CyberheistNews Vol 2, #22
Editor's Corner
[caption id="attachment_1367" align="alignleft" width="150" caption="Stu"]
[/caption]Scam Of The Week: Fake Amex ID Verification
OK, here is another one to warn everyone about, especially the employees
that have a 'corporate' AMEX card. This is a crafty social engineering
scam email that claims to be from American Express and asks if the
recipient recently tried to verify his or her account ID or change the
account password.
Obviously this was not done, and might get the person to worry and click
on a link believing someone else accessed their account. But clicking on
that link leads to a site that has malware and tries to infect the
workstation. Think before you click! This is how the scam email looks:
https://s3.amazonaws.com/CyberheistNewsImages/amex-phish-verif.jpg
You can send people to the KnowBe4 Blog which has this as a separate
post with a link to the screen shot. Here is the permalink:
http://blog.knowbe4.com/fake-amex-id-verification/
"Guessable Passwords: The Unpatchable Exploit"
Monday morning, I found a tweet by @INFOSECSchool with the above title.
I admit, it's a catchy phrase and sure enough, IF you allow easy passwords,
it's an invitation to get hacked. This is an area that you have control
over though. Teach people about strong passwords, enforce strong Windows
login passwords, send them to websites where they can test their passwords
for strength, and if they have dozens to remember, use an automated
password management tool, because the user is going to be lazy and use
the same password all over, which is a disaster waiting to happen.
Here is a test to see which of your users have weak passwords:
https://www.knowbe4.com/weak-password-test
Quotes of the Week
"Passwords are like underwear. You shouldn’t leave them out where people
can see them. You should change them regularly. And you shouldn’t loan
them out to strangers." - Unknown
"I changed all my passwords to ‘incorrect’. So my computer just tells
me when I forget." - Anonymous
Please tell your friends about CyberheistNews! They can subscribe here:
http://www.knowbe4.com/about-us/cyberheist-news/
Did you know? KnowBe4 Does Vulnerability Scanning!
Whether we like it or not, we are all potential targets if we are connected to the Internet. There is a very good chance that your website is being scanned for vulnerabilities right now by the bad guys, looking for low-hanging fruit that they can use to break in. Better be the one who does that scan first, and fix any holes that cyber criminals might use to penetrate your network. We can help you with that!
Get a Quote Now:
http://www.knowbe4.com/products/vulnerability-scanning/
Russia’s Most Effective Cybercriminals
Rod Rasmussen over at SecurityWeek has a really interesting article
about a Russian cyber gang driving a massive wave of fraud: “Tucked
away in a small town outside Moscow, Russia one of the world’s most
prolific and effective cybercriminals works away on the next version
of malicious software that will enable the theft of millions of dollars
from unsuspecting victims around the world. Going by the online moniker
of “Paunch,” he is continuously updating his browser exploit software,
called “Black Hole” and it is wreaking havoc daily amongst many of
the world’s largest brands and government organizations. Full Article
at Security Week:
http://www.securityweek.com/black-hole-exploit-business-savvy-cyber-gang-driving-massive-wave-fraud
Spot The Security “No-No”
Wow, talk about a TV interview that contains a massive vulnerability.
We think this is a press box at one of the games. You have to see
this one at our blog and click to see the full-size TV Screen shot:
http://blog.knowbe4.com/spot-the-security-no-no/
FBI: "Scammers Impersonating The FBI Worst Online Threat
Michael Cooney over at NetworkWorld covered the recent news the best.
"In a weird turn of events the most common Internet crime complaints
in 2011 were those involving scams that involved fraudsters pretending
to be the FBI according to the yearly online crime report issued through
the FBI's partner, the Internet Crime Complaint Center (IC3) and the
National White Collar Crime Center (NW3C).
The 2011 IC3 Internet Crime Report issued found that of the 314,246
complaints the IC3 received last year over 14,000 involved scamsters
posing as the FBI in one shady online form or another. The 314,246
complaints represent a 3.4% increase over 2010." Full article with
lots more very interesting data. Warmly recommended!:
http://www.networkworld.com/community/blog/fbi-finds-scammers-impersonating-fbi-now-one-worst-online-threats?
Cyberheist 'FAVE' LINKS:
* This Week's Links We Like. Tips, Hints And Fun Stuff.
The fantastic world of steampunk technology:
http://www.networkworld.com/slideshow/47446?#slide18
Electric Drag Bike Breaks 200 MPH Barrier. WOW that thing is fast:
http://www.earthtechling.com/2012/05/electric-drag-bike-breaks-200-mph-barrier/-
Golden Oldie: The amazing "The Baronton Sisters" from France perform on
The Ed Sullivan Show on February 2, 1969:
http://www.flixxy.com/the-baronton-sisters-on-the-ed-sullivan-show.htm
An 18-wheeler semi-trailer truck and a bus meet at a hairpin turn at
Trollstigen, Norway. Now there is some skillful driving...
http://www.flixxy.com/semi-vs-bus-at-a-hairpin-turn-in-norway.htm
Got $259,500 to spare? How about a sports car that transforms into a boat,
for real:
http://www.flixxy.com/amphibian-sports-car.htm
Don't watch this if you are afraid of heights! The bridge to Russky Island
will be the world’s largest cable-stayed bridge with a total length of
10,200 ft when it opens in June 2012:
http://www.flixxy.com/the-bridge-to-russky-island.htm
On May 20, 2012 China and the Western United States saw an "annular" eclipse,
the first of its kind since 1994. An "annular" eclipse is when the moon lines
up between Earth and the Sun to create what looks like a ring of fire:
http://www.flixxy.com/solar-eclipse-20-may-2012.htm
When Air Canada flight 876 got delayed, the "Lemon Bucket Orkestra" treated the fliers to a fabulous impromptu performance:
http://www.flixxy.com/air-canada-pre-flight-entertainment.htm
