Over Half of all Social Media Logins are Fraud
A new report released by Arkose Labs has revealed that over half of the logins on social media sites are from fraudulent accounts. This includes bots and humans that have malicious intentions. The report stated that the Philippines was the top originator for these attacks with the U.S. coming in second behind it. China was found to have the most human driven attacks at 59.3% which was quadruple the amount of the U.S., Russia, the Philippines and Indonesia. While human driven attacks cost the attacker more, they tend to make more money in the long run. Vanita Pandey from Arkose Labs said that developing economies are rapidly becoming hubs for fraud as they have access to tools and cheap labor to carry out their attacks. With the rise in social media use from people all over the world, making monetary transactions and sharing personal information, the threat for fraud is skyrocketing. Keep yourself protected by only using sites you trust and using strong passwords.
Imperva Cybersecurity Breach
Imperva, a cybersecurity vendor in California, recently suffered from a security breach. The breach exposed some data from customers that used Imperva’s cloud firewall product. This data included email addresses, API keys, SSL certificates and some salted and hashed passwords. Imperva has not released further information on how the breach occurred, but they are continuing to investigate the issue. In order to avoid this incident occurring again, they have set up forced password resets along with a 90-day password expiration policy for their Cloud Web Application Firewall product. Taking precautions such as changing passwords, using two-factor authentication, and resetting API keys will help avoid breaches and other attacks on your data.
IRS Issues Warning for New Malware
A warning to taxpayers and tax professionals has been released by the IRS regarding a new malware. This malware is distributed by way of a malicious email with a “temporary password”. It then coerces users to click a link that brings them to a page that resembles the IRS.gov website. After entering the temporary password given in the email, the malware will begin to download and potentially harm the user’s system. The malware can do a variety of things including recording keystrokes to obtain sensitive information and more. The IRS reminds citizens that they do not send emails about tax refunds or any other financial information. If you receive one of these emails, delete it — and never click on links in email messages from senders you don’t recognize.
Georgia State Patrol Still Without Computers
For nearly a month now, Georgia State Patrol Troopers and Motor Carrier Compliance Division officers have been without computers or license plate scanners. This issue arose after a cyberattack on the Georgia State Department shut their systems down. A Department of Public Safety spokeswoman stated that they have had to go back to “an old way of doing business”, as they are unable to use the technology they have grown accustomed to. The Georgia Technology Authority and cybersecurity firms have been working hard to decrypt the files that were compromised in the ransomware attack, although they are unsure if all the files will be salvageable. It has been a slow process, as the attack occurred on July 26, 2019.
Silence Hackers Target Banks Through Phishing
A group of hackers by the name of Silence are on a mission to target banks. They have launched 16 campaigns across 30 countries in almost one year. In three years, they have stolen $4.2 million through their hacking efforts. Their most recent campaign was mainly done through phishing emails that were sent to 85,000 recipients. The emails had an image or a link that would send a notification to the hackers. Once they received these notifications, hackers were able to choose their “easy targets” by filtering only emails that clicked on the links and images. This is a good reminder of why you should never click on links or images in suspicious emails.