Cyber Security Today: Criminal online network smashed, watch out for this Microsoft scam and return this key

Criminal online network smashed, watch out for this Microsoft scam and return this key

Welcome to Cyber Security Today. It’s Friday May 17th. I’m Howard Solomon, contributing reporter on cyber security for ITWorldCanda.com.
To hear the podcast click on the arrow below:

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

Police in several countries including the FBI have now charged people who ran an organized criminal malware distribution network believed to have infected some 41,000 computers around the world. Security researchers called it the GozNym network, after the malware that was installed to steal bank login credentials of victims. It is believed the gang got away with millions of dollars. Five Russian nationals have been indicted by a U.S. grand jury and are believed to be on the run. Criminal prosecutions have also been initiated in Moldova, Georgia, and Ukraine against several others. One gang member from Bulgaria was extradited to the U.S. in December 2016 to face prosecution. Typically victims were stung by clicking on phishing email. By the way, the gang was partly helped by an email hosting service often used by cyber criminals, a service dismantled in late 2016. The administrator of that service is now being prosecuted in Ukraine.

Criminals who want to trick you with a Microsoft Windows support scam often use phone calls to get victims, saying their computer has a serious problem that needs to be fixed — for a price. However, according to a report from Bleeping Computer, criminals are also using Microsoft’s Azure hosting service as a platform for these scams. They take advantage of people’s eagerness to try out or buy mobile or web apps, which Azure hosts. So bad guys create malicious apps. When a victim goes to a web site hosting the app, they get a message saying their computer has been infected with spyware or a virus. By the way, Mac users can also get these fake warnings.

Beware of screens that suddenly popup and say you have a virus alert from Microsoft. Be suspicious of a warning not to close the popup window. Ignore messages saying ‘Call this toll free number.’

I’ve talked before about the importance of two-factor or multi-factor authentication. One type is a special four or six digit code that gets texted to your smartphone. You have to enter it in addition to a user name and password for certain logins. Another is using a special fob like a Yubikey or Google Titan key. Well, this week Google said users of some its T1 and T2 Titan keys with Bluetooth have to send them back for a new one because of a bug. So do those who use a security key made by a company called Feitian. The key communicates by Bluetooth to a device, like a laptop. Unfortunately, a nearby hacker could connect their device under certain circumstances. Versions of security keys that plug into USB ports aren’t affected. Until you get a new key, one protection is make sure you use it only if other people aren’t close.

Finally, this week Microsoft released its monthly patches, so make sure your Windows system has the latest fixes. They include some important fixes for computers with certain Intel processors. And Apple rolled out fixes for iPhones and iPads, Macs, Apple Watches and Apple TVs.

That’s it for Cyber Security Today. Links to details about these stories can be found in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cyber security professionals. Cyber Security Today can be heard on Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening. I’m Howard Solomon

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

ITWC podcast network

Subscribe to ITWC podcasts and never fall behind on the conversation in technology again. Our daily podcasts are perfect to add to your smart speaker’s daily briefing or to your favourite podcast app on your smartphone. 

Cyber Security Today Podcast

#Hashtag Trending Podcast