Tag Archive for: delete

Delete Temu app because it’s not worth the risk:

/in


Temu is a popular shopping app in the U.S., but cybersecurity experts warn it collects lots of information.

Seemingly overnight, everyone’s talking about Temu, an online shopping app full of deals that seem too good to be true. You’ll find $17 wireless earbuds, $1 “gold” necklaces and $23 wedding dresses.

No wonder Temu is the most popular shopping app in the U.S., behind only Amazon. But most of us know little about the app’s origins. Like some other apps, it’s tied to China.

I did some digging into whether it’s safe to use. Here’s what I found:

I share important security updates every weekday straight to your inbox. Join 400K+ happy subscribers. (It’s free!)

Source…

Delete this malicious extension and stop hackers from stealing your Gmail messages

/in


A cybercriminal threat group from North Korea is using a malicious Chrome extension to steal Gmail emails, according to a report released by Bleeping Computer. Let’s dive into how they’re doing this and the steps you should take right now to protect yourself. 

The group, which uses the name Kimsuky, has been known to use spear phishing for cyber-espionage in attacks targeting people with high-profile jobs, such as diplomats, journalists, government agencies, politicians and university professors. According to the Director of National Intelligence, “spear phishing is a type of phishing campaign that targets a specific person or group and will often include information known to be of interest to the target, such as current events or financial documents.” 

CLICK TO GET KURT’S CYBERGUY NEWSLETTER WITH QUICK TIPS, TECH REVIEWS, SECURITY ALERTS AND EASY HOW-TO’S TO MAKE YOU SMARTER 

The attack starts with a phishing email that urges potential victims to install a Chrome extension known as AF, which can also be installed in Microsoft Edge, Brave and other Chromium-based browsers.  Once installed, AF immediately begins stealing the contents of emails from your Gmail account. 

Here's what to know about keeping your Gmail messages safe from hackers.

Here’s what to know about keeping your Gmail messages safe from hackers. (CyberGuy.com)

BEWARE OF NEW MACSTEALER MALWARE THAT CAN STEAL YOUR ICLOUD KEYCHAIN DATA AND PASSWORDS 

Once your Gmail account is taken over by AF, Kimsuky uses Google Play’s web-to-phone synchronization feature for installing apps from your computer onto your smartphone to infect victims’ phones with Android malware. This allows hackers to drop, create, delete or steal files as well as retrieve your contacts, make calls, send text messages, turn on your camera and more. 

Beware, because in addition to this AF malware, Kimsuky has a variety of Android malware on the market, including other programs called FastViewer, Fastfire or Fastspy DEX.  These programs are disguised as plug-ins for security as well as for viewing documents. 

What can I do to prevent this from happening to me? 

1) The first thing to remember is to never click on a suspicious email. If you open a phishing email by accident, do not click on any links embedded…

Source…

Billions of Android and iPhone users warned to delete messages immediately after ‘bank-draining’ attack alert

/in


SECURITY experts have revealed a staggering rise in smartphone phishing scams.

The amount unexpecting people click on the dangerous phishing links has risen by 637% in just two years.

Phishing attacks are said to be on the rise, especially via your smartphoneCredit: Getty

That’s according to The Global State of Mobile Phishing recently released by Lookout.

It states: “2022 had the highest percentage of mobile phishing encounter rates ever — with over 30% of personal and enterprise users exposed to these attacks every quarter.”

And adds: “These attacks are the tip of the spear for more advanced campaigns.

“They can grant attackers access to your apps and data under the guise of being a legitimate user.”

The report claims that over 50 percent of all mobile devices were exposed to a phishing attack in 2022.

Attacks bombard long lists of smartphone users with phishing emails and text messages hoping they can get as many people to click as possible.

Sometimes they target specific people if they want access to where they work or view their personal data as particularly valuable.

Around 36 percent of US smartphone users were said to encounter phishing attacks.

Most read in Phones & Gadgets

HOW TO AVOID A PHISHING SCAM

Firstly, you should be thorough when checking who the email is from.

Even if it looks official, double-check the email and look for any spelling mistakes or slight abnormalities in the sender’s email address.

Never feel pressurised into opening an attachment and avoid clicking the phrase “enable content.”

You should also be wary of links in emails.

If you’re certain an email you have received is a scam, report it to your email provider and delete it.

Source…

Hackers Fail to Honor Promises to Delete Data

/in


Cybercrime
,
Fraud Management & Cybercrime
,
Ransomware

Police Say Gang Extorted Millions From Victims Not Just by Stealing, But Lying Too

Mathew J. Schwartz
(euroinfosec)


February 24, 2023    

Crime Blotter: Hackers Fail to Honor Promises to Delete Data
Image: Dutch cybercrime police

Cybercrime experts have long urged victims to never pay a ransom in return for any promises attackers make to delete stolen data.

See Also: OnDemand | Navigating the Difficulties of Patching OT


Paying attackers for guarantees to delete data directly funds cybercrime and perpetrates cyber extortion as a business model. Just as importantly, it typically doesn’t stop criminals from selling stolen data, as a recently unveiled criminal probe demonstrates.


On Thursday, cybercrime police in the Netherlands announced that they had busted a three-man gang accused not just of hacking into companies, stealing their data and threatening to dump it online – unless they received a ransom payment – but also of failing to honor its guarantees.


Dutch police arrested the suspects – two 21-year-olds and one 18-year-old – on Jan. 23, and two of them have since been jailed and only allowed to speak to their attorney while the investigation continued. “Because of this measure and in order not to disrupt the investigation, the arrests have not been announced before,” police said. The suspects have been charged with computer hacking, data theft, extortion and money laundering.


The investigation began in March 2021 after a large Dutch company reported an attack to…

Source…