Cybercriminals are distributing spoofed data-breach notifications that are used to scam unsuspecting recipients and infect their devices with malware. Fraudsters are using malicious SEO methods, Google sites and spam pages to deceive and scam users, according to a report by Bleeping Computer. These were then picked up by Google Alerts, a service that allows users to track any keyword. By clicking on any of these links, users would be directed to web pages containing fake giveaways, advertisements for browser extensions and other scams.
To avoid falling victims to these scams, don't install any browser extensions, plugins or software that these alerts may suggest. In many case, you'll just be asked to fill out a survey to see the "notification," which is harmless as long as you don't have to give up any personal information. In its investigation, Bleeping Computer also discovered a directory of 2, text files that used particular keywords and phrases to appear in Google Alerts.
Most of these were created in this past week, but the oldest can be traced back to July 31, All of this information has been taken from public sources and is based on questions people have, with topics including software products, DIY, vaping, breeding dogs and hardware.
Another fake message urged people to update their Adobe Flash browser plugins, appeared in Google Chrome and Mozilla Firefox and sent users to a fake iPhone 11 competition. Attackers continue to evolve their tactics into lending a false sense of security on their prey and they are extremely good at this. The answer remains in constant vigilance and not to be so quick to click around on a site even if it is thought to be trusted.
Tom's Guide. Thousands of topics In its investigation, Bleeping Computer also discovered a directory of 2, text files that used particular keywords and phrases to appear in Google Alerts.
Topics Privacy. See all comments 0. No comments yet Comment from the forums.Google Alerts helps to spread these fake notifications as the service monitors search results for user-defined keywords. These companies have suffered a data breach at one point in the past. Following any of these links picked up by Google Alerts ends with landing on pages with fake giveaways, download offers for unwanted extensions and malware.
To make it harder to detect their malicious behavior, navigating to the pages directly may not reveal the true nature of the campaign. BleepingComputer found on a hacked website a directory penartdesigner[. All but one entry were last modified this year starting June 11, the vast majority on June The timestamp for the exception, which has the oldest date, is July 31, The information in the blobs of text was copied from public sources and covers an extremely wide variety of subjects. Basically, the fraudsters created this portfolio of files from scraping the internet for issues or questions for which users needed an answer.
As for the topics, they are of the most diverse kind. From various software products note-taking, SDKs, street lighting design, firmware, libraries and DIY construction projects to oil vapes, canine breeding, hardware issues, and teeth aligners. Apart from using compromised websites, scammers may also set up their own pages.
In many cases, they used Google Sites, a tool specifically created for building web pages, to host their content. If you use a Google Alerts or search engine link to arrive at one of these fake data breach sites, the experience is very different compared to going there directly. Clicking on a Google link redirects users through multiple addresses until the final one is reached. What is shown there depends on the user's location. Fake Adobe Flash update notifications were also very common, asking users to install the latest version of the player if they wanted to access the content promised before the redirect.
These fake alerts popped up in both Google Chrome and Mozilla Firefox web browsers. It should be noted that Flash Player will be deprecated in December and current versions of the two browsers no longer support it in the default configuration. Users can still turn it on manually until the software is completely phased out. We also found that one of the malicious links redirected to a fake giveaway for iPhone 11 devices, claiming that it was set up by Google as part of its "Membership Rewards" program.
To make this offer more believable, the notification also claimed that the gift was "exclusively and only for Verizon Fios users" in the region identified for the user. Getting the gift, though, requires completing a survey, which is how the scammers make their money.
If surveys may not cause much damage and only waste a user's time, a browser extension scam can pose a serious risk to your browsing privacy and malware can also be delivered using this method. Typically, extensions can read the pages you access and even modify them; for this, legitimate ones approved in official repositories inform the user and ask for their explicit consent.
A malicious extension, though, can skip this step and collect a user's interests and sell them to interested parties.Minecraft users were targeted directly to enable an online leak of personal details, not developer Mojang, says parent company Microsoft.
Speculation about a cyber security breach at Mojang was sparked by a German media report that email addresses and passwords of more than 1, Minecraft players had been published on Pastebin. This means the Minecraft player details published online were acquired in other ways, such as through email phishing attacks or spyware installed on their computers. Minecraft is a likely target for hackers because of its database of users. The game has more than million PC users, 30 million mobile users, and tens of millions of players on consoles.
Independent security analyst Graham Cluley said usernames and passwords from online services are continually being published online and traded in underground forums.
The Week in Ransomware - January 10th 2020 - Now Data Breaches
He recommends that users of online services check regularly whether their credentials have been posted on the net. Harvesting of passwords by hackers and the development of increasingly powerful password-cracking capabilities has led some IT industry players to seek alternatives to password-based authentication online. The Fido Alliance is one consortium of IT, internet and financial services firms, working together to develop specifications that define an open, scalable, interoperable set of protocols and mechanisms.
The aim is to enable suppliers to create interoperable products and services that allow a wide variety of alternative authentication mechanisms such as fingerprint readers, voice analysis, tokens and smartcards. Abuse of administrator passwords is a key challenge to business and has recently been identified as a key element in the November cyber attack on Sony Pictures Entertainment. A November report that collated input from across the cyber security and forensics industry also revealed that privileged account abuse is common to all targeted cyber attacks.
In the absence of any mature alternatives to passwords, many security consultants are advising the use of two-factor authentication as an interim step to safeguard sensitive data.
Please check the box if you want to proceed. Several organizations have made the decision to continue with digital transformation efforts during the pandemic to better Here are four ways to drive tech savings amid the COVID pandemic that can both yield quick wins and position organizations to To see their companies through the current crisis, CIOs should consider these five strategies focused around IT budgets, Many ransomware attacks aren't publicly disclosed. But as ransomware gangs continue to steal, encrypt and threaten to publicly WLAN technology has evolved dramatically -- most notably, in terms of network speeds and security.
Innovations in Wi-Fi 6 show The future of cellular, Wi-Fi and other wireless communication networks will see these technologies unify to support faster Secure Access Service Edge is the latest technology to garner industry buzz in networking and security. Although it's still For remote IT capabilities, lights-out management tools enable admins to power servers off and on, monitor temperatures and Kernel panic renders your system useless. With an NFS server and kdump crash tool, you can easily perform a root cause analysis IoT tech can make data center operations data-driven and automated.
For a successful implementation, IT managers should evaluate On-site monitoring centers come under stress when it's necessary for most workers to telecommute. Here are key points to include Login Forgot your password?
Forgot your password?Your data is valuable and should belong to you. Nevertheless our online records are exposed on an almost daily basis, with potentially devastating consequences. This blog post aims to provide an up-to-date list of data breaches and hacks.
Your personal information is not safe online. Data breaches happen on an almost daily basis, exposing our email addresses, passwords, credit card numbers, social security numbers and other highly sensitive data.
Unfortunately, most people do not understand the gravity of the problem until it personally affects them through identity theft or other malicious activity. Unsurprisingly however, the rate of identity related crime is exploding, and a recent study claims that there is a new victim of identity theft every 2 seconds in the United States alone.
Keeping in mind that the number of records exposed through data breaches is so high, this is alarming news. One important reason for the malaise is that data breaches have seemingly become an inevitable part of modern life.
We have to register for online accounts in order to participate in a modern society, and have to swallow the fact that the centralized databases containing our information will sooner or later suffer a breach.
That is why SelfKey is working on an end-to-end self-sovereign identity management system which will do a much better job of protecting you from data breaches. State of the breach June AT LEAST 16 billion recordsincluding credit card numbers, home addresses, phone numbers and other highly sensitive information, have been exposed through data breaches since The first quarter of has been one of the worst in data breach history, with over 8 billion records exposed.
Check out Have I Been Pwned to see if your accounts have been compromised by a data breach. Online learning platforms have become increasingly popular targets for data breaches over the past few months as the education world has gone digital.
Unfortunately, OneClass is no exception and left the data of over a million North American students many of them minors exposed on an unsecured Elasticsearch server.
Beware of Google Alerts data-breach notifications -- they could be a scam
US tech giant Oracle owns BlueKai, a company very few have heard of outside of marketing circles but it possesses one of the largest banks of web tracking data outside of the federal government. The company uses website cookies, and other tracking technology, to follow your activities on the web then sells that data to companies and marketing firms. For an unknown period of time, all of that web tracking data was left exposed on a server without a password.
Billions of records were unsecured for anyone to find. The data exposed included names, home addresses, email addresses and other identifiable data including web browsing activity. The details are still fuzzy.
The Postbank in South Africa has had to replace over 12 million bank cards after an unencrypted master key was stolen by employees. The breach specifically affected between 8 and 10 million beneficiaries who receive social grants every month.
Keepnet Labs is a UK security company that initially experienced a breach back in March when a database was exposed containing data that had been previously been exposed in other data breaches.Organizations protect critical assets and sensitive information from the outside world by continually updating their security controls and policies.
However, the origin of a breach is not always outside of the organization, and recently, insider breaches have gained attention amid an increase in the flexibility of tools for information sharing. Insider threats can be accidental or intentional, but the impact of insider breaches remain the same.
Negligence at the organization regarding data privacy requirements and compliance can cause catastrophic data loss.
To implement effective mitigation measures, employees must be aware of their responsibility towards the usage and sharing of data. With recent changes in data protection and privacy laws, various companies have seen a significant impact on their current security practices and controls. Insider data threats are increasing more than ever before, and these threats are a major concern when it comes to risk management for companies.
However, employees denied that they have caused such violations. The report for inspects the development of the effective mitigating approaches that companies have taken to manage insider breach risk. Insider breaches are mainly caused by sharing data to personal systems, followed by the leaking of data to a competitor and then cybercriminals. One of the widespread reasons behind this information and common with the employees who might not have bad intentions is employees taking the data to a new job.
Departing employees take information with them when they feel a sense of personal ownership to it. This reflects that employees perceive the responsibility towards data ownership differently than what is expected from them.
With less defined boundaries, the challenge to protect internal information increases as employees work outside the physical limits, and the home environment changes the attitude of employees towards the data that they work on.
For preventive measures, the first step is to identify sensitive data and the level of confidentiality for all types of data. The employee data is at the top in terms of accidental and intentional data, followed by intellectual property. With new data protection laws in place, customer data ranks third. This includes personally identifiable information. The reality has changed this year due to the enforcement of stringent regulations and compliance requirements for organizations.Fnaf 2020 Teaser Trailer- FNAF Security Breach
InIT leaders were more concerned about reputational impact due to insider data breaches, but inthe main concern is financial implications. This shows that organizations are clear about how non-compliance of privacy regulations is going to cost them.
It is a challenge to get honest answers from employees when it comes to an insider data breach. This clearly shows that there is a gap between the number of reported incidents and the employees who admit and take responsibility for an incident.
Insider breaches are mainly reported by the employees, and an increase in the unwillingness of admitting the truth can lead to an unsuccessful breach detection strategy. In some sectors such as healthcare, financial services and government, the data is highly sensitive, so the associated risk is above-average should the information be sent to the wrong person. Employees are not always thinking as they ought to be regarding data ownership and security responsibilities.
This introduces another layer of complexity to managing these breaches. With the seniority level, the rate of acceptance of data protection liability decreases.
Policies that clearly indicate that all the employees share equal responsibility to protect data can bridge the gap between beliefs and expectations.Ransomware operators targeting the enterprise and stealing data before encrypting computers is the new normal and businesses need to start changing how they react to these types of attacks.
Not doing so will only lead to fines, lawsuits, and the tarnishing of brand image. These attacks no longer only affect the company who was encrypted, but also their customers and employees whose personal data was stolen. Expect to see a wave of new ransomware attacks being orchestrated through this vulnerability. It's been more than six days since a cyber attack took down the services of the international foreign currency exchange company Travelex and BleepingComputer was able to confirm that the company systems were infected with Sodinokibi ransomware.
Satan extension to encrypted files. Ri found a new Kangaroo Ransomware variant that appends the. An example of this is a new ransomware called Ako that is targeting the entire network rather than just individual workstations. Albany International Airport's staff announced that the New York airport's administrative servers were hit by Sodinokibi Ransomware following a cyberattack that took place over Christmas.
The Maze Ransomware operators have released an additional 14GB of files that they claim were stolen from one of their victims for not paying a ransomware demand.
IT giant Cognizant confirms data breach after ransomware attack. The Week in Ransomware - June 5th - Threat actors team up. REvil ransomware creates eBay-like auction site for stolen data. Not a member yet? Register Now. To receive periodic updates and news from BleepingComputerplease use the form below. Learn more about what is not allowed to be posted. January 11, PM 0. New Crypton Aurora Ransomware variant dnwls found a new Aurora Ransomware variant that appends the.
New SatanCryptor Ransomware S! New Somik1 Ransomware S! Roll Safe Ransomware S! Ri found a new ransomware that appends the. New Kangaroo Ransomware variant S! Maze Ransomware Publishes 14GB of Stolen Southwire Files The Maze Ransomware operators have released an additional 14GB of files that they claim were stolen from one of their victims for not paying a ransomware demand. That's it for this week!
Hope everyone has a nice weekend! Lawrence's area of expertise includes malware removal and computer forensics.
Previous Article Next Article. You may also like:. Sponsor BleepingComputer.Between January and September there were over 7.
Google Alerts catches fake data breach notes pushing malware
Although hackers are obvious culprits in uncovering this data, oftentimes they had a helping hand from human error resulting in a data breach. Last year, we also began to see the Federal Trade Commission FTC impose hefty fines and penalties on organizations, such as those relating to the Equifax breach and Facebook data leaksto settle charges of improper handling of Personally Identifiable Information PII.
What does hold? While our hope does spring eternal, with the increase of information insecurity — from exposed databases to phishing attempts, from malware to third-party data leaks — the odds are not looking good.
Note: This post will be continuously updated with new information as additional data breaches are reported. Breaches appear in descending order, with the most recent appearing at the bottom of the page.
The collected Personally Identifiable Information PII included credit and debit card numbers, expiration dates, verification codes, and cardholder names. January 14, An unsecured database on an Elasticsearch server linking back to Peekaboo Momentsan app where parents post images and videos of their children, was left exposed. An undisclosed number of email addresses, geographic location data, detailed device data, and links to photos and videos posted by parents have been impacted.
The app has been downloaded 1 million times since launching in This breach is the latest in a string of Magecart attacks, where hackers install malicious malware in Point of Sale POS systems to skim credit card information. January 22, A customer support database holding over million Microsoft customer records was left unprotected on the web.
Microsoft says the database did not include any other personal information. January 23, THSuite, a point-of-sale system of marijuana dispensaries across the U.
The data breach impacted names, date of births, phone numbers, emails, street addresses, patient names and medical ID numbers, cannabis variety and the quantity purchased, total transaction costs, date received, and photographs of scanned government and employee IDs. February 11, An unsecured database belonging to the makeup company Estee Lauder exposed million customer records.
No payment or sensitive information was impacted but email addresses, IP addresses, ports, pathways, and storage information were disclosed in the database. The total number of affected employees and banking clients remains undisclosed. February 13, The theft of an employee laptop from GridWorks IC, a third-party vendor of Health Share of Oregon, has exposed the personal and medical information ofmembers. The Health Share of Oregon data breach disclosed sensitive data, including names, addresses, phone numbers, dates of birth, Social Security numbers, and Medicaid ID numbers.
February 20, Over The data dump exposed includes names, home addresses, phone numbers, emails, and dates of birth of former hotel guests. In Julyresearchers found million personal records from former guests at the MGM Resorts hotels for sale on the Dark Webhinting that the original breach was larger than previously announced.
February 24, Slickwraps, an online tech customization store, admitted to leaving the information ofcustomers in an unprotected database. The customer information disclosed includes names, email addresses, physical addresses, phone numbers, and purchase histories. March 4, Hackers successfully accessed online accounts of customers of the apparel retailer, J-Crew, through a credential stuffing attack.
Using exposed emails and passwords, the hackers were able to login to an unknown number of J-Crew customer accounts and gain access to stored information including the last four digits of credit card numbers, expiration dates, card types, billing addresses, order numbers, shipping confirmation numbers, and shipment status.
March 11, Whisperan anonymous secret-sharing app, has left member information exposed in an unsecured database. Although the app does not collect names, the database included nicknames, ages, ethnicities, genders, and location data of over million users.
The total number of users affected is still unknown but TrueFire has millions of users worldwide.