Beware of scams related to the Rogers outage. A New Zealand firm releases a free decryptor tool to fight ransomware. You are not as safe buying an app in the Apple store as you might think. And online payment fraud will exceed 343 billion dollars next year.
Welcome to CyberSecurity Today, I’m Jim Love, CIO and Chief Content Officer of ITWC, sitting in for the vacationing Howard Solomon.
When something as momentous as the recent Rogers outage happens, scammers will pounce. The outage affected by one estimate almost 10 million people. It shuttered businesses, affected emergency communications and even shut down some payment systems.
Rogers stumbled badly with its communication throughout the process, but the day after the outage promised to reimburse customers for losses (although to our knowledge they didn’t have a formula for how that compensation would be calculated). That’s where the scammers rushed in, sending notices purporting to be from Rogers.
There will be more of these in the coming days and weeks. All we can say is be careful of what you receive. We hope Rogers will have a clear communication on how reimbursement will occur. Watch for news on itworldcanada.com or other authoritative sources.
It’s easy to be critical of a big corporation and there is no question that the Rogers outage is a case study in how NOT to do crisis communications in a disaster. Not just the event, but how it was handled will have a huge impact on customers, on sales as well as on legal actions, not to mention what it did to the share price.
But rather than criticize them, we suggest we all take this as a wakeup call. We raise the question – how well would your company fare in communications if you had a security or other major incident? Have you got a plan in place? Do you know what you would say in various scenarios? Do you know how you’d get the message out? The time to rehearse your crisis communication plan is before you have a crisis.
New Zealand-based cybersecurity firm Emsisoft has released a free decryption tool to help AstraLocker and Yashma ransomware victims recover their files without paying a ransom.
Those affected can download the tool from Emsisoft’s servers, and it allows you to recover encrypted files using easy-to-follow instructions available in a freely available user guide [PDF]
But Emsisoft also gives some wise advice. “Be sure to quarantine the malware from your system first, or it may repeatedly lock your system or encrypt files,”
The ransomware decryptor allows you to keep a copy of the files encrypted in the attack as a backup if the decrypted files don’t restore fully.
Victims whose systems were compromised via Windows Remote Desktop should change their passwords for all user accounts that have permissions to log in remotely. Of course, also look for any other accounts the ransomware operators might have added.
The decryptor was released after the threat actor behind AstraLocker ransomware told BleepingComputer this week that they’re shutting down operations. Apparently the company is going legit and moving into crypto mining. AstraLocker left with a great quote:
“It was fun, and fun things always end sometime. I’m closing the operation, decryptors are in zip files, clean. I will come back,I’m done with ransomware for now. I’m going in cryptojacking lol.
For years we’ve been giving you the same advice – download apps only from the official sites. But you still have to be careful – it turns out that Apple is not as safe as you might think
In March 2021, the anti-malware provider Avast shared a list of 133 fraudulent apps. That list was made available to Apple. Over a year later, a firm called Sensor Tower found that more than 60% of these reported apps were still active on the AppStore.
Sensor Tower estimates that these apps are scamming users for more than 100M annually. Their report notes that it is “almost ridiculous how easy it is to identify these Apps just based on publicly available information.”
But if Apple is not going to do its work, you as a user have to. Here’s some tips. Before you load an app, make sure it has a legitimate online audience – Google it. Look carefully at the reviews on the site – many of these apps had one star ratings.
A new study from Juniper Research has found that losses in online payment fraud globally between 2023 and 2027 will exceed $343 billion.
What is it? Online payment fraud includes losses across the sales of digital goods, physical goods, money transfer transactions and banking and even airline ticketing. These attacks have a wide footprint – phishing, business email compromise and social engineering.
While the crooks are creative and will continue to innovate, two key areas to watch include online payment fraud which includes account takeover, where a user’s account is hijacked and physical goods purchases which the report lists as the largest single source of losses. These will account for 49 per cent of online payment fraud losses over the next 5 years. That’s a growth rate of 110 per cent.
Users have to question everything in this new world of creative cyber security threats. Never get rushed. Always ask questions and if you aren’t certain – don’t pay – pick up the phone and call the company making the request. No payment, no deal – no nothing has to be done under pressure. Be certain.
That’s Cyber Security today for Wednesday July 13, 2022.
Follow Cyber Security Today whenever you get your podcasts – Apple, Google or other sources. You can also have it delivered to you via your Google or Alexa smart speaker.
I’m Jim Love, CIO of ITWC, publishers of IT World Canada and creators of the ITWC podcasting network.
I’m also host of Hashtag Trending, the Weekend Edition where I do an in-depth interview on topics related to information technology, security, data analytics and a host of other topics. If you’ve got some extra time after you’ve listened to Howard’s great weekend interview, check us out at itworldcanada.com/podcasts or anywhere you get your podcasts.
I’ll be filling in again on Friday, but Howard will be back for the weekend edition of CyberSecurityToday.