Watch Out For Malicious PDF Attachments

Malicious PDFs are another hacker’s favourite. Over the past few weeks, we’ve been looking at ways you can be vigilant in the fight against hackers. So far, we’ve looked at two-factor authentication, encryption, and avoiding public WiFi.

This time we’re going to look at PDFs attached to emails.

Why PDF attachments can be bad news

Hackers are sneaky by nature.

On the face of it, a PDF looks quite an innocuous document. After all, you open them every day during your regular working practices. However, there is a darker side to the humble PDF.

Its called steganography – derived from the Greek language meaning ‘covered writing’, where a data file or malicious code can be hidden within another file.

A PDF file is a perfect vessel for hackers because they’re generally thought to be safe. However, if you receive one that contains malicious code, opening it will drop the code on to your device in a similar manner to clicking on a malicious link on a website.

How to stay safe from malicious PDFs

They are challenging to catch and check. That’s why it’s best that whatever PDF reader you use, your anti-virus or endpoint protection is up to date and that your email servers are running current and updated filters.

Software is also available that can test the PDF file before allowing it through to the intended user.

Be vigilant. Stay safe.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich, Bury St Edmunds, and surrounding villages.  

The Marriott Hotel Chain Falls Foul To Hackers

A big company experiencing a data hack is becoming commonplace. This time around it’s the turn of the Marriott Hotel chain.

Back in 2014, details of 500 million hotel guests were stolen although it only came to light at the end of 2018.

The hackers copied and encrypted information and then removed it from a guest reservation database.

How big a data hack was it?

According to investigators, the data hack affected 327 million guests who had stayed at the Marriot owned Starwood chain of hotels. The following information was stolen:

  • Names, mailing address, phone number, email address
  • Passport number date of birth and gender
  • Arrival and departure information, reservation date, and communication preferences
  • Starwood Preferred Guest account information,

Basically, if you stayed at any of these hotels, you may have been affected: W Hotels, St. Regis, Sheraton Hotels & Resorts; Westin Hotels & Resorts, Element Hotels, Aloft Hotels; The Luxury Collection, Tribute Portfolio, Le Méridien Hotels & Resorts; Four Points by Sheraton and Design Hotels.

For some of these guests (Marriott didn’t say how many), payment card data was also stolen. However, according to the hotel, payment data was encrypted but it couldn’t confirm that the data had been completely protected.

What about the remaining 173 million guests? Their stolen data only included a name, and sometimes other information such as mailing address, email address, or other data.

Personal identity protection

Once again, this brings the importance of protecting your data to the forefront. Even if you do take steps to ensure the security of your data on a daily basis, third parties may not be so vigilant.

All companies, to whom we entrust our valuable data, must take steps to ensure that our data is safe. Corporates must understand this can’t continue.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich, Bury St Edmunds, and surrounding villages. 

Source: BullGuard

UK Police Are Cutting Back on Cyber Crime Investigations

Fraud, especially cybercrime, is always hitting the headlines. However, five UK police forces are cutting back their investigations in this area.

This story first broke in The Times. Here’s what BullGuard had to say about it:

Police forces in the UK are cutting the number of fraud and cybercrime investigators as they face a £37 million black hole in law enforcement budgets, according to The Times.

Five police forces, West Yorkshire, West Midlands, Sussex, South Yorkshire and Cheshire, have cut the number of specialist investigators over the past two years, according to data obtained via a freedom of information request.

Apparently a secret presentation to police and crime commissioners by the National Crime Agency (NCA), also warns of glaring “operational gaps” in budgets for inquiries into serious and organised crime, including no specialist funding at all for cybercrime after March 2019.

  • A record £500 million in the UJ was lost to fraud in the first six months of this year as criminals find ever more sophisticated ways to outsmart an already overstretched police force.
  • About £145 million of the loss was a result of so-called “authorised” scams, where the victim sends funds to a criminal’s account believing they are following instructions from a bank, police or some other trustworthy source.
  • Most cyber fraud crimes referred to Action Fraud, the central fraud reporting agency, are not investigated as they are dismissed by a computer algorithm, usually, because they are under £10,000 and are not linked to known hacker groups.

Cybercrime investigators cut

It’s been apparent for some time that the police rarely investigate what they consider to be ‘small amount’ frauds because they are overstretched.

However, the fact that some forces are now cutting the number of cyber-crime investigators sends out a signal to victims that they may as well not bother reporting losses and to fraudsters that it’s open season.

  • Victims of “authorised” banking fraud are typically denied a refund unless the fraud is detected in time for the recipient bank to freeze funds before they are transferred elsewhere.
  • However, Vocalink, a payments services firm that is part of Mastercard, said fraudulent funds are typically moved into 10 different accounts within 10 minutes of a transfer.

Lloyds bank said some scammer’s accounts it has detected were opened with valid identification and address documents.

However, there are already technologies available that can quickly identify whether documents are suspicious by tying them to other forms of ID. Why aren’t the banks using them?

If there’s a moral to this tale it’s that we all need to be extremely wary of requests to send money, even if they appear to be legitimate, for instance, from your bank, solicitor or other trusted source.

If the request for a money transfer includes new bank details the first thing to be done is contact the organisation in question, either by phone or even better in person, and verify whether the account details are indeed accurate or part of an elaborate scam.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich, Bury St Edmunds, and surrounding villages.