Nigeria’s anti-corruption police have shut down 800 scam websites and busted 18 syndicates of email fraudsters. “Over 800 fraudulent e-mail addresses have been identified and shut down,” Economic and Financial Crimes Commission (EFCC) boss Farida Waziri said. “There have been 18 arrests of high profile syndicates operating cyber-crime organisations,” she added.
Microsoft lends a hand
In a statement EFCC, which has previously relied on raiding cyber cafes and complaints from the public to clampdown on the crime, said it has now adopted smart technology working in conjunction with Microsoft, to track down fraudulent emails. The operation, dubbed “Eagle Claw” should be able to forewarn around a quarter of million potential victims when fully implemented within the next six months.
Nigeria has a history of email fraud
Nigeria has the notorious reputation of being the center of email fraudsters. Spanish police arrested 23 people in March, mainly Nigerians, suspected of running an email and letter scam thought to have defrauded over 150 people in the United States and Europe. The gang sent out thousands letters every day to potential prey. Victims were swindled of their money when asked to pay processing fees or supply their bank account details into which non-existent funds were promised to be transferred. Some of the email fraudsters hacked into private email accounts of prominent personalities and sent e-mails to their contacts claiming to be stranded and asking for emergency cash.
How you can prevent email attacks
Mailprotector’s services help prevent many of these types of email scams. Our services are great for keeping spam, viruses, Trojans, phishing and other email-borne malware and attacks from reaching your user’s inbox. Contact us today to learn more.
Just in case you haven’t heard the economy has been in a bit of a rough patch. Everyone has been tightening their belts. Well, here’s a ray of sunshine. The Department of Homeland Security has been authorized by the Obama administration to hire as many as 1,000 IT security professionals over the next 3 years. Areas they will be hiring include vulnerability detection, cyber risk and strategic analysis, network and systems engineering, and much more.
Cyber Security Dream Team is the goal
DHS Secretary Janet Napolitano made the announcement October 1 during remarks tied to the start of National Cybersecurity Awareness Month:
“Effective cyber-security requires all partners—individuals, communities, government entities and the private sector—to work together to protect our networks and strengthen our cyber-resiliency,” Napolitano said. “This new hiring authority will enable DHS to recruit the best cyber-analysts, developers and engineers in the world to serve their country by leading the nation’s defenses against cyber-threats.”
Join ranks soldier
So whether you’re out of work or just want a new job, update your resume, pay all your back taxes, and apply for one of these new government slots ASAP! Now, since I was kind of enough to give you a lead on your new job all I’ll ask is that you put in a good word with your rich Uncle Sam for Mailprotector’s award winning email security and Hosted Exchange 2007 services. We’ll make you look like a rock star when you show him the reports of all the spam, viruses, Trojans and other email-borne malware we’re stopping. He may even give you some of that bailout money as a bonus for doing such a great job. Now that’s kick-starting the economy!
Happy National Cyber Security Awareness Month!
According to a recent GAO report NASA suffered hundreds of security incidents in 2007 and 2008, including malware infections, data breaches, stolen laptops and bot nets. NASA was affected by more malware than any other federal agency and reported 1,120 security incidents during this two year span. Some of the laptops that were stolen contained unencrypted data for the prototype hypersonic jet (the X-51 scramjet) and test plans related to a space telescope and lunar orbiter. 82 agency computers became part of a Ukraine-based bot net after they were infected with rootkits.
Situation is improved, but gaps in security remain
The US Computer Emergency Readiness Team urged the space agency to implement more effective patching and to better train employees regarding cyber security. Despite the warning NASA still found a number of machines infected with the Coreflood Trojan. It can steal user credentials then communicate with a hostile command and control server. NASA has taken steps to address incident response and improve cyber security practices. The GAO still cites gaps. “”NASA remains vulnerable to similar incidents going forward,” the report finds. “Control vulnerabilities and program shortfalls make it possible for intruders, as well as government and contractor employees, to bypass or disable computer access controls and undertake a wide variety of inappropriate or malicious acts.”
Security should continue to tighten
The GAO made numerous recommendations. NASA deputy administrator Lori Garver agreed with them. “Deficiencies with IT security are often a result of systemic issues in the management of IT,” she said. “To this end, NASA continues to implement improvements in IT management, adhering to [a] previously developed strategy for providing an integrated, secure, and efficient IT environment that supports the NASA mission.”
User awareness key to any effective cyber security program
People need to understand the risks of opening spam attachments or visiting links embedded in spam. Mailprotector’s services help to mitigate these types of events. Our email security services protect users from Trojans, viruses, phishing, and other email-borne malware. Mailprotector is easy – you don’t need to be a rocket scientist to use it.
Happy National Cyber Security Awareness Month!
gaps
The “balloon boy” story is a testament to keeping your guard up against hoaxes that some are willing to perpetrate to get past your defenses.
Media frenzy
Reports indicated that 6 year old Falcon Heene had climbed into a box attached to a home-made high altitude balloon. Media outlets piled onto the story – CNN, FOX, DRUDGE Report and others all had headlines indicating the balloon was adrift but the box was no longer intact. America was anxiously awaiting to learn the fate of the small child.
Emergency services scrambled
The balloon floated for approximately 50 miles. Emergency responders rushed to the scene as the balloon touched down to search for the young boy. Once they did not find him they activated other teams to expand the search. All this effort was for naught because the child was safely on the ground the entire time.
The joke’s on us
As this story continued to unfold it became apparent that it was a hoax. As details have emerged it has been learned that the parents concocted this scheme for self-promotional purposes. Law enforcement officials are still investigating the case. Sheriff Jim Alderden of Larimer County along with other authorities have indicated that charges may be forthcoming against the parents, Richard and Mayumi Heene:
“Charges have not been filed, but authorities expect to recommend felony charges including conspiracy, contributing to the delinquency of a minor and attempting to influence a public servant, Alderden said. They also plan to recommend a charge of filing a false police report, which is a misdemeanor.”
Sherriff Alderden said it is unlikely that someone convicted of these charges would face jail time.
Their plan was pretty much a success
Based on the Sherriff’s comments it appears that the Heene’s have accomplished their goal to heavily promote themselves for another reality show without actually getting into a bunch of trouble. They previously appeared on ABC’s “Wife Swap” and had approached other outlets in the past few months about doing another reality show. Based on all the media reports it’s apparent these folks crave the spotlight and were willing to perpetrate this hoax to create the buzz for a new “reality show.”
News such as this can create an “in” for cyber villians
Spammers and cyber-thieves have a way of using these types of news events to push spam out to unsuspecting recipients. Be wary of phishing emails with headline grabbing subjects. Many times there are links that will direct you to an infected site that will infect your computer with a bot net virus, password stealing Trojan, key logger Trojan, or other malware. Don’t fall for these tricks.
Don’t be fooled again
The Heenes may have been able to pull off their hoax with seemingly little consequence. However, you’ll find that if you fall for the spammers bait then the consequences may be quite harmful. Continue to educate your users against the perils of opening spam and Implement Mailprotector’s award winning email security to protect against cyber hoaxes.
The recent blockbuster sci-fi movie “District 9” was reviewed by some of our staff a few weeks ago. They give the movie a ‘thumbs up’ so you should definitely go see it. It’s about an alien spacecraft that becomes stranded hovering over Johannesburg and how the earthlings deal with keeping the aliens in quarantine. It’s a moral tale about the evils of apartheid and its potential out of this world consequences.
Film “makes Nigerians look bad”
It was reported that Nigerians are upset because of how they are portrayed in the movie. Information Minister Dora Akunyili has asked that movie houses stop screening the movie because it makes Nigerians look bad. “We have directed that they should stop public screening of the film,” she said. “We are not happy about it because it portrays Nigeria in bad light.” Nigerians are portrayed as gangsters, prostitutes and cannibals in the movie. They have asked the producer for an apology and also edit the film.
A more accurate portrayal?
Well, I’m upset about the portrayal of the Nigerians in this film, too. I’ll suggest the following character rewrites. Instead of Nigerian characters posing as gangsters and prostitutes make them Nigerian “princes” and “princesses”. Place them in exciting scenes crafting email messages asking for assistance from the aliens in recovering their family fortune. That would be much more appropriate. Once they start sending their spam to the aliens then all heck is gonna break loose. If the aliens didn’t have enough to be upset about before now they’ll really be ticked off after getting scammed out of their “cat food” money (oops – I should have given you a “spoiler alert”).
Mailprotector saves the day!
Of course, Mailprotector could become a prominent player in the movie. The aliens would adopt Mailprotector’s superior email security technology then we could all just get along. Nothing like a happy ending 
In celebration of National Cyber Security Awareness Month I’ve adopted one of Lou Holtz’s little stories. Lou has a special way of delivering a message. I recently caught this nugget:
The organization had just experienced a severe data breach. Everybody, Anybody, Somebody, and Nobody – they were all given an important task.
“Everybody was to do it. Everybody felt sure that Somebody would do it, because Anybody could do it, but Nobody did it.
Somebody got mad because it was Everybody’s job. Everybody felt that because Anybody could do it, but Nobody realized that Somebody didn’t do it.
In the end Everybody got mad at Somebody because Nobody did what Anybody could do.”
-L.Holtz
It’s a funny delivery but with a serious message. Admins and users need to stay aware of what’s happening with their email. Reveiw your current email usage policies and security posture to make sure you don’t have any vulnerable areas. You can implement one of Mailprotector’s award winning services to help mitigate email-borne threats: spam, Trojans, viruses, etc. Don’t fall prey to the cyber tricksters! Happy National Cyber Security Awareness Month!
There have been a slew of cyber-security related news events as of late. Robert Mueller, the FBI director, told an audience that he was nearly hooked in a phishing scam . Google’s Wave created a spike of spear-phishing attempts. Botnets continue to plague the web, and spam has not been eradicated by 2006 as Bill Gates had predicted in 2004.
Well, here’s another item you need a heads-up about – GIANT SNAKES!
The giant snakes aren’t on the Internet. They’re in Florida, Texas and the southern US. There have been numerous reports about large non-native snake species being let loose in the wild by their previous owners. I’ve never understood why someone would want a python, anaconda, boa constrictor or other large snake as a pet. They won’t chase a ball, they won’t fetch the paper and slippers, and I sure don’t want to find one snuggled up to me on the couch or in the bed. I like snakes but only if I’m bigger and not seen as a meal by them. Snakes have always been fascinating to me. My kids have even been able to handle large constrictors at our local science center. Of course, the handlers are always on hand supervising. These large constrictors can grow up to 20 feet long and weigh over 200 lbs. Could you imagine encountering one of these beasts in the wild? You better be a track star or packing heat if you want to tell that story to your buddies.
We’ll handle your email, you handle the snakes
Mailprotector can’t really help you with large, hungry constrictors you may meet in the wild. We’ll be glad to keep you safe with our award winning email security. We’ll put the squeeze on cyber-crooks so they don’t put the squeeze on you. You’re on your own with the snakes, though.
Happy National Cyber Security Awareness Month!
Two Romanians were just extradited to face charges related to a phishing scheme. The phishing scheme targeted customers of some well known financial institutions.
Plead “not guilty”
FBI officials announced on September 29 that Petru Bogdan Belbita, 25, of Craiova, Romania, and Cornel Ionut Tonita, 28, of Galati, Romania, were brought to the US to face charges of conspiracy and aggravated identity theft. They have pleaded “not guilty” to these charges.
Trail of evidence
The pair were caught after an investigation was launched about a complaint of a fraudulent email made to appear as if it came from Connecticut-based People’s Bank. The email directed users to a compromised computer in Minnesota that hosted a counterfeit web site for People’s Bank. As the investigation unfolded it was determined the duo also engaged in similar phishing schemes targeting customers of Citibank, CapitalOne, JP Morgan Chase & Co., PayPal, and others.
Roundup
The two men, as well as five other Romanian citizens, were indicted by a grand jury in 2007. Belbita was arrested in Canada on Jan. 24, 2009, and brought to the United States Sept. 25. He appeared before a federal judge in Connecticut Sept. 29 and pleaded not guilty. Tonita was arrested in Croatia in July and extradited to the United States Sept. 4. He pleaded not guilty six days later. The other five Romanians indicted in this scheme are looking over their shoulders now. It shouldn’t be long before they face the music (cue Hawaii Five-O theme).
Keeping their buddies away
Mailprotector’s services mitigate the risk of phishing attacks. Whether you host your own mail server or need us to do it for you it’s a given that you need advanced email security to prevent phishing, Trojans, spam and other malware from reaching your inbox.
The Washington Post recently reported that the online payroll firm Paychoice experienced a security breach on September 23. The hackers were able to get sensitive account information as a result of this breach.
The old Hack’em and Phish’em technique
According to an email sent out by the company on September 28 to their customers, the hackers were able to get e-mail addresses, login IDs and parts of passwords for user accounts at OnlineEmployer.com. The hackers almost immediately crafted phishing messages to trick customers into revealing the remainder of their passwords. Customers told the Washington Post that they received phishing emails telling them to download a plug-in so they could continue using the OnlineEmployer.com site. The emails used the recently pilfered customer login username and partial password. The plug-in was actually a password-stealing Trojan. Affected customers are worried they may have had other passwords or sensitive data compromised.
Investigation is ongoing
Meanwhile, Paychoice has taken other steps to notify customers about this phishing scam and they continue to investigate.
Prevent phishing attacks
Mailprotector’s email security services help mitigate phishing attacks as well as other email-borne attacks. If you’re not already using our services then you should give us a try.
According to numerous recent reports Hotmail users have had their login credentials stolen.
About 10,000 users had their user credentials swiped in this latest phishing attack and millions more have been warned they could be at risk. Cyber-scammers set up a fake Hotmail login page that users entered their information.
Hotmail not alone
Not only did Hotmail users get cyber-mugged but Gmail, Yahoo! Mail, AOL, Comcast and Earthlink account holders were targeted, too. A spokesman for Google said, ‘We recently became aware of an industry-wide phishing scheme through which hackers gained user credentials for web-based mail accounts including Gmail account. As soon as we learned of the attack, we forced password resets on the affected accounts. We will continue to force password resets on additional accounts when we become aware of them.’
Not a breach, but a scam
Google stressed that the scam was ‘not a breach of Gmail security’ but rather ‘a scam to get users to give away their personal information to hackers’.
Unrest remains among the affected
Account logins had been posted online. They were taken down soon after that discovery. However, users now fear they may have had personal information (credit cards, bank account numbers, etc.) taken from their accounts as a result of their user credentials being publicly posted. Police are advising affected account holders to pay close attention to their credit card and banking accounts for any unauthorized activity.
To help protect yourself from falling prey to phishing scams:
- Change passwords frequently (every 30 days to 90 days).
- Use “strong” passwords: include upper case letters, lower case letters, numbers and characters randomly dispersed within the password.
- Don’t use the same password for your email account as you do for other online accounts. Many online accounts use your email address as the user name.
- Never click through any warnings your browser may raise about certificates.
- Be wary of pop-up security warnings.
- Be wary of mispelled words, poor grammar, blurry graphics on the web site as these items may indicate a phishing site.
- Implement email security that protects against spam, phishing, malware and other email-borne attacks.
No sign of a cool down for phishing
These phishing attacks will only continue due to the hackers success stealing thousands of email account user credentials. “Hotmail” now conjures up a completely different connotation.
