Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Verizon. Show all posts
Verizon
AT&T Cyber Security Lawsuit Telecom Verizon

AT&T Wins Legal Challenge While Verizon Faces Privacy Penalties

 

Major U.S. wireless carriers have faced contrasting legal outcomes in their battles against Federal Communications Commission fines for selling customer location data without consent, creating an uncertain landscape for consumer privacy protection .

Background on data selling practices

In 2018, investigations revealed that major telecommunications providers were selling customers' real-time location data to third-party brokers without proper notification or consent. This practice involved carriers selling access to sensitive geolocation information to aggregators, who then resold the data to other companies, creating a gray market for cell phone location data. The exposed data allowed buyers, including law enforcement and bounty hunters, to track individuals' movements without their knowledge.

FCC enforcement actions 

The Federal Communications Commission responded in April 2024 by imposing nearly $200 million in total fines across the industry. AT&T received a $57 million penalty, Verizon faced a $46.9 million fine, T-Mobile was fined over $80 million, and Sprint received more than $12 million . The FCC determined that carriers violated Section 222 of the Communications Act, which requires maintaining customer information confidentiality and obtaining express consent before sharing location data.

Court battle results

All three major carriers challenged their fines in different federal appeals courts, producing divergent outcomes . The Second Circuit Court of Appeals upheld Verizon's $46.9 million fine, rejecting the company's argument that device location data doesn't qualify as protected "customer proprietary network information". The court ruled that location data clearly meets the law's criteria for protection since it's accessible to carriers exclusively due to the customer relationship.

Meanwhile, Verizon had attempted to shift responsibility by largely outsourcing consent verification to third parties through contractual agreements, which the court found inadequate. The carrier's location data was improperly accessed by companies like Securus Technologies, which allowed law enforcement to obtain customer information without proper authorization.

AT&T's legal victory

In contrast to Verizon's defeat, AT&T successfully overturned its fine in a business-friendly appeals court, though specific details of this ruling were not elaborated in available sources. This creates a significant legal inconsistency regarding how telecommunications privacy violations are enforced across different jurisdictions.

The conflicting appellate court decisions may force Supreme Court intervention to resolve the legal uncertainty. This potential review could significantly limit the FCC's authority to penalize companies for privacy violations, potentially weakening federal oversight of telecommunications data practices.

Current settlement landscape

Despite the legal victories and defeats, AT&T simultaneously faces a separate $177 million class-action settlement related to two major data breaches in 2024. The company agreed to pay customers up to $7,500 each for documented losses from breaches that exposed Social Security numbers, addresses, passwords, and other sensitive information. 

This settlement demonstrates ongoing vulnerabilities in telecommunications data security beyond the location-selling controversies.The contrasting legal outcomes highlight the fragmented state of privacy protection enforcement, where identical violations can result in different consequences depending on which court reviews the case.
Read more »
Verizon
AT&T FCC Location data Privacy Verizon

Court Upholds $46.9 Million Penalty Against Verizon for Sharing Location Data

 



A U.S. federal appeals court has ruled that Verizon must pay a $46.9 million penalty for unlawfully selling customers’ real-time location information. The decision closes the door on Verizon’s argument that its practices were legal, reinforcing the Federal Communications Commission’s authority to regulate privacy in the wireless industry.


Why the Fine Was Issued


In April 2024, the Federal Communications Commission (FCC) announced nearly $200 million in fines against several major mobile carriers for giving outside companies access to sensitive location data. These firms then passed the information to other parties, including bail-bond services and bounty hunters. According to regulators, this exposed consumers to significant risks and demonstrated a failure by carriers to adopt basic safeguards, even after repeated warnings. Verizon’s share of the fines was $46.9 million, which it sought to challenge in court.


Verizon’s Legal Challenge

The company argued before the U.S. Court of Appeals for the Second Circuit that device-location records should not fall under the category of “customer proprietary network information” protected by Section 222 of the Communications Act. This provision requires carriers to keep certain customer data private. Verizon claimed that location details were not covered by this rule and that the FCC had exceeded its powers by penalizing them.

The judges disagreed. They ruled that location data is precisely the kind of personal information Congress intended to protect, and that the FCC acted well within its legal authority. The court also found no violation of Verizon’s constitutional rights, firmly upholding the fine.


Other Rulings in Similar Cases

This ruling is not an isolated one. Earlier, another appeals court upheld a $92 million fine against T-Mobile for comparable violations, rejecting the carrier’s claim that selling location data was lawful. However, in a separate case, AT&T succeeded in overturning a $57 million penalty after a different appeals court raised concerns over how the FCC imposed the fine. These mixed outcomes illustrate the unsettled but intensifying debate over corporate rights, regulatory authority, and consumer privacy.


Implications for Consumers and the Industry

Privacy advocates have welcomed the latest decision, arguing that it sends a clear message: carriers cannot profit from sharing location information without explicit user consent. Experts warn that without strict oversight, telecom companies could continue searching for loopholes to monetize sensitive customer data.

For the FCC, the ruling strengthens its hand in future enforcement actions, confirming that it can hold carriers accountable when they put consumers at risk. Verizon, however, has indicated that it may continue to fight the ruling, setting the stage for further legal battles.

The decision cements a broader shift toward tougher privacy protections in the United States. It is expected to shape industry practices, influence how telecom companies manage data, and push lawmakers to advance stronger nationwide privacy rules.



Read more »
Verizon
AT&T Chinese Hackers Cybbercrime Cyber Attacks Cyberhackers Cyberthreatm Salt Typhoon Hacks FBI Verizon

Salt Typhoon Hack: A Grave Threat to U.S. Telecommunications

 


The Chinese state-sponsored hacking group Salt Typhoon has been implicated in one of the most severe breaches in U.S. telecommunications history. Sensitive information, including call logs, timestamps, phone numbers, and location data, was compromised across the networks of at least eight major telecom carriers, including AT&T and Verizon. Despite the scale of the intrusion, many affected consumers remain uninformed about the breach.

Scope and Impact of the Breach

According to reports, Salt Typhoon’s hacking campaign has targeted high-value intelligence figures, including presidential candidates Donald Trump and Kamala Harris, as well as Senator Chuck Schumer's office. The FBI estimates that millions of users’ metadata, particularly in the Washington, D.C., area, were accessed. Yet, most affected individuals have not been notified, raising serious privacy concerns.

AT&T and Verizon, the most severely impacted companies, have faced backlash for their limited response to the breach. Privacy groups have criticized the telecom giants for failing to comply with the Federal Communications Commission (FCC) mandate requiring companies to inform customers of breaches that could cause significant harm, such as identity theft or financial loss.

Telecom Industry’s Response

While high-value targets were promptly alerted, the majority of users whose data was compromised were not informed. In an interview with NBC, Alan Butler, executive director of the Electronic Privacy Information Center, condemned the carriers’ "deficient practices." He emphasized the need for transparency, urging companies to notify all affected customers, regardless of whether their metadata or the actual content of their communications was accessed.

Charter Communications, a midsize internet service provider, has taken a relatively open approach, acknowledging infiltration by Salt Typhoon. According to Chief Security Officer Jeff Simon, access by the hackers has since been cut off, and no customer information was reportedly accessed. In contrast, other companies like Lumen, another internet service provider, have downplayed or refused to disclose the extent of the breach.

Ongoing Threats and Legislative Action

Cybersecurity experts warn that Salt Typhoon continues to target U.S. telecom networks and IT infrastructure. Government agencies are closely monitoring the situation to mitigate further risks. Lawmakers are now considering stricter cybersecurity regulations to compel telecom companies to adopt robust practices and provide detailed breach notifications to consumers.

However, some companies targeted by Salt Typhoon claim the hackers did not gain substantial information. For example, Lumen stated that federal partners found no evidence of ongoing activity in its networks.

Consumer Awareness and Future Outlook

While telecom companies have yet to adequately address these breaches, consumers must stay informed about security risks by following news updates on data breaches. Public pressure is likely to drive industry-wide changes, prompting carriers like AT&T and Verizon to adopt comprehensive notification systems for all affected users.

The Salt Typhoon breach serves as a wake-up call for the telecommunications industry to prioritize data security. Enhanced transparency, stricter cybersecurity regulations, and informed decision-making will be crucial to safeguarding sensitive information in an increasingly digital world.

Read more »
Wireless
Cyber Scammers cyber threat Cyberattacks CyberCrime FBI FCC Financial Loss Reddit SIM SIM swap Swap Scam T-Mobile Technology Verizon Wireless

Inside Job Exposed: T-Mobile US, Verizon Staff Solicited for SIM Swap Scam

 


T-Mobile and Verizon employees are being texted by criminals who are attempting to entice them into swapping SIM cards with cash. In their screenshots, the targeted employees are offering $300 as an incentive for those willing to assist the senders in their criminal endeavours, and they have shared them with us. 

The report indicates that this was part of a campaign that targets current and former mobile carrier workers who could be able to access the systems that would be necessary for the swapping of SIM cards. The message was also received by Reddit users claiming to be Verizon employees, which indicates that the scam isn't limited to T-Mobile US alone. 

It is known that SIM swapping is essentially a social engineering scam in which the perpetrator convinces the carrier that their number will be transferred to a SIM card that they own, which is then used to transfer the number to a new SIM card owned by the perpetrator. 

The scammer can use this information to gain access to a victim's cell phone number, allowing them to receive multi-factor authentication text messages to break into other accounts. If the scammer has complete access to the private information of the victim, then it is extremely lucrative. 

SIM swapping is a method cybercriminals utilize to breach multi-factor authentication (MFA) protected accounts. It is also known as simjacking. Wireless carriers will be able to send messages intended for a victim if they port the victim’s SIM card information from their legitimate SIM card to one controlled by a threat actor, which allows the threat actor to take control of their account if a message is sent to the victim. 

Cyber gangs are often able to trick carrier support staff into performing swaps by presenting fake information to them, but it can be far more efficient if they hire an insider to take care of it. In the past, both T-Mobile and Verizon have been impacted by breaches of employee information, including T-Mobile in 2020 and Verizon last year, despite it being unclear how the hackers obtained the mobile numbers of the workers who received the texts. 

The company stated at the time that there was no evidence that some of the information had been misused or shared outside the organization as a result of unauthorized access to the file, as well as in 2010 a Verizon employee had accessed a file containing details for about half of Verizon s 117,00-strong workforce without the employee's authorization.

It appears that the hackers behind the SIM swap campaign were working with outdated information, as opposed to recent data stolen from T-Mobile, according to the number of former T-Mobile employees who commented on Reddit that they received the SIM swap message. As the company confirmed the fact that there had not been any system breaches at T-Mobile in a statement, this was reinforced by the company. 

Using SIM swap attacks, criminals attempt to reroute a victim's wireless service to a device controlled by the fraudster by tricking their wireless carrier into rerouting their service to it. A successful attack can result in unauthorized access to personal information, identity theft, financial losses, emotional distress for the victim, and financial loss. Criminals started hijacking victims' phone numbers in February 2022 to steal millions of dollars by performing SIM swap attacks. 

The FBI warned about this in February 2022. Additionally, the IC3 reported that Americans reported 1,075 SIM-swapping complaints during the year 2023, with an adjusted loss of $48,798,103 for each SIM-swapping complaint. In addition to 2,026 complaints about SIM-swapping attacks in the past year, the FBI also received $72,652,571 worth of complaints about SIM-swapping attacks from January 2018 to December 2020. 

Between January 2018 and December 2020, however, only 320 complaints were filed regarding SIM-swapping incidents resulting in losses of around $12 million. Following this huge wave of consumer complaints, the Federal Communications Commission (FCC) announced new regulations that will protect Americans from SIM-swapping attacks to protect Americans from this sort of attack in the future.

It is required by the new regulations that carriers have a secure authentication procedure in place before they transfer the customer's phone numbers to a different device or service provider. Additionally, they need to warn them if their accounts are changed or they receive a SIM port out request.
Read more »
Verizon
911 service AT&T Consumer Cellular customer complaints Cyber Security Downdetector FBI mobile phone Outage service interruptions T-Mobile USCellular Verizon

Cell Service Restored Following Extensive AT&T Outage

 

AT&T has resolved issues affecting its mobile phone customers following widespread outages on Thursday, according to a company announcement.Throughout the day, tens of thousands of cell phone users across the United States reported disruptions.

Reports on Downdetector.com, a platform monitoring outages, indicated instances of no service or signal after 04:00 EST (09:00 GMT).

AT&T issued an apology to its customers and confirmed that services were fully operational again by early afternoon. The company stated its commitment to taking preventive measures to avoid similar incidents in the future. The cause of the outage is currently being investigated.

Verizon and T-Mobile informed the BBC that their networks were functioning normally. However, they acknowledged that some customers may have experienced service issues while attempting to communicate with users on different networks.

According to Downdetector, AT&T received over 74,000 customer complaints, with significant clusters in southern and eastern regions of the country.

Smaller carriers like Cricket Wireless, UScellular, and Consumer Cellular also reported interruptions in service. Complaints ranged from difficulties with calls, texts, to internet access, with many users reporting no service or signal.

Downdetector's data showed that major cities including Los Angeles, Chicago, Houston, and Atlanta experienced high numbers of outages.

Some individuals also faced challenges with 911 services, prompting officials to advise the use of landlines, social media, or cell phones from alternative carriers in emergencies.

The widespread outage has garnered the attention of the US government, with the FBI and Department of Homeland Security launching investigations, as confirmed by John Kirby, spokesperson for the US National Security Council.

Eric Goldstein, executive assistant director for cybersecurity at the US Cybersecurity and Infrastructure Security Agency, stated that they are collaborating with AT&T to understand the root cause of the outage and are ready to provide assistance as necessary.

Although a confidential memo reported by ABC News suggested no signs of malicious activity, CISA officials are actively investigating the incident.
Read more »
Verizon
Cyber Security and Privacy Data Breach data security Information Leak insider data breaches Verizon

Unraveling the Aftermath of Verizon's Insider Data Breach Impacting 63,000 Employees

In the fast-paced world of digital connectivity, data breaches have become an unfortunate reality that businesses must constantly guard against. Recently, telecommunications giant Verizon found itself in the throes of a security crisis as it grappled with the fallout of an insider data breach, putting critical information of over 63,000 employees at risk.  

The breach, which sent shockwaves through the cybersecurity community, shed light on the vulnerability that even industry leaders face in the evolving landscape of digital threats. As businesses rely more than ever on interconnected systems and digital platforms, the risks associated with insider breaches become increasingly pronounced. Verizon, known for its commitment to providing cutting-edge telecommunications services, has traditionally been at the forefront of cybersecurity measures. However, no organization is immune to the risks posed by insider threats, as demonstrated by this recent breach. 

The incident, first identified by Verizon's internal security team, revealed unauthorized access to sensitive employee data. The compromised information included personal details, employee identification records, and potentially even financial data. With the scale of the breach affecting a significant portion of the workforce, the potential for identity theft, financial fraud, and other malicious activities looms large. 

One of the most concerning aspects of insider breaches is the breach of trust within the organization. Employees, the lifeblood of any company, entrust their personal information to their employers, expecting it to be safeguarded with the utmost care. When this trust is violated, the consequences extend beyond the immediate data compromise. Morale and confidence within the workforce can plummet, impacting productivity and overall company culture. 

Verizon, in response to the breach, swiftly initiated an internal investigation to ascertain the extent of the damage and identify the individuals responsible. The company also promptly notified the affected employees, providing guidance on steps to mitigate potential risks, such as monitoring financial accounts for suspicious activity and enabling additional security measures. The incident serves as a stark reminder of the critical need for robust cybersecurity measures, not only against external threats but also from within the organization. 

As companies increasingly embrace remote work and digital collaboration tools, the attack surface for potential breaches widens, making it imperative for organizations to implement comprehensive security protocols. The aftermath of this breach highlights the importance of continuous employee training on cybersecurity best practices. Employees are often the first line of defense against insider threats, and fostering a culture of awareness and vigilance is crucial in mitigating the risk of such incidents. Regular security audits, access controls, and monitoring systems can also play a pivotal role in preventing unauthorized access to sensitive data. 

The Verizon insider data breach serves as a wake-up call for businesses across industries. The incident underscores the need for a proactive approach to cybersecurity that encompasses not only external threats but also the potential risks lurking within the organization. As technology continues to advance, organizations must adapt and strengthen their security measures to safeguard their most valuable asset – their data – and maintain the trust of their employees and customers alike.

Read more »
Verizon
Cyber Security Law Enforcement Phishing Attacks Ransomware Attacks. Sensitive data Unauthorized access Verizon

Verizon DBIR: Social Engineering Breaches Surge, Driving Ransomware Costs

The annual Verizon Data Breach Investigations Report (DBIR) has revealed a significant increase in social engineering breaches, which have resulted in a surge in ransomware costs. The report highlights the growing threat landscape and the urgent need for organizations to bolster their security measures against these evolving attacks.

According to the DBIR, social engineering breaches have doubled in frequency compared to the previous year. Attackers are increasingly leveraging phishing, pretexting, and impersonation to manipulate individuals within organizations and gain unauthorized access to sensitive data. This alarming rise in social engineering attacks has led to a corresponding spike in ransomware incidents.

Ransomware attacks, in particular, have become a significant concern for businesses of all sizes. The report reveals that the median cost of ransomware breaches has doubled, contributing to the escalating financial impact of cyberattacks. These attacks not only result in financial losses from paying the ransom but also lead to significant operational disruptions, reputational damage, and potential legal liabilities.

The Verizon DBIR emphasizes the importance of proactive measures to mitigate the risk of social engineering and ransomware attacks. Organizations need to invest in comprehensive security awareness training programs to educate employees about the latest attack techniques and how to identify and report suspicious activities. Additionally, implementing strong email security measures, such as robust spam filters and multi-factor authentication, can help prevent phishing attacks.

Regular patching and software updates are critical to addressing known vulnerabilities, as attackers often exploit outdated systems. Network segmentation and robust access controls can limit the lateral movement of attackers within an organization's infrastructure, minimizing the potential impact of a breach.

Furthermore, organizations are advised to establish an incident response plan that outlines the steps to be taken in the event of a security incident. This plan should include procedures for isolating affected systems, notifying relevant stakeholders, and working with law enforcement and incident response teams.

The Verizon DBIR is a stark reminder that social engineering breaches and ransomware attacks continue to pose significant threats to organizations worldwide. With the financial and operational consequences on the rise, it is imperative for businesses to prioritize cybersecurity measures and invest in technologies and practices that can effectively detect, prevent, and mitigate such attacks.

By adopting a multi-layered approach to security, integrating employee training, implementing robust technical controls, and maintaining a proactive incident response capability, organizations can better defend against social engineering and ransomware attacks, safeguarding their critical assets and minimizing the potentially devastating impact of a breach.
Read more »
Verizon
Cloud Security Cyber Security data security Security Breach Security Observability SIEM Verizon

Security Observability: How it Transforms Cloud Security


Security Observability 

Security Observability is an ability to gain recognition into an organization’s security posture, including its capacity to recognize and address security risks and flaws. It entails gathering, analyzing, and visualizing security data in order to spot potential risks and take preventative action to lessen them. 

The process involves data collection from varied security tools and systems, like network logs, endpoint security solutions, and security information and event management (SIEM) platforms, further utilizing the data to observe potential threats. In other words, unlike more conventional security operations tools, it informs you of what is expected to occur rather than just what has actually occurred. Security observability is likely the most significant advancement in cloud security technology that has occurred in recent years because of this major distinction. 

Though, a majority of users are still unaware of security observability, which is something that raises concerns. According to a 2021 Verizon Data Breach Investigations Report, cloud assets were included in 24% of all breaches analyzed, up from 19% in 2020. 

It is obvious that many people working in cloud security are responding slowly to new risks, and a select few need to act more quickly. This is likely to get worse as multi-cloud apps that leverage federated architectures gain popularity and cloud deployments become more varied and sophisticated. The number of attack surfaces will keep growing, and attackers' ingenuity is starting to take off. 

Organizations can embrace cloud security observability to get a more complete understanding of their cloud security position, allowing them to: 

  • Detect and Respond to Threats More Quickly: Cloud security allows firms to recognize and respond to threats fasters, in a much proactive manner, all by collecting data from numerous security tools and systems. 
  • Identity Vulnerabilities and Secure Gaps: With a better knowledge about the potential threats, organizations can take upbeat measures to address the issues before the bad actors could manage to exploit them. 
  • Improve Incident Response: Cloud security observability can help organizations improve their incident response skills and lessen the effect of attacks by giving a more thorough view of security occurrences. 
  • Ensure Compliance: Cloud security observability further aids organizations in analyzing and monitoring their cloud security deployment/posture to maintain compliance with industry rules and regulations, also supporting audits and other legal accounting.  

Read more »
Verizon
Data Leak Privacy User Security User Data User Privacy User Safety Verizon

Hacker Steals Database of Verizon Employees

 

A hacker stole a database including hundreds of Verizon workers' complete names, email addresses, corporate ID numbers, and phone numbers. By calling phone numbers in the database, Motherboard was able to confirm that at least part of the data is genuine. Four persons confirmed their complete identities and email addresses, as well as their employment at Verizon. It's uncertain whether all of the info is correct or up to date.

Another person validated the information and stated that she used to work for the company. A dozen more numbers received voicemails that included the names in the database, implying that they are also correct. Last week, the hacker contacted Motherboard to provide the information. 

The data was obtained, according to the unidentified hacker, by convincing a Verizon employee to grant them remote access to their company computer. At that time, the hacker claimed to have gotten access to a Verizon internal tool that displays employee data and to have developed a script to query and scrape the database. 

“These employees are idiots and will allow you to connect to their PC under the guise that you are from internal support,” they told Motherboard in an online chat. The hacker stated they reached out to Verizon and shared the email that he sent to the company. 

“Please feel free to respond with an offer not to leak you’re [sic] entire employee database,” the hacker wrote in the email, according to a screenshot of it. The hacker stated they would like Verizon to pay them $250,000 as a reward. A Verizon spokesperson confirmed the hacker has been in contact with the company. 

“A fraudster recently contacted us threatening to release readily available employee directory information in exchange for payment from Verizon. We do not believe the fraudster has any sensitive information and we do not plan to engage with the individual further,” the spokesperson told Motherboard in an email. 

“As always, we take the security of Verizon data very seriously and we have strong measures in place to protect our people and systems.” 

While the stolen information does not include Social Security numbers, passwords, or credit card details, it is nonetheless potentially harmful. It might be beneficial for hackers who wish to target corporate employees—or mimic one while speaking with another—in order to get access to internal tools. An attack of this type would offer hackers the opportunity to impersonate Verizon personnel and, if successful, complete access to networks that would allow them to look up individuals' information and transfer their phone numbers, a practice known as SIM swapping. 

For years, hackers have gained access to victims' phone numbers, allowing them to change the target's email password, for example. As a result, the hackers get access to the victim's bank or cryptocurrency account. Hundreds, if not thousands, of people have been victimised by this type of breach in recent years. Several persons have been arrested and indicted in the United States for allegedly participating in these types of cyberattacks.
Read more »
Verizon
Mobile Security Personal Information Phishing scam Spam SMS Verizon

Verizon Phishing Scam Uses Text Messages to Target Customers

 

Verizon subscribers had started to get malicious texts from unknown senders, according to a report published by Phone Arena on Saturday, October 9. Sending messages to a receiver using a suspicious phone number is a phishing technique. The precise contact number is 562-666-1159, and it informs users that their prior month's fee has already been paid. The exact message reads as follows: "Verizon Free Message: Sept bill is paid. Thanks, (first name of the customer)! Here's a little gift for you." 

According to Phone Arena, the majority of Verizon customers have already paid their September bills. As a result, the old invoice suggested that the hacker's message was entirely fictitious. In addition, Verizon is unlikely to deliver a gift to users who have paid their bills in advance. This current phishing attack could indicate that the user's personal information is about to be stolen. 

This attack was similar to what T-Mobile customers experienced previously. Phone Arena said it's conceivable that the phone numbers used to send the phoney messages came from T-Mobile's recent data hack, which affected 48 million members. The text pretended to be from T-Mobile and promised the recipients of the message a $100 free gift as compensation for an outage that occurred somewhere around that time. 

The way T-Mobile was spelled as Tmobile was one of the obvious clues that the whole affair was a hoax. The truth was hidden in the tiny print: the SMS was sent by a marketing firm with no ties to T-Mobile, and the firm was attempting to acquire information about T-Mobile consumers, presumably gathering confirmed phone numbers of the carrier's subscribers.

Coming back to Verizon, the cybercriminals behind the text message will request personal information from subscribers. If a subscriber falls for this ruse, his or her security number, bank account number, and other personal data will be stolen. The threat actor would have access to the required details of a subscriber's Verizon account if this happened. Once the scam is successful, the hackers will order a phone that the user will have to pay for. 

If customers are concerned whether a text or email is real, they should phone the carrier and inquire if someone from that company sent them the message in question, according to Phone Arena. They also recommended that anyone having a wireless account set up a password or PIN to keep their account safe from prying eyes.
Read more »
Vzwpix
Cofense Cyber Attacks Phishing Campaign Verizon Vzwpix

Cofense Report Analysis on Phishing Campaign Utilizing Vzwpix

 

Researchers at the Cofense Phishing Defense Center (PDC) have been able to dig further into the addressing characteristics of one of the phishing attempt that used Verizon's multimedia messaging service - Vzwpix – employing Cofense Vision. 

Verizon's Vzwpix is a genuine multimedia messaging service. It allows users to send emails from mobile phones, which often include the sender's contact number. Fraudsters exploit the popularity of this service by faking an original email address via spoofing. 

Cyber attackers could use these services to mass deliver SMS that comes from a mobile number but does not include the sender's name and identity. If somehow the recipient does not recognize the mobile number, then they might be left speculating who had sent these emails. 

Hundreds of complaints about Verizon's Vzwpix service domain have been obtained by the Cofense PDC over the last week. 

A majority of these messages would be texts or pictures, but investigators are continuously on the lookout for potential risks. Malicious actors used Vzwpix to target potential audiences in a range of sectors throughout the last week. 

According to Cofense PDC, the message received by the users were all in plain text and without any formatting or pictures. It leads to a new voicemail and employs a monetary enticement via ACH transfers.

The link is provided as plain text, informing users of where they will be redirected. It was smart enough to avoid the first assessment from the secure email gateway (SEG) by employing a valid survey application; nevertheless, certain SEGs would've been able to verify the content of the survey via link click. 

The cyber attackers employed Alchemer, a survey form generator that makes it very convenient to design a survey form for users to answer. 

Further research shows that the survey is erroneously designed as a OneDrive login page, although most of the consumers were probably able to assume that this isn't a genuine Microsoft OneDrive login page. 

The continue button is likewise off to the side, giving the impression that the site wasn't intended to be read with a PC web browser. 

While using it from a smartphone, the form layouts are noticeably different. The modified phishing page is displayed within a white box, as well as the button is placed between the entry fields. 

Utilizing Cofense Vision, Researchers were easily able to detect several individuals who received a similar email at their organization. Even though each email originated from the very same phone number, the message IDs were all unique. All the message IDs were indeed associated with the Verizon phone number which sent messages. Each message ID correlates to a separate group of recipients which was listed in the email's "To" address section. 

In the analysis, every group appeared to have a minimum of 10 email accounts, comprising PDC customers and other external domains as well. After excluding the unique domains, researchers were able to ascertain that 50% of all recipients worked in the food production industry. 

The PDC client in these groups worked in the manufacturing industry, however, one of the major subsidiaries in the food manufacturing industry. Another 25% of the targeted domains are in the supply chain and media industries.
Read more »
Subscribe to: Posts (Atom)