Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label FCC. Show all posts
Wireless
Cyber Scammers cyber threat Cyberattacks CyberCrime FBI FCC Financial Loss Reddit SIM SIM swap Swap Scam T-Mobile Technology Verizon Wireless

Inside Job Exposed: T-Mobile US, Verizon Staff Solicited for SIM Swap Scam

 


T-Mobile and Verizon employees are being texted by criminals who are attempting to entice them into swapping SIM cards with cash. In their screenshots, the targeted employees are offering $300 as an incentive for those willing to assist the senders in their criminal endeavours, and they have shared them with us. 

The report indicates that this was part of a campaign that targets current and former mobile carrier workers who could be able to access the systems that would be necessary for the swapping of SIM cards. The message was also received by Reddit users claiming to be Verizon employees, which indicates that the scam isn't limited to T-Mobile US alone. 

It is known that SIM swapping is essentially a social engineering scam in which the perpetrator convinces the carrier that their number will be transferred to a SIM card that they own, which is then used to transfer the number to a new SIM card owned by the perpetrator. 

The scammer can use this information to gain access to a victim's cell phone number, allowing them to receive multi-factor authentication text messages to break into other accounts. If the scammer has complete access to the private information of the victim, then it is extremely lucrative. 

SIM swapping is a method cybercriminals utilize to breach multi-factor authentication (MFA) protected accounts. It is also known as simjacking. Wireless carriers will be able to send messages intended for a victim if they port the victim’s SIM card information from their legitimate SIM card to one controlled by a threat actor, which allows the threat actor to take control of their account if a message is sent to the victim. 

Cyber gangs are often able to trick carrier support staff into performing swaps by presenting fake information to them, but it can be far more efficient if they hire an insider to take care of it. In the past, both T-Mobile and Verizon have been impacted by breaches of employee information, including T-Mobile in 2020 and Verizon last year, despite it being unclear how the hackers obtained the mobile numbers of the workers who received the texts. 

The company stated at the time that there was no evidence that some of the information had been misused or shared outside the organization as a result of unauthorized access to the file, as well as in 2010 a Verizon employee had accessed a file containing details for about half of Verizon s 117,00-strong workforce without the employee's authorization.

It appears that the hackers behind the SIM swap campaign were working with outdated information, as opposed to recent data stolen from T-Mobile, according to the number of former T-Mobile employees who commented on Reddit that they received the SIM swap message. As the company confirmed the fact that there had not been any system breaches at T-Mobile in a statement, this was reinforced by the company. 

Using SIM swap attacks, criminals attempt to reroute a victim's wireless service to a device controlled by the fraudster by tricking their wireless carrier into rerouting their service to it. A successful attack can result in unauthorized access to personal information, identity theft, financial losses, emotional distress for the victim, and financial loss. Criminals started hijacking victims' phone numbers in February 2022 to steal millions of dollars by performing SIM swap attacks. 

The FBI warned about this in February 2022. Additionally, the IC3 reported that Americans reported 1,075 SIM-swapping complaints during the year 2023, with an adjusted loss of $48,798,103 for each SIM-swapping complaint. In addition to 2,026 complaints about SIM-swapping attacks in the past year, the FBI also received $72,652,571 worth of complaints about SIM-swapping attacks from January 2018 to December 2020. 

Between January 2018 and December 2020, however, only 320 complaints were filed regarding SIM-swapping incidents resulting in losses of around $12 million. Following this huge wave of consumer complaints, the Federal Communications Commission (FCC) announced new regulations that will protect Americans from SIM-swapping attacks to protect Americans from this sort of attack in the future.

It is required by the new regulations that carriers have a secure authentication procedure in place before they transfer the customer's phone numbers to a different device or service provider. Additionally, they need to warn them if their accounts are changed or they receive a SIM port out request.
Read more »
Phishing Attacks
Android Apple cryptocurrency Cyberattacks CyberCrime Cybersecurity Data Breach Threat FCC iOS Phishing Attacks

Sophisticated Phishing Tactics Unveiled in Targeted FCC Cybersecurity Breach

 


Several phishing campaigns targeting employees of cryptocurrency platforms such as Binance and Coinbase and the Federal Communications Commission (FCC) have been discovered, including one dubbed CryptoChameleon, which targets cryptocurrency platforms and employees. Based on an analysis from Lookout, the victims of this attack primarily use Apple iOS and Google Android devices with SSO solutions, such as Okta, Outlook, and Google, with their Apple and Google accounts with single sign-on. 

Several days ago, Lookout, a company focused on cloud security, announced that it had discovered an "advanced phishing kit" that targeted cryptocurrency exchanges, revealing techniques similar to what was expected. The phishing kit, which has been dubbed CryptoChameleon, can also be used to cheat the Federal Communications Commission (FCC) by using mobile devices. 

Most of the intended targets are crypto traders, single sign-on (SSO) services in the U.S., Binance staff, and Coinbase employees, with a small minority being Bitcoin traders and SSO service users. The kit seeks to trick victims into sharing sensitive information, including usernames, passwords, password reset URLs, and photo IDs, by sending carbon copies of SSO pages, phishing emails, SMS messages, and call-in scams via email, SMS, and voice mail, mainly aimed at US users.  

A suspicious new domain registration for the domain fcc-oktacom led researchers to discover a suspicious phishing kit. Cryptocurrency platforms and SSO services, including Coinbase, are most commonly targeted by this phishing kit, which is capable of impersonating a variety of company brands, with Coinbase being the most frequently targeted service.

Other websites were using the kit, and the majority of these websites used a subdomain of official-servercom as their C2 instead of their main domain. A recent blog post by Lookout states that the attack has been successful in phishing over a hundred people, many of whom remain active today. It is noteworthy that the C2 server URL, the client-side logic, and the style sheets were included in the kit. 

Most cybercriminals host their sites on RetnNet hosting. To prevent automated analysis tools from identifying the site, victims must first complete a captcha, known as hCaptcha, which provides the site with credibility. It appears CryptoChameleon is replicating the fashions used by Scattered Spider, specifically through its impersonation of Okta and the use of domain names previously assumed to be associated with the organization by Lookout. 

It is important to remember that the phishing kit has significantly different capabilities and C2 infrastructure than the phishing kit, even though the URL and spoofed pages look similar to what Scattered Spider might create. It is common for threat actors to copy one another's tactics and procedures when the tactic or procedure has been so publicized that it has become widely accepted. 

Furthermore, it remains unclear if this is the work of a single threat actor or a tool that is being used by many different groups at the same time. This is what has made the threat actors so successful in stealing high-quality data, according to Lookout, as high-quality phishing URLs, login pages that perfectly match the look and feel of legitimate websites, a sense of urgency, and consistent communication via SMS and voice calls have enabled them to steal data so efficiently. 

As soon as the attackers get access to the victim, they use their credentials to log in, and based on information that has been provided by the MFA service, they direct them to the appropriate page.  In addition to employees of the Federal Communications Commission (FCC), this phishing kit targets cryptocurrency users of Binance, Coinbase, and various other platforms that provide cryptocurrency services like Binance, Coinbase, Gemini, Kraken, ShakePay, Caleb & Brown, and Trezor. 

There have been over 100 successful phishing attacks on victims so far. As a result, automated analysis tools are not able to flag the sites because the fake login screen is displayed only after the victim completes a CAPTCHA test using hCaptcha, thus preventing them from being flagged. 

By mimicking a company's customer service team with the pretence that it is protecting a person's account after a purported hack, these pages can be distributed via unsolicited phone calls and text messages. As a result, the victim's phone number and the choice of six- or seven-digit code can be customized on the phishing page. 

Cryptocurrency platforms and Single Sign-On services are the most frequently targeted services by phishing kits that impersonate various company brands, with Coinbase being the most commonly targeted.  

Further, victims are also lured through phone calls, emails, and text messages, when phishing emails are disguised as legitimate messages from cryptocurrency platforms or the Federal Communications Commission (FCC) with malicious links, while SMS messages are disguised as legitimate notifications from cryptocurrency platforms or the FCC. 

Lookout customers have been protected against these phishing sites since the beginning of January 2024 due to the similarity of infrastructure and the similarity of previous attacks.
Read more »
U.S. Patent and Trademark Office
Cyber Security Cyber Trust Mark FCC Federal Communications Commission Home Security Joe Biden NIST U.S. government U.S. Patent and Trademark Office

Cyber Trust Mark: U.S. Administration Introduces Program to Boost Home Security


This Tuesday, Joe Biden’s government announced a ‘U.S. Cyber Trust Mark’ program that will focus on cybersecurity certification and product labels of smart home tech, as a step to help consumers choose products that provide better protection against cyber activities.

The new program was proposed by the Federal Communications Commission Chairwoman Chairperson Jessica Rosenworcel. The program apparently aims at helping consumers make well-informed decisions over purchasing products, like identifying the marketplace with advance cybersecurity standards.

"The goal of the program is to provide tools for consumers to make informed decisions about the relative security of products they choose to bring into their homes," the administration said.

U.S. Cyber Trust Mark

Under the proposed programs, consumers are likely to see a newly formed “U.S. Cyber Trust Mark” label, that will serve as a shield logo, distinguishing the products that satisfies the established cybersecurity criteria. Apparently, these criteria will be decided by the National Institute of Standards and Technology (NIST), which will include criteria like unique and strong default passwords, data protection, software updates and incident detection capabilities.

According to the administration, a number of significant retailers, trade groups, and manufacturers of consumer goods such electronics, appliances, and consumer goods have made voluntarily commitments to improve cybersecurity for the products they sell. Amazon, Best Buy, Google, LG Electronics USA, Logitech, and Samsung Electronics are among the participants.

Plans for the program was prior discussed by the Biden administration in late 2022 to establish a voluntary initiative with internet of things makers to help ensure products meet minimum security standards.

Reportedly, the FCC, which is responsible for regulating wireless communication devices is set to seek public comment regarding the labeling program by 2024.

According to the administration, the FCC is applying for registration to the U.S. Patent and Trademark Office to register a national trademark that would be used on products that satisfy the predetermined standards. 

"The proposal seeks input on issues including the scope of devices for sale in the U.S. that should be eligible for inclusion in the labeling program, who should oversee and manage the program, how to develop the security standards that could apply to different types of devices, how to demonstrate compliance with those security standards, how to safeguard the cybersecurity label against unauthorized use, and how to educate consumers about the program," the FCC notice says.

The proposal highlights inclusion of a QR code to products that will provide consumers with information, pending a certification mark approval by the U.S. Patent and Trademark Office.

Read more »
Public USB Stations
Cyber Security FBI FCC Juice Jacking Public Charging Stations Public USB Stations

Juice Jacking: FBI Warns Against Using Public USB Stations


Public USB ports are now available almost anywhere. One can plug his smartphone, tablet, or other electronic devices to charge his batteries. Although this may seem like a blessing to some, the FBI says it's otherwise. 

The FBI has just issued a warning to consumers telling them not to use free public charging stations since cybercriminals have managed to take control of them and infect devices with malware, which may allow hackers access to your phone, tablet, or computer. 

“Avoid using free charging stations in airports, hotels or shopping centers[…]Bad actors have figured out ways to use public USB ports to introduce malware and monitoring software onto devices,” the bureau stated in a tweet. 

What is “Juice Jacking”? 

A cyber-attack technique called “juice jacking” allows hackers to use public USB ports to infect victims’ devices with malware and monitoring software. Theoretically, these types of tools that may be set up in this manner enable hackers to gain access to the data on your smartphone and steal your passwords, allowing them to carry out activities like identity theft, money transfers from your bank account, or even just selling your information on the dark web. 

Due to the rising popularity of public charging stations, which are now available in airports, shopping malls, and train stations, there is a higher chance of victims falling prey to cyberattacks of this kind. Users may not be able to recognize the risk since the hackers alter the charging station and pass it off as authentic. 

However, despite being aware of the danger, many people still charge their phones. According to a consumer alert issued by the FCC in 2021, criminals may leave cables at the stations or may even distribute infected cords as a promotional gift. 

How Can You Protect Yourself from Juice Jacking? 

Here we are recommending some measures FCC advised by FCC to avoid becoming a juice jacking victim: 

Do Not Use USB Charging Stations: The best approach to avoid juice jacking is to utilize an AC power outlet rather than a public charging station. Some users solely stick to USB charging because certain smartphones are sold without an AC power adaptor and they may be pricey. Also, it is possible that some power stations not have AC power outlets. 

Use Your Own AC, Car Chargers, and USB Cables: People who use their smartphones for extended periods of time will find external and portable batteries to be helpful. Although it adds to the cost, it is a secure method of avoiding being "juiced." 

Use a Charging-only Cable: The gadget battery may be charged and data can be transferred using USB ports. There are wires designed solely for charging that forbid sending or receiving data. When you wish to use a public charging station, get one from a trustworthy supplier.  

Read more »
User Privacy
Customer Data Data Breach Data Leak FCC Telecom Firms United States User Privacy

FCC Wants Telecom Companies to Notify Data Breaches More Quickly

 

The Federal Communications Commission of the United States intends to improve federal law enforcement and modernise breach notification needs for telecommunications firms so that customers are notified of security breaches as soon as possible.

The FCC's proposals (first made public in January 2022) call for getting rid of the current requirement that telecoms wait seven days before notifying customers of a data breach. 

Additionally, the Commission wants telecommunications providers to notify the FBI, Secret Service, and FCC of any significant breaches. 

According to FCC Chairwoman Jessica Rosenworcel, "We propose to eliminate the antiquated seven business day mandatory waiting period before notifying customers, require the reporting of accidental but harmful data breaches, and ensure that the agency is informed of major data breaches.

In a separate press release, the FCC stated that it was considering "clarifying its rules to require consumer notification by carriers of inadvertent breaches and to require notification of all reportable breaches to the FCC, FBI, and U.S. Secret Service." 

In 2007, the Commission passed the first regulation mandating that telecoms and interconnected VoIP service providers notify federal law enforcement agencies and their clients of data breaches. 

The severity of recent telecom hacks demonstrates the need for an update to the FCC's data breach rules to bring them into compliance with federal and state data breach laws governing other industries. For instance, Comcast Xfinity customers reported in December that their accounts had been compromised as a result of widespread attacks that avoided two-factor authentication.

Verizon informed its prepaid customers in October that their accounts had been compromised and that SIM swapping attacks had used the exposed credit card information.

According to reports, T-Mobile has also experienced at least seven breaches since 2018. The most recent one was made public after Lapsus$ hackers broke into the business' internal systems and stole confidential T-Mobile source code.

Finally, in order to end an FCC investigation into three separate data breaches that affected hundreds of thousands of customers, AT&T paid $25 million in April 2016.

"The law requires carriers to protect sensitive consumer information but, given the increase in frequency, sophistication, and scale of data leaks, we must update our rules to protect consumers and strengthen reporting requirements," Rosenworcel stated. "To better protect consumers, boost security, and lessen the impact of future breaches, this new proceeding will take a much-needed, fresh look at our data breach reporting rules."
Read more »
SMiShing
Cyber Security FCC Robotexts SMiShing

FCC Alerts American Users About Rising Smishing Attacks

Smishing attacks and their impact

The FCC (Federal Communications Commission) raised an alert to warn Americans about the increasing danger in smishing (robotexts) attacks that aim for stealing personal information or are used in financial scams. FCC says that Robocall Response Team is alerting consumers to the rising threat of robotexts. 

Substantial increases in consumer complaints to the FCC, reports by non-government robocall and robotext blocking services, and anecdotal and news reporting make it clear that text messages are increasingly being used by scammers to target American consumers.

How are Smishing attacks carried out?

Hackers use various tricks to lure victims into giving out their personal information or sending the hacker money. Sometimes the hackers use SMS that contains incorrect but very real information about unpaid bills, order delivery status, bank account issues, etc. 

According to FCC "consumers who have filed complaints with the FCC say some of the texts resemble email spam, with links to unwanted and unsolicited products. But many of the texts appear to be ploys to steal valuable personal or financial information." 

In a few cases, the data that is collected from these smishing campaigns are used in the future for other malicious purposes. The alert warns American users to not respond to or open any links they see in their inbox. The warning came out after various users registered complaints about unwanted SMS, which in recent times, have increased from 5700 in 2019, 14,000 in 2020, 15,300 in 2021, to 8,500 by June 2020.

How to protect yourself against smishing attacks, according to FCC-

  • Avoid responding to malicious texts, don't click "STOP" if the SMS asks you not to receive messages.
  • Never click on links.
  • Never give information either through SMS or a website.
  • File a complaint if the suspicious text is received.
  • Delete all suspicious SMS.
  • Keep your device and OS updated.
  • Use antivirus software if needed.
  • Go through company policies related to opting out of text alerts, or sharing useful info.

If you think you've been hit by a smishing attack, contact your local law enforcement agency ASAP and inform the wireless service providers and your banks.

Read more »
net neutrality
communication FCC free internet net neutrality

Net Neutrality Repealed in US by FCC

In a 3-2 vote on Thursday, the Federal Communications Commission, in response to a proposal by Ajit Pai, Chairman of the FCC, has accepted the discard of the net neutrality rules that stopped broadband providers from blocking websites, charging extra for higher-quality service, or certain content.

These regulations were created to ensure that providers treat all internet traffic equally and the dismantling of net neutrality has caused outrage and panic among U.S. citizens on the social media.

This action has reversed their 2015 decision to have stricter and stronger oversight over internet providers to ensure the safety of free communication online.

The commission’s chairman, Ajit Pai, has defended the vote saying that this would ultimately benefit the customers as corporations like AT&T and Comcast would be able to provide them a wider range of services, adding that this move would encourage competition and prove as an incentive to build networks.

However, the general consensus seems that this is a move in favor of large corporations and not the consumers. This will also affect start-ups and smaller companies as they have to pay to reach a wider audience.

Democratic Leader Nancy Pelosi described this decision as "a stunning blow" to the promise of a free and open Internet.

"With this unjustified and blatant giveaway to big providers, FCC Chairman Ajit Pai is proving himself an eager executor of the Trump Administration's anti-consumer, anti-competition agenda," Pelosi said.

After the uproar caused over this decision, major broadcast providers like AT&T and Comcast have promised their customers that their online experience will not change, but many are skeptical that companies will not adhere to their promise now that there is lighter regulation over their activities.

Several public interest groups and democratic state attorneys have allegedly promised to file a suit to stop this change.
Read more »
Subscribe to: Posts (Atom)