Cyber Security Today: Jan. 9, 2019 — A texting bank scam aimed at Canadians; a WhatsApp hoax; hot tub trouble

A new SMS texting scam is trying to fool Canadians into giving up bank passwords, a WhatsApp scam is going around and why a Wi-Fi app for a hot tub can get you into hot water.

Welcome to Cyber Security Today. It’s Wednesday January 9th. To hear the podcast, click on the arrow below:

Cyber Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

There’s a bank scam going around that uses SMS text messaging to get Canadians to give up personal information and their passwords. It starts with a text message that reads something like “Scotiabank Alert: Your card starting with 4536 is disabled for security. Please secure your account below” — and there’s a link that includes the bank’s name for you to click on. Ignore this. Don’t click on the link. First, banks don’t send warning text messages. Second, many Canadian-issued credit card start with the same digits — like “45” plus two more digits — that are set by the global banking industry to show where the card comes from. So these first four numbers aren’t a secret, and they’re not your personal credit or debit card number. And third, the fact that the link doesn’t start with HTTPS is a giveaway. By the way, this type of scam has been seen in the U.S. as well so American listeners should ignore supposed text messages from a bank as well.

Speaking of text messages, do you use WhatsApp for texting? If so you should be aware of a curious hoax message being spread that warns of a virus video called Martinelli. Ignore this message, and don’t forward it to anyone. It may be part of a scam to get users to upgrade to something called WhatsApp Gold. That particular scam has been going on for two years. There is no version called WhatsApp Gold. Don’t click on a link for an update. WhatsApp usually updates itself, and not through a text message.

Here’s another reason to be careful about mobile apps that control your home devices. A British security testing company discovered the Wi-Fi app that goes with a hot tub made by Balboa Water Group can be hacked. The app, which connects to a home Wi-Fi router, lets the user wirelessly control things like the hot tub’s temperature. But a hacker could also take control as well. Why? Because users don’t have to enter a password. When the testing company contacted the manufacturer to point out the flaw, it got no response. It took a query from the BBC to get action. The company says it will update and make the app more secure in February. Two lessons here: First, shoppers need to ask how an app works before buying an Internet-connected product. Is it secure? Second, companies need to be more responsive about the products they sell. This is an example of bad publicity.

On Monday I told you about a large hack of German politicians, reporters and celebrities. Well, yesterday police arrested a 20-year-old man. Police say he acted alone.

Finally, if you’re a IT pro and interested in cloud security, on Thursday January 17th there’s a Cloud Security Summit in downtown Toronto. I’ll be there to cover it. IT World Canada CIO Jim Love will be one of the many speakers. Admission is free. Registration details can be found here, as well as on the events page of ITWorldCanada.com

That’s it for Cyber Security Today. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening. I’m Howard Solomon

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

ITWC podcast network

Subscribe to ITWC podcasts and never fall behind on the conversation in technology again. Our daily podcasts are perfect to add to your smart speaker’s daily briefing or to your favourite podcast app on your smartphone. 

Cyber Security Today Podcast

#Hashtag Trending Podcast