LinkedIn Phishing Scam | Malware

New LinkedIn Phishing scam

Receiving a LinkedIn message from a recruiter offering you the job of a lifetime may sound like a dream, but for victims of the new Ducktail malware, it can quickly turn into a nightmare.

Cybercriminals are ramping up their impersonation game, posing as HR talent scouts on LinkedIn to trick professionals into downloading dangerous software. To avoid losing control of your valuable data, you’ll need to be on the lookout for this new scam.

Are you dealing with a recruiter or a cybercriminal?

LinkedIn  has become the go-to social network  for professionals around the world, with 9 million registered profiles in South Africa. Naturally, recruiters have been keen to use this platform to reach out to suitable job candidates – and some of their overseas offerings can be very attractive.

Receiving a message asking you to consider a lucrative  job offer is always exciting. Unfortunately, online bad actors are jumping on the opportunity to defraud and steal data from prospective jobseekers.

A new scam on LinkedIn has seen professionals in several countries in Africa and the Middle East targeted by fake recruiters, losing control of their Facebook business accounts in the process.

  • The first step in the scan is always a LinkedIn message from someone posing as an HR specialist. The contents of the email will usually refer to a great job opportunity – most recently with a fashion brand in a desirable international city.
  • Once a job candidate shows interest by replying to the phishing message, the cybercriminal will usually reply and include a link which looks like it leads to an online application form. In reality, clicking on this link will download the Ducktail malware onto their device.

Victims of Ducktail soon discover that their Facebook business accounts have been hijacked, with customer data including credit card and banking details being prime targets.

Always verify before you share your details

If you receive a recruiting message on a platform like LinkedIn, it’s essential to make sure that the person who sent it is legitimate.

  • Cross-checking the recruiter’s identity on their company website is one way of verifying their identity.
  • For local recruiters, calling them on the number provided on the website – and not the number in the email – is a sure way to find out whether you are speaking to the genuine person or an imposter.

Malware, ransomware, and other types of cybercrime are a major risk for every business and professional.

Keeping your data safe with our range of secure cloud storage packages. It’s your virtual insurance policy against cybercriminals.

 

Common WhatsApp scams | Mobile Apps

Most common WhatsApp scams – How to avoid them

Millions of people use WhatsApp to communicate every day, but recently, users of  this essential app have been falling prey to scammers. The latest scams vary from promises of a weekly return on a specified donation to notification of the death of a family member who’s bequeathed their life savings to you.

Here’s how you can protect yourself from the latest WhatsApp message scams.

getting the message on WhatsApp: beware of fraudsters

You probably receive dozens, if not hundreds, of WhatsApp messages every day, and you’ll likely agree that the app makes your business and personal life much easier to manage. But what about the strange messages we all seem to get from unknown numbers from time to time?

  • Whenever you receive a WhatsApp message from a number you don’t know, the best thing to do is proceed with caution.
  • Unless you’re expecting a message from a new contact or a friend living overseas, you should verify the sender’s identity before responding to the message.
  • Make use of the convenient WhatsApp feature that lets you decide whether to block new contacts or accept their messages.

is someone  in trouble – or has their WhatsApp been hacked?

It’s easy enough to filter out fraudulent WhatsApp messages sent from strange numbers, but what about a message that seems to be from a friend or relative requesting financial help?

In situations like this, our first instinct is to help the person, but if their WhatsApp account has been hacked, the money you send them will go straight into the hands of criminals.

  • If you receive a message from a friend, relative or colleague requesting financial assistance because of an emergency, call them right away and verify that the message actually came from them.
  • This will put your mind at ease and will also alert them to the possibility that their WhatsApp account has been compromised.

if it sounds too good to be true, block the number

Lately, a common WhatsApp scam has been doing the rounds. It involves sending a congratulatory message to unsuspecting users telling them that they won a prize or lottery draw. This scam has a lot in common with email and phishing scams and while most of us wouldn’t reply to this type of message in an email, people are more likely to fall prey to these scams in a WhatsApp message.

If you receive a WhatsApp message bearing an offer or “good” news that’s just too good to be true, block the sender and count yourself lucky: you’ve just avoided having your smart phone hacked.

Other WhatsApp scams to be on the alert for are crypto and trading scams – usually from people you don’t know, promising you a great return on a new trading platform.

Store scams have been around for a while but a fake Woolworths or Takelot voucher, usually forwarded to you by someone you know who’s fallen prey to the scam, can dupe even the most cautious of us.

be alert for all scams and backup your data

Being alert is an essential part of life in South Africa, both for your personal wellbeing and your data security. Keeping your personal data safe is another essential part of a safe modern life. Our range of cloud storage solutions will help you keep your personal and business information safe and encrypted in the cloud.

Beware Holiday Shopping Scams | Cybercrime

Better Watch Out – Better Beware… of Holiday Cybercriminal Scams

The festive season is here again and it’s almost time to take a well-deserved  break. Unfortunately, cybercriminals never seem to take a day off – and that means we all need to be extra alert to holiday shopping scams in December and January.

Before you pack up for the holidays, it’s essential to make sure that your data security is as tight as possible.

Let’s take a look at some of the most common holiday scams you’ll encounter online and how to avoid them.

be careful what you phish for

Phishing scams have become so common that it almost seems like a cliché to fall victim to one – and yet so many of us still do.

Scammers take advantage of year- end sales and Christmas specials to send fraudulent emails to unsuspecting people and businesses at this time of year.

If you’ve received tons of promotional emails in the past few weeks, you can imagine how easy it might be for an unsuspecting victim to open one of these, love what they see in the cleverly produced images, and click on a link that leads to a dangerous URL.

  • There are options when it comes to avoiding this type of scam: either make sure that the emails you open really come from a well-known company or don’t open them at all.
  • You can just as easily browse your favourite e-commerce website and see what Christmas and New Year’s specials they have to offer.

did I really order that?

If you see an order confirmation or delivery email pop up in your inbox in the next few weeks, you’ll you want to check carefully and make sure that you haven’t been the victim of a scam.

This time of year is the season for packages and deliveries, especially now during the pandemic. That means that you are probably expecting to hear from various courier companies, especially as Christmas approaches. Scammers rely on this fact to fool their victims into opening fraudulent emails and the results could spoil your Christmas and New Year entirely.

To protect yourself, make sure that the email is from a legitimate address and contains your personal details as well as the order number you received when you purchased your goods.

When in doubt, it’s always a good idea to contact the courier directly by phone and confirm that the correspondence is legitimate.

avoiding the holiday shopping scams grinch

Make your online holiday shopping merry and bright rather than dark and dreary by sticking to a couple of basic rules:

  1. Keep a watch over your spending and spend – try to stick to using only one credit card online, in this way you’ll be able to see exactly what you’ve spent at a glance, and keep tabs on any unusual activity on your card.
  2. Make sure that the sites you use are encrypted and if you are shopping online in a public space – lock down your devices and online accounts before you start to shop. If you are really concerned about the public connection rather use the connection on your smartphone.
  3. Update your operating systems and use 2 factor authentication wherever possible.

Cloud storage is the gift that keeps on giving

By taking the right precautions, you’ll increase your chances of a safe and stress-free festive season. For added peace of mind, our range of secure cloud storage options will help make sure that your business information is kept safe in 2022 and beyond.

Operation Falcon Cracks Major Phishing Ring – How Phishers Phish

A year-long investigation dubbed, Operation Falcon, jointly run by INTERPOL and Group-IB working closely with the Nigeria Police Force, was tasked with identifying and locating cybercrime threats. The task force spent a considerable amount of time trying to deactivate a massive phishing ring that has targeted over 50 000 victims in a major global scam. The scam unleashed a whopping 26 different malwares, wreaking havoc and bringing people and corporations to their knees.

The ‘ring’ includes a group of Nigerian nationals who have been working hard to infiltrate the systems of individuals and organisations. They would then launch scams to siphon funds out of the victims’ accounts.

Among the victims were private-sector companies as well as government departments in over 150 countries. The group, which is aptly being called a “gang” has been operating this phishing scam since as early as 2017.

how phishers phish

Much was learned from observing and monitoring this latest phishing bust as to exactly how cyber-criminals bo about the process. Phishing isn’t a new concept, but many people still don’t understand how they end up falling for a phishing scam.

The reality is that phishing scams have become far more professionally managed in recent years.

The key to dealing with phishing scams is in understanding how they work.

First and foremost, these gangs don’t simply attempt to impersonate a company executive or a person that someone within the company will trust…they fully immerse themselves into the process. They learn everything they can about the company’s communication styles, the vendors they use, the billing system practices that they follow and a great deal of other information that you would only expect a trusted individual to know.

And then they use that information to make a very believable impersonation. Everything about the communication a targeted victim receives seems legitimate and that’s why they fall for it. They end up providing sensitive information or clicking on a malicious link or attachment without ever questioning the authenticity of the mail.

don’t get caught out by a phishing scam

Be alert, always. It’s all too easy to accept a mail from a manager or colleague and click on the links provided or share sensitive information because you “know” them. Keep in mind that sensitive information should never be shared online and unless you are expecting a specific document or information from someone, never trust a link or attachment without first verifying the sender.

With the New Year approaching, now is the time to take a look at your current security measures to see where you can improve on them. Be alert and aware – phishing scams are undoubtedly on the rise.