Month: March 2019

ThreatList: Phishing Attacks Doubled in 2018

Posted on

Originally seen on March 12th, 2019 by: Lindsey O’Donnell

Scammers used both older, tested-and-true phishing tactics in 2018 – but also newer tricks, such as fresh distribution methods, according to a new report.

Phishing attempts more than doubled in 2018, as bad actors sought to trick victims into handing over their credentials. They used both old tricks – such as scams tied to current events – as well as other stealthy, fresher tactics.

Researchers with Kaspersky Lab said in a Tuesday report that during the course of 2018, they detected phishing redirection attempts 482.5 million times – up from the 246.2 million attempts detected in 2017. In total, 18.32 percent of users were attacked, researchers said.

“We have seen a steady increase in phishing attacks on cryptocurrency-related resources, and expect new scams to appear in 2019,” according to the report, by Maria Vergelis, Tatyana Shcherbakova and Tatyana Sidorina with Kaspersky Lab. “Despite the fall in value and the lean times for the cryptocurrency market as a whole, phishers and spammers will try to squeeze everything they can out of this.”

Bad actors continued to rely on an age-old trick in 2018 for phishing attacks: Using newsworthy events, such as new smartphone launches, sales seasonstax deadlines, and the EU General Data Protection Regulation (GDPR) to hook the victim.

Phishing report Kaspersky Lab

Phishing emails purporting to be about GDPR, for instance, boomed in the first few months of 2018, because during those months there was an upturn in legitimate GDPR mailings warning users of the transition to the new policies, which require stringent processes to store and process personal data of European citizens.

Attackers unsurprisingly took advantage of this with their own GDPR-related emails: “It was generally B2B spam — mostly invitations to paid seminars, webinars, and workshops promising to explain the ins and outs of the new regulation and its ramifications for business,” said researchers.

Other top events, such as the 2018 FIFA World Cup and the launch of the new iPhone sparked phishing attempts, including emails leading to fake FIFA partner websites for the former, and spam messages purporting to sell accessories and replica gadgets for the latter.

Despite the cryptocurrency market’s struggle in 2018, bad actors’ interest in cryptocurrencies appears far from waning. In fact, scammers utilized a number of methods to capitalize on victims’ interests in the cryptocurrency market, such as posing as a cryptocurrency exchange or fake Initial Coin Offering (ICO) bent on convincing victims into transferring money to cryptocurrency wallets.

“In 2018, our Anti-Phishing system prevented 410,786 attempts to redirect users to phishing sites imitating popular cryptocurrency wallets, exchanges and platforms,” researchers said. “Fraudsters are actively creating fake login pages for cryptocurrency services in the hope of getting user credentials.”

Spam and phishing attack report

When it came to ICOs, scammers extended invitations to victims for investing in various ICOs via email and social-media posts.

One such scam targeted a cryptocurrency called buzcoin; the scammers got ahold of the project mailing list and sent fake presale invitations to subscribers before the ICO began – eventually making away with $15,000, according to Kaspersky Lab.

There were also sextortion scams that coerced victims to send cryptocurrency in exchange for keeping quiet about their private online activities, with one campaign in July noted for using victims’ legitimate password in the email as a scare tactic; and another one in December hit victims with ransomware.

Researchers said they don’t expect attackers’ interests in cryptocurrency to die down any time soon: “In 2019, spammers will continue to exploit the cryptocurrency topic,” they said. “We expect to see more fraudulent mailings aimed at both extracting cryptocurrency and gaining access to personal accounts with various cryptocurrency services.”

In 2018, the number of malicious messages in spam was 1.2 times less than in 2017, according to researchers. Of those malicious messages, the most widely distributed malicious objects in email (Exploit.Win32, CVE-2017-11882), exploited a patched Microsoft vulnerability that allowed the attacker to perform arbitrary code-execution.

spam phishing email attack report

Despite this downturn in malicious emails, scammers appear to be looking to other sneaky tactics to avoid detection and still make off with victims’ credentials — in particular using non-typical formats for spam like ISO, IQY, PIF and PUB attachments.

“2018 saw a continuation of the trend for attention to detail in email presentation,” researchers said. “Cybercriminals imitated actual business correspondence using the companies’ real details, including signatures and logos.”

In addition, bad actors appeared to transition to new channels of content distribution beyond email – including social media sites, services like Spotify, or even Google Translate.

“Cybercriminals in 2018 used new methods of communication with their ‘audience,’ including instant messengers and social networks, releasing wave after wave of self-propagating malicious messages,” said researchers. “Hand-in-hand with this, as illustrated by [an] attack on universities, fraudsters are seeking not only new channels, but new targets as well.”


Posted on

Originally seen: March 7th, 2019 by Nicholas Thompson of Wired.

YESTERDAY AFTERNOON, MARK Zuckerberg presented an entirely new philosophy. For 15 years, the stated goal of Facebook has been to make the world more open and connected; the unstated goal was constructing a targeted advertising system built on nearly infinite data. Yesterday, though, Zuckerberg pronounced that the company is reversing course. The social network of the future won’t be one where everyone connects openly together, as in a town square; it will be one where more connections happen one to one, as in a living room. Instead of data permanence, data will disappear.

Facebook isn’t putting the current platform—worth roughly half a trillion dollars—in the garbage disposal. As Zuckerberg made clear in a Wednesday afternoon interview with WIRED, Facebook as we know it now will still exist. But it will change. And there will also just be something new.

It’s unclear the extent to which Facebook will ultimately push users toward privacy, and in what exact ways. But Zuckerberg controls Facebook, and his manifesto will make its gears start to turn in different directions. As that begins, here are nine important questions the company will have to think through.

1. Facebook knows how to make money in the town square. How does it make money in this new living room?

Private, encrypted messaging is hard to monetize. In our interview, Zuckerberg demurred when asked what the new business model will be after clamping down on the data firehose. The company would, he said, build the product first and figure out the financials later. Facebook does have nascent efforts in commerce and cryptocurrency, but there’s no question that figuring out revenue on the new platform will be a hard problem for Dave Wehner, Facebook’s chief financial officer. A former Facebook employee told me last night, “Mark is like a cartoon character who walks through a bunch of dangerous situations and always comes out on top. Dave is the guy running behind him catching the cat, stopping the ladder from tipping, deflecting the flying axe with a manhole cover.”

2. What does this do to safety on the platform?

Facebook rightly faces endless criticism for all the data it collects. But there are benefits to data collection as well. It can help stop bullies, or even potential suicides. Once those communications become private, Facebook no longer has the same powers to track and moderate. The public—from the media, to nonprofits, to academics, to individuals, to the government—also uses the public nature of Facebook to track bad behavior. If Russian intelligence operatives had just used private encrypted messaging to manipulate Americans, would they have been caught? As Facebook knows from running WhatsApp, which is already end-to-end encrypted, policing abuses gets ever harder as messages get more hidden.

In our interview, Zuckerberg explained that this, not fears about the business model, is what keeps him up at night. “There is just a clear trade-off here when you’re building a messaging system between end-to-end encryption, which provides world-class privacy and the strongest security measures on the one hand, but removes some of the signal that you have to detect really terrible things some people try to do, whether it’s child exploitation or terrorism or extorting people.” When asked whether he cared more about these fears than fears about his business model, he said yes. “I am much more worried about those trade-offs around safety.”

3. What does this do to the company’s efforts in artificial intelligence?

Facebook has spent the past several years building artificial intelligence systems to change the way almost every element of the company works. They are, for example, crucial in the work to eliminate toxic content. But AI, particularly the subset known as machine learning, requires training data, and the more the merrier. Facebook, of course, won’t be just wiping all of its machines as it implements Zuckerberg’s vision. But there will almost certainly be times when the company faces a tradeoff between living up to the ideals in the manifesto or storing something that will make the work of the AI teams easier.

4. What does this do the news industry?

One of the most vexed issues for Facebook is its relationship with the news business. The media industry relies on Facebook for distribution, but it deeply resents that Facebook has swallowed much of the advertising business. Facebook executives know that many people come to the platform to read news, but they hate most of the news written about the platform. News Feed will continue under whatever Facebook builds next, but it’s hard not to imagine that distribution for publishers on Facebook will decline, which may elicit even further media scrutiny. On the other hand, if Facebook is actually pivoting to a new business model, maybe advertising will return to media?

5. How does this change the way regulators react to the company?

Facebook is currently besieged by regulators of all stripes. There are German regulators going after the ad business, British parliamentarians publishing internal emails, American politicians talking about antitrust, and members of the Federal Trade Commission who may be about to fine the company billions of dollars. Much of the anger comes from Facebook’s loose attitudes toward privacy in the past; perhaps this new philosophy will help set people’s minds at ease. Or perhaps not. It is certainly the case, though, that one of Zuckerberg’s proposed moves—further integrating WhatsApp, Instagram, and the main app—will make it much harder to split the company apart in the way that scholars of antitrust have been proposing in recent months.

6. Relatedly, will Facebook now advocate for privacy laws?

Facebook has consistently run afoul of regulators focused on privacy. It has resisted, and sometimes quietly lobbied against, their efforts. Now, though, Zuckerberg has planted a flag in favor of privacy. Does that mean that he will turn, like Tim Cook—aka Tim Apple—into a public advocate for strong privacy legislation?

7. How much does this have to do with Facebook’s Blockchain initiative?

For the past year, Facebook has had a secret team working away in a building on some kind of blockchain initiative. They have been exploring payments, identity, and the creation of a new stablecoin. But no one outside of the company knows for sure what they’ll actually launch. Some insiders view the project as a ludicrous lark. Others think of it as crucial in the quest to redefine Facebook. It seems almost certain that the blockchain initiative informed Zuckerberg’s philosophy. And the connection may be even more direct, particularly if the company is indeed planning to launch a crypto payments system that will work across messaging platforms.

8. What does this do to the company’s chances of going into China?

In his manifesto, Zuckerberg talked about the need to keep servers out of authoritarian countries. As he added when talking to WIRED, “if you put a data center in a place, or you store people’s information in a country, then you’re giving that government the ability to use force to get that data.” In a way, this was a free moral stand. Facebook is already banned in China, by far the most important country where this is an issue. But no one knows how the dynamics between the United States and China will evolve in the next five years. By coming out so strongly in favor of encryption, and against authoritarianism, Facebook may be signaling that it’s giving up on its quest to connect the largest country on earth.

9. How much of this will actually happen?

To skeptics, Zuckerberg’s privacy manifesto was a bundle of naked cynicism and hypocrisy. The company, after all, developed a system to make his personal messages disappear long ago, only rolling it out more broadly under public pressure. But whatever the motives, and whatever the odds that one thinks Facebook will follow through, there’s no question that, inside of Facebook a new era of sorts starts today. Tradeoffs will have to be resolved in different ways. New problems will emerge. Different people will move to different teams. The public and the media, trained to distrust what Facebook says, will judge whether the company is living up to promises that the CEO just made very publicly. In our interview, I asked Zuckerberg how hard this is going to be. “You have no idea how hard it is,” he said laughing.

But, more important, he noted that this will be something rather different for Facebook. “This is a big opportunity, but it’s going to mean adopting and taking some positions on some of these big issues that involve some really big trade-offs and are frankly different from what we may have prioritized historically.”