Television Development Community
Daily Report - January 15, 2010
Top Story - Haitian Earthquake Relief Fraud Alert -- The FBI today reminds Internet users who receive appeals to donate money in the aftermath of Tuesday’s earthquake in Haiti to apply a critical eye and do their due diligence before responding to those requests. Past tragedies and natural disasters have prompted individuals with criminal intent to solicit contributions purportedly for a charitable organization and/or a good cause. Therefore, before making a donation of any kind, consumers should adhere to certain guidelines, to include the following:
January 13, Federal Bureau of Investigation – (International) Haitian earthquake relief fraud alert. The FBI, on January 13, reminds Internet users who receive appeals to donate money in the aftermath of Tuesday’s earthquake in Haiti to apply a critical eye and do their due diligence before responding to those requests. Past tragedies and natural disasters have prompted individuals with criminal intent to solicit contributions purportedly for a charitable organization and/or a good cause. Do not respond to any unsolicited (spam) incoming e-mails, including clicking links contained within those messages. Be skeptical of individuals representing themselves as surviving victims or officials asking for donations via e-mail or social networking sites. Verify the legitimacy of nonprofit organizations by utilizing various Internet-based resources that may assist in confirming the group’s existence and its nonprofit status rather than following a purported link to the site. Be cautious of e-mails that claim to show pictures of the disaster areas in attached files because the files may contain viruses. Only open attachments from known senders. Make contributions directly to known organizations rather than relying on others to make the donation on your behalf to ensure contributions are received and used for intended purposes. Do not give your personal or financial information to anyone who solicits contributions: Providing such information may compromise your identity and make you vulnerable to identity theft.
Source: http://www.fbi.gov/pressrel/pressrel10/earthquake011310.htm
January 14, Forum of Fargo-Moorhead – (North Dakota) Scam texts center on Fargo credit union cards. A series of scam text messages has tried to trick cell phone users into giving up bank account information by telling them their card with Fargo Public Schools Federal Credit Union has been deactivated. Two batches of the scam texts have been identified, one sent to Sprint users on January 9 and another to Verizon subscribers on January 12, said the credit union’s CEO. She said it appears the scammers are working from cell phone subscriber lists, plucking out Fargo names. Information about credit union accounts have not been accessed, she said. She said the credit union has received hundreds of phone calls about the text messages, which she figures could have been sent to thousands of people. West Fargo police sent a warning out about the text messages late on January 13, saying they have received numerous reports about them.
Source: http://www.inforum.com/event/article/id/265770/
January 13, Credit FYI – (National) Debit cards as vulnerable to fraud as credit cards. Shoppers are frequently warned to be on guard against consumer credit card fraud, but they may be less inclined to think about the security risks that they face with their debit card as well. According to Discover, debit cards can be vulnerable to identity theft and other fraudulent activity when shoppers fail to properly safeguard their personal identification numbers (PINs). People are advised to change their passwords and PINs regularly so the information stays out of the wrong hands. Another thing to watch for is criminals who can steal financial data simply by looking over a person’s shoulder or, in some cases, by using so-called skimming devices that can be attached to an ATM machine to steal data. Discover also advises people to regularly track their purchases online to spot any red-flag activity as quickly as possible, and to promptly report any missing cards so that potential thieves do not get a head start on racking up fraudulent charges.
Source: http://www.creditfyi.com/News/debit-cards-as-vulnerable-to-fraud-as...
January 14, Computerworld – (National) Alleged China attacks could test U.S. cybersecurity policy. The attacks on Google and more than 30 other Silicon Valley companies by agents allegedly working for China is focusing renewed attention on the issue of state-sponsored cyber attacks and how the U.S. government should respond to them. The U.S. has no formal policy for dealing with foreign government-led threats against U.S. interests in cyberspace. With efforts already under way to develop such a policy, the recent attacks could do a lot shape the policy and fuel its passage through Congress. On January 12, the U.S. Secretary of State released a statement asking the Chinese government for an explanation for the attacks, which raised “very serious concerns and questions.”
Source: http://www.computerworld.com/s/article/9144440/Alleged_China_attack...
January 13, CNET News – (International) Gmail to get secure net connection by default. Shortly after Google announced the partially successful cyberattack on Gmail, the company said it will activate by default a secure network technology for its e-mail service. Google has long offered the option to access its Web-based Gmail service by using HTTPS — a secure version of the Hypertext Transfer Protocol that Web browsers use to retrieve information from Web sites. Now it will become the norm. “Using HTTPS helps protect data from being snooped by third parties, such as in public Wi-Fi hotspots,” the Gmail engineering director said in a Gmail blog post on January 12. “We initially left the choice of using it up to you because there’s a downside: HTTPS can make your mail slower since encrypted data doesn’t travel across the Web as quickly as unencrypted data. Over the last few months, we’ve been researching the security/latency tradeoff and decided that turning HTTPS on for everyone was the right thing to do.”
Source: http://news.cnet.com/8301-30685_3-10433965-264.html
January 13, Nextgov – (International) More cyberattacks likely from group that took down Chinese search engine. The source and motivation behind a cyberattack against China’s largest Internet search engine on January 12 remains unclear, as does its relation to an attack on Google, but more computer networks likely will be targeted, security professionals said. The same group that took down Twitter in December 2009 hacked China’s most popular search engine, Baidu, taking down the Web site for almost four hours. Whether the group has legitimate ties to Iran or Iranian terrorist organizations is unclear. “We are seeing the visible peak of the underground cyberwar that goes on around us 24 hours a day,” a forensic technologist who has 31 years experience said. “Terrorists and governments — through fronts — use attacks to test for weaknesses, gauge reaction and build cyberattack playbooks against adversaries. Governments can’t stop these attacks because of the [interconnected] nature of the Internet.” The group likely will strike again at another heavily visited domain to ensure continued global attention, said the chief executive officer of the security software company Internet Identity.
Source: http://www.nextgov.com/nextgov/ng_20100113_2896.php
January 13, IDG News Service – (California) Law firm in Green Dam suit targeted with cyberattack. The law firm representing a U.S. company involved in a legal dispute over China’s Green Dam censorship software says it was targeted with a sophisticated online attack this week, similar to the one reported by Google on January 12. Gipson Hoffman & Pancione, a Los Angeles law firm, says employees began receiving well-crafted e-mail messages that appeared to come from other company staffers. The messages tried to get the victims to either open a malicious attachment or visit a Web site that hosted attack code. “It came from email addresses that people would recognize as internal to the firm, and the attempt was to make it seem like everyday stuff,” said an attorney with the company. The company reported the attack to the U.S. Federal Bureau of Investigation, the attorney said. Although 10 employees were targeted, none of them took the bait, he said. “We were on guard prior to filing the lawsuit that something like this would happen.”
Source: http://www.computerworld.com/s/article/9144618/Law_firm_in_Green_Da...
January 13, DarkReading – (International) Spear-Phishing attacks out of China targeted source code, intellectual property. The wave of targeted attacks from China on Google, Adobe, and more than 20 other U.S. companies, which has led the search giant to consider closing its doors in China and no longer censor search results there, began with end users at the victim organizations getting duped by convincing spear-phishing messages with poisoned attachments. Google and Adobe both revealed on January 12 that they were hit by these attacks, which appear to be aimed mainly at stealing intellectual property, including source code from the victim companies, security experts say. So far, the other victim companies have yet to come forward and say who they are, but some could go public later this week. Microsoft, for one, appears to be in the clear: “We have no indication that any of our mail properties have been compromised,” a Microsoft spokesperson said in a statement issued on January 13. iDefense says the attacks were primarily going after source code from many of the victim firms, and that the attackers were working on behalf of or in the employment of officials for the Chinese government. The attacks on Google, Adobe, and others started with spear-phishing email messages with infected attachments, some PDFs, and some Office documents that lured users within the victim companies, including Google, to open what appeared to be documents from people they knew. The documents then ran code that infected their machines, and the attackers got remote access to those organizations via the infected systems. Interestingly, the attackers used different malware payloads among the victims. “This is a pretty marked jump in sophistication,” iDefense’s head on international cyberintelligence says. “That level of planning is unprecedented.”
Source: http://www.darkreading.com/database_security/security/attacks/showA...
January 13, The Register – (International) Trojan pr0n dialers make comeback on mobile phones. After taking a long hiatus, trojan dialers that can rack up thousands of dollars in charges are back by popular demand. According to researchers at CA Security’s malware analysis lab, a new wave of malicious dialers is hitting users of mobile phones. The trojans are built on the Java 2 Micro Edition programming language and cause infected handsets to send SMS messages to high-cost numbers, at great expense to the victim. “As soon as the application is loaded, this malicious software starts to send premium text messages,” CA warned on January 12. “The messages sent out are in the typical format to invoke premium services and land the mobile user with heavy mobile bills without the user’s knowledge and consent.” Malware that automatically dials pricey premium numbers was all the rage a decade ago, when dial-up internet services required computers to connect to a phone line. With the growth of broadband connections the frequency of dialers waned. The explosion of smart phone that can run software made by anyone has given malicious dialers a new lease on life. And as was the case in previous years, they mostly tap into pornographic services.
Source: http://www.theregister.co.uk/2010/01/13/trojan_dialer_comeback/
The abstracts above are selected from today's DHS Daily Open Source Infrastructure Report (Daily Report). The Daily Report is collected each week day as a summary of open-source published information concerning significant critical infrastructure issues. Each Daily Report is divided by the critical infrastructure sectors and key assets defined in the National Infrastructure Protection Plan. Items selected by Cybercrime.TV are drawn from Banking and Finance, Information Technology, and Communications, as well as other sectors when an item is computer-related.
- Do not respond to any unsolicited (spam) incoming e-mails, including clicking links contained within those messages.
- Be skeptical of individuals representing themselves as surviving victims or officials asking for donations via e-mail or social networking sites.
- Verify the legitimacy of nonprofit organizations by utilizing various Internet-based resources that may assist in confirming the group’s existence and its nonprofit status rather than following a purported link to the site.
- Be cautious of e-mails that claim to show pictures of the disaster areas in attached files because the files may contain viruses. Only open attachments from known senders.
- Make contributions directly to known organizations rather than relying on others to make the donation on your behalf to ensure contributions are received and used for intended purposes.
- Do not give your personal or financial information to anyone who solicits contributions: Providing such information may compromise your identity and make you vulnerable to identity theft.
January 13, Federal Bureau of Investigation – (International) Haitian earthquake relief fraud alert. The FBI, on January 13, reminds Internet users who receive appeals to donate money in the aftermath of Tuesday’s earthquake in Haiti to apply a critical eye and do their due diligence before responding to those requests. Past tragedies and natural disasters have prompted individuals with criminal intent to solicit contributions purportedly for a charitable organization and/or a good cause. Do not respond to any unsolicited (spam) incoming e-mails, including clicking links contained within those messages. Be skeptical of individuals representing themselves as surviving victims or officials asking for donations via e-mail or social networking sites. Verify the legitimacy of nonprofit organizations by utilizing various Internet-based resources that may assist in confirming the group’s existence and its nonprofit status rather than following a purported link to the site. Be cautious of e-mails that claim to show pictures of the disaster areas in attached files because the files may contain viruses. Only open attachments from known senders. Make contributions directly to known organizations rather than relying on others to make the donation on your behalf to ensure contributions are received and used for intended purposes. Do not give your personal or financial information to anyone who solicits contributions: Providing such information may compromise your identity and make you vulnerable to identity theft.
Source: http://www.fbi.gov/pressrel/pressrel10/earthquake011310.htm
January 14, Forum of Fargo-Moorhead – (North Dakota) Scam texts center on Fargo credit union cards. A series of scam text messages has tried to trick cell phone users into giving up bank account information by telling them their card with Fargo Public Schools Federal Credit Union has been deactivated. Two batches of the scam texts have been identified, one sent to Sprint users on January 9 and another to Verizon subscribers on January 12, said the credit union’s CEO. She said it appears the scammers are working from cell phone subscriber lists, plucking out Fargo names. Information about credit union accounts have not been accessed, she said. She said the credit union has received hundreds of phone calls about the text messages, which she figures could have been sent to thousands of people. West Fargo police sent a warning out about the text messages late on January 13, saying they have received numerous reports about them.
Source: http://www.inforum.com/event/article/id/265770/
January 13, Credit FYI – (National) Debit cards as vulnerable to fraud as credit cards. Shoppers are frequently warned to be on guard against consumer credit card fraud, but they may be less inclined to think about the security risks that they face with their debit card as well. According to Discover, debit cards can be vulnerable to identity theft and other fraudulent activity when shoppers fail to properly safeguard their personal identification numbers (PINs). People are advised to change their passwords and PINs regularly so the information stays out of the wrong hands. Another thing to watch for is criminals who can steal financial data simply by looking over a person’s shoulder or, in some cases, by using so-called skimming devices that can be attached to an ATM machine to steal data. Discover also advises people to regularly track their purchases online to spot any red-flag activity as quickly as possible, and to promptly report any missing cards so that potential thieves do not get a head start on racking up fraudulent charges.
Source: http://www.creditfyi.com/News/debit-cards-as-vulnerable-to-fraud-as...
January 14, Computerworld – (National) Alleged China attacks could test U.S. cybersecurity policy. The attacks on Google and more than 30 other Silicon Valley companies by agents allegedly working for China is focusing renewed attention on the issue of state-sponsored cyber attacks and how the U.S. government should respond to them. The U.S. has no formal policy for dealing with foreign government-led threats against U.S. interests in cyberspace. With efforts already under way to develop such a policy, the recent attacks could do a lot shape the policy and fuel its passage through Congress. On January 12, the U.S. Secretary of State released a statement asking the Chinese government for an explanation for the attacks, which raised “very serious concerns and questions.”
Source: http://www.computerworld.com/s/article/9144440/Alleged_China_attack...
January 13, CNET News – (International) Gmail to get secure net connection by default. Shortly after Google announced the partially successful cyberattack on Gmail, the company said it will activate by default a secure network technology for its e-mail service. Google has long offered the option to access its Web-based Gmail service by using HTTPS — a secure version of the Hypertext Transfer Protocol that Web browsers use to retrieve information from Web sites. Now it will become the norm. “Using HTTPS helps protect data from being snooped by third parties, such as in public Wi-Fi hotspots,” the Gmail engineering director said in a Gmail blog post on January 12. “We initially left the choice of using it up to you because there’s a downside: HTTPS can make your mail slower since encrypted data doesn’t travel across the Web as quickly as unencrypted data. Over the last few months, we’ve been researching the security/latency tradeoff and decided that turning HTTPS on for everyone was the right thing to do.”
Source: http://news.cnet.com/8301-30685_3-10433965-264.html
January 13, Nextgov – (International) More cyberattacks likely from group that took down Chinese search engine. The source and motivation behind a cyberattack against China’s largest Internet search engine on January 12 remains unclear, as does its relation to an attack on Google, but more computer networks likely will be targeted, security professionals said. The same group that took down Twitter in December 2009 hacked China’s most popular search engine, Baidu, taking down the Web site for almost four hours. Whether the group has legitimate ties to Iran or Iranian terrorist organizations is unclear. “We are seeing the visible peak of the underground cyberwar that goes on around us 24 hours a day,” a forensic technologist who has 31 years experience said. “Terrorists and governments — through fronts — use attacks to test for weaknesses, gauge reaction and build cyberattack playbooks against adversaries. Governments can’t stop these attacks because of the [interconnected] nature of the Internet.” The group likely will strike again at another heavily visited domain to ensure continued global attention, said the chief executive officer of the security software company Internet Identity.
Source: http://www.nextgov.com/nextgov/ng_20100113_2896.php
January 13, IDG News Service – (California) Law firm in Green Dam suit targeted with cyberattack. The law firm representing a U.S. company involved in a legal dispute over China’s Green Dam censorship software says it was targeted with a sophisticated online attack this week, similar to the one reported by Google on January 12. Gipson Hoffman & Pancione, a Los Angeles law firm, says employees began receiving well-crafted e-mail messages that appeared to come from other company staffers. The messages tried to get the victims to either open a malicious attachment or visit a Web site that hosted attack code. “It came from email addresses that people would recognize as internal to the firm, and the attempt was to make it seem like everyday stuff,” said an attorney with the company. The company reported the attack to the U.S. Federal Bureau of Investigation, the attorney said. Although 10 employees were targeted, none of them took the bait, he said. “We were on guard prior to filing the lawsuit that something like this would happen.”
Source: http://www.computerworld.com/s/article/9144618/Law_firm_in_Green_Da...
January 13, DarkReading – (International) Spear-Phishing attacks out of China targeted source code, intellectual property. The wave of targeted attacks from China on Google, Adobe, and more than 20 other U.S. companies, which has led the search giant to consider closing its doors in China and no longer censor search results there, began with end users at the victim organizations getting duped by convincing spear-phishing messages with poisoned attachments. Google and Adobe both revealed on January 12 that they were hit by these attacks, which appear to be aimed mainly at stealing intellectual property, including source code from the victim companies, security experts say. So far, the other victim companies have yet to come forward and say who they are, but some could go public later this week. Microsoft, for one, appears to be in the clear: “We have no indication that any of our mail properties have been compromised,” a Microsoft spokesperson said in a statement issued on January 13. iDefense says the attacks were primarily going after source code from many of the victim firms, and that the attackers were working on behalf of or in the employment of officials for the Chinese government. The attacks on Google, Adobe, and others started with spear-phishing email messages with infected attachments, some PDFs, and some Office documents that lured users within the victim companies, including Google, to open what appeared to be documents from people they knew. The documents then ran code that infected their machines, and the attackers got remote access to those organizations via the infected systems. Interestingly, the attackers used different malware payloads among the victims. “This is a pretty marked jump in sophistication,” iDefense’s head on international cyberintelligence says. “That level of planning is unprecedented.”
Source: http://www.darkreading.com/database_security/security/attacks/showA...
January 13, The Register – (International) Trojan pr0n dialers make comeback on mobile phones. After taking a long hiatus, trojan dialers that can rack up thousands of dollars in charges are back by popular demand. According to researchers at CA Security’s malware analysis lab, a new wave of malicious dialers is hitting users of mobile phones. The trojans are built on the Java 2 Micro Edition programming language and cause infected handsets to send SMS messages to high-cost numbers, at great expense to the victim. “As soon as the application is loaded, this malicious software starts to send premium text messages,” CA warned on January 12. “The messages sent out are in the typical format to invoke premium services and land the mobile user with heavy mobile bills without the user’s knowledge and consent.” Malware that automatically dials pricey premium numbers was all the rage a decade ago, when dial-up internet services required computers to connect to a phone line. With the growth of broadband connections the frequency of dialers waned. The explosion of smart phone that can run software made by anyone has given malicious dialers a new lease on life. And as was the case in previous years, they mostly tap into pornographic services.
Source: http://www.theregister.co.uk/2010/01/13/trojan_dialer_comeback/
The abstracts above are selected from today's DHS Daily Open Source Infrastructure Report (Daily Report). The Daily Report is collected each week day as a summary of open-source published information concerning significant critical infrastructure issues. Each Daily Report is divided by the critical infrastructure sectors and key assets defined in the National Infrastructure Protection Plan. Items selected by Cybercrime.TV are drawn from Banking and Finance, Information Technology, and Communications, as well as other sectors when an item is computer-related.
Views: 23
Comment
© 2012 Created by Cybercrime.TV.
You need to be a member of CYBERCRIME.TV to add comments!
Join CYBERCRIME.TV