Weekly Security Roundup with Clinton Pownall

By Clinton Pownall
 President & CEO
 Computer Business

Beware of Links Offering Updates on the COVID Vaccine. Earlier I wrote about how nation-state actors including Russia and North Korea have attempted to steal data from vaccine manufacturers. Now that the first vaccines have been released, cyber criminals are trying to trick users into clicking on vaccine-related links. TechRepublic offers this example: “In another campaign, the email touts the subject line of ‘pfizer’s Covid vaccine: 11 things you need to know’ (in English and Spanish) and includes an executable file named ‘Covid-19 vaccine brief summary.’ Clicking on this file triggers the nasty malware called Agent Tesla, a Remote Access Trojan that acts as a keylogger and infostealer. Once employed, Agent Tesla can monitor and steal input from the keyboard and clipboard, take screenshots, and capture credentials from such programs as Google Chrome, Firefox, and Microsoft Outlook.”

Spammers Getting Better at Impersonating Bankers.Some used to make fun at the poor English used by some phishing attempts, but unfortunately cyber criminals and other bad actors are becoming more convincing. The Bitdefender Antispam Lab reports that spammers are getting better at impersonating banking services, including use of a bank’s logo and mimicking the layout and language used in their actual correspondence. The report includes screen shot examples. One helpful reminder from the Lab report: “Most of the spam messages transmit a sense of urgency, asking users to quickly either share personal or financial information, download a document or attachment, or click on links to resolve a security issue.” When it comes to banking . . . or any other request that comes via e-mail . . . don’t be rushed, and be sure to verify.

K-12 Schools Warned of Increasing Cyberattacks.As if our kids (and their parents) didn’t have it hard enough trying to go to school virtually during the pandemic, kindergarten through 12th grade distance learning is under attack by cyber criminals and other bad actors. This news comes via a Joint Cybersecurity Advisory from the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC). The Advisory notes: “According to MS-ISAC data, the percentage of reported ransomware incidents against K-12 schools increased at the beginning of the 2020 school year. In August and September, 57% of ransomware incidents reported to the MS-ISAC involved K-12 schools, compared to 28% of all reported ransomware incidents from January through July.”

Phishing Fraudsters are Accelerating for the Holidays. We all keep reading about online shopping breaking new records as we head into the holidays while the world is still very much in pandemic mode. Cyber criminals and other bad actors are taking advantage of the situation—using phony offers from legitimate retailers to trick consumers into clicking on links that download malicious software. CIO.com, reporting on the threat, writes: “Most companies have security plans in place to defend from phishing attacks against employees, but they don’t have an action plan for the consumer side.”

‘Scalper’ Bots Beating Consumers to the Most Popular Products. Automated “scalper” bots are snapping up some of the most sought-after Christmas gifts—angering consumers and frustrating manufacturers, according to a report in Tech News World. The article quotes a security expert as describing the attacks this way: “They set up fake accounts that browse product pages and execute checkouts to increase their chances of success. Then, after they’ve snapped up the best inventory, it is sold at inflated prices on third-party sites or sketchy secondary markets.” Security experts have seen a shift in targeting. The article quotes a Forrester Research analyst as saying: “Pre-pandemic, common items of value targeted by bots were sneakers and theatre tickets. Early in the pandemic, when hand sanitizer was at a premium, bots hoarded that.” The Forrester analyst, speaking to the reputational damage of frustrating consumers, suggests: “If I were Sony, I’d be reluctant to allocate as much of the next big gaming system to retailers that couldn’t demonstrate their ability to block the bots.”

Microsoft Reports on Attacks that Insert Phony Ads in Browsers. Microsoft has issued a warning about a new form of attack against browsers—called Adrozek, a form of malicious software that can act against multiple browsers. Microsoft reports that Adrozek works by changing browser settings to insert additional, unauthorized ads into web pages. Microsoft explains the cybercriminal motivation this way: “The intended effect is for users, searching for certain keywords, to inadvertently click on these malware-inserted ads, which lead to affiliated pages. The attackers earn through affiliate advertising programs, which pay by the amount of traffic referred to sponsored affiliated pages.” The company also notes: “Microsoft Defender Antivirus, the built-in endpoint protection solution on Windows 10, blocks this threat using behavior-based, machine learning-powered protections.”

Clinton Pownall is the President & CEO of Computer Business Consultants and has been in the IT field since 1990. Pownall served in the U.S. Navy for six years as a Weapons Systems Technician and has a Bachelor of Science in Computer Engineering. Through Computer Business, he was one of the first to pioneer VoIP technology using satellite communications. Pownall serves on several boards and committees and has a strong affiliation with various education groups, local school districts, and served in regional efforts of the Bill & Melinda Gates NextGen Foundation. He serves as a Vice President of the Board of Director for the Orlando Shakes Theater and is heavily involved in the South Lake Chamber of Commerce, West Orange Chamber of Commerce, and the Orlando Economic Partnership.