Cybercrime and Phishing Scams Sweeping China

A wave of cybercrime has swept across China this past week, triggering the Chinese government to mount a counter campaign. Whilst the criminals attempt to steal online banking details, the government has sought expert advice on how to combat the issue. One of the key results, is that phishing sites will now appear below those of legitimate banks in search results.

The personal details of over 45 million Chinese people (almost 10% of China’s online population) were stolen during wave of attacks. China’s Ministry of Industry and Information is investigating the crimes, and has said "The department believes the recent leak of user information is a serious infringement of the rights of internet users and threatens internet safety". The phishing scams work by impersonating a legitimate bank (or similar), and sending messages directing people to the fake sites. Once people visit the fake sites, their login details are taken, and then used by the criminals to steal money from the account.

The way in which the Chinese government fought back was to employ SEO (search engine optimisation) tactics; that is to say ensuring what results users get from searching particular terms online. The Chinese government has managed to get the 10 biggest search engines in China on board the anti-phishing campaign. Furthermore, some of the Chinese search engines are going to introduce an icon, confirming the legitimacy of a site. These two techniques combined should reduce the number of people being tricked and scammed.

Phishing scams are common globally, and are relatively easy to avoid if you follow these simple tips:

-        Beware email messages!!

Look out for emails that claim to be from companies asking you to click-through to update your details or rectify a problem with your account. If you’re unsure about the authenticity of an email, don’t open it and contact the company it claims to be from.

-        Keep an eye on your accounts

Be vigilant for any transactions you don’t recognise. Contact your bank or credit card provider to query a transaction if it looks unfamiliar. You should also contact your bank or credit card provider if your statements fail to arrive. They may have been redirected by a fraudster.

-        Avoid attachments!

Genuine banks will never send emails with attachments.

-        View an example

There is a good example of what a phishing email might look like, with annotations of things to look out for on the Lloyds TSB site.

Up to date information, tips and more can be found on online blogs such as http://fightbankfraud.blogspot.com/

No More Mr Nice Guy?

Security analysts believe the US should clarify the repercussions of cyberattacks following sustained hacks from China.  It is also believed that the Chinese attacks are carried out by as few as 12 groups directed, for the most part, by the Chinese government. During the cyberattacks, the Chinese groups have stolen billions of dollars' worth of intellectual property and information from US companies and government agencies, according to online security experts.

Thanks to advances in technologies and increasing knowledge amongst experts, more cybercriminals are being identified by their ‘digital fingerprint’. The distinguishing characteristics of each attack is monitored by US experts enabling them to link individuals to particular groups of hackers, and sometimes where they are, or who they are. These techniques have, according to US security experts, shown an intensifying pattern. This escalating issue has sparked the recent concern amongst industry experts. As James Cartwright, a retired Marine general and former vice chairman of the Joint Chiefs of Staff puts it, "If you want to attack me you can do it all you want, because I can't do anything about it. It's risk free, and you're willing to take almost any risk to come after me."

The problems the US has in confronting the issue are the same as any other country has: firstly it is very hard to prove exactly who carried out the attack, and secondly both countries must have mutual agreements on such a situation. Mr Cartwright went on to say that the US "needs to say, 'if you come after me, I'm going to find you, I'm going to do something about it.' It will be proportional, but I'm going to do something ... and if you're hiding in a third country, I'm going to tell that country you're there, if they don't stop you from doing it, I'm going to come and get you."

The question is, how should the US proceed? Due to the nature of what is being stolen, the response is pretty much unanimous from  US government campaigners: a clear and firm message must be sent to those breaking the law. Online security specialist, Tero Pollanen, agrees Cartwright that "the US needs a clear policy on dealing with cyber attacks, and the countries through which the attacks are routed. This way, when an attck is apparent, the US can request the country to stop the attack. If the request is refused, the US then has the right to stop the computer server from sending the attack. "

The problem is, he goes on, "there is no international police force. Enforcing laws in another territory is always going to be tricky to manage."

This article is by Tero Pollanen; an online security and fraud prevention specialist. For the latest online security and financial news, tips and more, check out his blog: http://tero-pollanen.blogspot.com/

Cybersecurity Monthly Round Up

Novmber has seen both ups and downs in the world of cyberscurity. The video gaming service Steam fell victim to a devastating hack, potentially exposing personal information and credit card details of 35 million users. In a similar attck, Norway’s oil, gas, and defence firms was attacked by hackers. Norway’s National Security Agency confirmed that the details of contract negotiations along with industrial secrets had been stolen. The NSM said it was the biggest attack of its kind Norway had experienced with 10 or more businesses affected.

A report published found the UK consumer protection system to be failing to keep up with the digital revolution, leaving people at risk of scams. The result of this is online shoppers being at risk of email scams and fraud, says the Commons Public Accounts Committee. Online security experts also warned that a growing number of malwares are being disguised as seemingly innocent smartphone apps. The malware can send costly messages on the devices without the owner being aware, warn experts.

Facebook hit the headlines more than once, firstly as researchers from the University of British Columbia managed to steal information from the social netwroking site using social bots. The researchers were able to befriend genuine Facebook users, and then steal personal details. The second piece of news from camp Facebook was more positive; the site announced that it is changing the way it amends users’ privacy settings. Facebook will ask users to opt into any changes in the way it uses their personal information has been welcomed by privacy campaigners.

Continuing with more upbeat news, EU and US cybersecurity experts came together to stress-test their response to an online attack. Following a global rise in cybercrime and hacking attacks, Brussels played host to the European and US online security exercise this month. The event was the first time both had come together to role-play an emergency scenario. The beginning of November saw London play host to the London Conference on Cyberspace. The international conference gatherd representatives from 60 nations to discuss how to tackle the increasing levels of cybercrime. The attendees included foreign secretary William Hague, EU Commissioner Neelie Kroes, a variety of leading cybersecurity experts and technology entrepreneurs such as Wikipedia founder Jimmy Wales, Cisco vice-president Brad Boston and Joanna Shields, a senior executive at Facebook.

Norwegian Industrial Secrets Exposed in Hack

Norway’s oil, gas, and defence firms have been attacked by hackers. Norway’s National Security Agency

(Nasjonal sikkerhetsmyndighet or NSM) confirmed that the details of contract negotiations along with industrial secrets had been stolen. The NSM said it was the biggest attack of its kind Norway had experienced with 10 or more businesses affected.

With an ever increasing number of cybercrimes committed, Norway is the latest victim. Several countries have lost secrets and intellectual property to cyber thieves. "It is critical that businesses have up to date security systems in place, and also clear protocol of what to do if an attack occurs. It is also key to train staff for what to look out for " online security and cybercrime expert Tero Pollanen advised.

The attack gained access to the firms’ networks by customising emails that wouldn’t trigger anti-malware detection systems with viruses attached. According to the NSM, the emails had not only been sent to named targets at the businesses, but also designed to look like they had come from trustworthy sources.

The attack took place at a crucial time for the firms: mid negotiations for large contracts. Details stolen include passwords, user names, contracts, industrial designs, and documents. It is believed that all the information is now overseas.

Due to the similar nature of the targets, the techniques used in the attacks, the virus coding, and the way in which data was lifted, the NSM is confident that one group is responsible for all of the attacks. Furthermore, the NSM believes that there are other victims yet to come forward, and is appealing for them to come forward. In a statement the NSM said "This is the first time Norway has revealed extensive and wide computer espionage attacks". Whilst vigilant users had picked up on the hacking and informed internal IT security staff, the NSM says it’s likely many are unaware of the attack, or that information has been stolen.

Online gaming service in hacking attack

The Steam video game service, owned by Valve, and used by 35 million people, has fallen victim to hackers. Valve became aware of the attack on a user database when investigating a smaller problem. A security breach on one of its discussion forums lead experts to uncover the cyber intrusion.

The attack occurred on 6 November, and Valve took the Steam forums down as soon as it learned of the attack. Hackers had gained access to a database that contained not only personal information, but credit card details too, after using login details from the forum hack. As yet is unclear whether the full 35 million accounts were compromised, or whether it was just a portion of this total.

Valve initially said that the forums had been taken down for maintenance, but it soon became apparent that something more serious. A message was posted to the forum’s front page from Gabe Newell, the Managing Director of Valve, on 10 November explaining that the sites were down due to the attack.

Valve are investigating the incident, and have announced that, so far, none of the compromised credit cards nor the Steam accounts had been misused. Experts also commented that "the intrusion goes beyond the Steam forums". Findings from the initial investigation showed that the attackers gained access to a Steam database that held "user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information".

Whilst Mr Newell said Valve had no evidence that the encrypted credit card information or personal information on gamers had been taken. He added, however, "we are still investigating". The findings, he said, had only confirmed that a few accounts had been compromised and used to carry out the intrusion. As a precaution, forum users will have to change their passwords upon the reopening of the discussion site. "I am truly sorry this happened, and I apologize for the inconvenience," concluded Mr Newell.

Online security expert, Tero Pollanen offered the following advice "Passwords should be kept private, never written down, and changed regularly. It is always good practice to keep an eye on credit card statements, and for those especially worried about this particular incident might consider removing card numbers from Valve's servers, and signing up for the Steam Guard security service instead". In order to make a stand against these kind of attacks, online security expert Tero Pollanen went on "businesses should be investing in preventative measures. The cost of hacking and fraudulant scams is astronomical, both to businesses and the economy as a whole. Businesses should be investing in improving password-handling code and data encryption."

Consumer Protection Plan "Flawed"

A new report claims that consumers are left at risk, say MPs. According to the report, the UK consumer protection system has failed to keep up with the digital revolution, leaving people at risk of scams. The result of this is online shoppers being at risk of email scams and fraud, says the Commons Public Accounts Committee.

So who are the fraudsters? The rogue traders are typically based in areas with minimal policing, from where they are able to scam people nationwide. The amount consumers lose to these scams is estimated at £6.6bn anually. Of this, approximately £4.8bn is the result of mass market scams such as counterfeiting and unscrupulous traders.

Cybercrime and fraud prevention specialist Tero Pollanen had the following to say "Cybercrime is an ever increasing issue, and is costing businesses billions. Unlike ‘traditional’ crimes, cybercrime is not localised, it is an international problem that can be carried out from almost anywhere. One of the biggest issues is understanding where an online crime is committed, and how to bring varying international rules inline with oneanother".

The report by the Commons Public Accounts Committee echoes Tero Pollanen, and also the conclusions of the National Audit Office in describing the consumer protection system as "fragmented". Whilst the government is spending on consumer law enforcement, the report found repeated inconsistancies. Staffing, for example, ranged from two to 80, and there was not a uniform level of help and assistance for consumers across the country. This results in "enforcement deserts where local authorities do not spend enough money to provide an acceptable level of protection to consumers," the report said.

Fraudsters wanting to abuse this set up in one of these "enforcement deserts", and with today’s technology allowed them to find their victims nationwide. The report found that the current protection system had "failed to keep pace with online traders".

"When the enforcement system was first established, trading was more localised and consumers tended to lose money through singular instances of malpractice, for example, by being overcharged or sold a short measure," the report said. "Now, the increase in the number of companies who operate nationally and the trend towards online shopping have caused problems which are more likely to affect consumers on a regional or national level." As cybercrime and fraud prevention specialist Tero Pollanen stated previously, there are no clear arrangements for who should take on the task of large, expensive cross-border cases.

"The department must ensure that these changes do not allow new sophisticated scams to emerge and persist without challenge," said Margaret Hodge, who chairs the committee. "Doorstep selling of substandard or non-existent services is a massive issue for consumers, particularly those who are vulnerable. The department has too little information on what the cost of protecting consumers is or how successful current interventions are."

Tero Pollanen