7 Key Takeaways from the FBI’s 2024 Cybercrime Report
The FBI’s latest report reveals billions lost to cybercrime, rising scams, and who’s being targeted most
Blog
/
Threat Matrix: A Record-Setting Ransomware Payment and a Life-Savings Erasing Phishing Scam
Threat Matrix: A Record-Setting Ransomware Payment and a Life-Savings Erasing Phishing Scam
The latest news from the digital underbelly and how to protect your business
Welcome to the August edition of Upfort’s Threat Matrix, your essential guide to cybersecurity news tailored for small business owners. In this edition, we detail growing phishing scams targeting loyalty programs and homebuyers, a world-record ransomware payment that will only encourage more malicious activity, and emerging digital threats of various kinds.
Let’s get into it.
Want to help keep your business safe? Take two minutes to fill out our interactive cybersecurity checklist or take a free cyber security risk assessment, which taps Upfort’s state-of-the-art AI and continually updated Consolidated Threat Database (CTD) to surface exploitable vulnerabilities in your digital network.
The Rising Threat of Loyalty Program Hacking
Loyalty programs have become a lucrative target for cybercriminals. Hackers are increasingly using stolen credentials and phishing tactics to gain access to these accounts, siphoning off points, miles, and rewards. Victims often only realize their accounts have been compromised when it's too late, and recovering stolen points can be challenging, if not impossible.
How to defend yourself: To protect your loyalty program accounts, use strong, unique passwords for each account, enable multi-factor authentication (MFA), and regularly monitor your account activity.
Real Estate Wire Fraud: A Growing Threat with Devastating Consequences
Real estate wire fraud is a sophisticated scam where cybercriminals intercept legitimate communications between homebuyers, sellers, and real estate professionals. They often hack email accounts and insert fraudulent wire transfer instructions, tricking victims into sending large sums of money to accounts controlled by the criminals. These scams typically occur right before closing, when substantial amounts of money are at stake, leaving victims with little recourse once the funds are transferred.
How to defend yourself: To protect against real estate wire fraud, always verify wire transfer instructions directly with your real estate agent or title company using a trusted method like a phone call, not email.
These scams typically occur right before closing, when substantial amounts of money are at stake, leaving victims with little recourse once the funds are transferred.
“Dark Angels” Ransomware Nets Record $75 Million Payment
The Dark Angels ransomware gang has set a new record by receiving a staggering $75 million ransom from a company, showcasing a dangerous escalation in the scale and impact of ransomware attacks. According to the 2024 Zscaler Ransomware Report, the unnamed company was a member of the “Fortune 50.” The group is known for using sophisticated tactics to infiltrate systems, encrypt data, and threaten victims with the public release of stolen information if demands aren’t met. The incident underscores the growing risk of ransomware for businesses of all sizes, including small businesses that may lack the resources to recover from such attacks.
How to defend yourself: Small business owners should prioritize cybersecurity measures, such as regular data backups stored offline, maintaining up-to-date antivirus software, and training employees to recognize phishing attempts. Implementing multi-factor authentication (MFA) and a robust firewall can further protect against unauthorized access.
FBI Warns of Scammers Impersonating Crypto Exchange Employees
The FBI has issued a warning about a rising scam where cybercriminals pose as employees of cryptocurrency exchanges to defraud unsuspecting victims. These scammers contact individuals through phone calls, emails, or social media, convincing them to reveal sensitive information, such as account credentials or private keys, under the guise of assisting with account issues or security measures. The fraudulent actors then use this information to steal cryptocurrencies or drain accounts, leaving victims with substantial financial losses.
How to defend yourself: Avoid sharing credentials or personal details through unverified channels. Utilize strong, unique passwords and enable multi-factor authentication (MFA) on all accounts, especially those related to financial transactions or cryptocurrency.
OneBlood Hit by Ransomware Attack, Critical Systems Encrypted
OneBlood, a major blood donation organization, has suffered a ransomware attack that resulted in the encryption of its virtual machines. The cyberattack disrupted vital operations, putting the non-profit organization in a precarious position as they worked to restore their systems and prevent further damage. This incident underscores the ongoing threat ransomware poses to critical infrastructure, particularly in the healthcare sector, where operational disruptions can have serious consequences.
How to defend yourself: To protect against ransomware, businesses should regularly update software, conduct frequent data backups, and employ network segmentation. It's also crucial to train employees on recognizing phishing attempts and other common attack vectors. Using robust cybersecurity tools and ensuring quick incident response plans are in place can significantly reduce the impact of such attacks.
Fake Google Authenticator Site Promoted via Google Ads Installs Malware
Cybercriminals are using Google Ads to promote a fake Google Authenticator website that installs malware on unsuspecting users' devices. The fraudulent site mimics the official Google Authenticator page, tricking users into downloading a malicious installer. This tactic highlights the dangers of clicking on ads without verifying their authenticity and underscores the need for vigilance when downloading software, even from seemingly reputable sources.
How to defend yourself: Always double-check URLs before downloading software, and avoid clicking on ads for critical tools like authenticator apps. Instead, navigate directly to official websites (like the Google Play Store) through trusted search results or bookmarked links.
The fraudulent site mimics the official Google Authenticator page, tricking users into downloading a malicious installer.
Fraud Ring Floods Facebook with 600+ Fake Web Shops to Scam Users
A sophisticated fraud ring has exploited Facebook's ad platform to promote over 600 counterfeit online stores, targeting unsuspecting users with fake products. These fraudulent sites, often masquerading as legitimate e-commerce platforms, trick users into making purchases that never arrive, leaving them out of pocket and potentially compromising their personal information. The scammers' operation has raised significant concerns about the effectiveness of Facebook's ad verification processes and the ease with which malicious actors can manipulate the platform.
How to protect yourself: To safeguard against these scams, always verify the legitimacy of online stores before making a purchase. Check for customer reviews, look for secure website indicators like HTTPS, and avoid clicking on unsolicited ads or links from unfamiliar sources. Additionally, consider using a credit card for online transactions, as it often offers better fraud protection compared to other payment methods.
Siri Bug Enables Data Theft on Locked Apple Devices
A recently discovered vulnerability in Apple's Siri allows unauthorized access to sensitive data on locked iOS devices. This bug enables attackers to bypass the device's lock screen and retrieve personal information, such as contacts and calendar events, simply by using voice commands. The issue has raised alarms about the security of Apple's voice assistant and the potential risks it poses to user privacy.
How to protect yourself: To mitigate the risk of data theft, ensure that your device is updated with the latest security patches from Apple. You can also adjust Siri settings to limit its functionality on the lock screen by going to Settings > Siri & Search and toggling off "Allow Siri When Locked." Additionally, consider using strong, unique passwords and enabling two-factor authentication for added security.
Dynamically Evolving SMS Stealer Threatens Global Android Users
A new and rapidly evolving SMS stealer malware is posing a significant threat to Android users worldwide. This sophisticated threat dynamically changes its tactics to evade detection and steal sensitive information from SMS messages, including verification codes and personal details. The malware's ability to adapt and disguise itself makes it a formidable challenge for traditional security measures, raising concerns about the security of mobile communications.
How to protect yourself: To defend against this type of malware, avoid clicking on suspicious links or downloading unverified apps from unknown sources. Keep your Android device updated with the latest security patches and consider using a reputable mobile security app for added protection. Be cautious of unexpected SMS messages requesting personal information or verification codes and verify the legitimacy of any communication before responding.
