Tag Archive for: points

AI hacking scams are on the rise – here’s how to protect your money, points and miles


In 2023, the Federal Trade Commission received 2.6 million fraud reports totaling $10 billion lost to scams, the highest annual loss ever reported. Of those reports, the overwhelming majority were imposter scams where a fraudster impersonates a bank’s fraud department, the government, a business, a relative, a love interest or a technical support representative.

As artificial intelligence becomes easier to access and more sophisticated, it is quickly rising through the ranks as an effective way for scammers to gain access to your accounts, draining them of money or points and miles.

The FTC is actively seeking to thwart AI-generated so-called deepfakes by enacting a rule prohibiting the impersonation of individuals. A deepfake is an image or video that has been digitally manipulated using a form of AI called deep learning. This technology allows fraudsters to make it appear as if someone is saying or doing something that never happened.

This would be an extension of an existing rule against impersonating businesses or government officials.

In fact, the FTC issued a consumer alert last year warning people against scammers who use AI to clone a loved one’s voice in an attempt to have you send them money. Not only can they impersonate the voice of someone you know, but they can also use AI to generate fake images to make their story more convincing.

How is AI being used by scammers?

“Someone could impersonate your child’s voice and tell you that they are out of town, lost their phone and need money right away,” Adrianus Warmus, a cybersecurity expert at NordVPN, told TPG. “They can then use an AI tool to scrape that person’s Facebook or Instagram and create an image that ‘proves’ it’s really them reaching out to you from wherever they say they are,” he explained.

LIUBOMYR VORONA/GETTY IMAGES

Playing to your emotions is not the only way scammers use AI technology to separate you from your money and travel funds.

Related: How and why you should use a VPN internet connection while traveling

Scammers can also use AI to spoof an email address. “It’s possible to impersonate or take over an email address and use AI to even impersonate someone’s writing style to make it sound convincing,” Jeff Reich,…

Source…

Talking Points: Protecting yourself from cyber security threats (part 3)


Talking Points: Protecting yourself from cyber security threats (part 3) – CBS Minnesota


Watch CBS News



In the past few weeks, Minneapolis Public School data has been stolen by a hacker and put on the dark web. If it can happen here, can it happen anywhere? For decades, listeners could count on WCCO’s Tech Talk anchor Doug Swinhart to answers their computer questions. Swinhart shared tips to recognize phishing scams and how to browse the web with common sense.

Be the first to know

Get browser notifications for breaking news, live events, and exclusive reporting.


Source…

Remcos Trojan back on Check Point’s top 10 list of global threats


Check Point Software Technologies’ Global Threat Index for February has seen Remcos Trojan return to the top 10 list for the first time since December 2022, after it was reported being used by threat actors to target Ukrainian government entities through phishing attacks.

According to the report, conducted by Check Point Research (CPR), Emotet Trojan and Formbook Infostealer placed second and third respectively, while education/research remained the most targeted industry, followed by government/military and healthcare.

Despite researchers identifying a 44 per cent decrease in the average number of weekly attacks per organization between October 2022 and last month, Ukraine remains a popular target for cybercriminals following the Russian invasion.

“In the most recent campaign, attackers impersonated Ukrtelecom JSC in a mass email distribution, using a malicious RAR attachment to spread the Remcos Trojan,” authors of the report note.

“Once installed, the tool opens a backdoor on the compromised system, allowing full access to the remote user for activities such as data exfiltration and command execution. The ongoing attacks are believed to be linked to cyberespionage operations due to the behavior patterns and offensive capabilities of the incidents.”

Researchers also revealed that “while there has been a decrease in the number of politically motivated attacks on Ukraine, they remain a battleground for cybercriminals. Hacktivism has typically been high on the agenda for threat actors since the Russo-Ukrainian war began and most have favored disruptive attack methods such as DDoS to garner the most publicity.

“However, the latest campaign used a more traditional route of attack, using phishing scams to obtain user information and extract data. It’s important that all organizations and government bodies follow safe security practices when receiving and opening emails.”

This includes not downloading attachments without scanning them first, avoiding clicking on links within the body of the email, and checking the sender address for any abnormalities such as additional characters or misspellings, the report stated.

Qbot was the most prevalent malware last month,…

Source…

Ransomware Report Points to Leadership Problems


By the looks of things, phishing and ransomware are here to stay. There was a time when a wannabe hacker needed moderate coding and hacking skills, but today’s cybercriminals can use a credit card to purchase ready-made phishing and ransomware kits from the dark web. 

A recent report, “Fighting Phishing: The IT Leader’s View,” published by security software firm Egress, confirmed that phishing and ransomware are causing a revolving door of break-ins and breaches for businesses. Yet, there continues to be a disconnect about the prioritization of cybersecurity at the board of directors level, the report found. The report surveyed 500 U.S. and UK IT leaders from businesses that ranged from medium to enterprise sizes.

“In addition to the disconnect at the board level, the one [report] stat that jumped out to us was the fact that 84% of surveyed organizations have suffered a phishing attack in the past 12 months,” said Jack Chapman, Egress vice president of threat research.

“That is a staggering number with all the discussions about cybersecurity that have gone on around the world this past year,” Chapman added. He noted that the large number of phishing victims suggests that threats are becoming more sophisticated and targeted.

For the organizations affected by phishing attacks, there was a relatively even split between two key tactics attackers used to deploy malware: people clicking malicious links (52%) and people opening malicious attachments (45%).

Watch this video to learn about ransomware prevention tactics and more.

The Effectiveness of Security Awareness Training

Security awareness training for employees does not appear to diminish the amount of phishing exposure. “The research found that 98% of organizations have delivered security awareness training to employees,” Chapman said. “Clearly, security awareness training alone is not enough to protect employees from phishing.”

Forty-five percent of surveyed IT leaders said their organizations change their…

Source…