Archive for July 10, 2017

Norton By Symantec Research Finds Most Canadians Feel Invincible on Public Wi-Fi

Posted in Commentary with tags on July 10, 2017 by itnerd

For a second year, Norton by Symantec surveyed consumers around the world about their public Wi-Fi behaviors and perceptions – finding consumers continue to willingly put their personal information at risk despite security gaps in public Wi-Fi networks.

Yet, what’s astonishing is the false sense of security consumers feel while using public Wi-Fi – the 2017 Norton Wi-Fi Risk Report found 64 per cent of Canadians feel safe when using public Wi-Fi, yet only 16 per cent of people use a VPN to secure their Wi-Fi connection. And while online, Canadians admit to some questionable behaviors:

  • 12 per cent of Canadians admit to viewing adult content on public Wi-Fi.
    • Of those who admit to using public Wi-Fi to watch adult content, the top five locations where they’ve done so were:
      • Hotel/Airbnb (48 per cent)
      • At a friend’s place (31 per cent)
      • Café/Restaurant (28 per cent)
      • Work (23 per cent)
      • Airport (17 per cent)
    • Eighty-eight per cent of Canadians have taken actions on public Wi-Fi that potentially put their information at risk:
      • Sixty-six per cent of Canadians have logged into a personal email account over public Wi-Fi.
      • Thirty-one per cent of Canadians have checked banking or financial information over public Wi-Fi.

Here’s are some things that you can do to protect yourself:

  • Take Protective Measures: One of the best ways to protect your information online is to use a Virtual Private Network (VPN) from a trusted vendor. VPNs provide a “secure tunnel” that encrypts data being sent and received between your device and the internet.
  • Do HTTPS: Many companies use secure websites — HTTPS (Hypertext Transfer Protocol Secure) — to provide online security. You can tell if a website is secure if it has “https” in its URL and has a small lock symbol next to it. However, even though the website itself might be safe, your personal information could still be vulnerable if your network connection isn’t secure.
  • Sharing Less Is Best: Think twice before entering any type of personal information – from passwords, to financial details and photos – over public networks. Even if you’re not actively sharing the information, your device may be doing so for you. Many devices are programmed to automatically seek connections to other devices on the same network, which could cause your files to be vulnerable. Be sure to disable sharing on your devices to ensure what’s yours stays yours.

For Canadian specific insights, you can read the Norton WiFi Risk Report on Canada [Warning: PDF].

Advertisements

Investigating A Tech Support Scam – Part 2: Who Are People Connect Inc.?

Posted in Commentary with tags on July 10, 2017 by itnerd

After dealing with the events of part one of this investigation , I turned my attention to finding out who People Connect Inc. were. As I mentioned in my previous post, I found that the name and the phone number that they are associated with tech support scams in the past. Thus I was really motivated to find out who these people were and expose them for the scammers that they are. Before going further, I want to point out that I have hyperlinked some info that doesn’t go to this group of scammers, and anything that goes directly to the scammers is not hyperlinked. The latter can be easily found via Google or whatever search engine that you prefer if you’re interested.

The first thing that I looked at was the phone number that the scammers were using which is 1-800-690-3683. Google search indicated that this number has been associated with tech support scams using a variety of company names. That suggests that this scammer has been around for a while and has used or is using a number of business names to scam people and avoid detection. But they don’t seem to change the phone number. The other thing that this Google search did is that it led me to the website of People Connect Inc:

PCI

The company claims to offer these services:

Capture services

Two things got my attention. The first is the fact that they claim to be a Microsoft Partner. I can find no evidence that supports that this is true. The second was the ITES link is the one that got my attention. When I clicked on it, this is what I saw (Click to enlarge):

Capture ITES

It says nothing about phoning people up and providing tech support. Real or otherwise. But it does say enough that a person who is not tech savvy may buy into what they are claiming.

But things got really interesting when I did a whois lookup on peopleconnectusa.com and got this result back (Click to enlarge):

whois

The registrant has an address in Plainview New York, and the location turns out to be a house according to Google Street View which is strange seeing as search on Google Maps comes back with a different address in Uniondale NY with a different phone number that is tied to this domain name. The funny thing about this address is that Google Maps lists them as “computer support and services” with a couple of 5 star reviews which I would say are likely fake. On top of that, there is no suite number listed in this Google Maps entry. If you take that and combine it with the fact that there is a company that operate short term office space rentals in the same building, it leads one to suspect that this address is a front for this scam so that people are more likely to hand over credit card info and the like.

On top of that the technical contact is located in Kolkata India which is a known hotbed for tech support scams coming from India. Here’s where things get interesting. If you look at the e-mail addresses you’ll see that the ones for the registrant and admin contact (who are the same person) have the same first name as the technical contact, who strangely uses a Gmail address. That suggests that the person behind this scam might be the tech contact, or he at least is responsible at least in part in terms of setting it up, and the scam is run out of India.

Another couple of things to point out, at the bottom of their website they have links to a Facebook page where they post their own content to so that they can look legitimate. However, they also have a link to what I suspect should be their Twitter feed, but it simply goes to Twitter.com. Clearly attention to detail is not a strong point with these scammers. They also have a LinkedIn page that doesn’t have a whole lot of content on it. Finally, People Connect Inc are using a website called provencredible.com to try to add to the impression that they are legitimate. Ignoring the fact that only a tiny number of companies use this service, when you go there to see what’s listed there for People Connect Inc. you see this (Click to enlarge):

CredibleCapture

 

I am going to go out on a limb and suggest that the first testimonial is fake, and the second one is real.

Clearly, there’s enough evidence here to support the fact that these people are scammers, and they’ve been running this scam for a while. Thus if you get a call from People Connect Inc., hang up the phone. Or if you get a call from 1-800-690-3683, don’t even pick up the phone.

In the next part of this investigation, I going to focus on what software that these scammers tried to install on my client’s PC so that you can see what an operation like this does to the unsuspecting. What I will do is install this software on a virtual machine and analyze what it does. As soon as I have completed that, I will post the results here so that you can see how dangerous scammers like these are.