Cyber Security Today: An email salary scam, delete this WordPress plugin and who’s that knocking?

Delete this vulnerable WordPress plugin, a new type of email payroll scam tries to change your bank salary deposit and  police going after users of captured DDoS for hire site.

 

Cyber Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

Here’s a new take on the business email compromise scam. A typical con is a criminal sends you an email pretending to be a senior official from your firm. The message asks you to transfer money to an account for business reasons. Security writer Graham Cluley says the new scam is an email sent to the human resources department pretending to be from an employee. The message asks HR to change the bank the company sends the employee’s salary to. The company may reply by email asking for a cancelled cheque or bank letter to confirm. But the criminal may counter with ‘is it OK if I just send you the transfer information?’ So companies have to be careful handling salary payment changes only by email.

WordPress is a popular web-based content management application companies can use for managing their websites. It makes it easy for people to set up a store, or a blog. You can even start with a small site for free. However, the popularity of WordPress means sites that use it are targets for hackers. One particular type of vulnerability are the plugins you can get to add capabilities to a site — like a file manager or an appointment booking calendar. Security researchers at a company called WordFence are now warning that flaws in a plugin called Total Donations is being exploited. The problem could allow an attacker to take over the site. This plugin is used by non-profits, churches or political organizations for donations. One problem is the developers of the plugin can’t be contacted, giving the impression it’s been abandoned. So the best advice for WordPress administrators using Total Donations is to delete it.

Plugins — also called extensions — are popular for a number of applications, including your Internet browser. Ad blockers, toolbars, spellcheckers, apps that help you take screen shots are just some of the common plugins. But remember: Any plugin has to be maintained by the developer for security reasons. Before downloading a plugin, see how often it gets updated, and when the last update was issued. That will give an indication of whether the developer is keeping an eye on it.

Finally, some people around the world are getting knocks on their doors, and it isn’t the mailman. Europol, the European police co-operative, said this week that cops in a number of countries are going after former users of a site called webstressor.org, which seized last April. For a small fee this site was used to launch denial of service attacks against websites and knock them offline. When police seized the site they also got hold of a list of over 150,000 users. Now police are starting to track them down. For example, recently police in the United Kingdom seized over 60 computing devices from people. There are lots of stressor sites like this offering ]’denial of service for hire.’ Often they are used by young people who get their kicks causing trouble for others. Police around the world may want to look at a program created by the Dutch police to deal with young first-time computer offenders before they get into deeper trouble by turning to theft.
That’s it for Cyber Security Today. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening. I’m Howard Solomon

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

ITWC podcast network

Subscribe to ITWC podcasts and never fall behind on the conversation in technology again. Our daily podcasts are perfect to add to your smart speaker’s daily briefing or to your favourite podcast app on your smartphone. 

Cyber Security Today Podcast

#Hashtag Trending Podcast