Scam target’s Google Gmail users with Google Doc as lure

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

Orga­ni­za­tions that use Google for email, as well as thou­sands of per­son­al Gmail cus­tomers, are report­ing a scam that starts with an email from a known con­tact, which says that the per­son has shared a Google Doc. Recip­i­ents are asked to click the link to open, which redi­rects them to a legit­i­mate Google sign-in page, where they’re prompt­ed to select one of their Google accounts, and then to autho­rize a legit­i­mate-look­ing app called “Google Docs” to man­age emails. Once the app has per­mis­sion to man­age email, it secret­ly sends emails to all con­tacts, with the same phish­ing link. Per­son­al and busi­ness email accounts are com­mon­ly used as the recov­ery email on a num­ber of dig­i­tal accounts, which means that hack­ers could get con­trol of Apple, Ama­zon, Face­book, Twit­ter or per­son­al Google accounts. Any­thing linked to a com­pro­mised Gmail account is poten­tial­ly at risk. “We have tak­en action to pro­tect users against an email imper­son­at­ing Google Docs, and have dis­abled offend­ing accounts,” Google said in a state­ment. Sources: BGR.com; Moth­er­board

Drug store tech accused of stealing clients’ identities

A phar­ma­cy tech­ni­cian faces numer­ous counts of iden­ti­ty theft after he was accused of steal­ing cred­it card infor­ma­tion from cus­tomers at a Nashua, N.H., CVS. Police say Boun­hange Tang took pho­tos of cred­it cards from 20 cus­tomers at the phar­ma­cy, then looked up the cus­tomers’ address­es in the CVS com­put­er sys­tem. He then used the infor­ma­tion to order items online and resell them, police said. Source: Fox News

IT managers in federal government see frequent breaches

Forty-two per­cent of high-lev­el fed­er­al IT man­agers sur­veyed report­ed a data breach in the past six months. Accord­ing to the sur­vey released by cyber­se­cu­ri­ty com­pa­ny BeyondTrust, one in eight said their sys­tems weath­ered a data breach in the past 30 days. The sur­vey of senior fed­er­al IT man­agers found that respon­dents sin­gled out appli­ca­tion vul­ner­a­bil­i­ties, nation-state attacks and mal­ware as the top secu­ri­ty threats. Source: The Hill

IRS agent indicted in case of theft of taxpayer identities

A grand jury in Geor­gia indict­ed an Inter­nal Rev­enue Ser­vice employ­ee on charges of steal­ing tax­pay­ers’ iden­ti­ties and fil­ing for tax refunds with their names. Stephanie Park­er had access to tax­pay­ers’ Social Secu­ri­ty num­bers, dates of birth and oth­er per­son­al infor­ma­tion. The indict­ment alleges that she exploit­ed her job at the IRS to steal the infor­ma­tion, which she then used to file tax returns. She alleged­ly direct­ed the refunds she obtained into var­i­ous bank accounts. Source: Account­ing Today

Ransomware attacks go after small businesses

Small busi­ness­es are grow­ing as the favored tar­gets for ran­somware attacks, with 60 per­cent shut­ting down with­in six months of a breach, accord­ing to the Nation­al Cyber Secu­ri­ty Alliance. This increase of attacks on SMBs could in part be attrib­uted to a false sense of cyber­se­cu­ri­ty con­fi­dence with­in small busi­ness­es. The real­i­ty is, when ran­somware comes in, it can ruin a small com­pa­ny. Source: CSO

Researchers hack industrial robots, leading to fears of bad parts

Researchers from Trend Micro and Politec­ni­co di Milano demon­strat­ed how indus­tri­al robots can be hacked by remote­ly con­trol­ling a robot­ic arm. The impact could be sig­nif­i­cant, because if an entire factory’s out­put is wast­ed because robots had been secret­ly tweaked to pro­duce faulty goods, mil­lions could be lost. Worse, parts for planes or cars could be changed as to become dan­ger­ous if put out into the real world. Source: Forbes

Sabre says payment, client information could be exposed

Trav­el indus­try giant Sabre dis­closed what could be a sig­nif­i­cant breach of pay­ment and cus­tomer data tied to book­ings processed through a reser­va­tions sys­tem that serves more than 32,000 hotels and oth­er lodg­ing estab­lish­ments. Sabre said it was “inves­ti­gat­ing an inci­dent of unau­tho­rized access to pay­ment infor­ma­tion con­tained in a sub­set of hotel reser­va­tions processed through our Hos­pi­tal­i­ty Solu­tions SynX­is Cen­tral Reser­va­tions sys­tem.” Source: Krebs on Secu­ri­ty

Hacker releases ‘Orange’ episodes, says he has more shows

A hack­er who claims to have stolen unre­leased tele­vi­sion shows from sev­er­al major net­works shared the com­ing sea­son of the Net­flix series “Orange Is the New Black” after the per­son said the stream­ing ser­vice failed to meet its ran­som requests. The breach appears to have occurred at the post-pro­duc­tion com­pa­ny Lar­son Stu­dios. The hack­er or hack­ers, who go by the name “thedark­over­lord,” also claim to have stolen unre­leased con­tent from ABC, Fox, Nation­al Geo­graph­ic and IFC. Source: The New York Times

Response to denial of service attacks slows

Pub­lic and pri­vate orga­ni­za­tions glob­al­ly are get­ting slow­er at detect­ing and respond­ing to dis­trib­uted denial of ser­vice attacks as they become larg­er and more com­plex, new research shows. More than half of orga­ni­za­tions sur­veyed in a glob­al study released by infor­ma­tion ser­vices firm Neustar report­ed tak­ing three hours or more to detect a DDoS attack on their web­sites in the past year. Forty-eight per­cent said that they take at least three hours to respond to such an attack. Source: The Hill

Eastern European hacker group could give restaurants indigestion

A sophis­ti­cat­ed hack­ing group with sus­pect­ed ties to cyber crime gangs oper­at­ing in East­ern Europe is active­ly tar­get­ing and breach­ing promi­nent brand-name restau­rants in the Unit­ed States. A breach suf­fered by Chipo­tle was car­ried out by hack­ers linked to a group known as FIN7 or Car­banak Group. The hack­ers appear to be tar­get­ing nation­al restau­rant fran­chis­es. More than 20 U.S.-based hos­pi­tal­i­ty com­pa­nies have been hacked by FIN7 since sum­mer 2016, two cyber­se­cu­ri­ty researchers said. Source: Cyber Scoop

False sites pretend to be linked to British banks

Domain­Tools uncov­ered 324 fake web­sites that appeared to be owned by five major U.K. banks, but were not. Researchers found 110 fake HSBC sites, 74 fake sites each for Bar­clays and Stan­dard Char­tered, 66 for Natwest and 22 for Lloyd’s. Out of the 324 domains that were iden­ti­fied as high risk and owned by third par­ties instead of the banks, some exam­ples includ­ed hsbc-direct.com, barclaya.net, lloydstsbs.com, natwesti.com and standardcharterd.com. Source: SC mag­a­zine

Breach leads to harsh lesson for IRS, Department of Education 

Law­mak­ers grilled infor­ma­tion secu­ri­ty offi­cers at the Depart­ment of Edu­ca­tion and IRS over a data breach of an infor­ma­tion-shar­ing tool that poten­tial­ly exposed the per­son­al infor­ma­tion of 100,000 Amer­i­cans ear­li­er this year. The IRS’s Data Retrieval Tool is used by stu­dent loan appli­cants to import tax infor­ma­tion to the Free Appli­ca­tion for Fed­er­al Stu­dent Aid on the Depart­ment of Education’s web­site.  IRS Com­mis­sion­er John Kosk­i­nen revealed that as many as 100,000 tax­pay­ers may have had their per­son­al infor­ma­tion com­pro­mised. Source: The Hill

Health care sector continues to be a frequent target

A record-break­ing 328 health care busi­ness­es report­ed data breach­es in 2016, sur­pass­ing the record of 268 set one year pri­or, accord­ing to the Bit­glass 2017 Health­care Breach Report. Health care records of about 16.6 mil­lion Amer­i­cans were exposed due to hacks, lost or stolen devices, unau­tho­rized dis­clo­sure, and oth­er activ­i­ty. Source: Dark Read­ing

Immigration services owner jailed for using customer data in tax scam

The own­er of an immi­gra­tion ser­vices busi­ness was sen­tenced to two years in prison for an iden­ti­ty theft scheme that involved fil­ing a fraud­u­lent tax return involv­ing the iden­ti­ties of for­mer clients. Ilie Zdra­gat found­ed Immi­gra­tion Visa Ser­vices Orga­ni­za­tion, which helped clients with asy­lum and cit­i­zen­ship appli­ca­tions, depor­ta­tion pro­ceed­ings and oth­er immi­gra­tion-relat­ed mat­ters. Accord­ing to the plea agree­ment, Zdra­gat and anoth­er indi­vid­ual filed a false 2011 income tax return using the names and per­son­al infor­ma­tion of three for­mer clients. Source: The Sacra­men­to Bee