Search This Blog

Showing posts with label User Privacy. Show all posts

Here's How Global Firms are Capturing First- & Zero-Party Data of Consumers

 

Changes in consumer privacy in the digital marketing environment are forcing firms to fundamentally rethink their data-driven marketing tactics.

Consumers are becoming more conscious of the importance of their personal information. Simultaneously, tech titans and authorities worldwide are cracking down on the gathering, storage, and sale of consumer data. In addition to Apple's well-publicized privacy-focused software updates, Google intends to phase out third-party cookies on both Chrome and Android next year in an effort to prevent consumer tracking. 

The loss of access to large amounts of third-party data has complicated everything from ad targeting to attribution for advertisers, who have long relied on user-level tracking techniques. 

A rising number of businesses are responding by using novel strategies to get consumers to provide their personal information. This can take the shape of first-party data, or information a business obtains directly from its clients, or even zero-party data, or details a client voluntarily provides to a business. Consumers are receiving innovative new rewards from brands in return for their important data. 

The leading consumer packaged goods (CPG) and restaurant businesses are profiled here, along with some creative first- and zero-party data collecting methodologies they have employed. We discuss how these strategies may have helped these companies survive the post-cookie era. 

For the win, use game-based incentive programmes 

Brands are coming up with strategies to engage consumers in order to obtain first- and zero-party data. For a membership sign-up, email address, or phone number, you might receive a range of incentives, such as discounts or entry into sweepstakes.

Some companies, on the other hand, are thinking outside the box and developing fresh strategies, including ones that combine gamification, loyalty rewards, personalised marketing, and unique product offerings. 

For instance, in January, the sandwich company Jimmy John's started distributing its first "Achievement badges" to its "Freaky Fast Rewards Members." Even though the company has offered rewards since 2019, the addition of badges makes using the Jimmy John's app more enjoyable and encourages members to return. 

One badge, dubbed "The Gauntlet," which was introduced earlier this year, gave a special, limited-edition beanbag chair to the first 100 members who ordered every sandwich on the menu. 

Low-cal workouts drive conversions 

Halo Top, a brand of low-calorie ice cream owned by Wells, has another gamified strategy. 

And CPG firms like Halo Top that frequently market and sell largely via retail channels as opposed to direct-to-consumer are especially well-served by acquiring first- and zero-party data. As stated by Adam Fish, director of omnichannel strategy at Wells, "Gaining first-party data scale for CPG brands is challenging because we don't own the transaction; however, first-party data helps brands best understand their consumer and build long-term data durability." 

The 'No Work Workouts' campaign, launched by Halo Top last month, encourages people to take pauses from their usual workout routines to partake in enjoyable, low-effort calorie-burning hobbies, such playing air guitar or watching scary movies

"For those consumers who give consent, we can ingest first-party data into our audience segments," says Fish. He continues by saying that the company has witnessed a notable increase in conversions since switching from using third-party data collection to a variety of data sources a few years ago.

UK Banks Issue a Warning Regarding an Upsurge in Internet Scams

 

Banks have issued a warning about a sharp rise in fraud in 2022, much of it coming from online sources. 77% of frauds now take place on dating apps, online markets, and social media., Barclays reported.

According to TSB, the major causes of this were an enormous rise in impersonation, investment, and purchase fraud instances. It was discovered that fraudulent listings on Facebook Marketplace had doubled, while impersonation frauds on WhatsApp had increased thrice in a year. 

Additionally, it claimed that there had been "huge fraud spikes" on Meta-owned platforms including Facebook and WhatsApp. Fraud, according to a spokesperson for Meta, is "an industry-wide issue," the BBC reported. 

"Scammers are using increasingly sophisticated methods to defraud people in a range of ways, including email, SMS, and offline," the company stated. "We don't want anyone to fall victim to these criminals, which is why our platforms have systems to block scams, financial services advertisers now have to be FCA (Financial Conduct Authority)-authorised and we run consumer awareness campaigns on how to spot fraudulent behaviour." 

"Epidemic of scams" 

Banks are dealing with an "epidemic of scams," according to Liz Ziegler, director of fraud protection for Lloyds Banking Group. 

"With more than 70% of fraud starting with contact through the main tech platforms, these companies must be held responsible for stopping scams at source and putting things right for innocent victims," she explained. 

Three million people in the UK would become victims of fraud in 2022, NatWest CEO Alison Rose previously warned a Treasury Select Committee. 

She stated, "we have seen an 87% increase in fraud," noting that NatWest believed that 60% of frauds started on social media and other internet platforms. 

Meanwhile, TSB stated 60% of purchase fraud cases of which it is aware - where a fraudster offers an item they never intend to send to the customer - occurs on Facebook Marketplace, and two-thirds of impersonation fraud cases it sees are happening on WhatsApp, The bank claims that 2,650 refunds covering these incidents were given out last year. 

According to Paul Davis, TSB's director of fraud prevention, social media companies "must urgently clean up their platforms" to safeguard users. 

Returned funds 

56% of the total money was lost to scammers in the first half of 2022, according to the most recent data from UK Finance, which represents the banking and finance industry. 

The Contingent Reimbursement Model Code, which intends to pay consumers if they fall victim to an Authorised Push Payment (APP) scam "and have acted appropriately," has been endorsed by many institutions, including NatWest, Lloyds, and Barclays. 

A consumer may be duped into sending money to a fraudulent account through an APP scam. However, TSB asserts that it reimburses victims in 97% of the fraud incidents it observes and is urging other organisations to do the same.

Google Ads Exploited to Tempt Corporate Employees Into Installing LOBSHOT Backdoor

 

As part of a sophisticated scheme to trick corporate employees into installing malware, a newly uncovered backdoor and credential-stealer is disguising itself as a genuine software download. 

Elastic Software researchers spotted the malware, known as LOBSHOT, spreading through deceptive Google Ads for well-known remote-workforce applications like AnyDesk, they reported in a recent blog post. 

"Attackers promoted their malware using an elaborate scheme of fake websites through Google Ads and embedding backdoors in what appears to users as legitimate installers," researcher Daniel Stepanic wrote in the post. 

Additionally, LOBSHOT, a backdoor that appears to be financially motivated and steals victims' banking, cryptocurrency, and other credentials and data, appears to be the work of threat group TA505, which is known for disseminating the Clop ransomware, according to the researchers.

The DLL from download-cdn[.]com, a domain historically connected to the threat group known for its involvement in the Dridex, Locky, and Necurs operations, was run by the bogus download site used to disseminate LOBSHOT, according to the claim.

The researchers "assess with moderate confidence" that LOBSHOT is a new malware capability utilised by the gang based on this other infrastructure connected to TA505 that is used in the campaign. 

In addition, fresh samples associated with this family are being discovered by researchers every week, and they "expect it to be around for some time," he added. 

Utilising nefarious ads by Google 

Potential victims are exposed to LOBSHOT by clicking on Google Ads for what appear to be real workforce software, such AnyDesk, similar to similar threat campaigns seen earlier in the year. Similar tactics were used in January to propagate the malware-as-a-service Rhadamanthys Stealer using website redirects from Google Ads that also masqueraded as download pages for well-known remote-workforce applications like AnyDesk and Zoom.

According to Elastic Search, the campaigns are in fact connected to "a large spike" in the usage of malvertising that security researchers have been noticing since earlier this year. 

"Similar infection chains were observed in the security community with commonalities of users searching for legitimate software downloads that ended up getting served illegitimate software from promoted ads from Google," Stepanic further wrote. 

This behaviour indicates a pattern of persistent rival abuse and expansion of their influence "through malvertising such as Google Ads by impersonating legitimate software," he said. 

Stepanic recognised that while these malware kinds may appear to be minor and have a narrow scope, they actually pack a powerful punch thanks to their "fully interactive remote control capabilities" that enable threat actors to acquire initial access to corporate networks and carry out subsequent destructive activities. 

Infection chain 

When a person conducts a web search for a trustworthy piece of software, Google Ads returns a boosted result that is actually a malicious website. This is when the LOBSHOT infection chain starts. 

"In one observed instance, the malicious ad was for a legitimate remote desktop solution, AnyDesk," the researcher explained. "Careful examination of the URL goes to https://www.amydecke[.]website instead of the legitimate AnyDesk URL, https://www.anydesk[.]com." 

The consumer visits a landing page for the software they were hoping to download after clicking on that advertisement, which appears to be legitimate. 

The researchers claimed that it is actually an MSI installer that the user's PC executes after downloading. Stepanic stated that the landing pages had "very convincing branding that matched the legitimate software and had Download Now buttons that pointed to an MSI installer."

Elastic Software claims that when MSI is executed, a PowerShell is launched that downloads LOBSHOT through rundll32 and starts a connection with the attacker-owned command-and-control server. 

Exploitation and mitigation 

Attackers employ LOBSHOT's hVNC (Hidden Virtual Network Computing) component, a module that permits "direct and unobserved access to the machine," as one of its key features, to get access to targets. 

The hVNC (Hidden Virtual Network Computing) component of LOBSHOT is one of its key features. This module enables "direct and unobserved access to the machine," and is utilised by attackers to avoid detection, according to Stepanic. He added, "this feature is frequently baked into many popular families as plugins and continues to be successful in evading fraud-detection systems." 

According to the researchers, LOBSHOT, like the majority of malware currently in use, uses dynamic import resolution to get around protection software and delay the early discovery of its capabilities.

"This process involves resolving the names of the Windows APIs that the malware needs at runtime as opposed to placing the imports into the program ahead of time," Stepanic added. 

Researchers have provided links to several Elastic Search GitHub sites that illustrate preventative measures to fend off malware like LOBSHOT connected to its numerous activities, including Suspicious Windows Explorer Execution, Suspicious Parent-Child Relationship, and Windows.Trojan.Lobshot. 

The post also provides guidelines that businesses can use to build EQL searches to look for behaviours that are suspiciously similar to the ones that the researchers saw LOBSHOT execute in connection to grandparent, parent, and kid relationships.

Top 5 Reasons Why Cybersecurity is Essential For Organisations

 

A company's information is its focal point, around which everything else revolves. Therefore, the significance of information security cannot be understated. By maintaining a strict cybersecurity policy, your organisation can prevent data breaches, unauthorised access, and other serious dangers that could endanger your digital assets. 

After the economies of China and the United States, cybercrime's economy would rank third in size. By 2025, it might grow to $17.65 trillion yearly. We must take action to prevent becoming a victim of cyberattacks given this startling statistic. 

The following are some salient justifications for why modern businesses should prioritise cyber security: 

An uptick in cybercrimes 

A cyber-attack can have a negative impact on your business, no matter how big or little it is. This is due to the fact that every business has numerous valuable assets that hackers might exploit. Occasionally, it relates to the private data of clients or clients of businesses. Other times, it is just money that is at issue. There were 270 cyberattacks last year (unauthorised access to data, applications, services, networks, or devices) per organisation, a 31% increase from 2021. Strong cybersecurity is the only answer because cybercrimes are only becoming worse every year.

Cryptocurrency and the deep web 

The deep web, commonly referred to as the dark web, is a collection of websites that are hidden from search engines by passwords or other security measures. Only specialised web browsers can access these websites or pages, keeping users' identities private.

The dark web is similar to a secret room where criminal activity can be carried out, including the distribution of software, the sale of personal information, the trafficking of people and drugs, the sale of illicit weapons, and many other unimaginable crimes.

The preferred currency of the attackers is now cryptocurrency. Attacks are escalating as threat actors seek profits as the price of Bitcoin reaches an all-time high. End users have long struggled with phishing scams, data thieves, and malware that switches wallet addresses in memory. Attacks on the core software of cryptocurrencies, smart contracts, are now more frequently launched. These new marketplaces present chances for sophisticated attacks (such as the flash loan attack), which might give attackers access to liquidity pools for cryptocurrencies worth millions of dollars. The significance of cyber security has grown as a result of these vulnerabilities. 

Excessive use of technology 

We all spend a lot of time using technology, so fraudsters have a wealth of opportunities. Serverless computing, edge computing, and API services are all booming, just like cloud services. Processes may be effectively automated and dynamically changed to diverse situations when used in conjunction with container orchestrations such as Kubernetes. Attackers are attempting to stop this hyper-automation by going against such APIs, which have a significant impact on a company's business processes. 

Increased use of IoT devices 

The development of Internet of Things (IoT) technology has made our duties easier, but it has also made us a target for hackers. IoT devices present greater surface areas for data breaches due to the variety of sensors they are fitted with and the innovative technology they employ for constant communication and data exchange. No matter how sophisticated your security measures are, if you don't properly manage these internet-connected gadgets, you'll find a way to get around them. 

Rise in ransomware

Currently, ransomware is one of the most lucrative cyberattacks. Due to the intense focus of law enforcement and the millions of dollars in profits at stake, ransomware tactics, in particular, are changing significantly. Cloud, virtual systems, and OT/IoT environments have all been impacted by ransomware. Anything that is part of a network that can be accessed could be a target. The new standard will soon be data theft for double extortion and the disabling of security mechanisms, but it will also become more intimate with insider threats and personal data. 

FEMA estimates that 25% of firms that experience a disaster never reopen. Therefore, it's critical that we take cybersecurity seriously if we want to protect our systems from viruses. 

Mitigation Tips 

Everyone is subject to major cyberthreat. You should take efforts to make yourself cyber secure if you are a business owner or any other type of online user in order to protect your information from hackers.

In order to stop bad actors from abusing your system, anti-malware and antivirus defences are essential. As previously indicated, cybercriminals target companies of all kinds, including small firms, in a variety of methods, and in exchange, they demand ransomware payments of $100,000 or more. You may get real-time protection from malware, viruses, and ransomware with advanced cybersecurity systems that use AI and machine learning. 

Additionally, you must have a backup and disaster recovery plan if you want to protect your company against unanticipated cybersecurity incidents. Acronis is a dependable backup programme that automatically backs up all of the photographs and files on your computer, not just a subset of them. It offers a strong backup and guarantees that your files are accessible when you require them. 

Cyberattacks have impacted businesses of all sizes in every sector of the global economy, including Uber and social media giant Facebook. Because of the ongoing advancement of technology, we are all now susceptible to cyber-attacks. The rate of cybercrime is constantly increasing and will never stop. Hackers can thus take our data, money, and reputation if there is no cybersecurity. You can defend your company from cyberattacks in a variety of ways; all you have to do is recognise its significance and take appropriate action. Contact our staff right now to protect your company.

Amnesty International Takes a While to Disclose the Data Breach From December

 

Amnesty International Australia notified supporters via email last Friday that their data might be at risk owing to "anomalous activity" discovered in its IT infrastructure. 

The email was sent extremely late in the day or week, but it was also sent very far after the behaviour was discovered. The email, which Gizmodo Australia saw, claims that the activity was discovered towards the end of last year. 

“As soon as we became aware of this activity on 3 December 2022, we engaged leading external cyber security and forensic IT advisors to determine if any unauthorised access to our IT environment had occurred,” Amnesty International Australia stated.

“We acted quickly to ensure the AIA IT environment was secure and contained, put additional security measures in place and commenced an extensive investigation.” 

Amnesty International said that while it took the organisation some time to notify its supporters of a security breach, the investigation is now complete and has revealed that an unauthorised third party temporarily got access to its IT system. 

“In the course of this investigation, we identified that some low-risk information relating to individuals who made donations in 2019 was accessed, but of low risk of misuse,” the organisation added. 

Although "low risk" information was not defined, it is clear from the security advice that it offered that the data is most likely name, email address, and phone number. Despite being satisfied that the information obtained through the breach won't be used inappropriately, Amnesty International Australia advised its supporters to "carefully scrutinise all emails," "don't answer calls from unknown or private numbers," and "never click on links in SMS messages or social media messages you are not expecting to receive." 

The breach only affected the local arm of the charity, according to Amnesty International Australia, and did not affect any other branches. The statement further stated that although the scope of the "information accessed in the cyber event" did not match the requirements or level for notification under the Notifiable Data Breaches Scheme, Amnesty International Australia had decided to notify its supporters" in the interest of transparency".

This AI Tool Can Crack Your Password in Sixty Seconds; Here's How to Protect Yourself

 

Even though ChatGPT may be the AI that everyone is thinking about right now, chatbots aren't the only AI tool that has emerged in recent times. DALL•E 2 and Runway Gen 2 are just two examples of AI picture and video creators. Sadly, some AI password crackers exist as well, such as PassGAN. 

PassGAN is actually not that new, at least not in the grand scheme of things. The most recent GitHub update was six years ago, and it made its debut back in 2017. In other words, this isn't a brand-new hacking tool developed in response to the ChatGPT revolution. But when it was recently put to the test by cybersecurity research company Home Security Heroes, the results were startling. PassGAN can break any — yes, any — seven-character password in six minutes or less, according to the Home Security Heroes study. It can quickly crack passwords of seven characters or fewer, regardless of whether they contain symbols, capital letters, or numbers. 

Modus operandi 

PassGAN combines Password with the Generative Adversarial Network (GAN), much like ChatGPT combines Chat with the Generative Pre-trained Transformer (GPT). In essence, the deep learning model that the AI is trained on is GAN, similar to GPT.

In this case, the model's objective is to provide password guesses based on real-world passwords that it has been given as input. In order to train PassGAN, a popular tool for studies like these, Home Security Heroes used the RockYou dataset that resulted from the 2009 RockYou data breach. PassGAN was given the data set by the organisation, and it then generated passwords in an effort to properly guess sample passwords. 

In the end, it was possible to quickly break a wide range of passwords. Home Security Heroes then had an AI tool trained on actual passwords that could instantly crack passwords after using PassGAN to train on the RockYou dataset. 

Should I be alarmed about PassGAN?

The good news is that, for the time being at least, you don't really need to panic about PassGAN. Security Editor for Ars Technica Dan Goodin claimed in an opinion piece that PassGAN was "mostly hype." This is because while the AI tool can fairly easily crack passwords, it doesn't do it any more quickly than other non-AI password crackers. 

In example, Goodin quotes Yahoo Senior Principal Engineer Jeremi Gosney, who claimed that using standard password-cracking methods, they could quickly accomplish similar results and decrypt 80% of passwords used in the RockYou breach. For his part, Gosney characterised the study's findings as "neither impressive nor exciting." And after taking a closer look at the results, you might not be as impressed as you were when you first heard that "50% of common passwords can be cracked in less than a minute." These passwords rarely include capital letters, lowercase letters, digits, and symbols and are primarily made up of numbers with a character count of seven or less. 

This means that all it takes to fool PassGAN is a password of at least 11 characters, made up of a mixture of uppercase and lowercase letters, numbers, and symbols. If you can do that, you can make a password that PassGAN will need 365 years to figure out. If you make that number 11 characters long, it becomes 30,000 years. And the finest password managers make it simple to create these kinds of passwords. 

But let's say you don't want to use a password manager because you don't trust that they won't be vulnerable to data breaches, like the LastPass compromise in August 2022. It's a legitimate concern. Fortunately, using a passphrase—a password created by combining several words—will likely still be enough to fool PassGAN. Home Security Heroes estimates that it would still take PassGAN on average 890 years to crack a 15-character password made up entirely of lowercase letters. That timeline could jump to a staggering 47 million years if only one capital letter were added, long after our AI overloads have already dominated the world. 

However, always keep it in mind that no password is ever completely secure. Despite your best efforts, data breaches might still leave you exposed, and by pure dumb luck, a password cracker might guess your password earlier than planned. But as long as you follow the best practises for password security, you have nothing to worry about with PassGAN or any other rogue actor.

Beware of This Dangerous Android malware As It Can Hold Your Phone Hostage

 

A brand-new Android malware has been discovered in the wild that is capable of evading antivirus apps, stealing a tonne of private and financial information, and even encrypting all of the contents on an infected smartphone by using ransomware. 

According to a recent report from the cybersecurity company CloudSEK, this new Android malware, known as "Daam" by its experts, poses a serious threat to the greatest Android phones due to its advanced capabilities. 

As of right now, CloudSEK has discovered the Daam malware in the APK or Android app installation files for the Psiphon, Boulders, and Currency Pro apps, which appear to be sideloaded apps that the Daam malware uses to infect Android smartphones. Psiphon is a VPN programme; Boulders is a smartphone game; and Currency Pro is, as its name implies, a currency converter. 

Your Android phone may be infected with the Daam malware if you installed any of these apps via sideloading rather than through approved app stores like the Google Play Store. The malware can evade detection by antivirus software, and it may already have locked the files on your smartphone by using ransomware, so there may not be a simple remedy. 

File encryption 

The Daam malware is quite complex and has a variety of features intended to steal your data and jeopardise your privacy. For instance, the malware is capable of recording all active VoIP and phone calls, including WhatsApp calls. However, it can also steal your smartphone's files and even contacts. Surprisingly, the Daam malware can not only collect information from your existing contacts but also from newly added contacts. 

The hackers behind this malware campaign's command and control (C&C) server get all of the data that Daam has stolen before sending it back. It's important to note that after installation, dangerous apps used to spread malware request access to private device permissions in order to virtually completely control your Android smartphone. 

As if having all of this private information stolen wasn't bad enough, the Daam malware also encrypts all of the files on an infected Android smartphone using the AES encryption algorithm without getting permission from the user. The device password or PIN on a smartphone can also be changed at the same moment, locking you out totally. 

Mitigation tips

Normally, protecting yourself from mobile malware would only require installing one of the top Android antivirus programmes and turning on Google Play Protect on your phone. 

In this instance, though, the Daam malware was made to evade antivirus apps. Because of this, the best method to safeguard yourself against it is to be extra cautious while downloading new programmes. Although sideloading apps may be practical, doing so puts your Android smartphone at risk of becoming infected with malware. For this reason, you should only download apps from authorised Android app shops. Similar to this, you should still read reviews and check an app's rating before installing it because bad apps occasionally manage to get past Google's security checks.

At the same time, you should refrain from clicking any links sent to your smartphone by email or text message from unidentified senders. These links may take you to malicious websites that could trick you into installing malware or use phishing to collect your information. 

Although the Daam malware is relatively new, it is already quite capable of data theft and making life tough for Android smartphone owners. Because of this, we'll probably continue to hear about it.

Be Wary Because Cybercriminals Are Getting More Ingenious

 

In the media, misinformation is regularly discussed, primarily in relation to politics and is often used interchangeably with fake news. Even though these are major problems, a greater and more direct threat is frequently disregarded: how cybercriminals utilise false information to steal from businesses and people. 

The dictionary defines disinformation as "false or inaccurate information, especially that which is deliberately intended to deceive." But when mixed with a lot of exact and genuine information, particularly information that only a select few are aware of, misinformation can be highly persuasive and deceitful. Criminals can use real information stolen through cyberattacks, along with a little bit of deception, to have a significant financial impact on both businesses and people. 

Using wire transfers for profit 

Most of us have heard of fraud schemes that target credit card information. Most of the time, erroneous credit card charges may be disputed or reversed, preventing you from eventually losing any money. However, there is a significant distinction with wire transfers: they are frequently immediate and irreversible. In other words, if a wire transfer is used, the money is lost, especially if the fraud is not found right away. This functionality has been used by cybercriminals in a number of ways. 

One example is when crooks get access to a company's computer systems and spend time reading emails and understanding internal procedures. The fraudsters discover who is authorised to provide wire transfer orders to the financial office and what the procedures are. They then pose as these officials one by one for several days, issuing wire transfer orders, some for more than $500,000, to the criminal's accounts. When one organisation the author spoke with realised this costly problem, protocols were put in place to require proof that such wire transfers were indeed requested by authorised individuals. This entailed connecting directly with the authorised individual over the phone and checking the transaction's details. 

Unfortunately, such sensible processes are frequently implemented only after a crime has already occurred. Wire fraud can cost individuals as well as organisations money. Executive home buyers are popular demographics. A critical step in most home buying transactions is the wire transfer of a substantial sum of money to a title or escrow company, which holds the funds until the title to the property is transferred to the new owner, and then — and only then — the escrow company transfers those funds to the home seller. 

Criminals take advantage of these circumstances by following a multi-step process. First, they gain access to the computer systems of the real estate agent, attorney, or title agent. They could spend weeks or even months researching impending closings, company procedures, and minutiae such as wire transfer instructions samples. Because last-minute issues can occur, property purchasers are frequently advised to make the wire transfer a day or two in advance. 

Since the title corporation generally gives the instructions one day ahead of time, cyber thieves will send the instructions two days ahead of time. Because they are based on the real instructions, these instructions look to be from the title firm, but the destination information has been changed. They have buried a small amount of false information among a large amount of accurate material. This method has been used to steal hundreds of millions of dollars in a single year. According to FBI data, more than 13,000 people were actually the victims of wire fraud in the real estate and rental industry in 2020, resulting in losses of more than $213 million, a 380% rise from 2017. 

After making numerous anxious calls, you finally learn that your money was taken, leaving you penniless and homeless. There are a number of actions that both individuals and businesses can take to lower the risk of cybercrime with wire transfers. Before sending money, you should always call the person who is supposed to receive it to confirm the wire transfer instructions. The criminals may have included a fake phone number in the instructions you received, so make sure you can confirm that you are actually speaking to the right person. To do this, always check the correct number in advance using an official website or by speaking directly to a known source who can confirm the correct information. 

A scenario where you sold your old house and utilised the proceeds, along with your savings, to purchase a newer, better house in a different city is possible. The day after you move into your new home, you might be halfway to the new city in your automobile when your real estate agent calls to inquire about the status of your down payment. 

Stealing paychecks 

Many businesses offer systems that enable employees to update and retain their personal data, including their home address, phone number, and banking information for direct deposit of their paychecks on a monthly basis. Some highly paid employees' accounts were compromised by criminals, who changed the bank information the day before the payment was scheduled to be made. So that nothing would be observed as being out of the ordinary, they updated the bank details back to normal the following day. They carried on with this plan for a few months before an executive realised the scheduled monthly payments had not reached his bank after receiving a notification of insufficient funds on a cheque. This shows how crucial it is to monitor your bank account frequently enough to spot odd or fraudulent behaviour, especially to make sure that expected deposits are being made. 

Boss scam 

The typical hoax, in which the CEO of the business requests that the CFO deliver money somewhere, is one that most of us have heard of. You could think that since you aren't a CEO, these frauds don't apply to you, but that isn't the case. One variation of this scam, which is particularly prevalent on college campuses, involves staff members receiving what looks to be an email from a higher ups, usually the department head. One example of a narrative presented to a staff person is, "I just realised that I am going to my nephew's birthday party tonight and I'm in meetings all day, so I won't have time to get a gift. 

Could you please do me the courtesy of purchasing a $100 gift card and emailing me the numbers on the back? One victim bemoaned, "It was not just coming from one of my colleagues; it came in the name of my department chair." Eight out of ten faculty members in one department fell for the con, according to a story I've heard. It is crucial to confirm once more that your supervisor is the true sender of the communication. 

Bottom line

All of this is to say that while fake news and other forms of disinformation are a problem, having a lot of reliable data combined with even a small amount of misinformation can have catastrophic results. These are but a few current instances. As mentioned, there are steps that can be taken to prevent such crimes, or at the very least significantly lower their frequency, but they must be implemented before the crime occurs. 

However, keep in mind that cybercriminals are extraordinarily inventive and frequently equipped with a wealth of personal data. It is crucial to stay informed about new schemes, to exercise caution, and to build your defences because more dangerous plots could be on our way.

Tourist Cyber Threats Exposed: Where and When to Use a Travel VPN

 

Travelling is about more than just taking in new foods, cultures, and scenic views. It's also about stepping outside of our normal comfort zones, whether this involves a protracted trip, a cramped bus ride, communication difficulties with the locals, or extreme and unusual weather. 

But in the digital world, problems can happen both online and offline. People must connect to risky public Wi-Fi networks while travelling in order to, for example, browse the internet. Even worse, some countries impose stringent limitations on what internet users can and cannot do. All of this indicates that whenever travellers use a foreign internet connection, they may be putting their digital privacy—or worse—at danger.

Travel-related internet scams could be the first thing that springs to mind when thinking about tourist cyber-traps. Tourists are one of the prime targets of criminals' aggressive phishing attempts of all stripes. 

When compared to prior fiscal years, Action Fraud, the UK's national reporting centre for fraud and cybercrime, saw a startling increase of more than 120%. This indicates that victims in the UK alone lost a total of more than £7 million. 

With aggregate scores of 15.15 percent and 20.15 percent, respectively, threat analysts at tech radar identified that China and Cuba are the most dangerous tourist destinations online. 

Perhaps unsurprisingly, China received very poor marks in the categories of censorship (1.89%) and cybersecurity (2.91%). As well as its intrusive surveillance methods, the Great Firewall is well known for severely limiting what people may do and view online. To protect your data and get around restrictions, experts advised utilising a reliable China VPN. 

Egypt, which ranks fourth overall and third worst for censorship, is another nation that, although bringing in millions of tourists each year, could quickly turn into a cyber-nightmare if the proper online security measures aren't taken. 

The United Arab Emirates has the lowest data privacy score of any nation (8.33%) when it comes to web tracking. 

To keep safe online while travelling overseas, Andreas Theodorou, TechRadar's resident expert on digital privacy, provided the following advice:

"A reliable VPN is a non-negotiable essential if you plan on using public WiFi abroad. There are so many opportunities for your information to be stolen and your device to be compromised—it's like playing Russian roulette with your digital privacy," Theodorou explained.

Estonia received a score of 91.48%, making it the country with the highest overall rating for online safety. The results for internet access and cybersecurity were very encouraging, each receiving a perfect grade. Kenya, Germany, France, Costa Rica, the United Kingdom, and Canada are among the top 10 safest nations in the world, according to scores. 

Despite ranking lower than Japan, South Africa, Hungary, and Italy and just slightly higher than South Korea, the US is one of the top 20 safest nations. Argentina, Colombia, and Singapore are also included in the top twenty. 

Privacy tips

Tourists who want to follow their favourite TV shows or sporting events while travelling might benefit greatly from VPNs. The top geo-restricted material unblockers can unblock a tonne of content from any location in the world, while some are more effective than others. 

When travelling, there are more opportunities to browse risky websites and/or download infected files, thus it is useful to always have one of the best antivirus programmes running on your laptop or smartphone. Also helpful in this situation might be a safe, tracker-free browser.

Before leaving, users should also verify the privacy settings on their devices. This entails checking that the operating system and any installed apps are both current. Since some security programmes might be prohibited in the country users are visiting, it is essential to download and install them all before leaving.

ChatGPT's Cybersecurity Threats and How to Mitigate Them

 

The development of ChatGPT (Generative Pre-trained Transformer) technology marks the beginning of a new age in communication. This ground-breaking technology provides incredibly personalised interactions that can produce responses in natural language that are adapted to the user's particular context and experience. 

Despite the fact that this technology is extremely strong, it also poses serious cybersecurity threats that must be addressed in order to safeguard consumers and their data. In this article, we'll cover five of ChatGPT's most prevalent cybersecurity issues as well as some top security tips. 

Data leak 

When using ChatGPT technology, data leakage is a common worry. Data from ChatGPT systems can be exposed or stolen with ease, whether it's because of poor configuration or criminal actors. Strong access controls must be put in place to ensure that only authorised users have access to the system and its resources in order to guard against this threat. For the purpose of quickly identifying any suspect behaviour or incidents, regular monitoring of all system activities is also necessary. 

Finally, creating frequent backups of all the data kept in the system will guarantee that, even if a breach does happen, you can still swiftly retrieve any lost data. Users may be exposed to attacks if an interface is insecure. Ensure your ChatGPT platform's front end is safe and consistently updated with the most recent security updates to mitigate this risk. 

Bot hack 

A bot takeover occurs when a malicious actor manages to take over ChatGPT and exploit it for their own ends. It is possible to accomplish this by either guessing the user's password or by taking advantage of code weaknesses. While ChatGPT bots are excellent for automating specific tasks, they can also be used as a point of entry by remote attackers to take over the bots. Strong authentication procedures and regular software patching are crucial for system security in order to guard against this threat. 

For instance, to keep your passwords secure, you should frequently update them and utilise multi-factor authentication wherever available. Additionally, it's critical to stay up to current on security patches and fix any newly identified software vulnerabilities. 

Unapproved access

Install security features like strong password requirements and two-factor authentication to ensure that only authorised users may access the system. Because of ChatGPT's highly developed phishing capabilities, this is particularly crucial. Consider a scenario where you are utilising ChatGPT to communicate with your clients and one of them unintentionally clicks on a malicious link. 

Once inside the system, the attacker might do harm or take the information. You can lessen the possibility of this happening by forcing all users to use strong passwords and two-factor authentication. To make sure no unauthorised users are accessing the system, you should also routinely audit user accounts. 

Limitations and information overload

Some systems might be unable to handle the strain at times due to the sheer volume of information that ChatGPT generates. Make certain your system has the resources to handle high traffic volumes without becoming overloaded. As a further option for assisting in the management of the data overload problem, think about applying analytics tools and other artificial intelligence technology. 

Privacy & confidentiality issues  

Systems using ChatGPT may not be sufficiently secured, making them susceptible to privacy and confidentiality problems. Be careful to encrypt any sensitive data being stored on the server and to utilise a secure communication protocol (SSL/TLS) in order to guarantee that user data remains private. Set up restrictions on who can access and use the data as well, for example, by making access requests subject to user authentication. 

Bottom line 

There are many other hazards that must be considered when creating or utilising this kind of platform; these are only some of the most prevalent cyber security risks related to ChatGPT technology. 

Working with a knowledgeable group of cybersecurity experts may ensure that all possible risks are dealt with before they become a problem. To keep your data secure and safeguard your company's reputation, you must invest in reliable cybersecurity solutions. Future time and money can be saved by taking the required actions today.

You Should Be Concerned Regarding Browser Modifiers; Here's Why

 

Have you recently noticed anything strange about your browser? Possibly Google used to be the default homepage; but, these days, when you click the home button, a strange page, a white screen, or an error page is loaded instead. And to make matters worse, you are currently experiencing an annoying increase in pop-up advertisements. You may be dealing with a browser modifier if the annoyances you've been experiencing primarily occur in the browser. 

Exactly what are browser modifiers

A less well-known but nevertheless annoying category of spyware called a "browser modifier" messes with how you access the internet. They are made to alter browser preferences, notably those for turning off pop-up advertising, the homepage, default search engines, and file download defaults. Additionally, browser modifiers might add add-ons without your knowledge and create a backdoor for more sophisticated malware to attack your system. 

This kind of malware is distributed by attackers who use social engineering strategies to deceive potential victims into installing it. When people attempt to close pop-up advertisements, browsers frequently become infected. You know those advertisements with the tiny "x" button that, when you click on them, transport you to a page for sports betting or accomplish something completely different. This technique is used by shady websites to engage in click fraud. On file-sharing websites, clicking bogus download buttons can also result in infections. 

Modus operandi

A browser modification can have impacts on your device that are either so audible that you quickly detect anything is wrong with it or subtle enough that you don't notice anything until much later. In any case, there are a few warning signs that your phone or computer browser may be compromised by this software. 

Installing extensions without authorization 

Your browser is similar to receiving a naked cake from the bakery: it has no dressing or decorations and is available for you to consume as is or customised to your preferences. Add-ons, often known as browser extensions, are tools you install on browsers to enhance your usage and carry out particular functions. Installing an extension will allow you to manage tabs, proofread your texts, summarise YouTube videos, and automatically apply coupons when you shop online. Typically, based on your demands, you install extensions yourself. However, browser modifers secretly set up harmful extensions that can secretly record your keystrokes, gather the data you submit on specific websites, or gather your data for marketing purposes. Any add-ons you see that you didn't install are a solid clue that something harmful is going on in the background. 

Modifying your default search engine 

If a browser modifier has been installed on your device, you can discover that your default search engine has been modified and that the search results now come from an unknown website. The outcomes might even be passable, but it does not guarantee everything is in order. The modifications made to your search engine provider may direct you to fraudulent websites where thieves are waiting to take your information, identity, or money. 

Most browsers' default search engines are typically connected to major tech firms. On Chrome and Safari, Google Search is the default search engine, Bing is the default search engine on Microsoft Edge, and Brave created Brave Search for its users. 

Of course, if you prefer another option, you may switch to DuckDuckGo, Wikipedia, Amazon, or even Stack Overflow. There are thousands of lesser-known search engines created by businesses and individual developers in addition to those prominent ones. Small search engines lack the same robust experience that users receive from well-known competitors, which is why they are less well-known. 

The use of search engines is crucial in the digital economy. They can increase website traffic, compensate business owners for their advertising expenditures, and bring in money for the search engine provider. Shadowy technocrats also want a piece of that cake, just like respectable businesses do. However, they are willing to employ any strategy, including viruses like browser modifiers. 

Your pop-up ad blocker must be disabled

One moment you're browsing wholesome internet content, and the next an ad encouraging you to install an app appears out of nowhere, taking up your entire screen. Or a persistent advertisement banner follows you online. 

Pop-up advertisements and persistent banners are common on some websites, after all. Most browsers offer settings you can change to disable them or at the very least lessen their frequency. You might have a problem with your browser modification if you experience persistent pop-ups and sticky advertisements. Additionally, you might notice that right after you save changes, the malware modifies your ad settings. 

Prevention tips 

Modifiers in browsers are annoying. In contrast to more sophisticated malware variants, these are more manageable. The majority of browser modification infections may be treated by either returning your browser to its original settings or by utilising anti-malware software to locate and get rid of the annoying programme. 

Browser reset: After installing a browser, we like to fiddle with its settings: switch between bright and dark modes, alter the font, enable tracking protection, and add extensions. Your browser will be restored to its factory settings after being reset. If you're dealing with a straightforward browser modifier, this measure ought to be perfectly adequate. Advanced browser modifications, however, can necessitate a complete removal of the browser, a clean sweep of the Programme Files and AppData folders on your hard drive, and a subsequent reinstallation of the browser. 

Malware scan: In addition to cleaning up, you should think about doing a malware scan on your files. Due to the possibility that the browser modification downloaded additional malware or set up potentially undesirable programmes on your device, doing this is very crucial. On your Windows computer, you may use Microsoft Defender to check for malware. It comes with Windows and is free. Malwarebytes and Norton are simply two alternatives that are equally effective. 

Security update: The best way to prevent a browser modifier infection is to update your browser to the most recent version that is available. Furthermore, installing security updates fixes holes that malware can exploit in your operating system and apps. That does not, however, mean you are safe. 

Malware has the ability to wait patiently for the right time to activate itself. Decide to automatically download and install updates for your apps and hardware. Delete files that are unnecessary or strange, too. Also, configure your anti-malware programme to regularly scan your drive for dangers. 

Should you be concerned about browser modifiers? 

Not much. The harm posed by browser modifiers is not as serious as that posed by viruses, Trojans, and worms. Additionally, if your system and browser are current, the likelihood that you will encounter this threat is limited. 

Nevertheless, browser modifiers are frequently disregarded as inconsequential annoyances. Given their capacity to do significant damage, you shouldn't. By enabling automatic updates, you may free up your time to concentrate on preventing worse risks.

Cryptocurrency Scams: How to Detect and Avoid Them

 

Due to the prevalence of fraudulent activity since its inception, the bitcoin market has become well-known. Scammers employ a number of techniques to trick bitcoin consumers and take their hard-earned money. 

How do crypto phishing scams work?

The well-known cyberattack known as phishing has been around for a while. The FBI Internet Crime Report for 2022 states that phishing was the most prevalent technique, with 300,497 victims losing $52 million as a result. This fraudulent activity has now spread to the world of cryptocurrencies. 

A crypto phishing scam is a strategy used by scammers to steal sensitive information, such as the private key to your wallet. They accomplish this by posing as a trustworthy organisation or individual and requesting personal information from you. The information you supply is then used to steal your digital assets. 

Crypto phishing scams have become more frequent in recent years. A well-known cryptocurrency hardware wallet maker, Trezor, issued a warning regarding a large crypto phishing attack in February 2023. Users of Trezor were the target of scammers who sent them fictitious security breach alerts in an effort to get them to divulge their recovery seed phrase, which the attackers could then use to steal their cryptocurrency. 

Identifying crypto phishing scams

Following are five warning signals to watch out for to prevent becoming a victim: 

The majority of the time, cybercriminals send mass emails or messages without checking the language, spelling, or sentence structure. As a result, grammatical errors are the clearest indication of a phishing letter. Clear communication with their clients is important to reputable businesses. 

Scammers frequently copy the logos, colour schemes, typefaces, and messaging tones of respectable businesses. The branding of the crypto businesses you utilise should therefore be familiar to you. 

The URLs in the message should always be double-checked because phishers often utilise links that look real but actually take you to dangerous websites. 

Prevention tips 

Don't disclose your private keys: Your private keys are what allow you to access your cryptocurrency wallet. Keep them confidential and never give them out. 

Educate yourself: Stay up to date on the latest cyber risks and best practises for keeping your cryptocurrency secure. The more you know about self-defense, the better prepared you'll be to defend against cyber-attacks.

In-depth research: Before investing in any cryptocurrency, properly investigate the concept and the team behind it. Examine the project's website, white paper, and social media outlets to establish its legitimacy.

Qbot: The Ever Expanding Malware Family

 

Given how widespread malware has become, new "families" of each type are being developed. Qbot, a family of malware that is used to steal data, falls under this category. 

Qbot's history 

As is sometimes the case with malware, Qbot (also referred to as Qakbot, Quakbot, or Pinkslipbot) wasn't identified until it was actually spotted in the wild. In the context of cybersecurity, the phrase "in the wild" describes a situation in which malware spreads unintentionally among targeted devices. As a kind of malware, Qbot is suspected to have existed at least as far back as 2007, making it much older than many of the more well-known varieties now in use. 

Simply because they are ineffective against new technology, several types of malware from the 2000s are no longer in use. But Qbot stands out in this case. Qbot has been running for at least 16 years as of the time of writing, an astonishing longevity for malware. 

Although this has also been interrupted by stretches of inactivity, Qbot has been routinely seen in use in the wild since 2007. In any event, cybercriminals continue to favour it as a choice. 

Qbot has changed throughout time and has been utilised by different hackers for a variety of purposes. Qbot started out as a Trojan, a virus that hides itself inside of software that seems to be safe. Data theft and remote access are only two of the many destructive uses for trojans. More precisely, Qbot targets banking credentials. It is regarded as a banking Trojan as a result. Is this still the case, though? How does Qbot function right now?

Modus operandi

The most notable type of the Qbot that is currently being spotted is an infostealer Trojan. Infostealer Trojans are intended to steal valuable data, including financial information, login passwords, and contact information, as their name implies. This particular strain of Qbot malware is mostly used to steal credentials. Variants of Qbot have also been seen engaging in keylogging, process hooking, and even system attacks using backdoors.

Qbot has been altered to have backdoor capabilities since it was first developed in the 2000s, making it an even greater threat. A backdoor is essentially an unauthorised method of accessing a network or system. Backdoors are frequently used by hackers to conduct their assaults because they provide a simpler entry point. This Qbot variation is referred to as "Backdoor.Qbot." 

Initially, the Trojan-like Emotet virus was used to propagate Qbot. Nowadays, malicious email campaigns using attachments are the main way that Qbot is disseminated. Large quantities of spam are sent during such campaigns to hundreds or even thousands of recipients in the hopes that some of the users who are being targeted would respond. 

Qbot has frequently been seen as a.zip file with an XLS dropper that contains macros inside malicious email attachments. Malware can be installed on a recipient's device if they open a malicious attachment, frequently without their awareness. Exploit kits can also be used to propagate Qbot. These are instruments that help cybercriminals spread malware. 

Exploit kits can identify security flaws in a device's construction and then take advantage of such flaws to get unauthorised access. 

However, things continue even after backdoors and password theft. Operators of Qbots have been crucial Initial Access Brokers. These are cybercriminals who offer other hostile actors system access for sale. Access has been allowed to some very large organizations, including the ransomware-as-a-service provider REvil, in the instance of the Qbot perpetrators. In fact, a number of ransomware partners have been seen employing Qbot to get initial access to systems, giving the malware yet another alarming use.

Qbot is used to target a variety of industries and has surfaced in numerous harmful activities. Qbot has targeted manufacturing enterprises, government agencies, banking websites, healthcare organizations, and more. 2020 data from TrendMicro indicated that 28.1% of Qbot's targets are in the healthcare industry. 

In the same analysis, TrendMicro also noted that the US, China, and Thailand had the greatest rates of Qbot detection in 2020. Qbot is obviously a worldwide danger because it was also frequently detected in Australia, Germany, and Japan. 

Mitigation tips

It's crucial that you are aware of the signs of malicious mail because Qbot is frequently disseminated through spam campaigns. 

Starting with the contents, there are many warning signs that an email may be malicious. It's advisable to avoid clicking any links or attachments from new email addresses until you are certain they can be trusted. You may check a URL's validity on a number of link-checking websites to see whether it is safe to click or not. 

The file extensions.pdf,.exe,.doc,.xls, and.scr are among those that are frequently used to propagate malware. Although not the only file extensions used to spread malware, these are among the most popular kinds, so be on the lookout for them when you receive emails with attached files. 

Additionally, you should exercise caution if an email from a new sender carries a sense of urgency. In order to persuade victims to comply, cybercriminals frequently utilise persuasive language in their emails.