The Weekly Top 3 are the three most relevant news stories for the week that are related to phishing scams and activities reported in the media, security blogs and security magazines on the Internet. This week, we look at phishing activities related to HSBC, Time Warner and a Ukrainian power outage.
Christmas is finally over and consumers are now worried about their spending habits over the Christmas break. Scammers are using this opportunity to trick consumers into divulging their bank account information and the login credentials to their online banking account. Two different phishing e-mails were circulated earlier this week targeting the customers of HSBC and NatWest respectively. The e-mails appeared to be sent by these banks and stated that the customer's account was disabled because of "security reasons". In order to enable access, the customer would have to click on a link in the e-mail and login to their account. However, the malicious link in the phishing e-mail lead to a fake banking website, which was used to collect the customer's personal and bank account information, as well as their login credentials. Click the link below to read more.
http://metro.co.uk/2016/01/01/dont-be-the-chump-who-falls-for-this-hsbc-scam-5595376/
The Federal Bureau of Investigations (FBI) informed Time Warner Cable that there was a breach of their systems and hackers may have stolen the personal information of 32,000 customers. As a result, Time Warner began informing customers about the breach and requested them to change their password to their accounts. The Time Warner company has not been able to determine the cause of the breach, but they have stated that it was likely the cause of a phishing attack or a breach of third-party systems containing customer information. Click the link below to read more.
http://venturebeat.com/2016/01/06/time-warner-cable-advises-320000-customers-of-possible-hack/
Just before Christmas, 1.4 million Ukrainian people were left in the dark for several hours. The reason for this power outage at the Prykarpattya Oblenergo utility company was a malware named the BlackEnergy trojan. According to security researchers at ESET, the malware may have been delivered to the power utility through a phishing e-mail containing a Microsoft Word document. This malicious attachment contained a VBA marco, which was used to infect the victim's computer with the malware. Once the malware took over the infected computer, it made its way to the SCADA (supervisory control and data acquisition) systems, which control the plant's electrical systems. It would then deliver its malicious payload to these SCADA systems, which forced the system to shutdown and no longer function. Click the link below to read more.
APHC