Instagram Adds New Tool to Help Users Identify Phishing Scams

With the proliferation of phishing scams, users with accounts on different social media sites are finding difficulty in identifying one. To combat this, the popular photo- and video-sharing social network service Instagram has introduced a new tool. The tool has been introduced following the rise in fake Instagram emails. These emails tricked users into sharing their login credentials and eventually personal details. Online users had a hard time figuring out which emails are real and which ones are fake. Some of these phishing emails even bypassed the weak spam filters and looked very much like an original message. These made it more difficult for users to catch a scammer’s malicious attempt. The new feature introduced by Instagram aims to verify emails sent to users. The purpose of the tool is to help people identify phishing emails that claim to be from Instagram. This account security feature - which can be accessed through Settings - allows anyone to check the authenticity of the email. If an email claiming to be from Instagram does not appear in the Instagram Settings, then it is a phishing attempt. Awareness of possible phishing attempts is not enough. It is also necessary to enable multi-factor authentication to secure accounts on different social networking services. It is also recommended to use strong passwords and to change passwords frequently.

 

Researchers Are Working On New Method To Identify Serial Hijackers Before They Attack

Border Gateway Protocol (BGP) is an internet protocol that is used to transfer data between different host gateways. However, it lacks route authentication and validation. This allows attackers to perform malicious activities. In the BGP route tables, internet service providers (ISPs) are identified using an Autonomous System (AS) number. Researchers from MIT are working on a system that identifies Autonomous Systems (ASes) that show characteristics similar to that of serial hijackers. This system will help network providers to proactively stop serial hijackers. Researchers at MIT’s Computer Science and Artificial Intelligence Lab conducted a detailed study of the BGP over a course of five years. On the basis of preliminary results, they concluded that the patterns could be potentially leveraged in automated applications to reveal undetected behavior. A typical BGP attack involves the malicious actor deceiving networks into routing data through a compromised system to a specific IP address. Operators rely on mailing lists to track ongoing hijacks. The research team studied related operator mailing lists of five years and noticed the same ASes carrying out the hijackings. With this data, the team trained the machine-learning model to identify key characteristics. During this process, they faced multiple challenges including false positives and a large amount of heterogeneous data.

 

What You Need To Know About Cyber Threats To Drones

Drones are unmanned ariel vehicles that were traditionally used in the defense forces. Although they are still widely used in this field, a number of other sectors are employing drones. In fact, Amazon is looking to use drones for delivery in the near future. With the market steadily growing, drones are becoming accessible and affordable for a larger section of the world’s population. Considering the current scenario of drones, there is a risk of attackers using them for malicious activities or hacking them to gather data without consent. Hackers may employ drones as spying devices to collect data. With an advanced microphone, they can also eavesdrop on conversations. This can affect the privacy of citizens as well as collect data from confidential government locations. Fake signals can be fed that tamper with the Global Positioning System (GPS) of the drones. This can cause massive impacts for military drones. Small computers can be attached to drones to exploit WiFi, Bluetooth, or Radio-frequency identification vulnerabilities in restricted areas. Drones are small and don’t make much noise making them hard to detect. Researchers are working on ways to detect malicious drones. Some of the measures include: Deploying radio-frequency scanners that look for specific transmissions from drones. Acoustic sensors that match the drone sound against a signature database for a match Geofencing that involves setting up a virtual border around a physical location to detect when drones enter the marked area. These methods come with their own set of drawbacks. There are several other methods available to detect malicious drones.

 

New Sextortion Campaign Uses Alternative Cryptocurrencies Instead of Bitcoins

Researchers from Cofense have observed a new version of the sextortion scam campaign that uses alternative cryptocurrencies in order to bypass email protection. Early sextortion scams started with a plain text extortion email. However, scammers began replacing the text with an image in order to prevent key words from being identified by Secure Email Gateways (SEGs). Similarly, initial sextortion emails included bitcoin in plain text string which could be easily copied. Therefore, scammers removed text and images and switched to attaching PDF documents. Later, the scammers began encrypting PDF attachments and included the password in the email body to prevent any further SEG detection rules. Researchers noted that this latest sextortion version is using a Litecoin wallet address instead of bitcoin to evade detection. Scammers have shifted from identifiable patterns to alternative cryptocurrencies in order to avoid Secure Email Gateways (SEG) bitcoin-detection rules. The current sextortion emails also contain very few searchable word patterns. “As this latest twist shows, threat actors can switch to the next crypto currency and attempt to iterate through all the scam’s previous versions. While there are thousands of crypto currencies, only a dozen or so are easily attainable from large exchanges. For the scam to work, the recipient needs an easy way to acquire the requested payment method,” researchers noted. Researchers recommend users ignore any emails that are from anonymous sources. Organizations are also advised to educate their users on how to identify phishing emails and how to know if their email addresses have been already compromised.

 

APT Groups Are Exploiting Vulnerabilities in Enterprise VPN Products, the UK NCSC Warns

The UK’s National Cyber Security Centre (NCSC) has warned that Advanced persistent threat (APT) groups have been exploiting recently disclosed vulnerabilities affecting enterprise VPN products from Fortinet, Palo Alto Networks and Pulse Secure. APT actors are targeting the UK and other international organizations in the healthcare sector, educational sector, government, and military. The vulnerabilities exist in several VPN products that allow an attacker to retrieve arbitrary files containing sensitive data including authentication credentials. Such credentials could allow an attacker to connect to the VPN and change configuration settings. Unauthorized connection to a VPN could also allow an attacker to gain privileges required to run secondary exploits aimed at accessing a root shell. The NCSC recommends users of these VPN products to monitor their logs, network traffic, and services used to connect through the VPNs for any evidence of compromise. In case of any evidence, it is best to factory reset (or wipe) the device and reset authentication credentials associated with the affected VPNs. Users are advised to check all configuration options for unauthorized changes. In order to avoid exploitation, the agency recommends enabling two-factor authentication for VPNs and disabling unwanted functionality and ports on the VPN. The agency also advises the users to update their products to the latest security patches.

 

Edited and compiled by cyber security specialist James Aguilan.