Category: Fraud prevention

‘Smart’ Doesn’t Mean ‘Unhackable’

Many vendors will tell you that their smart device is unhackable. However, in reality, that’s unlikely to be true.

When we talk about smart devices in this context, we’re not talking smartphones, but rather the myriad devices that make up the Internet of Things. All those gadgets we can’t possibly live without.

All of these smart devices have one similar characteristic; they all have poor security.

Alarming security issues

A recent article on BullGuard’s blog highlights the myth of the unhackable smart device. They wrote that:

Two of the world’s largest car alarm manufacturers recently proved this point, albeit inadvertently.

Viper, known as Clifford in the UK, and Pandora Car Alarm Systems have something like three million customers between them. Some security researchers recently tested these smart car alarms.

The results don’t inspire confidence. They discovered straightforward vulnerabilities in both alarms’ APIs, which knit together a vehicle’s existing smart features with the smart alarms.

The researchers probed these vulnerabilities and were able to tamper with existing smart parameters, reset user credentials, and hijack accounts and more.

  • The vehicle type and owner’s details could be stolen, a car could be unlocked, the alarm disabled, the vehicle tracked, microphones compromised, and the immobilizer hijacked. 
  • In Viper’s case, a security flaw in the API parameter led to improper validation, which provided attackers with the ability to compromise user accounts. The research team found that the same bug could also be used to compromise the vehicle’s engine system. 
  • The Pandora alarm can be used to make SOS calls in cases of emergency. This is why it is fitted with a microphone. But because of the flaw, the microphone could be used for snooping. 
  • In Pandora’s case, cyber attacks could also result in the car engine being killed during use.  It’s designed for use if a car is stolen, which makes sense, as long as it isn’t hacked. But in the hands of an attacker, it could be deadly. Imagine hurtling down a motorway, the engine suddenly cuts out, and there’s a 44-ton truck sitting right behind you.

To the misfortune of Pandora, it claimed on its website that its smart alarms were unhackable. That said once the researchers informed the company it swiftly deleted this grandiose claim from its website.

Also, both companies responded quickly and fixed the vulnerable APIs as soon as they were informed, which is encouraging.

We may not be seeing real-world cyber attacks on cars yet, but given the pace of smart device adoption, it’s something any sensible person wouldn’t bet against.

 

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich, Bury St Edmunds, and surrounding villages. 

Source:BullGuard

Sony Bravia Smart TVs Need Patching

Do you have a Sony Bravia smart TV?

Have you changed its default settings?

In that case, you may need to upload a firmware update.

This is easily done by going to the Download section of the TV’s product page to check it’s running the firmware update.

Sony Bravia models with bugs

Several bugs have been detected in the following Sony Bravia models:

  • R5C, WD75, WD65, XE70, XF70, WE75, WE6, and WF6 series.

These include a stack buffer overflow, a directory traversal bug, and a command injection flaw.

The command injection flaw is the bug that could lead to remote code execution with root privilege. This means if someone is on the same local area network they can remotely take control of the TV.

However, it’s worth noting:

  • Sony Bravia TV owners should have automatically received the firmware updates if they’ve not changed the TV’s default settings
  • By default the affected Bravia TVs are set to automatically receive updates when they connect to the internet

Sony did send out the firmware updates to patch these bugs and by far the majority of Bravia smart TV owners should be safe.

The bigger issue

Although, in this case, Sony is doing something about it, many smart device manufacturers don’t. This has led to the creation of huge smart device botnets, which have been used to take major websites.

But this is only the beginning. Smart device attacks will become increasingly common. As such it always pays to keep one eye on the security of smart devices you plan to buy.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich, Bury St Edmunds, and surrounding villages.

Source: BullGuard

NewsNow Passwords Hacked

Another week, another blog post and another website that’s has its user passwords hacked.

This time it’s NewsNow that’s in the spotlight.

Here’s what BullGuard recently reported:

If you’re a news junkie there’s a good chance you check NewsNow frequently. You might even have an account with this aggregated news content service which gives you the latest lowdown in even the most obscure of areas.

If so, you probably won’t be happy to hear account passwords have been hacked.

Somewhat ironically, but not surprisingly, NewsNow has not made the news public.

Rather it has sent out emails to account holders informing them about the ‘believed’ hack.

Has your account been hacked?

If you are a user of this website, you’ll have received an email stating, “… we believe it is possible that an encrypted version of your password may have been accessed. While we do not have concrete evidence that this has happened, the possibility cannot be completely ruled out.

Comforting.

They then go on to say that because it’s not straightforward for anyone to decipher your actual password, it’s unlikely anyone will bother trying.

Doesn’t fill you with much confidence, does it?

We would suggest changing your password anyway.

Thanks for the heads up Bullguard.

 

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich, Bury St Edmunds, and surrounding villages.

 

How Do Hackers Evade Detection?

Hacking is becoming too frequent a headline for our liking these days. It seems as though the technology that’s been developed to make our lives easier is backfiring thanks to a small army of hackers.

Getting their kicks out of circumventing firewalls and other security measures are putting the rest of us at risk.

So how come these attacks keep happening?

Well, according to BullGuard, before launching an attack, hackers make sure they cover their tracks by:

  • Breaking into poorly secured computers and using these hijacked systems as proxies through which they can launch and route attacks worldwide
  • Using viruses, worms, phishing emails and other malware to take control of internet servers or personal computers to create a network of ‘zombie’ computers, also known as botnets
  • These botnets are then used to launch attacks.
  • As a result, an attack may appear to come from a particular server or computer, but this does not mean the attack originated at that device.
  • Often a string of different proxies are used, typically located in different countries.

It is these factors that make it so difficult to find out where the original attack was launched.

As BullGuard states:

“ It can be done but requires law enforcement from different countries to co-operate with each other.

“On the surface, this may seem straightforward but political agendas can get in the way of forensics. For instance, law enforcement might trace an attack as far as a server IP address in Russia or a router on Chinese territory.

“This doesn’t provide definitive proof that the attack was launched from a server in Russia or a router in China, these devices could be proxies used by the attackers. But political relations, for instance between the US, Russia and China, ensure that the forensics investigations can’t go any further. This is why it is often difficult to catch attackers. That said, circumstantial evidence can certainly point a finger in the right direction.”

Attackers sometimes start small

BullGuard when on to explain:

“Attackers sometimes start their attacks by attacking small, remote and obscure computers or networks or piggyback into networks by infecting other devices. Their ultimate targets are often large organisations with sensitive information.

“But they don’t just press a big red attack button; instead they carry out surveillance and crawl through a victim’s network to find suitable launch points to reach their ultimate targets.

  • Foreign nation state-backed hackers took over outdated Windows servers run by a small company. They then moved across the network onto other servers. Spear-phishing emails were then sent from these compromised servers to more than a hundred targets, including companies working for the US Department of Defense.
  • Attackers exploited a vulnerable web application on public school servers to break into them. They moved around the networks and installed backdoors on the school’s computers to launch more attacks.
  • Malicious hackers breached a community club network and then distributed malware to anyone who connected to the club’s Wi-Fi. The attackers then later piggybacked into corporate networks when the owners of the devices had been infected logged onto their company networks.
  • Chinese spies penetrated an old computer belonging to a welding firm located deep in the Wisconsin countryside. The hackers used the compromised computer to plan and stage attacks on a major Manhattan law firm, one of the world’s biggest airlines, a prominent university and other targets.

“Often these firms or individuals have no idea their computers have been compromised until one day they receive a knock on the door from men in suits and raincoats who have a lot of questions.”

 

 

How To Tell If Your Mobile Phone Is Being Tracked Or Monitored By Spy Software

Mobile phone spy software is more prevalent than you may think.

You don’t have to be a celebrity or politician to fall prey; it can happen to anyone.

If you suddenly find your mobile’s battery life disappearing rapidly, or your data usage goes through the roof, it should be a sign of snooping.

Why would someone want to spy on you?

An excellent question and the answer is probably data.

If you’re in business, it could be details about sales strategies, new product development and so on. It could be to find out whether an affair is taking place or it could be related to a court case.

You’re probably wondering how the soy software gets on your phone. Well, it’s easier than you think. For example, during repairs or for some other reason, a backdoor application can be installed to piggyback your GPS service or spy software can be installed on your mobile device.

How to tell if your mobile phone has spy software on it

There are several signs to look out for that suggest your phone is being tracked or monitored in some way. They can be quite subtle, but when you know what to look out for, they can also be glaring:

Unusual sounds during calls

Clicking sounds, static or distant voices coming through your phone during conversations can be a sign that you’re being snooped on.

Decreased battery capacity

If a mobile phone is tapped, it is recording your activities and transmitting them to a third party. This leaves a footprint in the form of increased battery usage, and as a result, the battery loses life faster. You can test this by using your battery in another phone of the same model and compare the results. If it uses less battery, it could be that your phone is bugged or it’s defective in some way.

Phone shows activity when not in use

Other than message alerts, when your phone is not in use, it should be silent. If yours is making noises or lighting up its screen when you’re not using it, it could be a sign that someone’s snooping on you.

Phone takes a long time to shut down

If your phone is transmitting data to someone, it will take longer to turn off –  especially after a call, text, email or web browsing because it could be sending information to a third party.

Battery temperature feels warm

If your phone feels warm, even when you haven’t used it, it could be still in use secretly transmitting data. However, this is only a potential sign.

Receiving unusual texts

Receiving strange text messages containing random numbers, symbols or characters is another sign. The remote control feature of spy software works by sending secret coded text messages to your phone and in some cases, these can be seen if the software is not working correctly. If this happens regularly, you could have a spy app on your phone.

Increased data usage

Some spy apps (the less reliable ones) use extra data to send the information collected from your phone, so look out for any unexplained increase in your monthly data usage. The best spy software programs data usage has been reduced and will be almost impossible to spot but the poor programs will show significant data use.

How to find mobile phone spy software 

It’s possible to find spy software on an Android by looking inside the files on the phone. Go to:

  • Settings
  • Applications
  • Manage Applications or Running Services

You may be able to spot suspicious looking files. Good spy programs usually disguise the file names so that they don’t stand out but sometimes they may contain terms like spy, monitor, stealth and so on. Some of the poorer quality software programs are still quite easy to spot.

If you are only looking for confirmation of spy software, you won’t do any damage to the phone. However, it’s best not to remove or delete any files unless you know what you are doing.

If you do find suspicious software ,it’s a good idea to take your device to someone who does know what they are doing.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich, Bury St Edmunds, and surrounding villages.

Source: BullGuard

Don’t Fall Victim To Bank Transfer Fraud

bank transfer fraud

 

Bank transfer frauds are growing with victims losing significant amounts of money.

The issue with this type of fraud is that there’s little chance of getting your money back because banks take the line that it wasn’t as a result of their systems being breached. Therefore, they weren’t at fault.

How does bank transfer fraud work?

It can happen in two ways.

Either a hacker gets hold of email addresses and passwords and uses brute force techniques to crack the passwords.

Or, they target specific individuals and, using a range of social engineering tricks, identify email addresses. These are then scanned for messages relating to some form of financial transaction, e.g. communicating with a solicitor about a mortgage, a builder for renovation works or an accountant for tax-related payments.

The fraudster then intercepts the messages and, when the timing is appropriate, poses as one of the parties, for example, a solicitor asking for the payment to be made to a bank account. They provide the account details and sort code (often stating the firm has just changed its banking details).

The victim doesn’t think anything is suspicious about the transaction because they are already engaged in the process and are expecting to make a payment.

What are banks doing?

Not a lot.

They are mainly taking a hard line and refusing to reimburse customers for these losses.

As far as they’re concerned it’s not their responsibility when customers give their account details, or money, to online scammers.

In the UK, the Payment Systems Regulator (PSR), the economic regulator for the UK payment systems industry, has come down on the side of consumers and is pressing for a scheme to be set up that would see customers refunded in certain circumstances.

It’s uncertain, however, when this will come into effect.

What can you do?

A recent blog post on BullGuard offers some fantastic advice if you’ve been unfortunate enough to have fallen prey to one of these scams:

  • Immediately phone your bank, speak to the fraud team, explain what has happened and demand they contact the fraudster’s bank, that is, the bank you transferred your money to

  • Immediately contact a solicitor or barrister who can accept instructions from you and ask them to make an application to freeze the fraudster’s bank account and any other bank account that the fraudster has with their bank. This should include a request for a court order that the fraudster’s bank provides the following information:

    • All contact details (mobile phone, home phone, email address, residential address)
    • All signatories to the fraudster’s bank account
    • Any other bank account held in the fraudster’s name or any other signatory to this bank account that is held at the bank
    • All bank statements for the fraudster’s bank account and any other bank account to which the fraudster or any other signatory has with the bank for a period of 6 months
    • The current balance of all bank accounts with the bank that is in the fraudster’s or any other signatories name

  • As soon as you receive the court order immediately email it to the fraudster’s banks’ ‘court orders’ team

  • As soon as you receive the information from the fraudster’s bank, consider the following points:

    • Has your money been transferred to any recognisable company you can contact?
    • If you can identify a company that has received your money, contact this company, explain what has happened and request they either cancel the transaction made by the fraudster or ask them to hold onto the money as you’re currently using court orders to identify the fraudster
    • Has the money been transferred to other bank accounts?

  • If your money has been transferred out of the fraudster’s bank account and into another bank account, you have the option of returning to court and repeating the process set out above

  • Your bank will be under a duty to contact the fraudster’s bankers, who will then freeze the fraudster’s account. If your bank has failed to act within a reasonable period of time after you have notified them of the fraud it is likely that your bank will have breached their duty and will have to compensate you

The wider issue

These types of frauds begin with email accounts being hacked:

  • Before making a large payment call the recipient and double check that the payment has been requested

  • Make an initial small payment and check if the recipient receives it

  • Never post email addresses or other personal information on social media

  • Never give out your email address or other personal information over the phone

  • Check if your email address appears on https://haveibeenpwned.com/ If it does it means that is has been stolen, most likely from some company’s database

  • Consider closing your email account and replacing it

  • Use strong passwords on your email account. Click here to find out about password managers

  • Consider using BullGuard Premium Protection which safeguards all your identity information, including email addresses, and alerts you if your information appears on the web

Thanks, BullGuard – excellent advice if you get caught out.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages

Source: https://www.bullguard.com/blog/2017/12/bank-transfer-frauds-are-surging-what-to-look-out-for-and-how-to-protect-yourself

 

Does Your HP Laptop Contain Hidden Keylogger?

Keylogger

 

What is keylogging?

It is software that covertly tracks, or logs, the keys struck on your keyboard. Its purpose is to collect sensitive material such as account numbers, PIN codes, passwords etc.

Although there are legitimate uses for keylogging (e.g. parents monitoring children’s activities), they pose a serious threat. They enable cybercriminals to gain access to your sensitive information. This could lead to the loss of your money or identity.

It spreads in much the same way as other malicious programs – through opening an attachment received via email, social network, text etc., or through an infected website.

How was it discovered pre-installed on hundreds of HP laptop models?

It was security researcher Michael Myng who found the keylogging code in software drivers preinstalled on HP laptops to make the keyboard work.

According to the BBC, the “potential security vulnerability” is affecting more than 460 models of HP laptops. However, the release of a software patch will remove the keylogger.

He discovered it when inspecting Synaptics Touchpad software. Although disabled by default, an attacker with access to the computer can enable it to record what a user is typing.

How do I know if I’m at risk?

The issue affects laptops in the EliteBook, ProBook, Pavilion and Envy ranges, among others. You can find a full list of affected devices, dating back to 2012, by clicking here.

In a statement, the company said:

“HP uses Synaptics’ touchpads in some of its mobile PCs and has worked with Synaptics to provide fixes to their error for impacted HP systems, available via the security bulletin on HP.com.”

The BBC also reported that in May, a similar keylogger was discovered in the audio drivers pre-installed on several HP laptop models.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Cyber Attacks – What Happened In 2017 and What’s In Store For Us This Year?

Cyberattacks

 

2017 was quite a year for cyber attacks. According to Hackmageddon.com, every month saw dozens of serious cyber attacks affecting the personal information of billions of internet users worldwide.

Shocked? We were too.

We were too.

BullGuard outlined some of the biggest ones in a recent blog post.

WannaCry

The WannaCry ransomware spread through 150 countries affecting more than 300,000 computers including the UK’s National Health Service, FedEx, rail stations, universities, car manufacturers and a national telco.

It spread rapidly because of a worm-like component expedited by a large number of organisations using unpatched XP operating systems.

It was considered among the worst breaches of all time because of the amount of sensitive information that was taken.

Yahoo

Yahoo dropped a bombshell in August 2017 announcing that every one of its three billion accounts was hacked in 2013.

This was three times what was first thought to be the case. According to the former Yahoo CEO Marissa Mayer, the company only found out about the breach in 2016 when it reported that 1 billion accounts were hacked.

The company still doesn’t know who was responsible.

National Security Agency

The National Security Agency (NSA) is responsible for spying on other countries and mass surveillance of its citizens.

As you would expect, it has an arsenal of cyber tools for hacking into foreign banks, infrastructure, government departments, etc. However, a group of hackers called Shadow Brokers leaked a suite of hacking tools widely believed to belong to the NSA, which were then used in some of the year’s most significant global cyber attacks, including Wanna Cry.

How embarrassing!

Uber

Back in 2016, hackers stole the data of 57 million Uber customers. The company paid the hackers $100,000 to cover it up. The breach was only made public in November 2017 by the new Uber CEO Dara Khosrowshahi.

It also turns out that Uber was also playing on the other side of the fence too. A former member of Uber’s security team recently revealed details about a secretive unit within Uber dedicated to stealing trade secrets, spying on competitors, using self-destructing messages and dodging government regulators.

What can we expect in 2018?

It doesn’t take a rocket scientist to work out that a prime target of the hackers is going to be the Internet of Things.

Smart devices face the same cybersecurity challenges as your desktop PC, laptop and smartphone. The only difference being that smart devices are attached to real things in the real world.

As BullGuard reports:

“When someone hacks a PC, personal data is at risk. But when someone hacks a robotic manufacturing arm that entire manufacturing line is at risk, if someone hacks a medical monitor a patient is at risk, if some hacks a smart lighting system that smart home is at risk.”

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Source: BullGuard

Look Out, There’s SMS Phishing About

SMS Phishing scam

 

SMS Phishing is fast becoming one of the most common forms of threat – even more so than fake apps.

You might think that in the scale of things, SMS scams as a cyber threat is a bit old school, but that’s what makes them so darn clever. You are constantly reminded about looking out for fake apps, dodgy emails and unsecured websites but what happens if you get a text telling you you’ve won a product?

The chances are because it’s not an email, you would be drawn in. The fake URL contained within the message proves too tempting, and you click – after all, what harm could it do? It’s only a text.

The problem is that one click will unleash malware on your smartphone.

Don’t get caught out

It pays to be vigilant whether using your PC, tablet or phone. To help you stay safe here are a few things to watch out for, courtesy of BullGuard:

  • Don’t click on messages from unknown sources that contain links
  • Don’t reply to any messages that ask about your finances
  • If the text demands a quick reply, ignore it, it’s probably a smishing attempt
  • Don’t call back a number associated with a text that has arrived ‘out of the blue’
  • If the message starts: “Dear user, congratulations, you have won” (or something along those lines) it’s a scam
  • If the message purports to be from a long lost friend, it’s a scam

To be on the safe side, here at MPM we recommend you protect your devices with a product like BullGuard (others are available).

Above all, stay vigilant and stay safe.

 

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Source: BullGuard

It’s The Season of Giving But That Doesn’t Mean You Should Give a Stranger Access to Your Computer

Scammers and hackers

 

It’s The Season of the Hacker

We first published this blog post back in June of last year to warn you about hackers. However, considering the number of clients we’ve been trying to rescue from scams recently, it’s about time we posted it again.

Regardless of whether you get a phone call purporting to be from your phone company or a software giant, hang up. Just today we were called by ‘BT’ telling us that someone had hacked our router and could see all our internet searches and purchases. All we had to do was go to Google and open a site…we put the phone down at that point. And that’s what you should be doing.

Now and then the scam phone calls start.

They come out of the blue to catch you unawares.

As you go about your business, someone informs you there’s a problem with your computer – what do you do?

Before I answer that take a look at these questions:

  • Would you give a total stranger the keys to your house?
  • Would you give a total stranger the keys to your car?
  • Would you tell a total stranger how to access your financial banking system?

I’m guessing you answered no to all of those. So how come people give a total stranger (i.e. a hacker) access to their computer?

On the strength of one unsolicited call, people allow remote access to their computers – and that means their files, photos and everything else they hold dear.

Yes, the caller is probably very polite, they will even try to make you believe they are doing you a favour and have called just in the nick of time.

But answer me this – how do they know what’s on your computer? There is no way they can tell what software you’re running, programmes or anything else for that matter, so there is no way they’ll know whether you have a virus on your machine or not.

No one from a multinational billion dollar turnover company (i.e. Microsoft) is going to phone a residential customer to resolve an issue on their PC or laptop.

When you get one of these bogus calls – and you will – do yourself a favour and hang up on them. If you want, call a trusted local company, like MPM IT and get them to check over your PC for you for your peace of mind.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.