Home » Entries posted by Brooke Crothers

Hate robocalls? Battle against scam calls intensifies

Hate robocalls? Battle against scam calls intensifies

Still getting too many robocalls? The Federal Communications Commission now requires that carriers implement stricter measures to combat these annoying calls.STIR/SHAKEN, the new FCC mandate for phone carriers, is designed to curb fraudulent robocalls and illegal phone number spoofing. The latter is a common scheme where a scammer sends a fake caller ID – typically disguised as a local caller – to hide their actual identity.The goal is for providers to verify that a caller ID is authentic and matches the number that will show up on your phone. The deadline for implementation by carriers was June 30.”While there is no silver bullet in the endless fight against scammers, STIR/SHAKEN will turbo-charge many of the tools we use in our fight against robocalls,” Acting FCC Chairwoman Jessica Rosenworcel said in a statement.Though the deadline for large providers was June 30, the FCC said small voice service providers with 100,000 or fewer subscriber lines get an extension until June 30, 2023 – but that extension may be shortened, the FCC added.Americans received just under 4 billion robocalls in May, according to YouMail. While down from April, the volume was still huge. Robocalls averaged 128.7 million calls per day and 1,490 calls per second, according to YouMail.ACT ON ROBOCALLS – OR ELSE, FCC WARNS PHONE COMPANIESIn March, the FCC fined a Texas-based robocaller a record $225 million. That telemarketer made approximately 1 billion sales calls in less than five months. The robocalls falsely claimed to offer health insurance plans from companies such as Blue Cross Blue Shield and Cigna.And in January the FCC fined a robocaller about $10 million for illegally using caller ID spoofing “with the intent to cause harm.”  
Americans received just under 4 billion robocalls in May, according to YouMail. (iStock)

Worst hackers avoid attacking Eastern European countries: reports

Worst hackers avoid attacking Eastern European countries: reports

Some of the most notorious hackers steer clear of attacking organizations in Eastern European countries.DarkSide, the criminal organization behind the Colonial Pipeline cyberattack, and other high-profile hacking groups bar their partners from installing malicious software on computers using certain languages, according to Krebs on Security, a cybersecurity news site.This has been going on since the early days of organized cybercrime, and “it is intended to minimize scrutiny and interference from local authorities,” Krebs wrote as part of a post pointing out that certain malware will not install on a Microsoft Windows computer that has a Russian or Ukrainian virtual keyboard installed.
A screenshot of the warning screen from a purported ransomware attack, as captured by a computer user in Taiwan, is seen on laptop in Beijing, Saturday, May 13, 2017. 
(AP Photo/Mark Schiefelbein)BIDEN GAVE PUTIN LIST OF 16 CRITICAL INFRASTRUCTURE ENTITIES ‘OFF LIMITS’ TO CYBERATTACKSCybersecurity company Cybereason noted this back in April when it observed DarkSide being used against targets in English-speaking countries and avoiding targets in countries associated with former Soviet bloc nations.”When the DarkSide ransomware first executes on the infected host, it checks the language on the system…to avoid systems located in the former Soviet bloc countries from being encrypted,” according to a report from Cybereason in April.There is a do-not-install list that DarkSide uses based on the language of the software on the victim organization’s computer, according to the post by Cybereason.That includes Russian, Azerbaijani, Uzbek and Ukranian.WINDOWS 10 HAS BUILT-IN RANSOMWARE PROTECTION: HOW TO USE ITThe Photon Research Team at Digital Shadows, a cyber risk protection company, said in a note sent to Fox News that Avaddon ransomware includes a ban on targeting Commonwealth of Independent States (CIS) countries.”Threat actors specializing in many different types of cybercrime observe this rule – it is not limited to ransomware groups. Many Russian-language cybercriminal platforms state explicitly in their rules that members must refrain from targeting victims in this area,” the Photon Research Team said.Cybercriminals operate much like any other criminal enterprise, according to Inga Goddijn, executive VP at Risk Based Security.CLICK HERE TO GET THE FOX NEWS APP”They prefer to operate from locations with either lax or under-resourced law enforcement or places that are inclined to turn a blind eye to their activities,” Goddijn said. “If the powers that be are willing to allow operations to continue in exchange for a degree of protection for local businesses, it’s not surprising to see attackers making an effort to accommodate that requirement.”

Windows 10 has built-in ransomware protection: how to use it

Windows 10 has built-in ransomware protection: how to use it

Ransomware protection is built right into Windows. Here’s how to get started.Ransomware gangs have gone pro. DarkSide, the group responsible for a spate of ransomware attacks including Colonial Pipeline, now operates with a business model that mirrors legitimate businesses.Called Ransomware-as-a-Service (RaaS), it uses partners to execute cyberattacks. For individuals and small businesses and schools, attacks from RaaS groups pose the risk of loss of access to all critical data – in addition to the financial burden of paying a ransom.The small steps to prepare yourself for a potential future ransomware attack will also protect you from other malware and viruses.CONTRACTOR THAT DOES NUCLEAR WEAPONS-RELATED WORKS FOR ENERGY DEPARTMENT HIT BY RANSOMWAREWindows 10 ransomware protectionIt’s not widely known to consumers and small business users that Microsoft offers built-in ransomware protection.Turning it on is pretty simple: type in “Ransomware Protection” in the Windows 10 Cortana search bar (typically in the bottom lower left of the screen) then select the “Ransomware Protection” screen.Toggle on the “Controlled folder access.” Then you have the option to select which folders you want protected. 
It’s not widely known to consumers and small business users that Microsoft offers built-in ransomware protection.
(Screenshot/Brooke Crothers)Click on “Protected folders.” The Protected Folders screen should already be populated by folders that are protected by default. You’re also given the option to add other protected folders.In addition, you have the option to add folders from Microsoft’s file hosting service OneDrive, if you subscribe to that service.TECH TIP: SPEED UP YOUR WINDOWS OR MAC’S STARTUP THE EASY WAY”In a ransomware attack, your files can get encrypted and held hostage. With controlled folder access… a notification appears…where an app attempted to make changes to a file in a protected folder,” according to a Microsoft document describing the feature.You can also “whitelist” applications. While the goal of Windows ransomware protection is to block suspicious software, if an app is blocked that you know is safe, Microsoft allows you to build a white list. Use the Controlled Folder Access for whitelisting apps. You can do this by going to “allow an app through Controlled folder access.”Other tactics to fend off ransomwareUse a secure cloud-based file hosting service with automatic backup so you’re regularly backing up files.CLICK HERE TO GET THE FOX NEWS APPAnother strategy is a so-called “air gap” where the external storage device is completely disconnected (i.e., offline) from your computer and the internet. Back up your files, then disconnect the storage device.Another piece of advice recommended by cybersecurity experts is to separate work and personal devices. While attackers tend to target corporations, schools, and hospitals, consumers who are working from home can get targeted by attackers too.

Your Mac isn't as secure as you may think; malware issues affect iPhones too

Your Mac isn't as secure as you may think; malware issues affect iPhones too

Apple is grappling with cyber exploits and vulnerabilities as the Mac faces some serious malware issues.Earlier this month, Craig Federighi, Apple’s head of software engineering, noted that there’s a “level of malware on the Mac that we don’t find acceptable,” when he took the stand during the Epic Games v. Apple trial.The iPhone’s iOS has a “higher bar for customer protection. The Mac is not meeting that bar today,” he said, adding that, since last May, 130 types of Mac malware have appeared.Apple is playing “an endless game of whack-a-mole” against malware that can affect hundreds of thousands of Mac users, he said.
An Apple iPhone Xs Max (R) and iPhone Xs rest on a table during a launch event on September 12, 2018, in Cupertino, California. 
(NOAH BERGER/AFP/Getty Images)But Apple has been dealing with vulnerabilities across all of its platforms, including iOS, iPadOS and tvOS.Recent reports listed a series of flaws.A May 26 report from Ars Technica said that “Apple has yet to patch a security bug found in iPhones and Macs despite the availability of a fix released almost three weeks ago,” citing a researcher.Apple did not respond to a request for comment regarding this report.APPLE’S SIRI HAS ‘MORE DIVERSE’ VOICE OPTIONS IN LATEST UPDATEA May 24 report from Bleeping Computer cited security updates to patch macOS and tvOS vulnerabilities.Two of the three affect WebKit on Apple TV devices. Webkit is Apple’s browser rendering engine that handles HTML content on iOS, macOS, tvOS and iPadOS.  The third impacts macOS.Apple has released updates to iOS, macOS, watchOS and tvOS that include security fixes for a number of vulnerabilities including those cited above, which Apple outlines in its “security notes.””A remote attacker may be able to cause unexpected application termination or arbitrary code execution,” Apple said regarding one of its fixes for macOS Big Sur.In the case of Apple’s Safari web browser, the company cited “maliciously crafted web content.”Other updates impact iPadOS.”Though not as common as attacks on Microsoft Windows devices, cybercrime targeting Apple users is quickly growing,” said Chester Wisniewski, principal research scientist at cybersecurity firm Sophos, in a statement sent to Fox News.CLICK HERE TO GET THE FOX NEWS APPAnd the risk increases over time because there is no guarantee consumers will update their Apple devices in a timely fashion.”New research from Sophos Home shows that 35% of consumers never update/patch their OS and apps, or only do so when prompted. This lack of consumer awareness around best practices for protecting personal devices means that if users aren’t paying attention, a large group could fall victim to this latest malware and future attacks,” Wisniewski said.

Scammers targeting families with missing persons, FBI says

Scammers targeting families with missing persons, FBI says

Scammers are identifying missing persons through social media posts – the starting point for extortion schemes, the FBI said in an advisory.The scheme is designed to get quick ransom payments from the families of missing persons “who are manipulated to believe their loved one has been abducted, is at risk of being abducted, or is in imminent danger,” the FBI said.The scheme typically plays out as follows.Through social media, scammers first gather information about the missing person and family, lending believability to their ransom demands.
Scammers are identifying missing persons through social media posts – the starting point for extortion schemes, the FBI said in an advisory.