Cybercriminals Runs off with 1.3 Million Dollars

-
Internet, Crime, Cyber, Criminal



Another news item caught my eyes today.  The news reports that new and sophisticated Business Email Compromise (BEC) attack has compromised three (3) British Private Equity firms.  The attack involved Phishing for ranking executives of the compromised companies and then actually tampering with the victims' email application.  This enabled the group to intercept and redirect the emails of the executives.  To make a long story short, the hacker group was able to run off with approximately 1.3 MILLION DOLLARS!

This type of cyber attack is nothing new.  Phishing attacks had been victimizing people for years now.  I personally handled cases where an unsuspecting victims lost all their savings because they unwittingly opened Phishing emails that redirected them to fake banking websites.  The victims, s thinking that they are on their bank's website, will then attempt to log in and that's it -- their user ID and password has been stolen by hackers.

To avoid being victimized by these types of cyber crime, here are some tips:

  • Your bank will never email you out of the blue to "verify" your account. All account verification should only happen on the bank's branch office.
  • Your bank will not ask for anything other than your user id and password to log in.  If the website asks for additional information during login (info like celphone number, birthdate, PIN, etc.) immediately close your browser and inform your bank by calling the hotline.  This is an indication of a system compromise.
  • NEVER disclose your account number, card number and other financial and personal information over the phone unless you yourself dialed your bank's phone number to talk to them.
  • Do not post pictures of your ATM card, Bank statement or other personal documents in social media.

The tips above are by no means complete.  There are other ways to protect yourselves from Phishing but those are good habits to have to protect yourselves.

As long as you are careful with your personal information, you can avoid being victimized by cyber crimes similar to this so BE CAREFUL.

Comments

Post a Comment

Popular posts from this blog

GCash Security Scare: Rethinking the Safety of Digital Wallets

-
Image
A few days ago, many people woke up to find unauthorized transactions in their GCash mobile wallets. These transactions, which occurred at a rate of Php 2,000 per transaction, even affected a local actress, drawing widespread attention. While the technical cause of these unauthorized transactions remains a mystery, I believe it’s crucial to address the underlying issue: GCash, and other mobile wallet applications in general, are essentially digital versions of physical wallets. Storing money in wallets, whether virtual or physical, inherently carries risks, with theft being the most significant concern. Physical wallets have been the target of various theft methods, and this raises the question: why do individuals, regardless of whether they use digital or physical wallets, keep a substantial amount of money in their wallets? Wouldn’t it be safer to deposit these funds in a bank or keep them securely at home? While this doesn’t absolve GCash of responsibility, it’s important to recogni...
Read more

When Malware is Digitally Signed by an Anti-Malware Company

-
Image
  In October 2024, a sneaky malware campaign started spreading. The threat actors used a message that looked like it came from the Israeli partner of ESET, a well-known anti-malware company. They targeted Israeli businesses and educational institutions. But here’s the catch: the message didn’t show any signs of having malicious content. Analysts who initially checked out the email thought there was nothing fishy about it. The email warns recipients that their company is being targeted by “state-sponsored threat actors.” It suggests downloading and installing the “ESET Unleashed” app to protect against this threat. The email’s link seems legitimate, pointing to a valid ESET server. The file on the download link contains an executable file (Setup.exe) and four DLL files. Upon closer inspection, it turns out that the DLL files are part of ESET’s anti-virus software, but the EXE file is actually a malicious data wiper but it was digitally signed by ESET. This malware has an interesting...
Read more

Tech Party List, A Satirical List

-
Image
  **WARNING:** This post is not intended for individuals who are easily offended. Should you find satirical content objectionable, please leave this page immediately. YOU HAVE BEEN WARNED. With the Philippine elections coming very soon, One of the most colorful part this national exercise is the proliferation of Party Lists that have a great name recall. In the Philippines, the party-list system is a mechanism of proportional representation in the election of representatives to the House of Representatives. This system allows national, regional, and sectoral parties or organizations to gain seats in the House based on the proportion of votes they receive. The goal of the party-list system is to ensure that marginalized and underrepresented sectors of society have a voice in the legislative process. Each party-list group represents specific sectors such as labor, farmers, women, youth, indigenous peoples, and other marginalized groups. Voters can choose a party-list group during el...
Read more