Skip to main content

Cyber Pulse November 2023

 
https://stratus.campaign-image.in/images/133670000000477004_zc_v1_1698906331535_cyberpulse_oct_2023_intro_banner_01.jpg
https://stratus.campaign-image.in/images/133670000000477004_zc_v1_1688361507886_content_list.jpg
 
https://stratus.campaign-image.in/images/133670000000477004_zc_v1_1688363407285_ceo_s_desk_banner.jpg

Dear Cyber Pulse Subscribers,

 

 

I hope this message finds you well, and I'm delighted to connect with you through our latest edition of Cyber Pulse. The festivities and holiday season excitement that started in November are still on, with Christmas and New Year’s Eve around the corner. As we immerse ourselves in the joyous spirit of festivities, it's crucial to recognize and be aware of the rising tide of festival and holiday season frauds.

 

In the digital age, special celebration months have become a prime target for cybercriminals seeking to exploit the heightened online activity. From fake charity drives to counterfeit holiday deals, the festival season is rife with opportunities for fraudsters to capitalize on the high volume of digital and online activity during the season. In this edition, we shed light on the deceptive tactics employed by cybercriminals during festivals and New Year celebrations, aiming to arm our readers with essential tips to navigate the season securely. We also explore the underlying psychological ploys employed by fraudsters to trick you through your emotions and excitement. From creating a sense of urgency to leveraging emotional triggers, cybercriminals are adept at manipulating human behavior.

 

As we revel in the festive spirit, let us unite in vigilance, safeguarding our celebrations from the digital pitfalls that may act as a spoiler to your holiday plans and celebrations. Here is wishing all our readers a joyous and secure festival and holiday season ahead.

 

Sincerely,

 

Santhosh George

CEO, ReBIT

 

 
https://stratus.campaign-image.in/images/133670000000477004_zc_v1_1687152301122_banners_01.jpg
 

 

 

 

 

Scammers know that the holiday season can be busy with lots of online shopping activities, online booking holiday travel, people trying to donate to charities — all activities that is are ideal situations where they can actively target people with scams. So, while you busy planning your holiday, or shopping for best deals, holiday and festival scams capitalize on the increase volumes in online shopping, travel expenditures, and charity activities by new ways of cyber frauds.

 

 

Common Types of Frauds During Year-Ending Season

 

With the surge in online shopping during festivals, individuals must exercise caution. Ensure that websites are secure, and transactions are made through reputable platforms. Be wary of unsolicited emails or fake promotions that could lead to phishing scams.

 

Fake Travel Deals: People who are eager to take time off for holidays or vacations typically book a lot more travel at this time of year. Scammers take advantage of this tendency by crafting alluring, but fraudulent, vacation packages. Fake emails, SMS messages, and advertisements with alluring money-saving lures have proliferated in numerous locations, posing as frauds that steal money from bank accounts.

 

 

Fake Shopping Deals: We all like to save up on our purchases, ensuring we go with the best deal with high discounts, or redeem our reward points, or make use of gift vouchers. The scammers create fake deals that you can’t say no to, building your trust by impersonating famous brand names.

 

 

Charity Frauds: In the spirit of charity and generosity, we are often making decisions to provide monetary support to NGOs and social work organizations. However, one should approach charity and donations with caution. Scammers often exploit the goodwill of people by posing as charitable organizations. Being vigilant against scams ensures that the joy of giving remains untarnished, contributing to a truly fraud-free Christmas and new year celebration.

 

QR code scams: The growing popularity of QR codes as an easy mode of payment is commonly used by fraudsters to create fake QR codes that look like real payment codes. The malware is silently installed on their devices when the victims scan the codes. Individuals should only scan QR codes from trusted sources and not use QR codes posted publicly or provided through non-trustworthy channels.

 

Fake delivery notifications: Sending a phony delivery notice in the hope that a customer is waiting for a shipment to arrive is a typical trick. Disguised to appear from a well-known shipper like UPS or Amazon. A phony page asking for personal information, such as a credit card number, may appear when you click on a bogus shipping link. Be careful and verify with your shipment details before sharing confidential information.

 

 

 

 

 

 

 

 

https://stratus.campaign-image.in/images/133670000000477004_zc_v1_1698907686993_growing_internet_economy.jpg
 
 
https://stratus.campaign-image.in/images/133670000000477004_zc_v1_1687152331070_banners_03.jpg
 

Governance

 

RBI Deputy Governor M. Rajeshwar Rao emphasizes cyber dangers and banking resiliency at FICCI-IBA

 

 

He highlighted the increasing occurrence of technology-driven scams, including deepfakes, privacy breaches, fraudulent apps, and misleading tactics called "Dark Patterns" that are employed in digital mis-selling. He advised banks to carefully incorporate technology developments by carrying out thorough risk assessments and creating well-thought-out mitigation plans.
Read more

 

 

 

 

 

NPCI asks to deactivate inactive UPI IDs by December 31, 2023 

 

For accounts that have not been used for more than a year, banks and third-party apps have been instructed by the National Payments Corporation of India (NPCI) to discontinue UPI services. This is scheduled to begin on December 31, 2023. The guidance is a preemptive step to raise the security and effectiveness of the UPI ecosystem.

 

Read more

 

 


 

 

Cyber Crimes

 

 

 

Rising cases of 'Courier Scams', a new trick in cyber crime  

 

 

 

This new technique, known as the "courier scam," involves imposters contacting people under false pretenses of being police officers or NCRB agents and accusing them of participating in illegal activities linked to delivering and receiving packages containing drugs or other prohibited substances. Next, the con artists persuade the victims that they will hear from law enforcement, and the whole money-extortion scheme kicks in to resolve the fictitious complaint made against them. This year, hundreds of cases of the courier fraud have been reported to the authorities. The scam targets people in the 35–50 age range.

 

 

Read more

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Cyber-attack compromises sensitive data of Japanese Aerospace Agency

A cyberattack against the Japan Aerospace Exploration Agency (JAXA) during the summer may have compromised sensitive data and technology relevant to space travel. When law enforcement officials informed Japan's space agency that its computers were compromised this autumn, the security breach was found. According to officials, there is a possibility of unauthorized access by exploiting the vulnerability of network equipment.

Read more

 

 


 

 

 

Ransomware

 

A ransomware attack that disrupted trades in the U.S. Treasury market

 

 

 

The Industrial and Commercial Bank of China (ICBC), the largest lender in the world by assets, suffered a ransomware attack earlier this week on its US financial services subsidiary. As the research progressed, cybersecurity specialists determined that LockBit 3.0 was the ransomware employed in the attack. ICBC was allegedly unable to settle 

Read more

 


 

Malware

 

A banking malware creating chaos and targets via virtualization

Security experts have uncovered a novel Android malware called FjordPhantom, which stands out for its stealthy propagation strategies. Early in September, reports of the virus emerged from Southeast Asia targeting banking consumers. It combines social engineering with app-based methods. Technically speaking, the malware mainly propagates via SMS, email, and messaging applications, leading victims to download a software that looks to be the official bank app.

 

Read more

 

 
https://stratus.campaign-image.in/images/133670000000477004_zc_v1_1687152367832_banners_04.jpg
 

The Cyber Strike is a section dedicated to providing you with a summary of the most significant cyber-attacks that occurred over the past month. With the increasing prevalence of technology in our daily lives, cyber-attacks have become a constant threat to business and individuals alike.

 

It is important to stay informed about the latest cyber threats and attacks to protect ourselves and our organisations from potential harm.

 

Let’s dive in and explore the most significant cyber-attacks of the month.

 

 

Cybercriminals Leveraging Telegram Bot for Phishing Scheme 

 

Overview: Telekopye, a malicious Telegram bot, has been used to orchestrate extensive phishing schemes. The operation, attributed to Neanderthals, involves creating phishing websites, emails, SMS messages, and more. 

Impact: Organizations may face increased risks of phishing attacks, financial fraud, and reputational damage as threat actors exploit Telegram bot Telekopye for elaborate scams. 

Recommendations: 

 

  • Enhance Employee Awareness: Conduct regular training sessions to educate employees about phishing threats, emphasizing the importance of verifying communications with suspicious links or messages. 
  • Implement Multi-Factor Authentication (MFA): Enforce MFA across all systems and accounts to add an extra layer of security 
  • Strengthen Endpoint Security: Deploy robust endpoint protection solutions to detect and prevent malware, including advanced features that can identify and block phishing attempts, malicious websites, and suspicious activities

 

 

Rhysida Ransomware Attacks

 

Overview: Emerging in May 2023, described as a ransomware-as-a-service (RaaS) model, Rhysida actors have successfully compromised organizations within education, manufacturing, information technology, and government sectors. Notably, any ransom payments made are divided between the Rhysida group and its affiliates. 

Impact: The Rhysida ransomware poses a significant threat to organizations, leading to potential data breaches, operational disruptions, and financial losses. Exploiting vulnerabilities in external facing services and utilizing phishing tactics, the impact may include compromised sensitive information, x`system downtime, and the potential for substantial financial and reputational damage. 

Recommendation: 

 

  • Implement Secure-by-Design Principles: Align with Cross-Sector Cybersecurity Performance Goals (CPGs) and adopt secure-by-design and -default practices to minimize ransomware impact.
  • Enforce Phishing-Resistant MFA: Require phishing-resistant Multi-Factor Authentication (MFA) for all services, especially webmail, VPN, and critical system accounts.
  • Disable Command-Line and Scripting Activities: Mitigate privilege escalation and lateral movement by disabling command-line and scripting activities and permissions.

 

 


SideCopy Exploiting WinRAR Flaw

Overview: The threat actor known as SideCopy, affiliated with APT36, has been targeting Indian government entities through a multi-platform campaign exploiting security vulnerabilities in WinRAR and Linux systems. They deploy various remote access trojans, including AllaKore RAT, Ares RAT, and DRat, in their attacks, with a focus on Indian defense organizations.

 

Impact: It attacks organizations and could include data breaches, disruption of operations, and potential espionage, especially in the Indian government and defense sectors. These attacks can lead to the compromise of sensitive information, damage to reputation, and financial losses, underscoring the need for robust cybersecurity measures and constant vigilance.

 

Recommendations: 

 

  • Exercise caution when online: Avoid clicking on unverified links from unknown sources and refrain from downloading attachments, particularly archive files, from suspicious or unexpected emails.
  • Deploy endpoint protection: Utilize advanced endpoint security solutions to proactively defend against evolving threats and maintain a strong defense against malware and intrusions.
  • Keep software and systems up-to-date: Regularly update your operating system and software applications to patch known vulnerabilities and enhance security, reducing the risk of exploitation.
  • Secure sensitive information: Add password protection to confidential documents and sensitive data to limit unauthorized access and mitigate the consequences of a breach. Consider encryption for an additional layer of security.

 


 

 

 

 

 

 

 

 
https://stratus.campaign-image.in/images/133670000000477004_zc_v1_1687152379902_banners_06.jpg
 

 

 

 

Psychological Tricks During Year-Ending Cyber Frauds

 

The holiday season is here, with its twinkling lights and festive cheer, is a time of joy and generosity. However, it's also a prime season for cyber criminals to exploit the feeling of goodwill and celebrations. In this article, we'll delve into the psychology behind the tricks and manipulations that fraudsters employ during festivals and the year-end, helping you stay one step ahead and secure your celebrations.

 

  • Urgency: Fraudsters often play on the sense of urgency, creating scenarios that demand immediate action. Whether it's a limited-time offer or a last-minute "opportunity," the rush to act quickly can cloud judgment. Remember, genuine opportunities rarely come with a ticking clock. Take a moment to pause and verify before leaping into action.
  • Emotional Manipulation: The holiday season is a time of heightened emotions, and cybercriminals know just how to exploit this vulnerability. Heartwarming stories, tear-jerking appeals, and emotionally charged requests can lower your guard. Be cautious when emotions are the primary driver of your decisions. Authenticity should always be verified, even when moved by a compelling narrative.
  • The Temptation of Unrealistic Rewards: The promise of extraordinary rewards can be especially enticing. Whether it's a supposed jackpot, a once-in-a-lifetime deal, or a gift too good to be true, fraudsters prey on our desire for something extraordinary. Maintain a healthy dose of cross-checks; if an offer seems overly generous or unrealistic.
  • Fear of Missing Out (FOMO): The fear of missing out is a potent psychological trigger, and cybercriminals leverage it effectively. Whether it's a limited-stock item or an exclusive event, it can lead us to make hasty decisions. Resist the pressure and remember that missing out on a dubious opportunity is always better than falling victim to a scam.
  • Get-Rich-Quick Tactics: Financial motivations often drive cybercriminals, especially during a season where expenses tend to soar. Be cautious of unsolicited investment opportunities, get-rich-quick schemes, or requests for financial assistance. Trust your instincts and thoroughly research before parting with your hard-earned money.
  • Social Engineering Techniques: Fraudsters excel in social engineering, manipulating human behavior to gain access to sensitive information. Be cautious about unsolicited messages, friend requests, or emails, especially those claiming to be from friends or family in distress. Always verify the authenticity of the communication before sharing personal details.

 

This holiday season, as we exchange gifts and spread joy, let's also exchange wisdom and vigilance in the digital realm. By understanding the psychological tricks employed by scammers, we can safeguard our celebrations and ensure that the season's sparkle remains untarnished by the shadows of cybercrime. Stay informed, stay secure, and have a joyous and cyber-safe holiday season! 

 

 

 
https://stratus.campaign-image.in/images/133670000000477004_zc_v1_1687152379902_banners_06.jpg
 
https://stratus.campaign-image.in/images/133670000000477004_zc_v23_1698915420317_chatur_chitra_oct_2023.jp.jpg
 
https://stratus.campaign-image.in/images/133670000000477004_2_1686724460516_zc-noimage.png
 
https://stratus.campaign-image.in/images/133670000000477004_zc_v1_1698917107611_totm_oct_2023.jpg
 
https://stratus.campaign-image.in/images/133670000000477004_4_1686724463125_zc-noimage.png
 

ReBIT is an ambitious, employee-first organisation that believes in empowering our employees to grow alongside the organisation's goals and perform to their full potential. We are fascinated by technology, and we admire our employees. We house exceptional talent that contributes to ReBIT's mission.

 

We’re looking for candidates who have a zeal for technology and innovation. Check out our careers page for opportunities to work with us!

 

 

We'd love to hear from you!

Share your thoughts with us at communications@rebit.org.in or leave us a feedback by clicking on the button below.

 

502, Building No 1, Mindspace Juinagar, Nerul,Navi Mumbai – 400706

Twitter
LinkedIn

You are receiving this email as you signed up for our newsletter.

Want to change how you receive these emails?

You can Unsubscribe here.