Vor einigen Jahren habe ich einem Kunden einen Bericht von einem Einsatz geschickt, seit dem bekomme ich immer wieder Phishing und Virenemails, die den Text der E-Mail von damals enthalten. Meisten dann mit einem Anhang, ich meine fast immer eine HTML Datei.

Ich gehe davon aus, dass die E-Mail tausendfach in der Welt unterwegs ist.

Schönes Beispiel für #Phishing und dafür, dass ein kompromittiertes System beim Empfänger auch für den Absender einen Schaden verursachen kann, hier ggf. ein Imageschaden für meinen Arbeitgeber.

Toll ist auch, dass der Kunde nach einem Hinweis von mir meinte das Problem kann nicht mit ihm zu tun haben, klar mein damaliges #Linux #Mint könnte auch nen Datenabfluss, #Trojaner oder #Virus gehabt haben, aber das ist doch eher unwahrscheinlich.

Phishingadvarsel: Santander Consumer Bânk

Denne dukket opp i en av epost-honningfellene mine i dag:

Date: Tue, 07 Mar 2023 09:09:41 +0100

From: Santander Consumer Bânk <host[at]awa.cmschamps.com>

To: ******@***********.***

Subject: Siste påminnelse!

Kjære herr/fru,

Vi bekrefter herved sperringen av ditt nåværende Santander-kredittkort. Vi

har sperret ditt nåværende kredittkort fordi du ikke ble identifisert på nettet.

Du må identifisere deg på nettet for å kunne bruke ditt nåværende kredittkort

igjen.

Merk: identifiserer du deg ikke? Avtalen(e) du har med Santander vil bli

kansellert innen 14 dager etter denne e-posten. Du vil ikke lenger kunne

bruke kredittkortet ditt.

[Klikk her for å identifisere deg på nettet.]

Med vennlig hilsen,Santander

Som vanlig, ikke klikk!

Slett eposten uåpnet om du kan.

I dette tilfellet vil den sende deg via noen omveier til hxxps://santander-consumer[.]sappho[.]gr/santander/login/?873cd4749403aa850a5f68c14f392ce3#bankid som vil utgi seg for å være innlogging til Santander Consumer Bank, og be deg om å oppgi din BankID.

Denne eposten er selvfølgelig ikke fra Santander noe som helst. Legg merke til avsenderadressen og "hatten" over bokstaven a i "Bânk".

#svindel #phishing #norsk #norge

Digitaler Workflow
So nennen sich das Konstrukt, welches gebastelt wurde, um ohne viel Aufwand die bürokratischen Anwendungen an den Mitarbeiter zu bringen - der dann eben die Arbeit und den Ärger hat.
Das funktioniert bei uns so: Ein PDF-Formular wird vom Mitarbeiter ausgefüllt und dann per Schaltfläche via Mail an den Vorgesetzten gesendet, der das dann von seiner Mail-Addi (anstatt Unterschrift) via Button weiterleiten kann.
Manche werden sich schon denken: "WTF?!?". Ja, genau! Das ist nicht nur ein tolles Target für #Phishing, sondern einfach nur insgesamt kompletter Bockmist, den sich nur jemand aus einer Verwaltung ausdenken kann.

Phishingadvarsel: Falsk epost fra Spotify Premium

Det ramlet inn en epost fra "Spotify Premium" med emne "We are unable to process your payment." til en av mine epost honningfeller i dag.

Eposten er falsk, ikke klikk på noen av lenkene i den, og la helst være å åpne den.

#phishing #svindel #spotify #norge #norsk

Internet

I'm really annoyed by the #Internet of today:

• #Trackers and #data #collection everywhere
• #JavaScript-heavy #Web #applications instead of document-oriented #websites
• No #JavaScript most often translates to an empty page with a single sentence: "Please activate JavaScript"; the page content however is often nothing that actually requires JavaScript, the website creators just want to feel like actual #application #developers, so they re-build much of what the #browser already supplies with #inefficient and #bug heavy JavaScript code
• Content almost always behind a #login wall
• More often than not only very superficial #information
• #Ads
• Thousands of 3rd party JS files included, most of which have the only purpose of tracking you across websites
• #Misinformation and #biased #information everywhere
• Deliberately misleading advertisment, sich as "save 80% now", and artificial time pressure)
• "Best viewed on #Google #Chrome"
• "Login with Facebook"
• Newsletter subscription and cookie pop-ups featuring #dark #patterns
• #Search #engine #optimization ( #SEO ) acts in the worst interest of the user by skewing search results
• Artificial restriction of web #app functionality to promote their native apps
• Large parts of the Web are only accessible by #smartphone
• You have to provide your #phone #number to login
• If you didn't provide a phone number, your account is being blocked right after the initial login because we suspect you being malicious actor because why not (=> #Instagram, #Facebook)
• #Proprietary #platforms are required to participate in public #online life (Amazon, Google, Facebook, Instagram, Twitter, YouTube)
• One-sentence-paragraphs and sloppy language (especially found in #Medium #articles)
• "We care about your #privacy" actually means: "We were forced by law to do this shit, we just want to collect and store as much information on you as possible to make money off of you now or in an undescript future"
• JavaScript code minimizer
• Large font sizes, much whitespace, large illustrative, but useless images, HD screen required to browse most websites
• Lack of #government #regulation and #law #enforcement, too many malicious actors (#spam, #phishing, etc.)
• Emotional content to increase #interaction, #clickbait

Once being an open platform geared towards information exchange and bringing people into contact, most of the public Internet today is nothing but annoying useless #marketing, #advertising and #data #collection. Providing information, connecting people, and making life convenient is definitely NOT the primary goal of whoever is big on the Internet today. It's shocking to see how much of it is only to sell you stuff or to sell your information.

And the worst is: we are even paying them to do this shit. #Marketing spending will be reflected in product prices, and with much of marketing being done in 1st world countries, a substantial amount of the price goes into this destructive industry.

I could go on with this for hours. Really sick of it.

Do not fall for this dangerous Amazon shopping scam

"Like a dog spotting a squirrel, I can't help but notice when a fresh text pops up on my iPhone. The little gray notification catches my eye and I'm instantly pulled away from the task at hand. Plus, this one looked important. It was, but only because it helped me identify a very dangerous and pernicious, Amazon shopping scam."

#technology #tech #security #privacy #hacking #malware #phishing #shopping #Amazon

https://www.techradar.com/news/do-not-fall-for-this-dangerous-amazon-shopping-scam

Do not fall for this dangerous Amazon shopping scam

That text is a lie

Phishingadvarsel

Fikk en epost fra "IT-AVDELINGEN FOR SPOR OG TEKNOLOGI" med adresse politietkripos0 [at] gmail.com. Det er forhpåpentligvis unødvendig å så, men slett denne uåpnet, det er svindelpost.

#phishing #infosec #norge #norsk

Bei uns in der Firma gibt es regelmäßig #Phishing Awareness Tests, also sie schicken einem E-Mails wie Phishing. Wenn man die Links anklickt bekommt man paar Tage später eine Einladung zum IT Sicherheitskurs. Wollte mal wissen was passiert und ob die Links personalisiert sind, deswegen im Torbrowser geöffnet. Sind personalisiert.

Fazit, wenn man die Kackmails alle 8 Wochen bekommt nervt es.

Un bilan de l'attaque informatique contre Manutan

Sur les sujets de sécurité informatique, j'ai la sinistre sensation que les entreprises ne peuvent comprendre les enjeux après qu'elles ont été l'objet d'une attaque systémique. La cas Manutan ne semble pas déroger à la règle !

#Ransomware #Cryptolocker #Sauvegardes #Rsyslog #Logs #DNS #Bloqueurs #Proxy #Blacklists #Manutan #Cybersécurité #Phishing #Hammeçonnage

Un bilan de l'attaque informatique contre Manutan - Denis Szalkowski Formateur Consultant

Sur les sujets de sécurité informatique, j'ai la sinistre sensation que les entreprises ne peuvent comprendre les enjeux après qu'elles ont été l'objet d'une attaque systémique. La cas Manutan ne semble pas déroger à la règle !

How a Teenaged Hacker Pulled Off a $24 Million Crypto Heist | Rolling Stone

Ellis Pinsky was a regular suburban teenager until he found his way into the underworld of internet hackers. In his first interview, he details the crime that nearly ruined his life

A long but interesting read if you're into tech.

#technology #tech #internet #cybercrime #crime #hacking #security #phishing #bitcoin #altcoin #interesting

https://www.rollingstone.com/culture/culture-features/crypto-heist-teenage-hacker-ellis-pinsky-1367400/

How 'Baby Al Capone' Pulled Off a $24 Million Crypto Heist

Ellis Pinsky was a regular suburban teenager until he found his way into the underworld of internet hackers. In his first interview, he details the crime that nearly ruined his life

Hermit spyware is hijacking Android devices and iPhones — how to spot it before you're next | Laptop Mag

Watch out! A malignant malware threat is targeting both Android and iOS devices. Lookout, the security firm that first discovered the bug, dubbed it Hermit spyware, which is a bit of a misnomer. Why? Well, it's far from reclusive. It's designed to be intrusive, hijacking phones and wreaking havoc on devices.
According to Google's Threat Analysis Group (TAG), the malevolent actors behind Hermit spyware attack seemingly have their crosshairs on users in Italy and Kazakhstan — for now. To hamper its spread, we'll show you how Hermit spyware manifests, so you can spot it from a mile away.

#technology #tech #security #privacy #hacking #malware #phishing #Apple #iPhone #Google #Android #smartphone

https://www.laptopmag.com/news/hermit-spyware-is-hijacking-android-devices-and-iphones-how-to-spot-it-before-youre-next

Hermit spyware is hijacking Android devices and iPhones — how to spot it before you're next

This malware pretty intrusive for a hermit

Apple and Android phones hacked by Italian spyware, says Google | Hacking | The Guardian

Report claims Milan-based RCS Lab developed tools to spy on private messages and contacts of targeted devices

#technology #tech #security #privacy #hacking #malware #phishing #Italy #Kazakhstan

https://www.theguardian.com/technology/2022/jun/23/apple-and-android-phones-hacked-by-italian-spyware-says-google?CMP=fb_a-technology_b-gdntech

This Linux botnet has found a novel way of spreading to new devices | ZDNet

Panchan malware is spreading across networks via Linux servers to mine cryptocurrency.

#technology #tech #security #privacy #hacking #malware #phishing #Linux #Panchan

https://www.zdnet.com/article/this-linux-botnet-has-found-a-novel-way-of-spreading-to-new-devices/

This Linux botnet has found a novel way of spreading to new devices

Panchan malware is spreading across networks via Linux servers to mine cryptocurrency.

Symbiote: A Stealthy Linux Malware Targeting Latin American Financial Sector | The Hacker News

Cybersecurity researchers have taken the wraps off what they call a "nearly-impossible-to-detect" Linux malware that could be weaponized to backdoor infected systems.
Dubbed Symbiote by threat intelligence firms BlackBerry and Intezer, the stealthy malware is so named for its ability to conceal itself within running processes and network traffic and drain a victim's resources like a parasite.

#technology #tech #security #privacy #hacking #malware #phishing #Linux

https://thehackernews.com/2022/06/symbiote-stealthy-linux-malware.html

US military hackers conducting offensive operations in support of Ukraine, says head of Cyber Command | Science & Tech News | Sky News

In an exclusive interview with Sky News, General Paul Nakasone confirmed for the first time that the US had "conducted a series of operations" in response to Russia's invasion of Ukraine.

#technology #tech #security #privacy #hacking #malware #phishing #Ukraine #politics #Russia #Putin #UkraineInvasion #UkraineWar #SolidarityWithUkraine #StandWithUkraine

https://news.sky.com/story/us-military-hackers-conducting-offensive-operations-in-support-of-ukraine-says-head-of-cyber-command-12625139

US military hackers conducting offensive operations in support of Ukraine, says head of Cyber Command

In an exclusive interview with Sky News, General Paul Nakasone confirmed for the first time that the US had "conducted a series of operations" in response to Russia's invasion of Ukraine.

Noen som har fått epost fra Spotify om at de har problemer med å å ta betalt for premiumabonnementet ditt? Ikke klikk på lenken!

Dette er enda en i rekken av opportunistiske phishingangrep. Dobbelsjekker du avsenderadressen er den nesten riktig: no.reply@spotfymail.com (Legg merke til at det mangler en ì` inni der!)

Lenken fører deg selvsagt ikke til spotify, men til en side kontrollert av de som står bak kampanjen.

Som alltid, vær forsiktig. Ikke klikk på lenker i epost,selv om de kan se legitime ut.

#phishing #spotify

‘Think Before You Link’: app launched to help social media users detect fake profiles | Cybercrime | The Guardian

A mobile phone app has been launched that will help social media users to detect fake profiles and speed up their removal.
The Think Before You Link app will help people to spot characteristics of fraudulent profiles used by spies and other malicious actors, according to the Cabinet Office and the Centre for the Protection of National Infrastructure.

The app isn't called Think Before You Link. That's the name of the awareness campaign. The app is called CPNI, at least in the Apple App Store. But before you install it you should know a couple of things:

1. The Centre for the Protection of National Infrastucture (CPNI) is answerable to MI5, the British Security Service.
2. The app requires your name, email address, phone number, and your physical address.

#UK #technology #tech #security #privacy #hacking #malware #phishing #MI5 #CPNI

https://www.theguardian.com/technology/2022/may/17/think-before-you-link-app-launched-to-help-social-media-users-detect-fake-profiles

cyber it-security news - DKB phishing fake mails AND sms - software minimalism is data protection is privacy is key (36% of Android Apps build with Yandex SDK?)

how much is the phish? The phone-system but also the E-Mail system, are amongst the oldest, digital systems still in use today (the first E-Mail was send 1971). Unfortunately both systems - back then - were not designed with security in mind.[...]

#linux #gnu #gnulinux #opensource #administration #sysops #cyber #itsec #cybersec #itsecurity #dkb #bank #banking #phishing #phish #yandex #sdk #privacy

Originally posted at: https://dwaves.de/2022/05/10/cyber-it-security-news-dkb-phishing-fake-mails-and-sms-software-minimalism-is-data-protection-is-privacy-is-key-36-of-android-apps-build-with-yandex-sdk/

cyber it-security news - DKB phishing fake mails AND sms

how much is the phish? The phone-system but also the E-Mail system, are amongst the oldest, digital systems still in use today (the first E-Mail was send 1971). Unfortunately both systems - back then - were not designed with security in mind.[...]

#linux #gnu #gnulinux #opensource #administration #sysops #cyber #itsec #cybersec #itsecurity #dkb #bank #banking #phishing #phish

Originally posted at: https://dwaves.de/2022/05/10/cyber-it-security-news-dkb-phishing-fake-mails-and-sms/

Phishingadvarsel

Fikk nettopp en epost til en av honningkrukkekontoene mine med emnefelt "Enhetsregistreringen din utløper snart". Utgir seg for å være fra Nordea. Det er den ikke. Ikke åpne, ihvertfall ikke klikk.

#phishing #svindel #norsk #norge