Indica Records Zip File Phishing Spam Of The Day

Over the last couple of years, I have received several spammy emails appearing to be sent from a record label employee asking me to open a zip file with my name on it, or a Word doc where I need to activate macros.

Today the cyber-fraudster has replaced their name with a bogus email address to hide the actual email address. When isolating the contact, you can see that the domain of the originating email has nothing to do with Indica Records. The ljcvelmonte.cl is likely a domain from South America set up for the purpose of stealing data or attempting ransom.

What Is A Honeypot?

The latest buzzword in cybersecurity sounds delicious but it is also a preventive mechanism against hacking and can save time and resources in forensic analysis of cyber-breaches.

Honeypots are hacker traps and they come in many forms and sizes adapted to your needs. Our tech expert Roman Blake is developing a comprehensive guide for creators and small businesses on how the strategic deployment of honeypots can place you many steps ahead of potential hackers. I am looking forward to this collaboration.

In the meantime I recommend the following draft: https://cybersecuritynews.com/what-is-a-honeypot/

Desjardins Phishing Cyberfraud Of The Day

The consequences of yesterday’s data dump begin materializing. I just received an email from “Desjardins” asking me to re-activate my account due to a connection error during my last login attempt.

I specifically isolated the url link to see how it behaves, so I can report it to the RCMP. Desjardins surprisingly doesn’t give you a way to report fraud if you are not already prejudiced as a victim (i.e. when it is too late). The whole point is not to become a victim as it can be a tremendous waste of time and you may never recover.

As expected, the phishing link redirects three of four times from the initial URL (I won’t include url’s here) until it lands on a page posing as a mirror of Desjardins’ connection page.

This tactic was very popular until 2019 on Tor markets for the purpose of stealing cryptowallets. However, Tor offered anonymity and encryption safeguards against cyberfraud, which is not the case when banks leak your data.

This is how the REAL Desjardins page looks as of this morning. The only difference is the URL address.

I can’t post the content of the phishing email because it appears encrypted on pasting.

To access the anti-fraud reporting center of the RCMP, you must log in through your GC code or government sign-in through a partner (kind of cringy when the partner is Desjardins)

https://antifraudcentre-centreantifraude.ca/report-signalez-fra.htm

https://antifraudcentre-centreantifraude.ca/report-signalez-eng.htm

8.5 Billion Passwords Leaked On Hacker Forum

A massive 100GB TXT file that contains 8.4 billion entries of compromised passwords found its way on a popular hacker forum. The leaked password compilation is dubbed RockYou2021 and has presumably been built from previous data leaks and breaches. This is the time to change passwords.

What to do if your password was leaked?

If you suspect that one or more of your passwords may have been included in the RockYou2021 collection, we recommend taking the following steps in order to secure your data and avoid potential harm from threat actors:

  • Use a personal data leak checker and leaked password checker to see if your data has been leaked in this or other breaches.
  • If your data has been compromised, make sure to change your passwords across your online accounts. You can easily generate complex passwords with a strong password generator or consider using a password manager.
  • Enable two-factor authentication (2FA) on all of your online accounts.
  • Watch out for incoming spam emails, unsolicited texts, and phishing messages. Don’t click on anything that seems suspicious, including emails and texts from senders you don’t recognize.

https://cybernews.com/security/rockyou2021-alltime-largest-password-compilation-leaked/

The previous largest ever mega-leak of passwords happened 4 months ago and involved 3.2 billion of email and password pairs.

Postes-Canada perd les données d’un million de clients

À la suite d’une “attaque informatique” chez un fournisseur de Postes-Canada (tierce partie), des pirates se sont emparés des informations personnelles de 950 000 personnes ayant reçu des colis de 44 entreprises entre juillet 2016 et mars 2019.

Les informations compromises incluent les noms, adresses, numéros de téléphone et numéros de boîtes postales des victimes.

Cette situation met la lumière sur le partage des données personnelles des Canadiens avec des tierces parties, c’est-à-dire des co-contractants ou des sous-contractants de Postes-Canada (ou de quiconque collecte directement des données et transfère celles-ci à des tiers) qui non seulement ont accès à ces données personnelles, mais comme en l’espèce, les conservent suffisamment longtemps (sans raison légitime) pour pouvoir les perdre.

Le partage des données avec des tierces parties, auquel les usagers n’ont aucun choix que de consentir, est trop souvent pris à la légère,

Les vulnérabilités de cyber-sécurité des tierces parties devraient engager la responsabilité personnelle de Poste-Canada (ou toute personne qui partage avec des tiers des données qui lui ont été confiées et que ce tiers subit une attaque informatique qui résulte en une perte de données).

En l’espèce, il se peut même que le fournisseur en question est un acteur du secteur privé, ce qui attire l’attention sur l’échange de l’information confidentielle des Canadiennes et des Canadiens qui s’opère entre les sociétés d’état (ex. Postes-Canada) et des sociétés du secteur privé. Ce partage est également pris à la légère plus souvent que non.

Nos lois sur la protection de la vie privée se séparent en lois applicables au secteur public et lois applicables au secteur privé, mais la réalité est telle que le public et le privé se chevauchent à plusieurs égards, et surtout dans des projets d’envergure, tels que des applications de traçage par exemple.

https://www.lapresse.ca/actualites/2021-05-26/pres-d-un-million-de-clients-de-postes-canada-victimes-d-une-fuite-de-donnees.php

Cybersecurity And Vaccine Passports

Since the start of the pandemic, most organizations reported an increase in targeted cyberattacks. Now, with the end of the pandemic in sight, cybersecurity teams face another potential headache — the vaccine passport.

Cybercriminals have begun developing strategies to deploy large scale vaccination specific-identity theft, security breaches and personal data “leaks”. Other concerns are fake QR codes sold on dark markets.

https://www.forbes.com/sites/forbestechcouncil/2021/05/21/cybersecurity-and-the-vaccine-passport-a-dream-ticket-or-a-flight-of-fancy/

California: Citizen App Sparks Manhunt For The Wrong Suspect

Algorithmic bias meets our worst nightmare. The On Air feature of the Citizen crime alert app triggered a public manhunt for a man wrongfully accused to have started a wildfire in Los Angeles. A reward was offered for app users to find him. It turned out that the man was innocent.

https://www.foxla.com/news/citizen-app-sets-off-manhunt-for-man-falsely-accused-of-starting-palisades-fire

3.2B Email and Password Pairs Leaked

CyberNews reports that a massive repository of individuals’ data has been posted online. Dubbed “Compilation of Many Breaches” (COMB) this may be the biggest-ever compilation of hacked user credentials ever posted online before, but it’s not the result of a new hack or data breach. Leaked user data combines a 2012 data breach at LinkedIn involving 117 million accounts, as well as stolen Netflix login data. This is the time to change passwords and it comes as a reminder for users to stop recycling user names and passwords across different services.

https://bgr.com/tech/data-breach-email-and-passwords-leaked-compilation-of-many-breaches-5904287/

Featured post

Published
Categorized as Cybercrime