Posted in Commentary with tags Scam on October 14, 2022 by itnerd
If you are in a citizen of Ottawa Ontario, you need to be aware of a parking ticket scam that is making the rounds. And this one is good from a scam research standpoint. Here’s how the scam works:
You receive at text message that addresses you by your full name, telling you that you have an overdue parking infraction and provided a URL to “ottawa-parking.ca” or “nfractionottawa.ca”, both of which have been taken down as I type this.
This is where it gets good. While it was still live, it was an exact replication of Ottawa.ca and even links back to the legitimate website for paying “parking tickets”. That shows that the threat actors spent a lot of time and a lot of effort to pull this scam off. This screenshot was captured from the scam site before it was taken down.
The goal of this scam is to get your credit card details. And the threat actor behind this appears to be someone that based on my research, they have tried similar scams in Toronto and Vancouver. It just seems to be Ottawa’s turn. And the fact that it’s been taken down twice and has reappeared means that the threat actor isn’t done with Ottawa yet. Not to mention that they will move on to other cities.
The good news, Ottawa is getting the word out to warn residents about this scam. Thanks to a reader for sending this over:
My advice is a follows: If you get a text message that claims that you owe some money for a parking infraction, you should ignore it. Full stop.
Posted in Commentary with tags Twitter on October 14, 2022 by itnerd
I am guessing that Elon Musk is not having a good Friday. I say that because it appears that Musk is being investigated by the Security And Exchange Commission, and Twitter wants to know why:
Twitter Inc.’s lawyers asked a Delaware court for access to correspondence between Elon Musk and federal authorities investigating him in connection with his attempt to take the social media company private.
“Elon Musk is presently under investigation by federal authorities for his conduct in connection with the acquisition of Twitter,” attorneys for Potter Anderson Corroon LLP wrote in a filing dated Oct. 6 and unsealed Thursday.
“Through counsel, he has exchanged substantive correspondence with those authorities concerning their investigations,” they said. “Twitter wants those documents, because they bear upon key issues in this litigation.”
Musk has a history of butting heads with the SEC, and he tends not to come out on the winning end of those encounters. Thus this isn’t trivial, and I can see why Twitter is interested in this. If Musk is smart, he’ll co-operate with the SEC fully and not run his mouth on Twitter. But Musk can’t seem to control himself which means that we can likely see something related to musk blow up in the days to come now that this story is out there.
StorCentric, the world’s leading provider of the most comprehensive data management, protection and security solutions, today announced it will showcase its Nexsan EZ-NAS, Beast Elite, E-Series and Unity storage solutions at this week’s NAB Show, New York, October 19-20 at the Javits Center, Booth 835.
Visitors to the StorCentric Booth #835 will see first-hand why Nexsan has earned its reputation for the most highly reliable, cost-effective storage available; and is able to meet the specific use cases, business demands and budgetary requirements of its world-class channel partners and end clients. Demos of the following will be available:
Nexsan EZ-NAS Network-Attached Storage – is ideal for small and medium sized businesses (SMBs) and edge use cases in large enterprises, providing simplified access to your data. The EZ-NAS is also ideal for building an efficient networked file environment. The Nexsan EZ-NAS is now available with 72TB of raw capacity plus one year of support for under $10K.
Nexsan BEAST Elite High-Density Storage – is a practical, cost-optimized storage workhorse engineered to deliver superior reliability, availability, and density with 960TB in a standard 4U rack, enabling you to stay ahead of high volume applications such as backup, archive and digital video surveillance.
Nexsan E-Series F storage platform including the E18F and E32F – takes the same industry proven, reliable storage architecture that supports TLC SSDs and enables the latest QLC NAND technology. The E-Series F is a perfect fit for high capacity, performance-sensitive workloads that fuel business — like real-time analytics, machine learning (ML), artificial intelligence (AI), big data, media content delivery, user authentication and more.
Nexsan Unity – is a true unified solution unity and a powerful solution for mixed workloads. The advanced Unity architecture seamlessly works with Assureon and gives customers the peace of mind that their data is protected for regulatory compliance and from security breaches including ransomware. Unity is now also available in a 2U form factor.
A recent poll from Ipsos shows that 84% of buyers wish the process of shopping for or purchasing a car was easier, illustrating that the role and model of the automotive industry needs to change.
Bringing that change to the industry, Salesforce today announces Automotive Cloud — a new product tailor made for automakers, their customers, enabling real-time personalization and intelligence across the customer and vehicle lifecycle.
Only23% of retailers and 26% of Original Equipment Manufacturers (OEM’s) actually believe their companies have adapted well to selling online, according to Salesforce’s first Trends in Automotive Report published in August. With the Canadian and US governments continuing to champion the push to EV, businesses will need to adapt to survive this period of historic transformation, making technological innovations like Automotive Cloud an imperative.
Also of interest is the full Trends in Automotive Report features key data and insights from 500 global decision makers across the automotive industry, including OEMs, auto finance subsidiaries, and dealers.
It is estimated almost a million Canadians are living with glaucoma. Also known as the ‘silent thief of sight’, glaucoma is an eye disease that damages the optic nerve and can bring irreversible vision loss if left untreated
Canadians now have access to Glaucoma in Perspective –a new digital app designed to help Canadians understand the impact of glaucoma and disease progression.
World Sight Day marks the launch of Glaucoma in Perspective (GiP) in Canada – Canadians now have access to the Glaucoma in Perspective app, designed to help patients understand the impact of their glaucoma and disease progression. The app is available for free download on Google Play and Apple Store.
Posted in Commentary with tags Lawsuit on October 13, 2022 by itnerd
Zoetop, the parent company behind retailers Romwe and Shein, have been ordered by the State of New York to pay $1.9 million over a data breach which affected millions of customers. Zoetop was found guilty of failing to secure customers’ data, not properly notifying customers and trying to keep the extent of the data leak under wraps. This penalty comes after an investigation by the New York Attorney General into a 2018 cyber attack in which credit card and personal information was stolen.
Before I give my thoughts on this, let’s hear from John Stevenson, Product Director at Cyren on this:
“Testament to the scale of the unsolved nature of social engineering attacks, every single of the millions of victims successfully targeted here now face phishing scams abusing their exposed PII in the pursuit of more valuable credentials.
It is likely many customers’ credentials have already been sold to the highest bidder and may now be used to target their place of work. However, because employees are so busy, they cannot feasibly be expected to detect all fraudulent emails every time. Therefore, organisations must implement additional layers of technology and processes to continually hunt for targeted email attacks like spear phishing and business email compromise to automatically eliminate the threats once identified.
A silver lining, however, is that hopefully expensive retributions for such failures to responsibly disclose and appropriately respond to a data breach is a step in the right direction towards creating a culture of compliance.”
My $0.02 worth. I am glad that the State of New York held Zoetop accountable for this and I hope that we see more of this going forward. Because if companies know that if they screw up they will get punished, they will take the steps required to make sure that they don’t get pwned.
Commvault, a global enterprise leader in data management across on-premises, cloud, and SaaS environments, today announced the dates for Commvault Connections 2022, a best-in-class cloud data management experience that will provide customers and partners with insights and best practices they need to Innovate with Confidence. A global event, Connections will feature multiple regional broadcasts starting on November 2nd in the Americas and November 3rd in EMEA and APJ.
An event for data-minded IT decision-makers, Commvault Connections offers a uniquely interactive experience, featuring virtual exhibit booths, a live DemoZone, and a customer panel where attendees will gain real-world cloud transformation advice from companies like American Pacific Mortgage. The event’spacked agenda includes solution tracks centered around the key aspects of business transformation – Fending Off Ransomware, Modernizing Data Management, and Investing Wisely. Plus, new for 2022 is Commvault’s inaugural Customer Innovation Awards and sponsored partner solutions sessions with Microsoft, Oracle, and more to be announced:
Microsoft: Protect Your Critical IT Assets with Azure, featuring Saurabh Sensharma, Sr. Product Manager, Azure Storage, Microsoft and David Ngo, CTO, Metallic, Commvault
Oracle: Protecting Against Ransomware in a Multi-Cloud World, featuring Joe Corvaia, GVP, NACT ISV, MGS and MSP Sales, Oracle and Alan Atkinson, Chief Partner Officer, Commvault
Bill Mew, Chair of Cyber Working group for IARCC and CEO of Crisis Team said, “Connections 2022 is not only coming at exactly the right time, but its focus is spot on. An intelligent, integrated approach to data management and security from proactive cyber deception strategies to effective recovery strategies, as Commvault is doing to help clients reduce the impact of ransomware attacks, is now essential.”
Event attendees will walk away with the tools to transform their business amid today’s IT, security, and resource complexities. To attend Connections 2022, register here.
Solution Tracks:
Commvault Connections will feature three solution tracks with three sessions each:
ModernizingData Management: When your business dreams it, you need to deliver. Take charge by embracing a modern data management strategy that intelligently scales fast, supports new workloads, and enables you to use your data in creative ways.
Fending OffRansomware Attacks: While they may be inevitable, breaches, leaks, and losses don’t have to be disasters. Get on the offense with our proactive and responsive data protection capabilities that keep your data safe and your company out of the headlines.
Investing Wisely: Innovation may be priceless, but budgets aren’t endless. We can help you find the right balance gaining value from your data while managing your costs to protect it on your journey to the cloud.
Posted in Commentary with tags Bell on October 13, 2022 by itnerd
One of the things that came with my recent Bell Install is was the Home Hub 4000 (AKA: HH4000) hardware, which I have effectively bypassed by using first this method and then this method to do it. But since Bell has been rolling out a new piece of hardware as they roll out 8Gbps service in an attempt to make their chief rival Rogers as extinct as a T-Rex. That piece of hardware is called the Gigahub. On the surface it looks like an HH4000, but it’s not. The main difference is that it comes with WiFi 6E rather than WiFi 6. Which if you have hardware that supports WiFi 6E you can get faster WiFi speeds as you will be on a less congested frequency. But under the hood, it runs different firmware which implies that there are other differences that users are not aware of. And perhaps some of those differences are starting to appear in the form of problems that users of this new modem are having.
For example, there is a thread on DSL Reports where people are having issues with PPPoE pass through which is by far the cleanest way to use your own hardware. That is assuming that your router can handle the overhead that PPPoE creates so that you get the speed that you’ve paid Bell for. Reading through the thread, it seems that users are not only having a variety of issues, but some of this appears to have been escalated to Sagecomm who makes the hardware for Bell. Thus if you want to go the route of using your own gear via PPPoE pass through, you may want to be aware that at present, this may not work for you.
The second thing that I have noted is some anecdotal evidence that using the DMZ method may not work nearly was well as it did with the HH4000. I use the word “anecdotal” because I have not directly touched this hardware and tried to troubleshoot this myself. Nor is there anything that I can find online that validates what I am hearing. But a couple of people have reached out to me for help as the documentation that I have created to assist people in setting this up doesn’t seem to work anymore. At least not without some extra tinkering.
Thus I am asking for a favour. If you are in the Greater Toronto Area, and you get this Gigahub from Bell and you wish to set it up to use your own gear, I am willing to assist with that for free (as I normally charge for my services) so that I can better understand what the issues with the Gigahub are so that I can better communicate to the readers of this blog how to set this hardware up so that it can be used with your own hardware. Thus if that’s you, please reach out to me by email and we’ll take it from there.
In the meantime, if you get new service from Bell, or you upgrade to faster service, you should try ask for or keep the HH4000 as that is clearly a stable platform that works. At least until whatever issues with the Gigahub are sorted.
Posted in Commentary with tags Scam on October 13, 2022 by itnerd
A reader sent me a scam email that he received which uses courier company UPS as a lure to suck you in. Here’s the email in question:
So unlike the last UPS scam email that I covered here, the threat actor behind this trying harder to make this more convincing. Though the lack of proper punctuation, missing capital letters in sentences, and only marginal grammar make it clear that this is a scam email. And there’s the fact that the logo in the top left says “ips” and not UPS. Plus the email address indicates that it didn’t come from UPS. The net result is that all of this should make you delete this email the second you get it. But the threat actor has an interesting setup if you click “Check Here” which by the way, you should never, ever do.
You get taken to a website that if you look in the address bar, isn’t UPS. That’s a red flag. The use of the same colorus as UPS is meant to make you more likely to get sucked into this scam. It kind of falls apart with the words at the top “[1] Reward Pending – Shipping Survey – We Want Your Opinion!”. That suggests to me that they’ve used this website in another scam.
For giggles, lets click confirm and see what happens.
Well, it claims that I have to schedule my delivery, and it gives a tracking number that isn’t a UPS tracking number. So I’m going to schedule this mythical delivery.
Apparently I owe some money for customs. The fee that is being quoted is way under what UPS charges for anything customs related, which is another red flag. But I am guessing that the threat actor is expecting you not to know that. Lets continue down the rabbit hole:
Now this is a sign that this threat actor is really trying as they created this whole menu map to have you select your delivery preferences. That’s clever.
So according to this, I’ll get my mythical package in three days. Let’s see what happens when I enter my delivery information.
Okay… This is a bit weird. I’m not trying to claim my offer. I’m trying to get a package delivered. This underscores that this threat actor has likely recycled parts of this website to pull this scam off. I decided to have a bit of fun with them:
I wonder if the threat actor will understand that the phone number is a song from the 20th century? Anyway, let’s move on.
Ah! So now we know what the endgame is. They want you credit card details. That possibly ties into the previous screen as having your name and phone number along with possibly your email address would help the threat actors go to town at your expense. Let’s enter some bogus info and see if they do any validity checking in terms of if the card is valid:
And the answer is yes they do as this webpage rejected my bogus credit card info. I’ll give this threat actor credit as they tried hard in the right places to pull this scam off. Specifically in the area to get your credit card details. That makes this threat actor kind of dangerous.
So what’s my bottom line on this specific scam? Avoid it by deleting the email the moment you get it. Because if you get sucked in, it won’t end well for you.
Posted in Commentary with tags Avanan on October 13, 2022 by itnerd
Researchers at Avanan, a Check Point Company, have discovered hackers using the legitimacy of Google Translate to create credential harvesting pages.
In this attack, Avanan’s researchers illustrate how hackers are spoofing Google Translate, and including a bunch of obfuscation tactics to get into the inbox and to get end-users to enter credentials.
The campaign presents users with a compelling email, targeting Spanish speakers, notifying them that they have pending emails that will remain restricted unless ownership of the account is confirmed within 48 hours. Clicking on the provided link redirects victims to a login page, where credentials are rendered.
There Is A Sophisticated Parking Ticket Phishing #Scam On The Loose In Ottawa
Posted in Commentary with tags Scam on October 14, 2022 by itnerdIf you are in a citizen of Ottawa Ontario, you need to be aware of a parking ticket scam that is making the rounds. And this one is good from a scam research standpoint. Here’s how the scam works:
The goal of this scam is to get your credit card details. And the threat actor behind this appears to be someone that based on my research, they have tried similar scams in Toronto and Vancouver. It just seems to be Ottawa’s turn. And the fact that it’s been taken down twice and has reappeared means that the threat actor isn’t done with Ottawa yet. Not to mention that they will move on to other cities.
The good news, Ottawa is getting the word out to warn residents about this scam. Thanks to a reader for sending this over:
My advice is a follows: If you get a text message that claims that you owe some money for a parking infraction, you should ignore it. Full stop.
1 Comment »