Tag Archives: phishing

Watch Out, Scammers And Their Convincing Emails

When we first got this email at PlanetWeb we were convinced that it was legitimate but after some deliberation decided not to download the files attached.

So what is going on? Basically if you run a website, scammers will target you saying that you stole his / her images and you will be sued and host provider will be contacted.

The email is very well written – it seems almost like they have hired a copy writer to create this email as it is very convincing.

The email is below – if you get one – just delete it. Did you get one? Write in comments below. Good luck!

Came from:

From: Mel <Mgallery666 @ yahoo.com> Email Incorrect – as It Bounces When You Reply To it

Message Body:

Hello there!

This is Melanie and I am a qualified photographer.

I was surprised, frankly speaking, when I came across my images at your website. If you use a copyrighted image without my permission, you must be aware that you could be sued by the owner.

It’s illegal to use stolen images and it’s so disgusting!

Take a look at this document with the links to my images you used at planetweb.ca and my earlier publications to get evidence of my copyrights.

Download it now and check this out for yourself:

URL RETRACTED FOR SAFETY

If you don’t delete the images mentioned in the document above within the next few days, I’ll write a complaint on you to your hosting provider stating that my copyrights have been infringed and I am trying to protect my intellectual property.

And if it doesn’t work, you may be pretty damn sure I am going to report and sue you! And I will not bother myself to let you know of it in advance.

TRACKING INFO

Unfortunately, can not be tracked, as they are using a VPN

IP: 181.214.224.106

Country: United States (US – NA) – Region: New York(NY) – Postal Code + City: 10013 New York

Proxy Server IP: 181.214.224.106

Country: United States (US – NA) – Region: New York(NY) – Postal Code + City: 10013 New York

Browser is: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0

Alberta MacEwan University Loses $11.8m to Hackers

University employees were fooled by phishing email asking them to change banking information for one of their main vendors.

MacEwan University blames admin error for losing $11.8m dollars. They said no safeguards were in place before. University says now more than 1 person would be required to change any banking information so this does not happen again.

The fraud happened when hackers created a website that looks exactly like university’s main vendor’s website.  After sending phishing emails, hackers asked university to pay millions of dollars of service fees university normally pays but with different banking information.

It only took 9 days to lose $11.8m before anyone realized that something was up. First was for $1.9m , second payment was for $22,000 and then last one was for $9.9m. Maybe they would have lose more money if not for actual vendor calling them to see why they have not been paid yet.

Some people were surprised how university that advises students to watch out for phishing attacks gets duped itself:

https://twitter.com/EmmaLGraney/status/903366379847524352

Where did the money go? The money was initially transferred to an account in Montreal, and then off to 2 different accounts in Hong Kong.

University does not think it was a collusion between university employees and hackers. Employees were entry level employees. University also says they expect to recover the funds and going to be able to meet all their financial obligations.

Major Canadian Company Pays $425k To Hackers

We have learned that major Canadian firm paid $425k in Bitcoin money to unlock their servers from ransomware attack. Their live servers were locked as well as their backup. The name of the company can not be published at this time due to confidentiality agreement.

Ransomware is a type of malicious software from cryptovirology that threatens to publish the victim’s data or perpetually block access to it unless a ransom is paid.

HypnoArt / Pixabay

This is the largest ransomware attack pay out ever in the Canadian business history. Not so long ago, South Korean firm paid $1m to unlock their files.

While investigation is still ongoing, it started with phishing attack targeting 6 key company officials by sending them infected PDF documents. They faked PDF docs to be from the company’s current suppliers stating that this is an invoice for services provided.

After getting in, hackers spent few months exploring the system before locking up live servers, as well as backups.

Lesson learned? Way to make sure it does not happen to you?

  1. Hire some ethical hackers to try to penetrate your system and see if you are secure. You will pay much less than they did.
  2. Move your backup to a remote server not associated with your main live server;
  3. Patch your systems religiously.

 

Learn more about WannaCry ransomware attacks here: