a news outlet called The British News Agency to lureAttack.Phishingtargets in . Most of the group 's targets are in Iran , the U.S. , Israel and the U.K. , the report said , but some come from countries including France , Germany , Switzerland , Denmark , India , Turkey and the United Arab Emirates . The report detailed the various methods used to gain accessAttack.Databreachto computers and private social accounts . Those include false identities , the impersonationAttack.Phishingof real companies , the insertion of malicious code into a breached website , also known as `` watering hole attacks , '' and spear phishingAttack.Phishing, the process of pretending to beAttack.Phishingservice providers like Gmail or Facebook to trickAttack.Phishingpeople into giving out personal information . A significant mainstay of the group 's activity was the establishment of a media outlet called The British News Agency . Much effort went into creatingAttack.Phishinga seemingly legitimate website , including details about the agency and a contact list of the management team . The purpose of the site was to attractAttack.Phishingthe targets and infect them with malware . According to the report , multiple Israeli researchers of Iran and the Middle East were sentAttack.Phishingemails and Twitter direct messages from accounts registered with seemingly Jewish Israeli names . Messages coming fromAttack.Phishingone such account were presented as if coming fromAttack.Phishinga journalist and political researcher at KNBC News . Other messages were presented as if coming fromAttack.Phishingan Israeli political researcher raised in California who needed help with an article and also wanted to apply for a position at an Israeli university . Another message was described as coming fromAttack.Phishinga Jewish girl living in Iran . These messages often linked to phishing pages . ClearSky can not estimate how many accounts were successfully infiltrated , but the success rate for such attacks is usually around 10 % , said Mr. Dolev .
SCAMMERS are using fake websites to lureAttack.Phishingin Cyber Monday and Christmas shoppers and take their money . Be wary of `` too good to be true '' offers on Fingerlings toys , iPhones and fashion as they 're the most common items sold by fraudsters , according to the City of London Police . With shoppers set to spend £2.96billion by the end of Cyber Monday , fraud experts have warned that scammers will temptAttack.Phishingshoppers with suspiciously good deals so they buy their counterfeit items and hand over their card details . They 'll also set upAttack.Phishingfake websites that look likeAttack.Phishinggenuine retailers to trickAttack.Phishingpeople into giving away their data and payment details , according to a new report by Action Fraud and the City of London Police . Phishing emails containing tempting deals which enticeAttack.Phishingshoppers to click on links to fake websites are also on the rise on Cyber Monday and over the Christmas period , the report said . Scammers are using social media websites such as Facebook , re-selling websites such as Gumtree and online auction websites such as eBay to target Christmas shoppers , experts revealed . Mobile phones - particularly Apple iPhones - are the most common item that people try to buy from fraudsters , according to the report . Seventy-four per cent of all mobiles bought from fraudsters were iPhones , the study said . Electrical and household items , computers , fashion and accessories are also commonly sold to fraud victims , including Apple MacBooks , Ugg boots and Fingerlings toys - so be wary of `` too good to be true '' offers for these items . Women aged between 20 and 29 are the most likely to be caught out by scammers , according to the report , with 30 per cent of fraud reports coming from young women . But the police have warned that everyone should stay on their guard as anyone can fall victim to Christmas shopping fraudsters . More than 15,000 shoppers lost a total of £11million to scammers over the Christmas period last year . Detective Chief Superintendent Pete O ’ Doherty , of the City of London Police , said : “ Unfortunately , at what is an expensive time of year for many , the internet has provided fraudsters with a platform to lureAttack.Phishingpeople in with the promise of cheap deals . He added : “ To stop fraudsters in their tracks , be cautious of where and from whom you ’ re buying , especially if it is technology at a reduced price . '' Tony Neate , CEO of Get Safe Online , a free fraud awareness website , said : “ It can be easy to rush into making a quick purchase online to secure a must have gift or bargain without taking the time to check that everything is as it seems . “ But taking a couple of minutes to familiarise yourself with a few simple online safety tips can be the difference between getting all your shopping done in time and becoming a victim of online fraud . '' There are plenty of Black Friday and Cyber Monday scams around at the moment - we 've revealed the latest tricks used by fraudsters . Meanwhile scammers claiming to beAttack.Phishingfrom Tesco are running a fake competition in an attempt to steal your bank details .
The city has spent the past two weeks restoring online services disruptedAttack.Ransomby ransomware that held encrypted data hostage . Soon after Atlanta City Auditor Amanda Noble logged onto her work computer the morning of March 22 , she knew something was wrong . The icons on her desktop looked different—in some cases replaced with black rectangles—and she noticed many of the files on her desktop had been renamed with “ weapologize ” or “ imsorry ” extensions . Noble called the city ’ s chief information security officer to report the problem and left a message . Next , she called the help desk and was put on hold for a while . “ At that point , I realized that I wasn ’ t the only one in the office with computer problems , ” Noble says . Those computer problems were part of a high-profile “ransomware” cyberattackAttack.Ransomon the City of Atlanta that has lasted nearly two weeks and has yet to be fully resolved . During that time the metropolis has struggled to recover encrypted data on employees ’ computers and restore services on the municipal Web site . The criminals initially gave the city seven days to payAttack.Ransomabout $ 51,000 in the cryptocurrency bitcoin to get the decryption key for their data . That deadline came and went last week , yet several services remain offline , suggesting the city likely did not pay the ransomAttack.Ransom. City officials would not comment on the matter when contacted by Scientific American . The Department of Watershed Management , for example , still can not accept online or telephone payments for water and sewage bills , nor can the Department of Finance issue business licenses through its Web page . The Atlanta Municipal Court has been unable to process ticket payments either online or in person due to the outage and has had to reschedule some of its hearings . The city took down two of its online services voluntarily as a security precaution : the Hartsfield–Jackson Atlanta International Airport wi-fi network and the ability to process service requests via the city ’ s 311 Web site portal , according to Anne Torres , Atlanta ’ s director of communications . Both are now back online , with airport wi-fi restored Tuesday morning . The ransomware used to attack Atlanta is called SamSam . Like most malicious software it typically enters computer networks through software whose security protections have not been updated . When attackers findVulnerability-related.DiscoverVulnerabilityvulnerabilities in a network , they use the ransomware to encrypt files there and demand paymentAttack.Ransomto unlock them . Earlier this year attackers used a derivative of SamSam to lock up files at Hancock Regional Hospital in Greenfield , Ind . The health care institution paidAttack.Ransomnearly $ 50,000 to retrieve patient data . “ The SamSam ransomware used to attackAttack.RansomAtlanta is interesting because it gets into a network and spreads to multiple computers before locking them up , ” says Jake Williams , founder of computer security firm Rendition Infosec . “ The victim then has greater incentive to pay a larger ransomAttack.Ransomin order to regain control of that network of locked computers. ” The city ’ s technology department—Atlanta Information Management ( AIM ) —contacted local law enforcement , along with the FBI , Department of Homeland Security , Secret Service and independent forensic experts to help assess the damage and investigate the attack . The attackers set upAttack.Ransoman online payment portal for the city but soon took the site offline after a local television station published a screen shot of the ransom note , which included a link to the bitcoin wallet meant to collect the ransomAttack.Ransom. Several clues indicate Atlanta likely did not payAttack.Ransomthe attackers , Williams says . “ Ransomware gangs typically cut off communications once their victims get law enforcement involved , ” he says . “ Atlanta made it clear at a press conference soon after the malware was detected ” that they had done so . The length of time it has taken to slowly bring services back online also suggests the cyber criminals abandoned Atlanta without decrypting the city ’ s files , Williams says . “ If that ’ s the case , the city ’ s IT staff spent the past week rebuilding Atlanta ’ s online systems using backed-up data that had not been hitAttack.Ransomby the ransomware , ” he says , adding that any data not backed up is likely “ lost for good. ” “ If the city had paid the ransomAttack.Ransom, I would have expected them to bring up systems more quickly than they have done , ” says Justin Cappos , a professor of computer science and engineering at New York University ’ s Tandon School of Engineering . “ Assuming the city did not pay the ransomAttack.Ransom, their ability to recover their systems at all shows that they at least did a good job backing up their data . ”
A Ukrainian cybercrime operation has made an estimated $ 50 million by using Google AdWords to lureAttack.Phishingusers on Bitcoin phishing sites . The operation has been temporarily disrupted this month when Ukrainian cyber police shut down servers hosting some of the phishing sites , acting on information they received from Cisco 's Talos security division . No arrests were made , and it 's very likely that the group will make a comeback in the future . The group —which Cisco tracked internally under the codename of Coinhoarder— has been operating for years , but appears to have used the same scheme since February 2017 , possibly earlier . Crooks purchase so-called typosquatted domains that imitateAttack.Phishingthe real Blockchain.info Bitcoin wallet management service . Coinhoarder operators then set upAttack.Phishingphishing pages on these domains that log users credentials , which they later use to steal funds from users ' accounts . According to Cisco , instead of using malvertising or spam campaigns , crooks buy legitimate ads via the Google AdWords platform and place linksAttack.Phishingto their phishing sites at the top of Bitcoin-related Google search results . This trick is not only simple to execute but very effective . Cisco reported that based on DNS query data , ads for one domain roped in over 200,000 users . It is believed the group luredAttack.Phishingtens of millions of users to its phishing sites . It is unclear how many users tried to log in on the fake sites , but after tracking down various thefts reported on social media and involving some of the Coinhoarder groups typosquatted domains , Cisco says the group made around $ 50 million worth of Bitcoin in the past three years . For example , in one campaign that took place from September 2017 to December 2017 , the group made around $ 10 million , while in another campaign that lasted 3.5 weeks , the group made another $ 2 million . Researchers also point out that crooks used geo-targeting filters for their ads , targeting mostly Bitcoin owners in Africa . `` This threat actor appears to beAttack.Phishingstanding up phishing pages to target potential victims African countries and other developing nations where banking can be more difficult , and local currencies much more unstable compared to the digital asset , '' researchers said in a report published yesterday . `` Additionally , attackers have taken notice that targeting users in countries whose first language is not English make for potentially easier targets . '' Cisco says it tracked down the phishing sites hosted on the servers of a bulletproof hosting provider located in Ukraine —Highload Systems . This is where Ukraine 's cyber police department intervened and took down servers . According to Cisco , the Coinhoarder group is by far the largest phishing operationAttack.Phishingthat has targeted Blockchain.info , the biggest Bitcoin wallet service online . Bleeping Computer , too , has spotted increases in phishing campaignsAttack.Phishingtargeting Blockchain.info in December 2016 and December 2017 . Among the new tricks detected by Cisco since our previous reports , crooks have started using Let 's Encrypt certificates to make their phishing sites load via HTTPS , and have also incorporated homograph attacks .
Cyber Monday is here ! If you avoided the retail stores and skipped their Black Friday deals , do n't worry , you 'll get another chance for major savings today . From clothing to travel to exclusive online-only deals , Cyber Monday still has tons to offer . But just in time for the Cyber Monday shopping rush , watch out for sinister phishing scamsAttack.Phishingthat are making the rounds . With more online shoppers this time around - searching every nook and cranny of the web in search of the best Cyber Monday deals - crooks are again looking to dupeAttack.Phishingunsuspecting bargain hunters . Stop and Think , Did I order this ? One of the most effective tools for a cybercriminal is the phishing scamAttack.Phishing. This is when a scammer poses asAttack.Phishinga trustworthy entity and tries trickingAttack.Phishingyou into clicking on a malicious link . Their ultimate goal , of course , is to stealAttack.Databreachyour sensitive information such as credit card details , usernames and passwords . With this year 's holiday online shopping numbers projected to be the biggest ever , millions of items will be processed and shipped . With this surge in shipping activity , consumer protection groups are warning everyone to watch out for fake delivery notices and package verification scams . For example , if you receiveAttack.Phishingan email from `` Amazon '' saying that you have a pending delivery that needs verification from you , then that is most likely a phishing scamAttack.Phishing. Other email phishing scamsAttack.Phishingmay also pretend to provideAttack.Phishingyou with a link for shipping updates or special discount coupons and offers . Another popular ploy is the phantom order scam . These alarming emails are meant to get you clicking by pretendingAttack.Phishingyou ordered thousands of dollars of merchandise . But before you click that link , look out , these deceitful messages can be extremely convincing . Fake delivery and shipping notifications can look just likeAttack.Phishingthe real thing , using real logos and art from company websites . These cybercriminals will even set upAttack.Phishingfake websites that look likeAttack.Phishingthe real deal to lureAttack.Phishingyou into giving away your personal information and credit card details .