Twitter at the beginning of January . Rupp has identifiedVulnerability-related.DiscoverVulnerabilitybugs in Honeywell equipment before . Two years ago he discoveredVulnerability-related.DiscoverVulnerabilitya pair of vulnerabilities in Tuxedo Touch , a home automation controller made by the company , that could have let an attacker unlock a house ’ s doors or modify its climate controls . It ’ s unclear how widespread the usage of Honeywell ’ s XL Web II controllers is . While Honeywell is a US-based company , according to ICS-CERT ’ s advisory the majority of the affected products are used in Europe and the Middle East . When reached on Friday , a spokesperson for Honeywell confirmed that the affected controllers are used in Europe and the Middle East . The company also stressed that the vulnerabilities were patchedVulnerability-related.PatchVulnerabilityin September 2016 after they were reportedVulnerability-related.DiscoverVulnerabilityin August .