Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Watch Out For Black Newsjacking: FOSCAM camera poisoned search results

     

    FOSCAM

    Security researchers frequently report on vulnerable IoT devices. Cisco's Talos group just reported that Foscam video cams have a security risk.  We did a Google search on Foscam Indoor Camera and found scammers have already taken advantage of this and are redirecting to a fake ransomware site which also has audio telling you that you have porn and they will report you to the authorities unless you call the number, which has a criminal call center answering the phone.  

    We captured the event on screen cap. If you do a Google on Foscam Indoor Camera the two first US sites are hijacked to this faux ransomware page. You can watch the video without risk of your machine getting infected. Wait for the creepy audio to start! 

    We are calling this tactic “Black Newsjacking”. The legit use is quickly blogging about a major news event. Bad guys do something similar, but create pages on servers with exploit kits and used Black SEO techniques to get these pages up quickly in the organic page ranks. Clicking on the link compromises the workstation, or launches a social engineering attack that is sometimes called "reverse phishing" because the victim calls the perp. Current example, the FOSCAM camera.

    Whether you call it search “tampering” or “poisoning”, 2018 will see an increase in search results that route users to compromised sites which exploits bugs in the workstation’s software, resulting in a complete take-over of their computer.

    Users will have to be particularly vigilant if they work in regulated industries such as Financial Services, Insurance and Healthcare, where personal identifiable information abounds. Step them through new-school security awareness training so they do not fall for scams like this. 

    See It For Yourself 

    We know that keeping your users on their toes with security top of mind is not easy. Every organization has its own individual challenges but now, finally, our platform allows you to create a fully mature new-school security awareness program.

    Get a demo and ask to see our ModStore which gives you an all-you-can-eat buffet of more than 400 items like interactive learning modules, videos, animations, games, posters, tip sheets and other downloadable items. It includes:

    • 20 e-learning modules
    • 8 interactive learning modules
    • 7 compliance modules
    • 100+ videos bite-size 1-3 minute
    • 33 trivia games
    • 125+ pieces of artwork

    Request A Demo

    Don't like to click on redirected buttons? Copy and paste this in your browser: https://info.knowbe4.com/training-request-a-demo

    Prepare to be pleasantly surprised...

    Warm regards,

    Stu Sjouwerman

    Founder and CEO, KnowBe4, Inc

    NewStu.png

     

    Return To KnowBe4 Security Blog

    Topics: Security Awareness Training

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews