Tag: scam

Beware this uncapped data scam

By Hanno Labuschagne for MyBroadband

Mobile users in South Africa should be wary of scammers claiming to offer data or airtime packages at suspiciously low prices.

An online-based scam which claimed to sell unlimited prepaid data, voice calls, and messaging bundles was recently pointed out by MyBroadband Forum members.

A party calling itself “Unlimited Prepaid Bundles” was selling several mobile products which it claimed worked on Vodacom, MTN, Cell C, and Telkom’s networks.

The scammers had also taken out sponsored ads on Facebook for these “unlimited” bundles.

Upon visiting the Facebook page for “Unlimited Prepaid Bundles”, we discovered several early warning signs of trouble.

The first was the suspiciously low pricing of the bundles, which included an uncapped monthly data bundle at R249 and yearly uncapped data at R799.

After MyBroadband lodged these queries, the Facebook page and website of the scammers were taken down.

MyBroadband notified African Bank of the site and provided the details of the bank account which was being used to scam buyers. The bank confirmed it had launched a forensic investigation into the account.

Source: Talk of the Town

The SA Social Security Agency (Sassa) has warned the public not to be duped by a fake e-mail doing its rounds in which an “official” calls for people to contact its offices regarding a tender for the three-year supply of food parcels in the Free State.

Sassa spokesperson Sandy Godlwana told TimesLIVE that the agency was concerned that members of the public “will find themselves having to pay money with the hope that they will get the tender, where this is fake and a scam”.

The fake correspondence has been sent in the name of Sassa regional executive manager Themba Matlou.

“This misinformation is devoid of truth and is tantamount to causing chaos and anarchy which may lead to unrest and the undesirable consequence of damage to government property,” said Matlou in a statement issued on Monday night.

“The process to appoint service providers has just started and is only an evaluation process. Successful bidders will be duly contacted through proper channels at an appropriate time.

“The agency warns all bidders against this scam and any other bid where people purport to take money claiming they are from Sassa.

“The social relief programme is intended to assist to meet basic needs of indigent persons by means of rendering temporary and immediate material assistance in response to a crisis.We are working around the clock to ensure that suitable service providers are appointed in line with Sassa supply chain prescripts,” he said.

New push notification scam hits SA

Source: Business Insider SA

Push notifications allow websites to send alerts to your phone. These kind of notifications are popular for breaking news, with many media news sites sending alerts to subscribers.

You must subscribe to receive push notifications online. But criminals are building copycat sites that look like reputable platforms, and you may in fact be subscribing for harmful push notifications.

“While originally (push notifications) were meant as a tool for rapid information of users on breaking news, today they can be exploited to target shell websites visitors, filling their devices with unsolicited ads and sometimes links to potentially dangerous websites,” says cybersecurity firm Kaspersky’s Artemy Ovchinnikov.

“To achieve that, users are hoaxed into subscribing to notifications, for example, by passing subscription consent off as some other action. The victim ends up subscribed to ad deliveries, while at the same time quite unable to get rid of the annoying messages, being unaware of their source or origin.”

In the past month, Kaspersky has intercepted more than 181,000 of these unwanted push notifications to South Africans.

The good news is it’s easy to get rid of these unwanted push notifications, you don’t need specific coding skills, says Ovchinnikov. You can turn pushes off by changing your browser settings.

How to remove notifications in Google Chrome:

  • Click the menu icon (the three dots in the upper right corner of the browser)
  • Select Settings
  • Scroll down the page that opens and click Advanced
  • Among the options, go to Site Settings
  • Open Notifications
  • Under Allow, click the three-dot icon next to the address of the website from which you do not want to receive notifications
  • Select Block

You can also install a security solution on your device and avoid getting annoying notifications or scam ads by making sure you are not redirected to a fake website when you subscribe.

“Where possible, block all subscription offers, unless they come from popular and trusted websites,” says Ovchinnikov.

Whatsapp Stokvels are back

By Bombi Mavundza for Business Insider SA

Despite the name change, the ‘stokvel’ still has the same modus operandi. Members deposit R200 – and hope to make huge profits.

The National Stokvel Association of SA (Nasasa) has previously warned South Africans that WhatsApp stokvels are most likely to be pyramid schemes rather than genuine savings vehicles – and those who have joined them have probably been scammed.

Like most pyramid schemes, the first few to join received a pay-out, but those who followed often lost all their money.

Many victims who have joined such stokvels in the past have seen group administrators disappear after making payments into the stokvels.

According to Nasasa founder and chairperson of Nasasa, Andrew Lukhele, scammers were using the popularity of stokvels to create pyramid schemes and take advantage of people.

Traditional stokvels are based on trust where everyone in the stokvel knows each other, and the terms of payout have already been set.

The Whatsapp scams often involves anonymous people, so it is impossible to track or trace the money when it disappears.

A stokvel, derived from “stock fair”, is a savings scheme where a group of people come together to save or increasing invest together.

Source: Abnormal Security

Attackers have been impersonating notifications from Microsoft Teams in order to steal the credentials of employees. Recently, Microsoft Teams has seen one of the largest increases in users as a result of the shift to remote work given the ongoing COVID-19 pandemic.

Since the onset of the COVID-19 outbreak and the shift to remote work, there has been a remarkable increase in the usage of collaboration software. This particular attack impersonates Microsoft Teams, one of the leading collaboration software tools in widespread use.

Email attack
These attackers crafted convincing emails that impersonate automated notification emails from Microsoft Teams. The landing pages that host both attacks look identical to the real webpages, and the imagery used is copied from actual notifications and emails from this provider. In one of the attacks, the sender email originates from a recently registered domain, “sharepointonline-irs.com”, which is not associated to either Microsoft or the IRS.

Payload
Attackers utilise numerous URL redirects in order to conceal the real URL used that hosts the attacks. This tactic is employed in an attempt to bypass malicious link detection used by email protection services:
In one attack, the email contains a link to a document on a domain used by an established email marketing provider to host static material used for campaigns. Within this document there is an image urging the recipient to log in to Microsoft Teams. Once the user clicks this image, the URL takes the recipient to a compromised page which impersonates the Microsoft Office login page.
In the other attack, the URL redirect is hosted on YouTube, then redirected twice to the final webpage which hosts another Microsoft login phishing credentials site.

Result
Should the recipient fall victim to this attack, this user’s credentials would be compromised. Additionally, since Microsoft Teams is linked to Microsoft Office 365, the attacker may have access to other information available with the user’s Microsoft credentials via single-sign on.

Why is this attack effective?

  1. Convincing e-mail and landing page – the email and landing page the attackers created were convincing. The webpages and the links the email direct to are visually identical to legitimate Microsoft Teams and Microsoft login pages. Recipients would be hard-pressed to understand that these sites were set up to misdirect and deceive them to steal their credentials.
  2. Timing – given the current situation, people have become accustomed to notifications and invitations from collaboration software providers. Because of this, recipients might not look further to investigate the message.
  3. Urgency – a recipient may feel more compelled to quickly login to access the page because of the urgency felt when contacted by a coworker.

Beware of these corona-related scams

The South African Banking Risk Information Centre (SABRIC) has warned bank clients that cybercriminals are exploiting the current “Coronamania” panic to spread Coronavirus scams.

Coronavirus scams exploit people’s concerns for their health and safety and pressure them into being tricked using social engineering. Social Engineering is manipulative and exploits human vulnerability because criminals know that the weakest link in the information security chain is the human being.

These new scams include spoofed emails offering products such as masks, or fake offerings of vaccines, leading to phishing websites. These emails come from seemingly realistic and reputable companies which manipulate people into clicking on links. Some of these websites prompt the user for personal information which ending up in the hands of cybercriminals.

Cybercriminals are also using SMS Phishing, more commonly known as SMishing, to trick victims into clicking on a link disguised as information on a Coronavirus breakout in their area to steal their credentials. Some of these texts claim to provide free masks or pretend to be companies that have experienced delays in deliveries due to the Coronavirus.

Once criminals have the correct level of confidential information about a victim’s bank account, they can impersonate the victim and transact using the correct credentials but without authority.

“Although some spoofed emails can be difficult to identify, we urge bank clients to think twice before clicking on any link, even if an email looks legitimate. Any suspicious emails should not be opened and are best deleted,” says SABRIC acting CEO, Susan Potgieter.

SABRIC urges bank clients to take note of the following tips to protect themselves:

Phishing and SMishing

  • Do not click on links or icons in unsolicited emails
  • Never reply to these emails. Delete them immediately
  • Do not believe the content of unsolicited emails blindly. If you are concerned about what is being alleged in the email, use your own contact details to contact the sender and confirm
  • Check that you are on the authentic/real site before entering any personal information
  • Do not click on links or icons in unsolicited SMSs
  • Do not reply to these SMSs. Delete them immediately
  • Do not believe the content of unsolicited SMSs blindly. If you are worried about what is alleged, use your own contact details to contact the sender to confirm
  • Regard urgent security alerts, offers or deals as warning signs of a hacking attempt

SABRIC (South African Banking Risk Information Centre) has warned bank clients to protect their mobile devices.

The theft of mobile phones is not a new phenomenon; however, there is an emerging trend where mobile phones that are being snatched from owners, affording criminals the opportunity to gain access to the victim’s personal and even confidential information which can then be used to commit crime.

Mobile phones are a convenient way to stay connected. They enable easy access to family and friends, make it possible to access vast stores of online information and can provide hours of entertainment. Despite these benefits you must always remain vigilant because your mobile phone stores far more information than you may be aware of. This is even more applicable if you use your mobile device to do your banking. Remember, your phone is equal to a bank card and could even act as a gateway to your bank account

“Personal information is a valuable commodity for criminals and because so much of it is on our phones, we need to take mobile security very seriously,” says Susan Potgieter, acting CEO of SABRIC.

There are a number of ways that criminals could access information stored on your mobile phone if it is stolen, to try and defraud you:

  • Criminals access all open applications on your unlocked phone and view your sensitive data
  • Social engineering is used to obtain your usernames and passwords stored in the cloud
  • Vishing might occur, where criminals call you and manipulate you into believing that they are from the bank to coerce you into revealing confidential information like PIN’s or passwords
  • Phishing occurs where you are sent an email, which you believe to be from the bank or a legitimate service provider, which asks you to click on a link that requests your PIN’s or passwords. Once your password has been compromised on your snatched phone, all other credentials are available and may be exploited.
  • Your credentials could also be compromised through shoulder surfing in public places such as restaurants.

In the event that your mobile phone is lost or stolen, borrow a phone and contact your bank immediately so that they can deactivate your banking app, block cards on other apps containing your bank card details and block your bank account. Make sure you always have your banks hotline number stored somewhere other than on your mobile phone. If you have activated the ‘Find My iPhone’ or ‘Find my Device’ facility from the web to locate or wipe your device, be aware that fraudsters may attempt to Vish or Phish you. If you receive an email or SMS after doing this, don’t click on any links as these are not safe.

“When a bank client’s mobile phone is stolen, they tend to focus on protecting their photos and social media profiles, however, their highest priority should be protecting their money,” concludes Potgieter.

Tips for banking clients

PINS and passwords

  • Reset/change your passwords and PINs often
  • Set different and complex passwords for each app or service. Ensure that these are not stored on a password manager app or on the phone itself
  • Never save your banking app username and password on your device in the contacts or notes
  • Never autosave your banking app username and password on your device
  • Disable the autosave function on your smart phone
  • Ensure that you have set additional security controls on your device for adding biometrics such as fingerprint or facial recognition, for instance you can enable your device to ask for the device password to add another person’s biometric on your device.

Behaviour

  • Do not click links in SMSes or emails stating that your lost or stolen device has been located as criminals use this as a way to get your banking app credentials
  • Always be vigilant by being aware of who is around you when using your phone in public

Your device

  • Treat your mobile device the same way you would treat your bank card
  • Pickpocketing is prevalent so ensure that your handbag or and backpacks are properly closed or zipped
  • If your mobile device is lost or stolen notify your Bank immediately to freeze your banking profile and prevent the perpetrators from using your banking app
  • In addition, contact your mobile service provider to block/stop your SIM card and handset to prevent criminals from getting any One Time PINs for fraudulent transactions
  • If your Apple device is stolen, log onto to your iCloud account to restore all factory settings so that all your personal data is wiped from the device
  • Avoid using Public WiFi “hotspots”. It is risky to connect your smartphone to just any available WiFi hotspot. Savvy hackers can spoof a WiFi connection and gain access to usernames and passwords stored on your smartphone
  • Consider keeping your banking app on two devices – this will enable you to block the stolen mobile from the other device and also change the log in credentials at a moment’s notice. Most banks will still ask you to call them to report the theft to ensure that all access is blocked for the stolen phone. Your bank can also advise how to get passwords changed
  • When calling the bank to report the phone as stolen, request that they place a temporary hold on your entire account to allow you the time to change, replace and update all of your info

Banking app

  • Always log out of your banking app manually once you have finished transacting
  • Keep your daily EFT and ATM limits low as some banking apps and internet banking profiles will require that contact be made with the bank before the limit can be increased on your profile

By Phillip de Wet for Business Insider SA

Scammers are separating helpful South Africans from their money in what appears to be a wave of fraud that relies on hijacking WhatsApp accounts – and then simply asking for money.

The scammers first take control of a victim’s phone number, usually by porting the number to a new service provider, and so associating it with a SIM card under their control. That allows them to receive confirmatory SMSes from WhatsApp, and so take control of an existing account, while the now-offline victim is none the wiser.

Now able to impersonate the victim, the scammers access the phone numbers of friends and acquaintances, in many instances seemingly just waiting for incoming messages, or by way of WhatsApp groups to which the victim belongs. Then they simply ask for money.

Number porting has in the past often been used to intercept one-time PIN (OTP) numbers – but that requirers scammers to have control of bank accounts, either by skimming credit card information or stealing login details for online banking.

In the current wave of scams, the attackers do not need such access. Friends of victims are asked to send money via services such as First National Bank’s eWallet, which sends the code required to withdraw money from an ATM via SMS – with the cash immediately available.

As of Wednesday it was not yet clear how widespread the new scam was, with network operators saying they were detecting only a small number of fraudulent attempts to port numbers – while many people said they were receiving worrying notifications, or had already seen their friends approached for money.

Here’s how to protect yourself against both sides of the latest WhatsApp hijacking scam.

Turn on security notifications in WhatsApp.
WhatsApp security code settings
WhatsApp will alert you when a contact changes their phones – if you let it. For those in many big WhatsApp groups – with people who like to switch phones – the constant messages that a contact’s “security code has changed” can becoming annoying, so some people turn it off.

If you are one of those people, turn those notifications back on by going to “settings”, then selecting “account”, and from there “security”.

Should a “friend” ask for money shortly after their security code changes, be extremely suspicious.

Don’t ignore porting SMSes.
Cellphone companies will send out notification, by SMS, before porting a number – but will consider no response as permission. If you receive an SMS that warns your number is to be ported, do not ignore it.

If you are worried that message might be a scam in itself, phone your network provider on the usual service number.

Don’t turn off your phone if you’re getting annoying calls.
Some victims of porting say they were bombarded by annoying phone calls before their numbers were hijacked. The idea behind constantly ringing your number is to make you turn off your phone – so that you won’t receive porting notifications, and won’t notice you have suddenly been kicked off the network.

If someone keeps phoning then putting down the phone before you can answer, or you keep receiving calls with nobody on the other side, assume you are being scammed, and rather put your phone on silent while watching out for SMSes.

Don’t ignore a loss of cellphone signal.
If your phone suddenly won’t connect to your mobile network – and you aren’t in the middle of nowhere, or in an area being load-shed – assume your number is being hijacked, and get in touch with your network service provider as soon as possible.

Don’t register a new WhatsApp account if you change phone numbers, update your number instead.
Some victims of WhatsApp identity fraud believe they were impersonated after their former, abandoned cellphone numbers were recycled by network operators.

If you are switching numbers and want to be sure nobody can pretend to be you in future, you can change the phone number associated with your WhatsApp account.

If you really care about your security, enable the PIN function on WhatsApp.
WhatsApp 2-step verification
For ultimate protection, you can create a six-digit PIN number in WhatsApp, without which it should be impossible to register on the service – so that no number-porting scam or other mechanism will let someone steal your identity.

There is no better way to protect yourself, but this two-step verification measure comes with a couple of caveats. If you do not associate an email address with that PIN, or lose access to the email address you register, you are in deep trouble if you ever forget your PIN. Also, WhatsApp will from time to time demand the number from you, which could get annoying.

The PIN activation is under “settings”, “account”, and then “two step verification”.

Five DStv scams to avoid this Christmas

By Tom Head for The South African

If you’re a subscriber to the network, take note. At least five major DStv scams have been identified this year: here’s how to play it safe.

‘Tis the season to be cautious, folks. There are a myriad of DStv scams waiting to trip-up some unsuspecting victims this Christmas. The network have confirmed that a number of schemes have already been detected, and bosses have raced to warn South Africans about the dangers they face.

It isn’t just the technophobes and boomers that are getting duped by the sophisticated rouses, either. These DStv scams have caught-out people across the board. But what do we need to look out for?

The gift card phishing scam
Customers receive an email informing them that they’ve won a cash gift card or huge sums of prize money from a MultiChoice competition. However, targets are then asked to provide personal details in order to claim the prize. It’ll be for a competition you definitely didn’t enter, so please, don’t hand any of your information out.

The “final notice” SMS scam
Some DStv customers have received an SMS claiming to be from DStv demanding payment for a DStv Explora account. It threatens action if payment is not made today and includes banking details. However, the network do not send such crudely-worded communications. You can contact them to find out the status of your account if you feel unsure.

Recruiting for social media jobs
There are dangerous scams disguised as recruitment ads for MultiChoice. One of the most popular ones offers applicants the chance to be driven to an interview. MultiChoice does not offer such a service, under any circumstances. Use the Afrizan website to verify any offers.

The DStv Premiem upgrade scam
Opportunists are contacting customers – via email or telephone- and offering them DStv Premium for a fixed once-off fee per yea, where the customer pays the fee directly to the scammer. Customers are asked to disregard such offers, and they are asked to refrain from letting a third-party upgrade an account for them.

Say no to installation offers
Don’t let your desire for a festive bargain cloud your common sense. If someone offers you a discounted DStv subscription at a once off payment, treat this with suspicion and check it with the network. Anyone offering “free package upgrades” or “free DStv for life” in a cut-price deal will be trying to rip you off.

How to avoid these DStv scams
The network have issued the following statement, advising consumers on how they can stay safe this year:

“There are usually tell-tale signs that can help you spot if something is a scam. Like receiving an email or SMS from us claiming that you’ve won a huge prize for a DStv competition you never entered, and for which you must either pay a fee or verify yourself by sending personal details – sounds too good to be true? It probably is.”

“MultiChoice will never request your personal details via email or SMS – please do not hand over your personal information to anyone claiming to be from DStv. Always check the email address and emails containing spelling and grammatical errors. MultiChoice only use one domain for emails (multichoice.co.za).”

Look out for these five WhatsApp scams

By Jamie McKane for MyBroadband

WhatsApp has become the most prominent messaging platform across many parts of the world, offering a range of features which enable faster and more convenient communication.

The application also boasts impressive security, with end-to-end encryption delivering secure communication.

Due to its high rate of adoption, however, it has also become a targeted platform for scammers and attacks which aim to either compromise the user’s details or infect their device with malware.

The nature of these scams and attacks is constantly evolving, but we have listed five of the most prominent and dangerous scams currently in circulation below.

SIM-swop takeover
SIM-swop fraud is one of the biggest threats to South African WhatsApp users, considering the meteoric rise in the number of cases reported over the last year.

By committing SIM-swop fraud and taking ownership of your number, a user can easily and instantly install WhatsApp on their own smartphone and log in with your account.

The two-factor authentication message will be sent to the number used to log in, which the attacker will now have access to.

From here, they can easily scam your contacts to divulge information or send them money by impersonating you.

This type of attack is also a serious threat to the security of platforms which use SMS two-factor authentication – including many banking apps.

Users should check immediately with their cellphone provider if reception on their cellphone is lost for no apparent reason, as this is the first sign that SIM-swop fraud has been committed.

Verification request
This type of scam is spread through compromised accounts, and usually comes from a known contact who has had their account compromised.

Victims will receive a message from a user in their WhatsApp contact list who asks them to send them their WhatsApp verification code.

If they do this, scammers will have access to everything they need to access the user’s Whatsapp account and will take over their number.

From the compromised profile, scammers will either ask the victim’s contacts for verification codes to access their profile or they will pose as the victim and ask for mobile money payments.

The easiest way to avoid this scam is to never divulge your WhatsApp verification code and be wary about sending your contacts money if they are acting strangely over WhatsApp.

WhatsApp Gold
WhatsApp Gold is a well-known hoax which has been around for years, although it still seems to resurface occasionally and catches out many people.

The scam is a simple phishing attack which comprises hoax messages stating that WhatsApp has launched a new upgraded messaging service called WhatsApp Gold.

Often this premium version is advertised as free and including features such as new themes and free voice calls.

The message contains a link to download the “latest secret update” for WhatsApp Gold, which actually leads to malicious software being installed on the victim’s device.

This malware could do anything from steal your information to spy on your messages and communications.

Avoiding scams like this is easy if you follow best practices and never click on unknown links or download unverified software onto your device.

Phishing with vouchers
This is similar to the WhatsApp Gold scam, but these messages are usually sent from a number impersonating a fake contact.

The message generally states that users have won a free voucher for a local supermarket in return for them filling in a short survey.

However, the link contained in this message goes to a fake website which impersonates the supermarket’s web page.

Once users have entered their details into this website, their information has been compromised and is fed straight to the scammers.

WhatsApp is not the only platform where this scam takes place, as this is one of the most widespread and organised types of scams operating around the world.

Malicious spy apps
During your online browsing or within a WhatsApp message, you may find a link to download a WhatsApp “spy app”.

These applications claim to be able to see what your contacts are saying to each other, along with giving you the ability to intercept their pictures, voice messages, and images.

Of course there is no way to intercept WhatsApp messages in this way as all conversations are end-to-end encrypted.

Instead, these applications usually either install malware on the victim’s device or sign them up to subscription content services which charge exorbitant fees.

It is also important to realise that the Google Play Store is not infallible and can contain many malware-infested “WhatsApp Spy” apps.

Follow us on social media: 

               

View our magazine archives: 

                       


My Office News Ⓒ 2017 - Designed by A Collective


SUBSCRIBE TO OUR NEWSLETTER
Top