Canadians putting convenience over security, a vile ransomware threat, a fake Windows Defender notification and more.
Welcome to Cyber Security Today. It’s Wednesday, June 16. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.
Canadians are spending more online than before, in part because of the pandemic. Respondents to a new IBM survey of 1,000 people said on average they created five new online accounts since the pandemic began. But the survey also suggests people may be putting convenience over security. Consider that just under three-quarters of respondents said they re-use the same login credentials for more than one site. That’s dangerous if the sites ask for personal information or credit card numbers and are later hacked. Crooks often try stolen passwords from one site to break into other ones.
A quarter of respondents said they’d rather use a potentially insecure app to place an order rather than go to a physical store or make a phone call to order something.
On the other hand, 30 per cent of respondents said they use either a password manager application or a password manager in their browser. Forty-five per cent of respondents said they remember their passwords, with another 35 per cent saying they write passwords down. But those respondents don’t say where they keep those written passwords – on a sticky note at the office that others can see, or in a book kept in a locked drawer?
Roughly 60 per cent of respondents use multifactor authentication on at least one online account. That’s not high enough.
The good news is 70 per cent said would not give permission to an app on their smartphone that requests permission to track their activity across other apps and websites.
Ransomware gangs are under increasing pressure from law enforcement authorities, but they aren’t giving up. According to the news site Motherboard, recently in attempting to pressure a victim into paying a gang posted a stolen nude photo of a company employee on the internet. The story doesn’t say where the attackers obtained the photo, whether it was in the victim’s corporate email or stored in their Pictures folder. Regardless, it appears the attackers first posted a small part of the image, and eventually the full photo of the woman as pressure.
Cybersecurity companies sometimes make mistakes. The latest example is an Israeli security analytics firm called Cognyte Software. It left unprotected a database of more than 5 billion records collected from stolen data, according to researchers at a British firm called Comparitech. The database was found on May 28, possibly the day it was created. The next day Cognyte was notified, but it took three more days before it was taken offline. Although the data was already available for sale on the dark web from previous hacks, if a crook found the database they would have got a free trove of information to help with hacks and identity fraud.
Among the features offered by Windows is the ability to push on-screen notification to users. Unfortunately crooks are increasingly using it for scams. According to McAfee, one of the latest makes what looks like a Windows Defender Update notification pop up. Victims clicking on the popup get taken to a fake update website that asks them to click to install an update. This, of course, is malware. A good antivirus or anti-malware software should catch this. The only safe way to install updates to any Microsoft product is through Windows Update.
It only takes a few seconds for a data breach to cause damage. That’s what an American service provider recently discovered in another example of a supply chain attack. The company, J.J. Keller, is responsible for providing regulatory compliance services to AmeriGas, which sells propane gas. Last month J.J. Keller discovered an employee had fallen victim to a phishing email. In the eight seconds before the hack was caught the attacker was able to see an email attachment with personal information on 123 AmeriGas employees. In a letter to the New Hampshire Attorney General it says the information wasn’t copied. However, the attacker could have taken a screenshot.
Finally, police and health authorities in 92 countries have combined with Interpol to shut more fake online pharmacies. These sites sell counterfeit and illicit medicines and medical products. Over 113,000 web links, websites and online marketplaces have been closed. In addition millions of fake medicines and devices were seized in the operation last month. More than half of those devices were fake COVID-19 testing kits. In Venezuela a man was arrested for developing an e-commerce platform on WhatsApp for selling illicit medicines.
That’s it for now Remember links to details about podcast stories are in the text version at ITWorldCanada.com. That’s where you’ll also find other stories of mine.
Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.