From Subject Received Size Categories
Cadwalader, Wickersham and Taft LLP fraudulent card charge 3:55 PM 41 KB
From Subject Received Size Categories
Navy Federal Suspicious Sign In Attempts Noticed Tue 5:21 PM 37 KB
From Subject Received Size Categories
USPS Shipping information for parcel 080483268 Mon 4:30 PM 33 KB
From Subject Received Size Categories USPS Shipping information for parcel 236217161 Mon 10:38 AM 43 KB
They are getting quite clever in their attempts. The first one purported to be from a real international law firm and the email went like this,
Who the f**k are you and why is there a charge from
drivingforce.net on my card?
Here you can view my statement , get back to me
asap.Well to say the least it did get my attention!
It contained a link that was supposed to provide me details about a Bank of America Statement. Instead it contained a link to a Japanese website that upon investigating the home page on a honeypot computer (ask me if you want to know), displayed this.
株式会社ウノトレーディング
現在ウェブサイトを準備中です。
日本の食を考える、食肉総合商社として
お問い合わせ TEL 03-5753-4720(受付 9:00〜18:00)
which translated to:
Uno trading Co., Ltd.
I am preparing my website now.
As a meat general trading company thinking about Japanese food
Inquiries TEL 03-5753-4720 (Reception 9: 00 ~ 18: 00)
Now I only lifted the home page from the link and did not explore the full link which would have taken me to the payload. Many times the actual website is legit but has been hacked and malicious code placed on a page within the website.
Some clients have called me to report that a pop up from Microsoft saying their computer is infected and to call a 1-800 number. This happened while visiting a legit site that obviously has been hacked and a malicious script placed on that website. Of course this is a scam and if it happens to you do not call. The best course of action to take is start TaskMgr and kill the browser process.
It is imperative that you practice good safe computing and deploy an anti-virus/malware strategy that includes both software and backup procedures. Redundant backups both onsite and cloud can help avert a disaster in both data loss and financially. Carbonite provides excellent backup protection in the event of an encryption attack. I have clients that it saved from data loss by keeping up to 30 days of protection online. One example is a client who did not realize for 2 days that a workstation had been compromised. In that time the malware encrypted all their MS Office docs, PDFs and picture files rendering them unuseable. Each file contained instructions on how to pay a ransom to receive an encryption key to recover the file. Fortunately they were able to contact Carbonite and restore a 2 day old backup and recover their files with minimal loss. You can find out more about Carbonite here http://partners.carbonite.com/freeradicalltd
Most US firms would pay to avoid data breach shame going public
According to research done by Bitdefender, most enterprise size firms would pay up to $124,000 to avoid public knowledge of a data breach. Some IT decision makers say the would pay as much as $500,000. Many have already set up Bitcoin accounts to be prepared in the event of such an occurrence. Bitcoin is a cryptocurrency and a payment system. It is the preferred payment used by many hackers and is hard to track.
In fact the results of the survey conducted for Bitdefender suggests that up to 34 percent of companies in the US may have been breached in the past year and that most do not know how it happened. Read the complete article at the link below.
http://www.zdnet.com/article/most-us-firms-would-pay-to-avoid-data-breach-shame-going-public/?loc=newsletter_large_thumb_related&ftag=TREc64629f&bhid=2219791
Ad-DFS-Driving Force Software Intel based workstations
