Offshore Outsourcing & Scammer

Blog about offshore outsourcing and scammer in the outsourcing industry

Earnings of Thieves Selling Your Personal Data Online

dark keyboardWith a record number of ruptures in the U.S. amid 2014, more individual data is coasting around on the web than at any other time in recent memory some time recently. Yet, your saving money information, well-being records and even your Facebook account all accompany a sticker on the dark web.

The dark web is the place the commercial centers for stolen information exist. The dark web exists on the "deep web," which is the piece of the web that is not indexed by ordinary web indexes, as Google. To get to these dark corners of the web exceptional programming called Tor must be utilized. 

While Mastercard data can offer for just a couple bucks on underground market sites, well-being records keep running about $50 per record, as per a report by Dell SecureWorks. Bank account data is a higher ticket thing and can offer for $1,000 or all the more relying upon the amount of cash is in the record.

Purchasers can even purchase somebody's online networking record for about $50 or get an altogether new character in addition to a coordinating service bill for just about $350. 

Here's a speedy take a gander at what other individual data goes for on the dull web, as indicated by the report:

 

  • Bank certification: $1,000 in addition to (6% of the aggregate dollar sum in the record) 
  • U.S. credit card with track information (account number, expiration date, name, etc.): $12
  • EU, Asia credit card with track data: $28
  • Website hacking: $100 to $300
  • Copied social security cards: $250 and $400
  • Copied driver's license: $100 to $150

 

Be that as it may, lawbreakers aren't the main ones paying for your lost individual data. Organizations that are influenced by information breaks are needing to shell out a considerable measure of cash for every record that gets spilled in an information rupture.

The normal worldwide expense of a lost or stolen information record for an organization in 2014 was $154, that is a 23% expansion since 2013, as indicated by a study by IBM and the Ponemon Institute distributed Wednesday. The expense incorporates the legal and investigative work expected to address a rupture, and additionally the expense of wholesale fraud programs for individuals whose records were spilled.

Human services organizations are needing to pay the most with the normal cost for a lost information record coming to $363. Furthermore, retailers' expense per record went from $105 in 2013 to $165 in 2014.

The surge in information breaks, particularly those created by sorted out wrongdoing, is driving the expense of lost or stolen records for organizations, said Marc van Zadeloff, VP of system and item for IBM security.

Only in the US, there was a sum of 783 information breaks a year ago, a 27.5% increment from 2013, as per the Identity Theft Resource Center. What's more, as indicated by the IBM report, 47% of ruptures in its study were created by a malevolent or criminal assault. 

“As you see the rise of malicious organized criminals, they become harder to track and trace and remediate,” Zedeloff said. “These criminals on the dark web are collaborating, sharing techniques and malware and when they break in, they are very good. They are able to stay on systems longer, they are stealthier and therefore they are more costly for organizations.”

While customers who are influenced by a break may be given wholesale fraud protection, there's still a couple of things they can do to take their security into their own hands, Zedeloff said.

To start with, never utilize the same password for different services and change passwords frequently. Second, make a point to have the most recent security on the majority of your gadgets and utilize two variable confirmation when accessible. Also, last, look out for any sort of suspicious action. Whether its a shady email, a companion demand from somebody you don't know or odd action on any of your accounts, be proactive in checking everything from your social records to your bank accounts.

 

Rombertik: Malware deletes itself during discovery - together with the hard drive content

Rombertik VirusOne tricky and complex programmed malicious software collects data from Internet users. if she gets discovered she swallows a digital cyanide pill.

Security researchers of the Talos Group, a division of the network equipment supplier Cisco Systems have discovered a Windows malware that has taken great care to cover up traces of their activities. "Rombertik", as the malware gets called from the experts, captures everything a user is doing with his computer on the Internet. If the malware believes that she got discovered, she makes the hard drive of the affected computer unusable and destroyed so herself.

Another feature of the digital pest is that it's not only searching for user name / password combinations of bank accounts. The malware is recording characterized obviously completely unfiltered everything what the respective users is doing with the infected computers on the Internet.

The distribution channel is not new: Rombertik gets distributed as an e-mail attachment from spam or phishing mails. According to the Talos Group, this emails are especially clever constructed and fooling the users easily. The infected emails mimics the sender "Windows Corporation" as shown by one example of the report

Camouflage by deleting

Noticeable is the elaborate camouflage with which the pest trying to protect themselves from detection. It works on several levels: If a user installs unconsciously the pest, Rombertik analyzes first the environment and checks if it is running in a "Sandbox" environment, an isolated area or the PC, which has no impact to the rest of the computer. Antivirus software uses such a sandbox to analyze suspicious software.

Only when this is excluded, the malware continues her installation. Before the malware starts her work, she is testing if she gets watched by a virus scanner. If so, she attempts to delete the so-called master boot record on the hard disk of the computer to make it unusable. If that does not work, Rombertik encrypts all user data on the boot hard drive of the computer for making them useless and brings the PC to fall into an endless loop of reboots.

Fogging by deflecting

Even if it does not come so far, Rombertik makes the work analysis software difficult: In order not to attract attention, the malware hides itself. Is the 28 kB small installation package gets unpacked, it is 1264 kilobytes long and leads to believe of 8000 program features. Although these are not getting used but makes the analysis extremely complex.

To ensure that the program does not get discovered or it is supposed to run in a sandbox, it uses another perfidious trick: Rombertik writes a file from one byte in a memory sector - 960 million times. Only by logging these processes would result in a log file of 100 gigabyte size explains Talos.

The report of the Talos group says nothing about the spread of Rombertik. User should follow the common recommendations:

Don’t click on links or attachments in emails from unknown senders and use an up to date security software.

 

Data of 280,000 customers stolen: AT&T lost over $ 25 million

The misbehavior of the employees is coming very expensive for AT&T. The group has failed to prevent that data could get stolen in their call centers.  They got prosecuted now with a thick fine of the US supervision.

AT&TThe US mobile giant AT&T has to pay millions, because employees have stolen data in the call centers in Mexico, Colombia and the Philippines from nearly 280,000 customers. AT&T had accepted a comparison of over 25 million dollars.

Employees had unauthorized access to customer accounts and provided data - have passed on to third parties – even sometimes sensitive information like social security information. The FCC assumed that the information was then used, inter alia, to unlock stolen smart phones.

"Today's actions show that supervisory exercises its full authority against companies that fail to protect the personal information of its customers," said FCC chief Tom Wheeler. The Authority had started their investigation in May 2014..

Triggers were three AT&T employees in Mexico, which should have sold during 168 days data from more than 68,000 customer accounts starting at November 2013. In the course of the investigation came out that a further 40 employees were involved in this illegal practice and additional more than 211,000 customer accounts were affected.

Source: http://www.fcc.gov/document/att-pay-25m-settle-investigation-three-data-breaches-0

 

Phishing e-mails with instructions of the boss often successfully

PhishingPhishing emails are becoming more sophisticated. Thus, there are camouflaged mails from the boss to his employees, to transfer funds, which are highly successful.

Phishing emails are not only getting better disguised, but the attackers also always use bolder methods to reach their destination. Bosses are often pushed to reach the goal.

In the well-camouflaged phishing e-mails employees will be asked to transfer money because certain contracts have not yet been settled financially. Many employees would transfer the money instead of asking the boss once again if there everything is all right - or to look at the header of the mail more in detail.

Because is immediately visible in the header of the e-mail that the mail was not sent by the boss himself, but by a "non-corporate" e-mail address. But even these email addresses are now better camouflage than before and are similar to those of the bosses in most cases. The domains linked in the e-mail body and lead to the transfer portal, mostly resemble those of the real company address very strong. Who does not look exactly could really fall for this trick.

 

Facebook profiles in danger: Beware of fake warnings

FacebookOnce more Facebook users must be careful that their account does not fall into the hands of fraudsters. The warning of a friend turns out to be dangerous gateway.

Spam, viruses and Trojans on Facebook are already on the agenda for a long time. Many users have got it already. This increased the alertness at the present.  Scammers are taking advance of this alertness for taking over user accounts in masses. There are currently fake warnings of real Facebook friends in circulation, indicating the user that a copied second profile of themselves and other images are to be found in other sections on Facebook.

Phishing attack

In some cases, the scammers even have added a screenshot of the copied second profile page (not logged in). In any case, the user will be prompted to enter the link to the alleged fake profile. However, this does not lead to Facebook, but to a well-camouflaged Facebook phishing page. Who logs in on this page will tell his username and password to the scammers.

This thus have access to the entire Facebook profile and all the friends. The scammers take advantage of the fact apparently immediately to move more potential victims with the same mesh for getting their login information. Despite the fact that the news are coming from actual Facebook friends (whose accounts have already been affected), there is something what should let your alarm bells ringing.

Check URL

That is the phishing link is not pointing to https://facebook.com/xyz, it is in the current pointing to the URL profil-numbercombination-fb.xyz.es. Such links should better even not get clicked. The attack also targets in other countries. Some grammatical errors, however, point out that the scammers have obviously not perfect knowledge of the language.

Who gets suspicious, you should report the relevant user profiles and alert the Facebook friends through other channels (email, phone) that presumably with their account something is not right. Who has the suspicion that the own account was hacked, be sure to change the password on Facebook and for other services, where the same log-in information is used. To impede unauthorized access to your own Facebook profile from the outset, Facebook offers a range of security settings such as two-way authentication and notifications.