Tag Archive for: attorney

Attorney General Todd Rokita warns Hoosiers of new ‘unsubscribe’ scams – WBIW

/in


INDIANA – Even typically savvy consumers are falling victim to a new scam in which they are emailed that they must unsubscribe from free-trial services in order to avoid charges on credit card accounts, Attorney General Todd Rokita warned today.

The new scam is distinctive from others because the email instructs recipients to phone a call center for more information rather than providing links in the text of the message itself. (In some variations of this scam, the fraudsters may phone consumers rather than email them and leave callback numbers.)

Operators at the call center direct callers to a fake company website and lead them through a series of online steps that install dangerous malware onto the victims’ computer systems.

Todd Rokita

“Scammers are constantly becoming more clever and cunning in their tactics,” Attorney General Rokita said. “Our office is committed to making sure Hoosiers are aware and prepared to avoid these kinds of traps.”

Victims are less likely to suspect scams when they are the ones taking the initiative to gather more information, Attorney General Rokita said — such as having to phone a call center.

Further, email messages that contain malware links are often detected by computer security applications. The attackers in this case avoid such detection by leading victims to those links over the phone.

During the conversations, the scammers may ask callers to download a spreadsheet and follow other instructions. When callers say they do not recall ever signing up for any free trial offers, operators often explain that it appears someone else signed up for the offers using the callers’ information.

“The paradox is that these scammers pretend to be helping protect their victims,” Attorney General Rokita said. “In reality, they are preying upon them.”

At the end of the calls, the operators assure callers that nothing will be charged to their credit card accounts. By that time, the unsuspecting victims already have downloaded malware onto their computers that may enable the scammers to remotely control the victims’ computer systems or install ransomware.

Anyone receiving emails such as those described…

Source…

Ransomware attack costs Illinois attorney general's office more than $2.5M – Chicago Tribune

/in



Ransomware attack costs Illinois attorney general’s office more than $2.5M  Chicago Tribune

Source…

Attorney General’s office still locked out of computer systems nearly month after ransomware hack

/in


SPRINGFIELD, Ill. (NEXSTAR) — Top officials at Illinois Attorney General Kwame Raoul’s office still cannot access their email accounts nearly a month after “ransomware” hackers breached their computer systems and threatened to publish sensitive materials unless the state paid a ransom.

According to a statement published on the Attorney General’s website, the hack was first noticed on Saturday, April 10th. Raoul’s office first acknowledged the breach late last week. A spokesperson for his office did not directly answer whether or not they were considering making payments to regain access to the network.

The FBI is already investigating the hacking group known as “Dopple Paymer” for suspected ties to a Russian cyber group.

“I don’t think you should pay,” state representative Jaime Andrade (D-Chicago) said in a Tuesday interview. “Because what happens is they’re just going to come right back at you.”

Andrade sits on the House Cybersecurity, Data Analytics, and IT Committee, and says Illinois struggles to compete with the private sector to attract the best cybersecurity experts.

“In order to get your top, top person, you’re going to have to spend the money, and it’s difficult,” he said.

The Illinois Department of Innovation and Technology is usually tasked with securing state computer systems. In this case, the Attorney General’s office turned to outside consultants for help.

“We do not yet fully have access to the office’s network as we work around the clock to rebuild it, and we are in close contact with outside technology experts and law enforcement to ​understand the full extent and scope of the compromise,” spokeswoman Annie Thompson wrote in an email.

Thompson’s response came from a new email address established after she and other officials in the office were locked out of accessing their accounts. She did not say whether or not the victims whose personal information was stolen in the hack have been notified directly.

“Our ability to provide certain information is limited at this time, as we restore the integrity, security and confidentiality of the office’s computer network and seek to…

Source…

Extent Of Ransomware Hack Of Attorney General Remains Uncertain

/in


CHICAGO — Illinois Attorney General Kwame Raoul’s admitted for the first time this week that his office — which often advises people on ways to protect themselves from identity theft and fraud — had suffered a ransomware attack earlier this month, exposing the personal data of an as-yet-unknown number of residents.



Kwame Raoul wearing a suit and tie: Illinois Attorney General Kwame Raoul said his office was working closely with federal law enforcement and technology experts to figure out how it was sacked and "what we can do to ensure that such a compromise does not happen again."

© AP Photo/Seth Perlman, File
Illinois Attorney General Kwame Raoul said his office was working closely with federal law enforcement and technology experts to figure out how it was sacked and “what we can do to ensure that such a compromise does not happen again.”

Three days after the April 10 discovery of the hack, Raoul issued a statement saying his office’s networks had been compromised to an unknown extent.

Loading...

Load Error

On April 21, several gigabytes of files apparently taken from the attorney general’s office were uploaded to a dark web website called Dopple Leaks, which contains “private data of the companies which were hacked by DoppelPaymer,” a ransomware gang.

“This companies decided to keep the leakage secret. And now their time to pay is over,” the website says. It claims about 200 gigabytes of “confidential information will be progressively uploaded.”

On Thursday, Raoul’s office issued a public notification of the hack, which described the breach as a “ransomware attack that has compromised the office’s network.”

State law requires businesses and institutions to notify residents when their information has been compromised by a data breach, so the attorney general’s office posted a public notice saying officials were unaware what was stolen.

But it noted the hacked material could include the names, addresses, social security numbers, account numbers, health insurance, tax, medical, driver’s license and “other such information as necessary,” according to the notice.

“While we do not yet know with certainty what was compromised in the ransomware attack, we are working closely with federal law enforcement authorities and outside technology experts to determine what information was exposed, how this happened, and what we can do to ensure that such a compromise does not happen again,” Raoul said in the…

Source…