Category: General Cyber Intel

While new technology and increased Internet access brings with it lots of positive aspects, you can’t overlook the threat of cyber attacks – as evidenced by a very headline rich 2011. The repercussions alone can be devastating to an organization lacking the infrastructure to detect and counter such attacks. To put this into perspective, take Algeria for example. Internet access in Algeria has grown exponentially during the past decade, reaching over four million households, cybercafés, as well as many different public and private institutions. This phenomenon has undoubtedly benefited the indigenous population by exposing them to vast amounts of information and the ability to communicate worldwide, but it has also brought with it the dangers of cyber attacks. Let’s reacquaint ourselves with the reasons we need to be more vigilant in increasing awareness of cyber attacks by looking at what is going on in Algeria.

Despite laws enacted in 2001 to combat digital-related incidents, cyber crime is still pervasive in Algeria. This is due not only to a lack of detection tools, awareness and training courses, but also to the negligence of private and public institutions in protecting their intellectual properties online. In 2010, the Center for Judicial and Judiciary Research (a branch of the Algerian Department of Justice) began developing and implementing cyber security laws. Until then, the field went mostly unregulated. Since 2010, 12 cases have been reported and to-date there has been eighty-eight cases brought to Justice.

Read the rest of this entry »

The information below is an update to the following blog posting: How Will ICANN’s Newest Domain Name Program Affect Your Company’s Brand?

Trademark owners outside of the adult industry may sign up with ICM Registry to block trademarks from showing up on its new .XXX gTLD. Trademark owners have been making several common errors when applying for a .XXX gTLD.[1] If your company plans on submitting an application before the Sunrise B October 28, 2011 deadline, keeping these mistakes in mind can help you avoid paying multiple fees and having to reapply.[2]
Read the rest of this entry »

As with any network-connected device, mobile phones and the applications they run bring their own security problems. While newer phenomena like QR codes and mobile botnets will likely be a growing concern, spam sent by text messages remains an issue for carriers and mobile phone users. Read the rest of this entry »

Excellent overview of recent landmark phishing case along with joint NAFCU-Cyveillance podcast: http://blog.nafcuservices.com/2011/08/23/landmark-legal-case-if-your-members-have-been-phished-your-credit-union-may-have-to-pay/

A targeted scam or “Spear Phishing” attack making the rounds today invokes the National Security Agency and takes advantage of recent news about a hack of RSA’s two-factor security tokens. Cyveillance has now captured examples and reports of several variants of this email, most sent under the subject lines “Token Code Update” or “Security Token Update”. Read the rest of this entry »

If there’s any message you should take away about utilizing social media in a secure manner, it can be summarized in one word: education. Read the rest of this entry »

Here’s a true story I like to tell to explain how wide the social media “generation gap” is. And, no, I’m not making this up:

Two Australian girls, ages 10 and 12, got stuck in a storm drain. To get help, they whipped out their smartphones and posted Facebook status updates to say they were lost in a local drain, and someone needed to call 000 (Australian 911). Read the rest of this entry »

When it comes to socially engineered network attacks, it’s often said that your organization’s weakest link is its most uninformed employee. Read the rest of this entry »

The recent Epsilon breach, which could quite possibly be the largest of its kind, has exposed millions of customer email addresses from many of the nation’s largest companies, including banks and retailers. While we have seen a decrease in spam phishing attacks over the last year, data breaches like Epsilon empowers cyber criminals to dispatch millions of fraudulent emails disguised under trusted commercial and financial brands to gain access to personal account information. The significance of this breach is that the data stolen is tied directly to a well know event and can be manipulated to target unsuspecting account holders.

So what does this mean? People are going to be flooded with emails stating that they need to update their security records due to the breach, but how will they know a legitimate email from a fake? Quite simply, criminals can now use this information to contact all the victims of the breach and impersonate Epsilon’s customer service. Unknowing victims could think the email requests are coming from their authorized bank or retailer and may unknowingly click on malicious links, download virus laden attachments, or worse, provide key personal information.

Because these attacks often look legitimate, it’s much easier to fall victim if you are not careful. If something doesn’t seem right, it most likely isn’t. NEVER click on a link or download an attachment if you are not positive it came from a trusted source. Also, never give up your personal information (i.e. passwords, account numbers, etc.) over the phone or via email. Your financial institution or retail provider will never ask you for it through those channels. Taking precautionary steps can potentially save you from being the victim of financial loss or perhaps worse. Making sure you and your employees are properly educated will go a long way in complementing your existing security measures. Anti-virus and other solutions help reduce the chances of becoming a victim, but by no means should be your sole means of protection.

If there is one thing we know about criminal activity on the internet, we know it changes constantly. Because the most illicit gains are to be found where defenses are few, online fraudsters are always seeking new territory to exploit their victims.

One current trend in the world of online fraud is the shift toward the mobile arena. For example, many reports are emerging about attacks against Google’s Android operating system for mobile devices. ISS recently examined malware designed to target Android.

In that vein, today we bring you images from the world of illegal online pharmacies. These organizations put lives at risk by offering prescription medications without a prescription, or worse, by sending fake medications that can cause great harm. Moreover, consumers’ credit card numbers are sometimes stolen when they make purchases from these sites.

Consider this screenshot of one a typical illegal online pharmacy website as viewed on an iPhone:

A traditional illegal online pharmacy as viewed on a mobile device.

As you can see, the type is small, not easy to read, and navigation is difficult.

Knowing that consumers are using mobile devices more than ever, cyber criminals have created the site below specifically to illegally sell prescription drugs in a format that is native to mobile devices. The images below were screenshots taken on an iPhone, and you can see how the presentation is different than a regular website tailored specifically for increased usability on a mobile device: larger font, less clutter… In short, they attempt to make it as easy as possible to make a purchase from this website. You can see that they have even gone to the trouble of incorporating a .mobi internet domain for the site to reinforce the mobile computing experience. It would be praiseworthy if it were not so recklessly endangering consumer safety.

The homepage of the rogue online pharmacy which is optimized for mobile devices.

The site’s product page for its generic Viagra. Note that Viagra is not off patent in most of the world, and is certainly not so in India, where this site claims its products originate. By definition this product is made outside the law and carries risk.

While most illegal online pharmacies will claim to offer a safe shopping experience, most (including this site) do not encrypt your credit card information when the purchase is made.

Here, offerings like “Cialis Professional” are made available for purchase. Unfortunately the maker of Cialis, Eli Lilly, has never offered such a drug. Only the maker of this counterfeit drug knows what the patient is really putting in his body if this is taken.

Regular readers of the Cyveillance Blog are well aware of the significant risks involved in online pharmacies. If you are looking for an easy way to help tell friends and family about this danger, MarketWatch just posted a video interview last week with a Special Agent in Charge from the Department of Homeland Security where they discuss the risks of online pharmacy.

It is our hope that consumers will remember examples like this site and recall that as technology advances, enterprising cyber criminals will likely have already considered ways to take advantage of the new landscape in ways that can seriously jeopardize your health and financial well being. Always stop, think, connect.