Tag: scam

OUTA warns of e-toll malware scam

OUTA has notified members on its Facebook page that a highly suspicious SMS is doing the rounds with regards to e-tolls.

The organisation notes that before members of the public can appear in any court for any matter, they need to be summonsed.

This SMS is a scam to cash in on people’s fear in light of the current uncertainty around e-tolls. The link contains a link to documents which contain malware. The public is advised not to open the link, and to delete the SMS immediately.

Source: MyBroadband

MWEB and Absa clients have been targeted in a new e-mail phishing attack, where they are asked to open an attachment aimed at stealing their private information.

The email asks users to open an HTML attachment, which in turn opens a form in a browser which steals the victim’s personal details.

In the past, executable keyloggers were attached to emails to steal account information from victims.

However, most security services now block users from opening an attached executable file, as most of these files are malicious.

Scammers are now using HTML pages as attachments, where users are asked to provide their personal details in what appears to be a legitimate website.

In these scams, users are encouraged to open the attached email file, which opens in a browser and requests their username and password for a service.

This information is then sent to the criminal’s email address using a basic PHP script.

MWEB and Absa scam email
This is the method used in the latest email scam which is targeting MWEB and Absa clients.

The email, which claims to come from MWEB – but is sent from “info@mailsynk.co.za” – tells users that their “invoices and/or receipts and statement that you requested attached to this email”.

The attachment is the phishing page, which in this case uses the domain “jehovalchristofficeinternatona.co.za” to host the scripts.

Without looking at the HTML code, there are many warning signs that this is a scam email:

  • The email does not come from MWEB or Absa. It should be noted that an email which comes from an @mweb.co.za or @absa.co.za does not automatically mean it is authentic.
  • The email is poorly structured and contains poor grammar.
  • There is no personalisation in the email, with a user’s name or account details.
  • It mentions a PDF file, but the attachment is a .htm file.
  • Users are asked to provide their personal details to view a file – a clear sign it is a phishing attack.

By Adiel Ismail for Fin24 

Goliath and Goliath CEO Kate Goliath is encouraging small businesses to ramp up security measures after her comedy and entertainment agency fell victim to invoice intercepting as a result of e-mail hacking.

Goliath and Goliath is out of pocket to the tune of more than R300 000, while its subsidiary The PR Bailiff has been scammed out of R20 000.

The hackers gained access to the company’s emails and requested clients to make payments to a different bank account.

Goliath told Fin24 that small businesses shouldn’t just rely on tech companies to educate them about cybercrime.”Find out as much information about how hackers get into the systems so that you are aware of what service providers need to offer,” she said.

“Be vigilant. Protect your business and insure the technical side of your business as well.”

The company opened a case with the police and is in the process of sending a subpoena to the bank where the funds have been deposited.

Afrihost said it will work with the police to further investigate the incident. “We strongly believe this was a case of phishing,” a representative told Fin24.

Entertainment and media high risk for cybercrime

“We have noticed that some banks are posting warnings before a client makes a payment to verify that the bank details they’re using are correct. We assume that this is because of an increase in these types of phishing attacks.”

Cyber incidents rank top in the entertainment and media, financial services, technology and telecommunications industries, according to the Allianz Risk Barometer 2018.

The report revealed that cyber incidents remain a top threat with 38% of responses for South African businesses, which is reported to lose billions of rands a year to cyber attacks.

The three Goliaths – Jason, Donovan and Nicholas – do stand-up comedy and entertains at workshops, conferences, award ceremonies and events.

Craig Rosewarne, Managing Director at Wolfpack Information Risk, which is a threat intelligence firm that specialises in understanding and predicting cyber threats, said small and medium businesses are just as vulnerable as big businesses when it comes to hacking.

“Their challenge however is that security is often the last thought until they get stung and end up either losing a substantial amount of money or leaking their customer’s sensitive data,” he told Fin24.

Wolfpack has assisted many small and medium sized businesses whose invoices have been hacked, said Roseware. In this regard it has found three common causes:

1. Attackers will perform reconnaissance on key individuals in IT / Finance / Execs and send a targeted spear phishing email to target their machines for access or further information

2. Spyware is loaded on their devices that record keystrokes and take screenshots for the attacker

3. Compromising their online hosting / email platform and adding in rules for any email that has the word “invoice” or “payment” – to send a duplicate email to the attacker’s gmail or “burner” account.

Tips for companies

Roseware suggested that companies under attack should conduct an independent risk assessment and obtain guidance on how to mitigate risk.

“Employees should also be made aware of risks and this should be backed up with an information security policy signed by staff and contractors.”

He also stressed the importance of having up to date anti-malware software on all devices that process sensitive information.

Cyber risk is fast becoming the number one risk facing countries, governments and organisations, noted Roseware.

“In all of these scenarios it often boils down to an individual that gets compromised so cyber awareness is key in both your business and personal lives.”

Source: Randburg Sun 

There’s a new parcel delivery scam that post office users should remain alert for and guard against, Southlands Sun reports.

The SA Post Office warned the public to be on the alert for the new scam which is designed to defraud them.

The conmen place phone calls to members of the public, alleging to be from the Customs division of the SA Post Office. The caller informs them that a parcel is ready for collection, provided they first pay ‘customs fees’ into a bank account.

The SA Post Office insisted that it does not require customers to make any bank deposit before parcels are released. In instances where a SARS levy import tax is payable on parcels from abroad, the import tax must be paid at the Post Office counter when the item is collected. The customer will receive a point-of-sale receipt for this payment.

Where the Post Office has the recipient’s cellphone number, the customer will receive an SMS requesting them to collect the parcel at a specific branch. The SMS will not request funds to be deposited into an account.

Members of the public who have information regarding this scam are requested to call the police or the Post Office’s crime buster hotline on 0800-020-070.

The SA Post Office advises the public to ignore communication of this nature.

Over 27‚000 cryptocurrency investors have fallen victim to one of the biggest Bitcoin scams to hit South Africa, TimesLive reported.

Hawks spokesman Captain Lloyd Ramovha confirmed the commercial crimes unit was investigating complaints against BTC Global‚ a company which asked investors to send their cryptocurrency to an online wallet address.

Many of the victims were South African, but the extent of the scam spread to the US and Australia.

“The amount is over $50 million and could rise as more victims come forward‚” said Ramovha.

He said the company was being investigated for violating the Financial Advisory and Intermediary Services Act, but could not confirm whether it was a Ponzi scheme or if the people behind it are South African.

Victims from South Africa told TimesLive they had invested between R16‚000 and R1.4 million with BTC Global.

BTC Global’s selling point was the skill of its “master trader” Steve Twain, whom many victims believe does not exist.

BTC Global promised investors that if they sent their Bitcoin to its wallet address they would receive guaranteed returns of 14% per week.

Its website now displays a message which states that Steven Twain is missing and calls for victims to stop threatening harm to the admin team.

Source: MyBroadband

A new banking scam whereby fraudsters remotely take control of your PC over the Internet to gain access to consumer’s online banking profile is currently doing the rounds.

This is according to First National Bank (FNB), which alerted consumers about the latest festive season scam.

In a statement, FNB says fraudsters are sending unsuspecting consumers fake emails notifying them that fraud has occurred on their respective bank accounts’ or credit cards.

Soon after the email is sent the customer receives a call from a fraudster claiming to be from their bank and offers to help block any fraudulent transactions by first requesting the customer to install “protection” software on their computer, which allows the fraudster to gain full control of the computer remotely.

Kovelin Naidoo, cyber security officer at FNB, says fraudsters are employing carefully constructed scamming tactics that have the ability to trick even the most vigilant customer if they are not aware of the modus operandi.

“If someone calls you and requests your personal banking details or to install remote access software on your computer, please end the phone call and contact your banks’ fraud contact centre. FNB will never ask you to share your OTP to reverse pending transactions or to block your banking profile,” cautions Naidoo.

He adds: “As access to banking services through digital channels continues to grow, so does the prevalence of banking scams, therefore we urge consumers to always be vigilant and familiarise themselves with the different types of digital banking fraud, as well as the security measures provided by their respective banks.”

How fraudsters use the software to defraud consumers:

  • The fraudster calls the customer and offers to help them block any fraudulent transaction by asking him/her to download and install “protective” PC software.
  • The customer downloads the software, and with the help of the fraudster, installs it.
  • Once the software is installed, the fraudster asks the customer to log into his/her personal online banking profile.
  • After logging in, the customer’s computer goes blank. Shortly afterwards, he/she starts receiving OTP (one-time pin) SMS’ to confirm transactions he/she did not perform.
  • The fraudster then reassures the customer that these are fraudulent transactions and requests that he/she forwards the OTPs so that they can be blocked or reversed immediately.
  • The fraudster then uses the OTPs forwarded to him/her to process the pending transactions and defrauds the customer.

Source: IT Web

Fake WhatsApp affects millions of users

Around 1 million users have downloaded a fake version of WhatsApp which appeared on Google Play.

Reddit’s forum users noticed that it was a hoax. Users who didn’t notice this and downloaded the fake app ended up with a major amount of adverts rather than a messenger app.

According to Hacker News, the reason this spoof fooled so many people is because whoever created the App and who put it in the Play Store did so under the name “WhatsApp Inc”, which is the same name the maker of the world-famous app uses. However, Fortune Magazine says that it is not the most uncommon incident.

Fortune points out that when you search for “WhatsApp” on Google Play, it currently shows no fewer than seven spoof apps using slight variations on the developer name “WhatsApp Inc.”
All of them have four-star review averages, due to Play’s review system.

So remember to watch out before downloading off Google Play or ask a friend to send you the original App via file sharing apps such as SHAREit.

What happened?

WhatsApp fraudsters have tricked more than one million people into downloading a fake version of the chat app from the Google Play Store.

WhatsApp users downloaded the ‘Update WhatsApp Messenger’ from the Android app store as it looked it was from the company that makes the popular app.

The Google Play Store page for the fake app claimed the programme had been developed by WhatsApp Inc, the creators of the instant messaging app.

However, it was instead a fake app that contained adverts and download malicious software onto a user’s device.

The developers made it look like a legitimate app by using virtually the exact same name as the developer WhatsApp Inc.

However, they replaced a space that appeared in the name with a character that made the one defining difference look invisible.

This made it almost impossible for an Android smartphone user to detect the different between the real WhatsApp app and the fake version.

How to check if your WhatsApp is fake

To start with, go to Settings and then find the Apps section and click on WhatsApp.

Then under Store you should see the option to check the App Details.

This should then take you to the Google Play page which shows the app has been downloaded more than one billion times.

The developer for the app should be WhatsApp Inc and it should have a PEGI 3 rating.

If any of these details are different, alarm bells should be ringing and you should delete the app to find the official version.

You can also download an anti-virus to clean up any malicious software that may have been installed on your smartphone.

The news comes after over the weekend Express.co.uk warned about another fake app that had appeared on the Android app store.

The bogus programme appeared to be a fake version of the upcoming WhatsApp business app and was available to download from the Android app store.

Alerting users to the issue one Android user on Google Play complained that the app was full of adverts, while another claimed it was being used for “data theft”.

The fake app was flagged up by tweeter @MujtabaMHaq and WABetaInfo, a Twitter account about all things WhatsApp.

It has since been deleted from the Google Play Store.

Source: IOL; Dion Dassaayake for Express

New Gumtree scam uses Uber drivers

A MyBroadband reader recently faced a scam involving Gumtree, Taxify, and his iPhone 7 Plus.

It started when he posted his iPhone 7 Plus 256GB on Gumtree, and received five calls to purchase the device on the first day.

“All of them said they do not use WhatsApp. All said they will send an Uber to collect. All offered to send documents,” he said.

Scammers appear to be trawling Gumtree for high-value items, like an iPhone, then try to steal them by offering to purchase the item, and sending forged documents and notifications.

This is done when potential victims agree to accept an EFT.

The scammer knows which bank the victim uses and sends an SMS stating a deposit has been made into their bank account from a different bank.

This is so they have an excuse for why the money hasn’t cleared if checked. They then send an SMS that looks like a deposit notification from the victim’s bank.

Scam

In the reader’s case, the scammer said he was sending his “friend” to collect the iPhone after he had made the “payment”.

The “friend” turned out to be a Taxify driver, who had little knowledge of the person he was collecting the phone for.

The reader said after handing his device over, he felt something was wrong, and went to the guard house where he stays and got the driver’s number from the sign-in book.

He called the driver, explained he thought the collection was a scam, and the driver returned – cancelling the trip.

The scammer the driver did the pickup for was a cash customer, who then contacted him and offered R1,500, then R3,000, to complete the delivery. The driver declined.

“These criminals are using Uber and Taxify with cash payment options to get the drivers to do the hard work and collect the items from victims,” said the reader.

Fighting cons

Gumtree said fraudulent proof of payment is not new in online marketplaces.

“Although we haven’t seen many cases like this, it seems that Uber or Taxify is another way of making it harder to trace the actual perpetrator,” said Gumtree.

“We urge community members to inform us via our 24/7 contact centre if they encounter a suspicious buyer or seller.”

Gumtree stated that victims or potential victims must also contact the SAPS about any scam incidents.

The company said it will speak to Uber and Taxify to collaborate and combat this activity.

Uber recently introduced new safety features which require cash riders to link a Facebook account to their Uber profile, which it verifies, before using the service.

Called Social Connect, only new sign-ups are currently required to link their Facebook account.

Uber said there is potential for Social Connect to expand to existing users in future.

Taxify did not respond to requests for comment.

Safety features

One way to avoid falling victim to a scam is to use a third-party escrow service, like Shepherd – which is offered by Gumtree in conjunction with Standard Bank.

The service charges 3.95% of the transaction value, with a minimum charge of R30.

Shepherd also charges separately for its shipping service – starting at R100 for items below 2kg, and R169 for items up to 10kg.

“If you opt not to use Shepherd, always check that funds have cleared before handing over goods,” said Gumtree.

By Jan Vermeulen for MyBroadband

Beware this Apple phishing scam

A new Apple phishing scam is doing the rounds.

The scam informs user that their “Apple ID’ has been locked and threatens them with the fact that their information is now insecure.

In order to fix the “issue”, users are requested to follow a link which looks on the surface like an Apple-related site. Browsers and anti-virus quickly block the site as suspicious.

How to identify a scam e-mail

Spam, scam e-mails and phishing: every day we receive hundreds of e-mails that may or not be linked to criminals trying to steal information from us.

My Office News took a look at an email we received and dissected it piece-by-piece to show you how to identify spam.

 

When the short link is clicked, it redirects to a site that downloads malware to your device.

Should you receive an email from someone claiming to be a service provider (such as a bank or ISP), rather call their main office to check the validity of the information.

  • 1
  • 2

Follow us on social media: 

               

View our magazine archives: 

                       


My Office News Ⓒ 2017 - Designed by A Collective


SUBSCRIBE TO OUR NEWSLETTER
Top