TMB international - keeping IT simple, keeping IT understandable, looking after your business, your IT and you.............................For Data Recovery Services, ask us for a quote. We may just be able to save you a fortune. See our Disaster Recovery page for more details................................................Is your network working as well as you would like? Or is your wifi hopeless? Try calling us for a site evaluation...............
 
e: enquiries @ tmbinternational.com
TMB international

The Catch-22 of security during the COVID-19 pandemic

2020 CallerID she rang

The current COVID-19 crisis has brought into stark reality the impact that some of the significant changes being put in place are having; one current issue causing some concern for those of us in the security arena is that of telephone-only conversations, especially those that we receive.

I recently had a call purporting to be from my business bank; the caller was very pleasant and asked me about some recent information that I had submitted to them. To be fair, I am quite confident it really was the bank calling, but I wanted to be absolutely sure. She said she needed some updated information for my business profile, which I said I was of course happy to give her. She said she would just have to go through some security questions to confirm who she was talking to before we could proceed.

I agreed, provided that she could tell me something about my account, or my business, that only the Bank would know, to confirm that she really was calling from my bank. She said the Bank had recently sent me a letter and so I could check the number on the letter was the one she was calling from as this would confirm who she was. I pointed out that caller IDs can very easily be spoofed to show a different number from that which is calling. This took her rather aback, as she was unaware this was possible, and asked if it was true. I told her we at TMB do it all the time for customers who want to appear as though they are in the office when they are actually elsewhere (it's happening a lot with the current crop of home workers who do not want their private numbers to be displayed when they call clients).

So, I checked the letter from the bank and called the number shown for assistance, to be greeted with a pre-recorded message stating that due to the COVID-19 situation the number would not be accepting incoming calls, only used for outgoing calls, however if I wished I could leave a message for the bank to call back, which I did.

An hour or so later I got a call from the bank asking me to just go through security again, which I politely declined, stating my previous concerns. The caller was very understanding but insisted the only way she would discuss my account was if I provided her with security answers, which of course I could not until they had confirmed to my satisfaction they were who they purported to be. She refused point blank to provide me with anything at all linking me to my business account, stating she had no access to any of my information and would not have until I provided the security answers.

So this of course is the classic Catch-22 situation, where I receive a cold call from somebody saying they are calling from my bank, insisting on me answering personal security questions before I can ascertain exactly who they are, yet they will not divulge any information to me to prove their identity.

So what is the answer?

Quite simple, really. All the banks, building societies etc. need to do is exactly what they have done for their mobile banking apps: allow each user to have a safe 'code word' that they can create on their banking app or online or at the branch, so the customer can be more sure that it actually IS the bank that is calling them. It should not be hard to do. Currently, however, there seems no way to do that, and in a genuinely funny moment, when I suggested that solution to the caller, she agreed it was a good idea and casually asked what my code word should be, so she could pass it on to her colleagues.

She obviously hadn't grasped the concept of security as fully as I might have wished....

Verify your Apple ID

If you receive an email purportedly from Apple asking you to "Verify your Apple ID" then it is almost certainly a scam.

The convincing thing is the title will be almost always correct - it will say "Dear John Smith" for example - but that has probably been taken from the WHOIS information on your domain registration, and sent to the administrative contact.

Because TMB are the administrative contacts for hundreds of domains, we have been seeing a lot of these, all addressed to the owner of the domain, so we know that the Apple ID is a ruse to get you to log onto a fake site and divulge your Apple ID login and password.

Simple answer: if you receive ANY sort of email like this - go to the official website and try to log on, if you can, the email is a scam....

 

Don't pay the PC hijackers

Cyber-criminals are increasingly turning to a new money making method of infecting your computer and holding it to ransom. ROSS MCGUINNESS of Metro Newspaper asks web security experts what users can do to stop their devices being taken hostage...

"You asked for miracles, I give you the FBI."
Die Hard's Hans Gruber isn't the only Christmas villain using the US government agency to carry out an evil plan this festive season. And he isn't the only one taking hostages, either.
Cyber-criminals are exploiting the FBI's name to hold PC users to ransom. In the latest scam in the US, computer owners whose devices have been compromised are greeted with a pop-up message pretending to come from the Federal Bureau of Investigation.

It tells them their computer has been locked by the FBI and that they must click to pay a fee in order to release it. This ransomware trap lives up to its name, effectively holding your computer hostage unless you cough up the cash. The FBI logo is one of many being used by criminals in an attempt to scare people into parting with their money - and it's working.
In a report on ransomware published last month, computer security company Symantec claimed that 2.9 per cent of people whose PCs are infected agree to pay the money. It means this particular branch of cybercriminal activity is worth about £3million a year.
However, it isn't confined to the US.

Three people were arrested in Stoke-on-Trent yesterday following an investigation into ransomware by officers from the Police Central c-Crime Unit. The investigation centred on allegations that computer users were targeted in an attempt to convince them to pay a fine because they were the subject of a police inquiry.
In this instance, it is alleged that the Metropolitan Police logo was being used to dupe users into paying £100 electronically to free their computer. Ransomware has been around for a few years but it would appear that criminals are tuming to it as people become more aware of scams such as phishing. The most well-known ransomware application is Reveton, a Trojan programme that fires off a warning purporting to come from the national police service of the country in which the user is targeted.
A medical centre in Australia was subjected to such an attack this week, with thousands of patient records encrypted by hackers who demanded £2,600 to release the information.
Accounts belonging to intemet domain name registrar Go Daddy have also been targeted.

Increasingly common

"Ransomware is an increasingly common type of malware that attempts to extort money from a computer user by infecting and taking control of the victim's machine, taking the files or documents stored on it hostage," explained Elad Sharf, lead senior security researcher at Websense.
"Typically, it will either lock the computer to prevent normal usage or encrypt the documents and files on it to prevent access to the saved data.
"This type of malware leverages social engineering to play to the victim's embarrassment or fear. It pushes them into paying the ransom demanded, explaining that their computer has been locked because of possible illegal activities on it, possibly due to visiting inappropriate websites.
"A ransom demand will be displayed, usually as a pop-up window on the desktop or webpage in the web browser that appears to be from the local police force, official authority, or a security company."

"Never Engage with them"

He warned: "You should never engage with the attackers or pay their demands - as several companies have done - as this will only encourage further illegal activities.
"Despite what they may tell you, your computer will not be returned in the same condition. Ransomware hackers often install infected computers with back doors, meaning they can gain further access to your data at any time.
"Users can protect themselves from ransomware attacks by ensuring they have a comprehensive security package with real-time content analysis that is updated and patched regularly.
Often the best weapon a user can have is good common sense - don't click on any suspicious links and take due care and attention when accessing potentially insecure websites.
"Remember also that the legitimate sources in Britain won't use these tactics to tell you of a local compromise and then demand a financial reward to remediate the issue."

Fraser Howard, principal vims researcher at Sophos, claimed ransomware attacks originate from "organised, criminal groups".
Some infections modify the master boot record of the computer, which locks users out of their own machines. He wamed the practice was becoming more widespread.
"Ransomware is often referred to as the new scareware [malware which tricks users into buying dangerous software]," Mr Howard added.
"The truth is we still see plenty of scareware but ransomware is certainly growing rapidly.
"Scareware relies on tricking you into paying up. So if you do not get tricked, they do not make money.
"Ransomware blocks access to your data. So even if people know it is malware, if they need access, I suspect many people just pay up.
"The best option is - as always - to avoid your machine getting infected in the first place."
Mr Howard said software should be patched and anti-virus protection installed that is fully up to date.

 
© Copyright, TMB international 2020 Website Powered By tmb
.