Covid-19 scams multiply, stolen corporate documents from ransomware attack and a data breach with big implications
Welcome to Cyber Security Today. It’s Monday March 16th. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.
To hear the podcast click on the arrow below:
More Covid-19 Internet scams are circulating. And according to security vendor Recorded Future, it’s not just criminals who are behind them. Unnamed countries are also taking advantage of people’s fears and hunger for information. Attackers are using the names of the Centers for Disease Control and the World Health organization among others to trick victims into downloading documents that are supposedly full of information. Instead they’re full of malware. Given this if you want information don’t click on links in messages even if they appear to be from someone you know. If you want to go to the Centres for Disease Control, or a public health agency, go directly to the site. Don’t use a site in an email. Beware of rumours on social media. The BBC has listed a number of email scams. One has the title “Confidential Cure Solution on Corona Virus.” Another appears to come from the U.K. government and claims to be a Covid-19 tax rebate. Another asks for donations to help fight the illness or develop a vaccine.
Corporate documents apparently from Canadian and American companies are now appearing on the public website of a ransomware gang. The gang claims they were stolen from a U.S. management consulting firm that advises companies on big projects. The reason why this data is being released is the consulting firm has refused to pay a ransom to get access to data scrambled by the gang. So to embarrass the consulting firm the gang is publishing stolen customer documents. I’ve called both the consulting firm and one of the Canadian companies for confirmation but got no reply. If the documents are legitimate this seems to be another example of how criminals are combining data theft with ransomware.
This is a little technical story about a data breach, so bear with me. There’s an online service for businesses called Open Exchange Rates. It makes a piece of code called an API which allows some 50,000 subscribing firms around the world put a button on their websites so customers can look up currency exchange rates. Last week the company said it discovered someone had broken into their network and probably copied the subscriber database. That includes user names, encrypted passwords and email addresses. Probably subscribers are application developers. They should be aware that the stolen information could be used by hackers against them in email attacks trying to trick them into giving up access to their employer’s data.
March is Fraud Prevention Month, so the Office of the Privacy Commissioner of Canada has issued tips on avoiding a number of scams. These include a phone call from someone who claims to be from your bank, asking for the password to your online banking account to fix an urgent problem; a phone call from someone claiming to be a computer expert, saying there are problems with your computer and asking for your password to fix them; a person claiming to be from your credit card company, who needs to verify your account and asks for your credit card number and expiration date and a person claiming to be a new staff member of your organization who says they’ve forgotten their password and asks for yours to get into the system.
Never give out any confidential information about yourself over the phone, email or text unless you are sure who you’re dealing with.
If you get a call from your credit card company that your card has been compromised, say you’ll call back — but call the number on your credit card. And remember, legitimate companies and other organizations will never ask for your password or other confidential information over the phone. For more information go to the web site of the Privacy Commissioner of Canada.
That’s it for Cyber Security Today. Links to details about these stories can be found in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cyber security professionals. Cyber Security Today can be heard on Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening. I’m Howard Solomon