Category Archives: phishing

Phishing Scam in Discord Separates People from their NFTs

I’ve seen people on Twitter, who are into cryptocurrency and who have those hexagon shaped avatars (that they had to pay for), praise the blockchain. There appears to be a widely held concept that the blockchain is safe because it cannot be changed.

Some of those people, who are in NFT focused Discords learned a lesson the hard way. Vice reported that the Discords of multiple NFT projects were hacked as part of a phishing scam to trick users into handing over their digital jpegs. This included the Discords for Bored Ape Yacht Club, Nyoki, Shamanz, Doodles, and Kaiju Kingz all of which were targeted.

Scammers put phishing posts into those Discords. According to Vice, the goal of the hack was to trick people into clicking on a link to “mint” a fake NFT by sending ETH and in some instances an NFT to wrap into a token. Motherboard viewed a message to that effect in a Discord that had a compromised bot.

Those who responded to the phishing post – in the hopes of being able to “mint” an NFT (that turned out to be fake) were unaware that they had fallen for a scam.

Vice provided the following explanation in their article:

Two wallet addresses have been tied to the hacks, now labeled Fake_Phishing5519 and Fake_Phishing5520 on blockchain explorer Etherscan. At least one Mutant Ape Yacht Club NFT (a BAYC spinoff by developer Yuga Labs) was stolen and quickly sold by the 5519 wallet, which sent 19.85 ETH to the 5520 wallet.

The second wallet sent 61 ETH ($211,000) to mixing service Tornado Cash early Friday morning. The latest transaction is a transfer of ETH to a previously inactive wallet that then sent the same sum to an incredibly active wallet currently sitting on 1,447 ETH ($5 million), 6 million Tether coins ($6 million), and an assortment of other tokens.

The blockchain itself might be secure. Unfortunately, there will always be people who fall for an enticing phishing scam. Those unfortunate people won’t get their cryptocurrency or NFTs back.

Superman Tops McAfee’s Toxic Avenger List

evil superman

With San Diego Comic Con quickly approaching, everyone is jumping on board the superhero bandwagon.

Today even McAfee has joined the hype. (The company, not the man, however, we’d love to see a comic book based on John McAfee!)

In a press release, the anti-virus company released its second annual list of superhero searches that lead to bad links, viruses, malware and sites containing malware.

Here’s the list of suspicious superheroes:

McAfee’s Top 10 Most Toxic Superheroes:

 1.       Superman, 16.50%

2.       Thor, 16.35%

3.       Wonder Woman + Aquaman (tie) 15.70%

4.       Wolverine, 15.10%

5.       Spiderman, 14.70%

6.       Batman, 14.20%

7.       Black Widow, 13.85%

8.       Captain America, 13.50%

9.       Green Lantern, 11.25%

10.   Ghost Rider, 10.83%

*% indicates chance of landing on a website that has tested positive for online threats such as spyware, adware, spam, phishing, viruses or other malware.

Is it the Browser, or the People Using the Browser?

Another breach of security, at another big name.  Or is it?  The recent announced breach of email and personal information comes to us from Google and those with Gmail accounts.  The “attacks” have come from China, and affected “top U.S. officials.”  But reading the fine print in all of the articles out there about this latest “breach,” brings up the same cause:

targeted attacks…duped victims into revealing their Gmail passwords through e-mails that pose as people or companies known to end user.”

In other words, phishing.  The users themselves were to blame for letting the hackers into their accounts.

If I leave my car unlocked and full of things like GPS devices, iPods, digital cameras, backpacks, the purchases we just made at Macy’s and the Apple Store, we can’t complain that someone stole our stuff.  If you let the crook into your living room, you can’t complain that he stole your television!

The fact is, there are always going to be people trying to rip us off.  That’s the way the world is, whether we like it or not.  We lock our cars, and the doors to our houses, because that’s the best way to keep out the bad guys.  It’s not fool proof, of course, but it reduces the chances of a theft by a whole bunch.

The same needs to be the case for use when it comes to our computers.  Not taking an extra 30 seconds to check the legitimacy of an email from someone, and to be suspicious of anyone asking for my username or password, I have successfully avoided getting a virus, a trojan, malware, or worse yet, my personal information.  In other words, I’ve never been hacked.

I’m not smarter than anyone else, I’m sure of that.  What I am is skeptical, and cautious.  I still only read email in text form (not html).  I know what my friends sound like when they write to me in an email, and I will recognize when they don’t sound like themselves.  I use strong passwords, and answer my “challenge questions” with false information that I will easily remember but that no one else can figure out.

I don’t consider this recent “attack” as a hack, as much as it is a crook taking advantage of people who have left themselves open to theft.  That crook is always looking for a way to get what is yours.  It is up to me to make sure he doesn’t have an open door to walk through.  “Top government officials” should know enough not to be phished.  And if they don’t know enough, then why aren’t they being trained to be more cautious?

This alone amazes me. It’s not that hard to be cautious, to keep a suspicious mind, and to take a few extra minutes to verify that where you’re clicking, and what information you are entering, is really something you should be doing.

Is Google supposed to take responsibility for this recent attack?  I sure don’t think so.  Place the blame where it belongs:  on the user.

Epsilon Risks Downplayed

The theft of names and email addresses from Epsilon has reached across the Atlantic. Last week I received notification from two UK companies, one of which is a household and high street name, Marks and Spencer, the other is Crucial UK, who will be familiar to almost anyone who has bought computer memory. I’ve included the content from both of the organisations.

Marks and Spencer
We have been informed by Epsilon, a company we use to send emails to our customers, that some M&S customer email addresses have been accessed without authorisation.
We would like to reassure you that the only information that may have been accessed is your name and email address. No other personal information, such as your account details, has been accessed or is at risk.
We wanted to bring this to your attention as it is possible that you may receive spam email messages as a result. We apologise for any inconvenience this may cause you. We take your privacy very seriously, and we will continue to work diligently to protect your personal information.

Crucial UK
On April 4, we were informed by Epsilon, a company we use to send emails to our customers, that files containing the names and/or email addresses of some Crucial customers were accessed by unauthorized entry into their computer system.
We have been assured by Epsilon that the only information that may have been obtained was your name and/or email address. No other personally identifiable information that you have supplied to Crucial was at risk because such data is not contained in Epsilon’s email system.
For your security, we encourage you to be aware of common email scams that ask for personal or sensitive information. We will not send you emails asking for your credit card number, social security number or other personally identifiable information. If ever asked for this information, you can be confident it is not from Crucial.
For your security, however, we wanted to call this matter to your attention. We ask that you remain alert to any unusual or suspicious emails and remain cautious when opening links or attachments from unknown third parties. Our service provider has reported this incident to the appropriate authorities.
We regret this has taken place and for any inconvenience this may have caused you. We take your privacy very seriously, and we will continue to work diligently to protect your personal information.

I think both of these responses are poor. For one, it’s fairly clear that they’re variations on a pre-prepared statement, probably from Epsilon.

Second, they seem to think that spam email is the worst thing that is likely to happen, without really emphasising that the spam email is likely to be targetted directly at the individual and purport to come from the company (spearphishing in the parlance). Most phishing email is pretty poor, but occasionally you get the odd one that is convincing. Knowing that someone uses a particular website is gold and makes it worth putting together a good phishing email and complementary website.

Finally, hacking an account at either of these sites has become much easier. Both M&S and Crucial use the email address as the login name – knowing that you have a valid login name is half the battle when trying to break in. Let’s face it, time and time again, surveys show that passwords are often easily guessed.

M&S and Crucial, here’s what I want you to do.

i) Delete all credit card information from any affected account or reassure us that you don’t hold that information.

ii) Create a secondary security feature on all affected accounts that uses information that wasn’t disclosed, e.g. post code from postal address. This will become part of the login process.

iii) Monitor logins for suspicious activity, particularly ones that fail the new security feature.

iv) Recommend that people ensure that they have strong passwords on their accounts and give guidance on what a strong password is.

v) Sack Epsilon as your email distribution provider.

What do you think? Has the response from the companies affected been satisfactory? Let me know.

Banking Online can it be trusted?

For a long time now anytime a email comes in that says anything about banking I delete it. Recently a bank I do business with started sending e-mails informing me of special offers which as a consumer was worth investigating. But to be honest with you I don’t trust any of the e-mail, as it is to hard to determine what is real, and what is fake. The scam artist have gotten a lot better at phishing sites, I don’t do business with Citibank which has been a long known target of phishers have really taken some of the scams to the next level.

I think from now on, that my credit card account, and other types of bills that I review normally online is going to stop. If I want info on an account I am just gonna pick up the phone, as I find myself triple checking to make sure I have entered the domain name correctly.

With the way stuff is hacking our PC’s these days how long before someone hacks our bookmarks or redirects or machines on purpose. It’s a crazy world out there. []

Google Safe Browsing Firefox Extension

Firefox has released an extension that you should load. This extension will help you when you are are surfing the web and are directed to a website that may not be who or what it appears. Phishing has been going on for a while and people are usually sucked in when they get a e-mail that tells them to visit a site which turns out to be a front for a major identity theft ring. This is a good one and I actually tested it today and it works as advertised. [Google]