Tag Archives: phishing

Phishing Scam in Discord Separates People from their NFTs

phishing, ,

I’ve seen people on Twitter, who are into cryptocurrency and who have those hexagon shaped avatars (that they had to pay for), praise the blockchain. There appears to be a widely held concept that the blockchain is safe because it cannot be changed.

Some of those people, who are in NFT focused Discords learned a lesson the hard way. Vice reported that the Discords of multiple NFT projects were hacked as part of a phishing scam to trick users into handing over their digital jpegs. This included the Discords for Bored Ape Yacht Club, Nyoki, Shamanz, Doodles, and Kaiju Kingz all of which were targeted.

Scammers put phishing posts into those Discords. According to Vice, the goal of the hack was to trick people into clicking on a link to “mint” a fake NFT by sending ETH and in some instances an NFT to wrap into a token. Motherboard viewed a message to that effect in a Discord that had a compromised bot.

Those who responded to the phishing post – in the hopes of being able to “mint” an NFT (that turned out to be fake) were unaware that they had fallen for a scam.

Vice provided the following explanation in their article:

Two wallet addresses have been tied to the hacks, now labeled Fake_Phishing5519 and Fake_Phishing5520 on blockchain explorer Etherscan. At least one Mutant Ape Yacht Club NFT (a BAYC spinoff by developer Yuga Labs) was stolen and quickly sold by the 5519 wallet, which sent 19.85 ETH to the 5520 wallet.

The second wallet sent 61 ETH ($211,000) to mixing service Tornado Cash early Friday morning. The latest transaction is a transfer of ETH to a previously inactive wallet that then sent the same sum to an incredibly active wallet currently sitting on 1,447 ETH ($5 million), 6 million Tether coins ($6 million), and an assortment of other tokens.

The blockchain itself might be secure. Unfortunately, there will always be people who fall for an enticing phishing scam. Those unfortunate people won’t get their cryptocurrency or NFTs back.

WhatsApp Supermarket Phishing Scam

Security, ,

There’s a WhatsApp phishing scam doing the rounds here in the UK based on free gift vouchers from big supermarket retailers. It’s doing well because (a) people are receiving the links from friends and (b) they’re disguising the false links with foreign letters.

Here’s two that I received in the last few days.

 

Check the subtle dot over the c of Tesco and the line on the d of Asda. They got my scam senses tingling but many people seem to have fallen for it based on the couple of messages I received. Apparently there’s a variant for Aldi too.

If you do follow the links (and I recommend you don’t), the first part asks for more friends to pass on the message to, and the next bit starts collecting personal info so they can send out the vouchers. Yeah, right. Fortunately, friends I’ve spoken to became more suspicious on the second section and dropped out.

This scam can easily be moved to other retailers in other countries so watch out for it, though the basic scam has been around for awhile. It’s the use of special characters that seems to be new. I imagine that they can be creative with other letters in addition to c and d. More at the BBC.

Epsilon Risks Downplayed

phishing, Security, , ,

The theft of names and email addresses from Epsilon has reached across the Atlantic. Last week I received notification from two UK companies, one of which is a household and high street name, Marks and Spencer, the other is Crucial UK, who will be familiar to almost anyone who has bought computer memory. I’ve included the content from both of the organisations.

Marks and Spencer
We have been informed by Epsilon, a company we use to send emails to our customers, that some M&S customer email addresses have been accessed without authorisation.
We would like to reassure you that the only information that may have been accessed is your name and email address. No other personal information, such as your account details, has been accessed or is at risk.
We wanted to bring this to your attention as it is possible that you may receive spam email messages as a result. We apologise for any inconvenience this may cause you. We take your privacy very seriously, and we will continue to work diligently to protect your personal information.

Crucial UK
On April 4, we were informed by Epsilon, a company we use to send emails to our customers, that files containing the names and/or email addresses of some Crucial customers were accessed by unauthorized entry into their computer system.
We have been assured by Epsilon that the only information that may have been obtained was your name and/or email address. No other personally identifiable information that you have supplied to Crucial was at risk because such data is not contained in Epsilon’s email system.
For your security, we encourage you to be aware of common email scams that ask for personal or sensitive information. We will not send you emails asking for your credit card number, social security number or other personally identifiable information. If ever asked for this information, you can be confident it is not from Crucial.
For your security, however, we wanted to call this matter to your attention. We ask that you remain alert to any unusual or suspicious emails and remain cautious when opening links or attachments from unknown third parties. Our service provider has reported this incident to the appropriate authorities.
We regret this has taken place and for any inconvenience this may have caused you. We take your privacy very seriously, and we will continue to work diligently to protect your personal information.

I think both of these responses are poor. For one, it’s fairly clear that they’re variations on a pre-prepared statement, probably from Epsilon.

Second, they seem to think that spam email is the worst thing that is likely to happen, without really emphasising that the spam email is likely to be targetted directly at the individual and purport to come from the company (spearphishing in the parlance). Most phishing email is pretty poor, but occasionally you get the odd one that is convincing. Knowing that someone uses a particular website is gold and makes it worth putting together a good phishing email and complementary website.

Finally, hacking an account at either of these sites has become much easier. Both M&S and Crucial use the email address as the login name – knowing that you have a valid login name is half the battle when trying to break in. Let’s face it, time and time again, surveys show that passwords are often easily guessed.

M&S and Crucial, here’s what I want you to do.

i) Delete all credit card information from any affected account or reassure us that you don’t hold that information.

ii) Create a secondary security feature on all affected accounts that uses information that wasn’t disclosed, e.g. post code from postal address. This will become part of the login process.

iii) Monitor logins for suspicious activity, particularly ones that fail the new security feature.

iv) Recommend that people ensure that they have strong passwords on their accounts and give guidance on what a strong password is.

v) Sack Epsilon as your email distribution provider.

What do you think? Has the response from the companies affected been satisfactory? Let me know.

Shut that Forum down (or clean it up)

Security, , , , , , , , ,

Before I got into blogging and podcasting, I ran a few internet forums. It was easy – setup a YABB (Yet Another Bulletin Board System) forum and let the minions have at. I had some pretty interesting forums in my day, and with it, a lot of controversy. Still, I kept things cleaned and tidy. Spammers were dealt with quickly and swiftly.

I still have one forum running. It’s more of a homage to those days, if anything. There are some that still come on to talk, so I keep it going.

Recently I have seen a lot of forums that have not been touched by a human. The story is the same – the forum owner pretty much abandons it, but keeps the registration simple. Within a couple months, the first spammer shows up. Maybe it’s a post about male growth pills. Maybe it’s about meeting up with girls. Nonetheless, it’s a spammer doing what they do best.

Now normally I wouldn’t care two hoots if you left your forum to deteriorate like an old shack in the middle of the woods. However, the spam starts to grow, and with it malware. Links to websites of naked girls are really sites that try to infect your computer. Links to cool videos turn out to be phishing schemes linking to misleading login pages.

Bottom line – you are infecting computers and allowing people to be swindled out of money.

We as a web community should be aware of what we do. After all, if you do own a house, you want to make sure that it is continually stable in it’s structure. When the power goes down, if the roof leaks, if the basement grows mold – you fix it. That should be the same mentality of a website.

Simple checks of your web domain(s) can keep things running smoothly. Forums that have been over run should be shut down or cleaned up. Deleting forum spam is an important part of being a webmaster.

Even newer websites should have some precautions taken. If you have a blog, make it so comments are moderated first. Install Akismet to block some of the malfeasance. Tie down some areas, including the registrations, so people don’t have to read or accidentally get malware or phished.

Part of keeping the bad stuff off the internet is to make sure the hackers and phishers don’t have a place to put their information – on your dime. And if you don’t have the time or energy to maintain a website, then either lock it down and clean it up or shut it off.

It’s ok to loose interest in something. Heck, I do that all the time. However, you should also clean up your mess you left behind. Otherwise, good people could be swindled out of $250,000 because they think they won a lottery. Good people could loose out just trying to find out about the new miracle male enhancement pill. Most important, you might just get blocked by Google, anti-viral programs, reporting services that keep an eye on the web and a lot more.

You never know when someone gets hit with hacking. Heck, it might even be your family or friends that get affected and infected. You don’t want that, do you?

Banking Online can it be trusted?

Commerce, phishing,

For a long time now anytime a email comes in that says anything about banking I delete it. Recently a bank I do business with started sending e-mails informing me of special offers which as a consumer was worth investigating. But to be honest with you I don’t trust any of the e-mail, as it is to hard to determine what is real, and what is fake. The scam artist have gotten a lot better at phishing sites, I don’t do business with Citibank which has been a long known target of phishers have really taken some of the scams to the next level.

I think from now on, that my credit card account, and other types of bills that I review normally online is going to stop. If I want info on an account I am just gonna pick up the phone, as I find myself triple checking to make sure I have entered the domain name correctly.

With the way stuff is hacking our PC’s these days how long before someone hacks our bookmarks or redirects or machines on purpose. It’s a crazy world out there. [blog.washingtonpost.com]

Google Safe Browsing Firefox Extension

google, phishing, Security, ,

Firefox has released an extension that you should load. This extension will help you when you are are surfing the web and are directed to a website that may not be who or what it appears. Phishing has been going on for a while and people are usually sucked in when they get a e-mail that tells them to visit a site which turns out to be a front for a major identity theft ring. This is a good one and I actually tested it today and it works as advertised. [Google]

Gmail Scam Used by Phishers to Gather Personal Data

Commerce, Crime, Dave's Muse, Information, Security, Services, Software, Technical, , , , , , , , , ,

Internet e-mail scammers are using the popularity and allure of Google’s Gmail service to phish for personal data, including e-mail addresses and passwords. Gmail e-mail accounts are one of the most coveted holdings for hip and techie Internet users. A quick eBay search proves the popularity of invitations to join Google’s upcoming e-mail service that offers 1GB of mail storage.

The current Gmail phish reads “The Gmail Team is proud to announce that we are offering Gmail free invitation packages to the existing Gmail account holders. By now you probably know the key ways in which Gmail differs from traditional webmail services. Searching instead of filing. A free gigabyte of storage. Messages displayed in context as conversations. Just fill in the form below to claim your free invitation package.”

Dave’s Opinion
Phishing, commonly used via e-mail and the web involve conning unwary users into releasing private data. The cons are best known for their attempts to garner AOL, Citibank, and eBay login usernames and passwords; however, there seems to be no end to how the cons can be applied.

Call for Comments
What do you think? Leave your comments below.

References
Gmail
Google