Daily Archives: January 2, 2020

#cyberfraud | #cybercriminals | Hunt for cyber crook Vikas proves pointless

Source: National Cyber Security – Produced By Gregory Evans

CCB sleuths who went to track down cyber criminals to Rajasthan, return empty handed

The Central Crime Branch (CCB) sleuths trip to track down cyber-crooks to a remote village in Rajasthan, seemed like a waste of time. The CCB only managed to arrest one person, who only had connections with to the gang. The actual gang that operated from Deeg, in Bharatpur district of Rajasthan, is believed to have been tipped-off by the local police. CCB sleuths believe that the local police works hand-in-glove with the gang.

This notorious gang is the brain behind the recent spurt in Cybercrimes in Bengaluru pertaining to QR codes. These codes, when scanned, debit money from the victim’s bank accounts linked with digital wallets, on their mobile phones. The gang members posed as army personnel who were getting transferred and won credibility with their victims. The scam is still active numerous people have fallen prey to the gang.

A senior CCB official elaborated how the gang has at least a dozen members and with their illegal earnings, they have built houses in Deeg, worth Rs 60 lakh to 70 lakh.

On December 23, a team of eight CCB members, along with two police inspectors, reached Deeg. The team members were tracking the phone numbers the culprits, who were using the number to make calls to potential victims. They would ask sellers to come near Command Hospital in Cambridge Layout, to show them the vehicles they have for sale. The CCB members posed as potential buyers and kept tracking the gang.

Despite have narrowed the culprits to an area in Deeg, the CCB team did not manage to nab them. However, one Karan Singh was taken into custody. Singh is believed to be one of the beneficiaries in the scams and also gets commissions from the gang, said the officer on part of investigations.

“We made a mistake by informing the local police about our operation,” said the official.

We will soon go to back to Deeg for another operation to nab this gang, this time with our DCP, and we will not inform the local Deeg police.

–The senior official said

The CCB team said that the local police had not helped them with their operations and instead acted as road blocks. First the CCB team was not allowed to enter the locality where the gang was believed to be hiding. Additionally, instead of offering the protection, the CCB team was also discouraged to chase the culprits, fearing the violent reaction from the locals. The Deeg police also promised that they would bring in the culprits and the CCB team was made to wait. When the Deeg police returned, they said the culprits had escaped. Seeing their absolute lack of support, the CCB suspects the Deeg police works in tandem with the cyber criminals.

While applying for a transit warrant for the Karan Singh, the CCB teams complained to the magistrate about the lack of support from the Deeg police and also expressed their suspicion about the Deeg police’s intentions.

The CCB team has brought Karan Singh to Bengaluru and are trying to establish his involvement in cases of QR code scams that have been registered across the city.

“We will soon go to back to Deeg for another operation to nab this gang, this time with our DCP, and we will not inform the local Deeg police. Instead, we will straight be conducting a raid after informing the SP’s office,” said senior official.

Source link

The post #cyberfraud | #cybercriminals | Hunt for cyber crook Vikas proves pointless appeared first on National Cyber Security.

View full post on National Cyber Security

hacker proof, #hackerproof

#cyberfraud | #cybercriminals | The first thing to do after you’re involved in a hack

Source: National Cyber Security – Produced By Gregory Evans

There were a bunch of big data hacks in 2019, and 2020 will likely be just as bad as the number of cyberattacks increase. (The average number of security breaches in the last year grew by 11% from 130 in 2017 to 145 in 2018, according to Accenture research.)

Companies may be hiring cybersecurity consultants, one expert told Yahoo Finance, but many of them are simply box-checkers looking to cast off liability.

If you haven’t been involved or impacted by a hack, don’t think your luck won’t run out. Yahoo Finance spoke to two cybersecurity professionals for a definitive guide on what to do if you’re involved in a hack.

Do this first

There are three general types of security breaches, says Alex Hamerstone, GRC (governance, risk, and compliance) practice lead at TrustedSec, a cyber security consulting firm. There’s a breach of a service you’ve never used, a breach that you do use but didn’t involve your data, or a breach of a service you do use with your information.

If you use the service, change your password immediately. Do not reuse an old password. And change any passwords for other sites that might use the same password as the breached service. If you don’t use the service, consider using “this as a reminder to go change my passwords and make sure that I have things locked down as best I can,” says Hamerstone.

The reason why it’s so important to change your passwords for other sites is precisely because hackers know you recycle the same password at multiple websites.

“Hackers will check other accounts when they have a victim’s password,” says Jason Glassberg, co-founder of Casaba Security. “You should also set up up two-factor or multi-factor authentication to guard against future password theft.”

Glassberg says you can use text-based two-factor authentication (2FA), but a dedicated app like the Google Authenticator is better because “phone porting (phonejacking) attacks are increasing and if someone hijacks your cell number, they then have access to your 2FA codes,” says Glassberg.

The next steps: monitoring and being proactive

If your data was breached, the experts suggest careful monitoring of bank and credit card accounts (many banks offer app and text-based notifications.)

You shouldn’t reuse the same passwords

After the short-term fixes like changing your passwords and making sure 2FA is in order, Hamerstone recommends considering a credit freeze (“for at least a year!”) if your Social Security number was compromised, even if the breached company says the number was encrypted. (A credit freeze lets you restrict access to your credit report, which makes it harder for identity thieves to open new accounts in your name.)

In the months following a hack, don’t be surprised to receive suspicious messages.

“You should expect social engineering scams that will use your information against you,” says Hamerstone. “For instance, in a common email phishing scam today a hacker — who bought your password along with countless others from a data dump — will claim to have hacked your webcam and recorded you watching adult movies, or something else, and will cite your password as proof.”

This can seem extremely believable, and Hamerstone adds that hackers may also have more info from emails, calls, and texts to give you the impression they have already hacked you. 

“This is a tactic that will catch a lot of people off-guard, and they can end up being victimized a second time — and much worse,” says Hamerstone. “So it’s important to understand how this stolen information is used by scammers, and sold/traded/rented to other criminal groups.”

Because all this information that’s easily accessible can include card numbers, Glassberg strongly advises against using debit cards. “I can guarantee almost everyone will lose their card number to a breach, skimmer or theft in the next year,” he says. “When that falls into the hands of a criminal, you can lose access to your money instantly.”

Equifax was hacked twice in 2017. (Photo by Jaap Arriens/NurPhoto via Getty Images)

While you can get the money back with prompt response, both security experts point out that it’s a pain that can be avoided by using a credit card. (With a debit card, the money is taken directly from your account, but with a credit card, you pay later so you aren’t on the hook in the same way.)

“Mobile payments (like Apple Pay) are even safer than that,” says Hamerstone.

The long-term: assume the worst 

There have been so many hacks — from Equifax to the Office of Personnel Management breach to Zynga — that it doesn’t look good for anyone.

“By now, most people in this country have some personal information that is available to scammers in the dark web,” says Hamerstone. “Maybe it’s just an old email address or password, or maybe it’s more serious than that — like a Social Security number. But either way, you should assume you are already in the dark web and proceed accordingly.”

Even if you haven’t been involved in a recent breach, a little monitoring can go a long way. 

“Keep a close eye on your banking — never stop. Don’t reuse passwords, ever, and don’t store sensitive stuff in the cloud — like nude photos,” Hamerstone says. 

Hamerstone has another bit of bad news, which sounds like pessimism but is grounded in realism: “Expect to become a victim of tax fraud.” 

The IRS now has a special program providing taxpayers with an Identity Protection PIN, or IP PIN, he says. This number helps the IRS verify your identity and accept your tax return. Note that taxpayers in certain states are eligible; check the IRS’s website to see if you qualify.

Ethan Wolff-Mann is a writer at Yahoo Finance focusing on consumer issues, personal finance, retail, airlines, and more. Follow him on Twitter @ewolffmann.

From app to pro: Stationary bikes are creating elite athletes

Hidden cable fees are are about to go away

Companies are secretly scoring you, but good luck getting your data

‘Snake oil salesmen’: Two neurologists respond to the CBD craze

Large-scale credit card hackers back for the holiday season, ex-FBI investigator says

Read the latest financial and business news from Yahoo Finance

Follow Yahoo Finance on TwitterFacebookInstagramFlipboardLinkedIn, YouTube, and reddit.

Source link

The post #cyberfraud | #cybercriminals | The first thing to do after you’re involved in a hack appeared first on National Cyber Security.

View full post on National Cyber Security

hacker proof, #hackerproof

#cyberfraud | #cybercriminals | Fraud scams continue to evolve — BBB tells you what to look out for  – The Advocate-Messenger

Source: National Cyber Security – Produced By Gregory Evans

Grandparents have quite a soft spot in their hearts for their grandbabies, no matter the age of those “babies.” Maybe this is why the “grandparents scam” call seems to never go away. 

Lately, people have been reporting a “resurgence” of the scam call, where someone calls an elderly person’s residence, pretending to be their grandchild in trouble. They say they have been in a terrible wreck and need money for the hospital, or that they’ve been arrested. 

“We hear about that one a lot,” says Heather Clary, director of communications for the Better Business Bureau of Central & Eastern Kentucky. She speaks quite a bit to various senior citizens groups, and says at least one if not more of those in attendance have received a frightening call like this. 

“All of them have one thing in common: they beg you not to call Mom or Dad … and there’s quite an urgency.” She says the “grandchild” who’s calling has several excuses for why they don’t sound like themselves — “I hit my head or broke my nose on the dashboard in a wreck … It’s a loved one in distress” so people will fall for this. 

“They want you to wire the money, so they’ll put someone else on the phone pretending to work for the hospital, or even to be the DA (district attorney) or a defense attorney. And they want you to buy reloadable cards (prepaid cards) and read those to them over the phone. Then they get emptied out. People have lost upwards of a thousand dollars, and it’s untraceable.” 

She says many will even ask the victims to take pictures of the backs of the cards showing the numbers to text to them. 

“With these cards? You can not recover or dispute it.” 

Although she’s heard about this scam a lot over the years and continues to, many may have not. “Because the senior citizen who falls for it may be embarrassed and not report it, and are afraid their adult children will be angry with them,” Clary says. 

A good technique to come up with nowadays, she says, is to create a code word with family members. If for any reason they need to call you to get sensitive information, you ask them for this word to prove who you’re talking to. 

“The internet is usually how these scammers find out who people are related to,” Clary says, and even how to get in touch with dear old grandma. “You’d be surprised what the internet yields to the con artist … They have such sophisticated computer software and technology.” 

Clary says the BBB’s 2019 report will come out in March, which will tabulate all of the scams reported throughout the year. “I will guess that the government impersonation scams will be high on the list.” 

These are calls claiming to come from the IRS that you haven’t paid your taxes, or from some agency pretending to have a warrant for your arrest. “It’s scary; just another scare tactic. When what you think is a government agency is telling you there’s some kind of severe problem, we’re going to arrest you for it, people fell for it.” 

Clary says most of these operations are overseas, which makes it even harder to investigate. “A couple of years ago, they did a huge round up over in India where a big cell of these operations were going on. 

“Another big one going around is where they’re using the Social Security Administration’s name now.” Clary says the BBB gets several messages a day from people getting calls telling them their social security number has been associated with fraudulent activity. 

“Sometimes they just want the number and not money from you. Those things are hot commodities on the black market and the dark web; they sell them to make fake IDs, set up fake accounts …” 

She says some of these calls can also be “really scary. They will act like they’re law enforcement, specifically from down in Texas for some reason, indicating your social was found in a car full of drugs or even associated with a drug cartel, threatening them with possible arrests.” 

Clary says she doesn’t expect these types of calls to stop any time soon in the future. 

“Another new one we’ve heard is the FTC (Federal Trade Commission) being used. We’ve seen it used in sweepstakes scams, calling to say they’ve won a prize or a grant and asking for your personal information and for processing fees … The FTC definitely does not do that.” 

She says con artists always seem to follow the headlines, using some kind of twist. “Or clickbate on social media, things like that.” 

Social media, Clary says, continues to be a “hotbed of scams,” from people being tricked into believing they’ve won money because someone’s hacked into their friend’s account all the way to fake businesses they give their money to, then never get the goods they ordered. 

Clary has been keeping her eye on some movement in Congress to attempt to quell robocalls. “The FCC has been working on it, they’re working with phone companies to help consumers. While there are some methods helping people with that, how far that goes as far as government regulations that can be enacted remains to be seen, but I’m hearing that the phone companies are being cooperative and looking into (a solution),” she says. 

This holiday, Clary says they saw the same fraudulent scams as they have in the past. “Money people paid for things they never got. Ordering an item off of a website or that was being sold on Facebook. You have to check out who you’re buying from, see where the business is.” 

She says if there’s only an email, then there’s no way to track them if they’re fraudulent. 

“Everything is global anymore due to the internet, so many activities taking place on line. Protect yourself.” 

Clary predicts that in the new year, “people will really have to ramp up their internet and cyber protection, especially for small businesses. Hackers are really getting good at what they do.” 

To report a scam or fraudulent business, visit BBB.org/scamtracker. Clary says the best way they can keep tabs on what the current frauds are circulating is by the public communicating with them. 


Source link

The post #cyberfraud | #cybercriminals | Fraud scams continue to evolve — BBB tells you what to look out for  – The Advocate-Messenger appeared first on National Cyber Security.

View full post on National Cyber Security

hacker proof, #hackerproof

#cyberfraud | #cybercriminals | Qatar- MoI warns against falling victim to scams and fake messages

Source: National Cyber Security – Produced By Gregory Evans

(MENAFN – The Peninsula) Doha: In a bid to safeguard people from a mounting threat of cybercrime, especially phishing, the Ministry of Interior (MoI) has launched an awareness campaign to educate masses on potential ways and tools used by fraudsters.

The MoI, in an ongoing campaign, has revealed several methods used by fraudsters on the cyber world using scam emails, messages etc.

On its official Twitter account, the Ministry shared a number of invaluable tips for people to identify such messages. The post says that most of such scam messages usually suggest people to change their personnel data to avoid theft. 

Such scam messages also ask people for a speedy approach to change the data and also provide people with some instant links to change the name, the password of the digital accounts and during this process they take people’s personal and sensitive data from their digital devices.

The MoI has asked people to be cautious of anonymous and suspicious messages and never respond to them and also must not share their banking information such as bank account number, debit/credit card numbers or passwords with anyone or send them through emails and/or text messages. 

‘These fraud entities do not address target people with their full name but usually use only the first name or ‘our dear client’ while the official entities and websites address the customer with their full official name. 

‘Also the fraudsters’ names are usually strange and sometimes contain numbers, MoI said. 

The electronic fraud reports received by the Economic and Cybercrimes Department during 2018 exceeded 40 percent of the total reports received, most of which were using WhatsApp or SMS that contain an electronic link.

The Economic and Cybercrimes Department said that the financial frauds have increased recently, most of them through SMS and WhatsApp messages. Many people are victims of this crime, because of responding to fraudsters and sending information about it including credit card information.

The Ministry of the Interior earlier arrested an international criminal organisation that used stolen bank cards to seize money and deposit it in a company account in cooperation with its employees. 

This emphasise that not all gangs practice fraudulent acts from inside the State of Qatar, there are some gangs which practice such acts from outside the country. 

The Ministry and the relevant authorities have advised people to protect themselves against e-frauds and never share personal information online with anyone.

The Department also urged commercial and financial institutions and companies to cooperate with them in case they notice any withdrawal of funds or purchases or transfers by non-specified means, in order to prevent any financial losses due to this type of electronic fraud.


Source link

The post #cyberfraud | #cybercriminals | Qatar- MoI warns against falling victim to scams and fake messages appeared first on National Cyber Security.

View full post on National Cyber Security

hacker proof, #hackerproof