CyberheistNews Vol #5 #54 Scam Of The Week: Comcast Triple Threat



You are probably aware that Comcast is the largest home ISP in the U.S. and that they also have many thousands of business users. No wonder they are the target of a sophisticated social engineering attack.

CyberHeist News
Scam Of The Week: Comcast Triple Threat
Stu Sjouwerman

You are probably aware that Comcast is the largest home ISP in the U.S. and that they also have many thousands of business users. No wonder they are the target of a sophisticated social engineering attack. You can count on other ISPs soon being attacked the same way, so this is something you need to warn your users about. Here is the triple-threat scam which was discovered by our friends at Malwarebytes:

    1. Comcast has a search page called Xfinity that serves tons of searches. On this page is a malicious ad (served by Google) from "Sat TV Pro" which claims to compare Direct TV to Comcast TV. The user clicks and gets redirected to a compromised site which has an exploit kit running.

    2. The exploit kit infects first the workstation with ransomware and then redirects to a fake Xfinity site.

    3. The fake Xfinity site pops up a message from "Comcast's security plugin" that the workstation is infected (correct, the bad guys just did that!) and that the user needs to call tech support. The 800 number goes to scammers who will try to charge the user's credit card to "fix" the box.

There is more technical detail and a ready-to-send message to your users, friends and family at the KnowBe4 Blog, which you can just copy and paste:
https://blog.knowbe4.com/scam-of-the-week-comcast-triple-threat

Wall Street Journal: Banks Phish Their
Own Employees

Now THIS is a great article to send to management. WSJ's Robin Sidel goes into detail how banks are spending billions of dollars to fend off a faceless army of digital intruders. I'm quoting one paragraph here, just to give you a taste:

"Weeks after J.P. Morgan Chase & Co. was hit with a massive data breach that exposed information from 76 million households, the country’s biggest bank by assets sent a fake phishing email as a test to its more than 250,000 employees. Roughly 20% of them clicked on it, according to people familiar with the email."

"For hackers, spear phishing—increasingly in emails that appear to be from a high-ranking bank executive to an employee—remains a core tactic. The Federal Bureau of Investigation’s cyber office in New York is receiving complaints about such phishing attacks “on almost a daily basis,” said Richard Jacobs, an assistant special agent in charge who handles cybercrimes."

I suggest you forward this article to your C-level execs, the article is behind a paywall but many of your C-level execs have a subscription. It's great ammo to get budget:
http://www.wsj.com/articles/banks-battle-staffers-vulnerability-to-hacks-1450625921

If You Don't Pay the Cyberattackers, They'll Kill
Your Data

Scott Bekker over at Redmond Magazine interviewed me a while back and took his time to write a really good article about ransomware and the risks that this malware means for your data. He started out with: "Encrypting ransomware is an annoying persistent threat (apt-get it?) that many IT admins unfortunately write off as an ID10T error they can't do much about. End-user training and targeted backup strategies can serve as effective enterprise countermeasures." This article is warmly recommended:
https://redmondmag.com/articles/2015/04/01/cyberattackers.aspx

Do A Unique No-Charge "Star Wars" Phishing Security Test

You can now find out what percentage of your employees will fall for a highly popular "current event": the release of the new Star Wars movie. The bad guys are attacking with a variety of Star Wars scams, and there is no better time to do this unique phishing security test than right now.

Today, phishing your own users is just as important as having antivirus and a firewall.Why? If you don't do it yourself, the bad guys will.

Take your first step now to significantly improve your organization’s defenses against cybercrime. Fill out the form, and you will be able to immediately start your Complimentary Phishing Security Test. Ends December 31st:
https://info.knowbe4.com/phishing-security-test-2

Cybercrime Toolkit Expanded With MS-Word Attack

The Spohos blog has a good post that I wanted you to be aware of.

"Microsoft Word Intruder, or MWI for short, is a toolkit for sneaking malware onto your computer using booby-trapped Word files. The idea is that instead of sending you an email with a link you have to click, crooks can send you an innocent-looking document with a believable backstory, such as a courier parcel that couldn’t be delivered, or a bogus invoice, or a fake quotation.

"Documents are supposed to be data, not programs, so it ought to be safe to open them to see what’s inside. But exploit kits like MWI can create documents that are unsafe to open, at least if you haven’t patched Word recently, because they deliberately trigger a bug, or vulnerability, which causes hidden program code inside the booby-trapped file to run without any prompts or warnings. MWI can build booby-trapped files on demand, primed with malware that will be installed silently when the document is opened."

And then with some crafty social engineering they can manipulate your user to open up the document. Here is the full post:
https://nakedsecurity.sophos.com/2015/12/14/exploit-upgrade-for-microsoft-word-intruder-crimeware-kit/

Warm Regards,
Stu Sjouwerman

Quotes Of The Week

"All men who have achieved great things have been great dreamers."
- Orison Swett Marden, Writer (1850 - 1924)

"Don't part with your illusions. When they are gone, you may still exist, but you have ceased to live."- Mark Twain, Author (1835 - 1910)


Thanks for reading CyberheistNews

Security News
This Week's Five Most Popular HackBusters Posts
    1. PlayStation 4 Jailbreak Confirmed! Hacker Finds A Way To Play Pirated Games:
      http://www.hackbusters.com/news/stories/486713-playstation-4-jailbreak-confirmed-hacker-finds-a-way-to-play-pirated-games

    2. Congress Slips CISA Into Omnibus Bill That’s Sure to Pass (has passed in the mean time):
      http://www.hackbusters.com/news/stories/489058-congress-slips-cisa-into-omnibus-bill-that-s-sure-to-pass

    3. Drone owners must register with FAA, starting December 21:
      http://www.hackbusters.com/news/stories/487069-drone-owners-must-register-with-faa-starting-december-21-cnet

    4. You can Hack into a Linux Computer just by pressing 'Backspace' 28 times:
      http://www.hackbusters.com/news/stories/489668-you-can-hack-into-a-linux-computer-just-by-pressing-backspace-28-times

    5. Juniper Firewalls with ScreenOS Backdoored Since 2012:
      http://www.hackbusters.com/news/stories/490606-juniper-firewalls-with-screenos-backdoored-since-2012
Interesting Spiceworks IT Security Survey Results

Spiceworks is a community of IT people responsible to keep networks up & running. They asked almost 200 IT pros about their real-world experience with security threats and breaches. They answered what—and who—they think is a threat, what actions they’re taking in response, and who they believe is ultimately responsible for protecting their organizations. Here’s the executive summary:

    1. Top security challenges are related to end users. More specifically, IT pros are worried about the vulnerabilities created when employees don’t understand or aren’t invested in avoiding risky behavior around company data.

    2. They’re muscling up security measures. IT pros expect to increase security in 2016, with plans to implement even some of the newer security solutions such as intrusion detection, penetration testing, and advanced threat protection.

    3. IT pros believe their role is key in maintaining security. According to the survey respondents, it takes the entire organization—not just the latest technology—to keep data and people safe. That said, they ultimately feel that the responsibility for their organization’s security is in the hands of IT. Here is the full report:
      http://www.spiceworks.com/marketing/it-security/report/
One Third of CEOs Are Not Regularly Briefed on Cyber Security Issues

Sixty one percent of global IT security pros think their CEOs don't know enough about cyber security, a recent survey found.

A survey of 304 global IT security professionals found that one third of CEOs and 43 percent of management teams are not regularly briefed on cyber security issues.

The survey, conducted by Dimensional Research and sponsored by CyberArk, also found that 61 percent believe their CEOs don't know enough about cyber security, and 69 percent say cyber security issues are too technical for their CEO.

Additionally, 53 percent of respondents think their CEOs make business decisions without regard to security, and 44 percent believe that their CEOs simply don't grasp the severity of today's cyber security risks. Ouch. More here:
http://www.esecurityplanet.com/network-security/one-third-of-ceos-arent-regularly-briefed-on-cyber-security-issues.html

[INFOGRAPHIC] The Hottest Security Certifications, Most In-Demand Skills

Network and Application Security, GRC/Information Assurance, and Malware and Threat Intel were cited as the most important jobs in a new survey of cyber security job trends announced today by Cybrary, a provider of complimentary online cybersecurity courses.

While the cyber security skills shortage is a well-worn topic, Cybrary's survey of 435 senior-level technology professionals, conducted from October to December, 2015, offers some interesting insights.

“Companies and the public at large should be concerned with these data, which call attention to the continuing impact of the cyber security talent gap,” said Ryan Corey, co-founder, Cybrary. “Companies with pressing cyber security needs are finding that there’s a major lack of qualified pros to fill their positions, which makes them vulnerable to cyber attacks.
http://www.csoonline.com/article/3016065/it-careers/survey-says-these-are-the-hottest-security-certifications-most-in-demand-skills.html


Cyberheist 'FAVE' LINKS:
This Week's Links We Like, Tips, Hints And Fun Stuff
    • Uncanny Valley Short Film (HD). In the slums of the future, virtual reality junkies satisfy their violent impulses in online entertainment. An expert player discovers that the line between games and reality is starting to fade away:
      https://www.youtube.com/watch?v=gR3lXEH80Nw



Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews