Back to news

Understanding New Hacker Attacks

May 22, 2018    |    Company News    |    Lauren Elkins

From Scareware and Ransomware, To Phishing Text Messages And Scam Advertising

Our digital era is rife with incidences of data breaches and cyber hacks. It’s up to you to be vigilant and understand what the newest threats are and how to protect yourself and your business. We echo our CEO, Francis Dinha, in his FORBES POST where he wrote, “In our current climate, all of us must do more to understand the motives of hackers and other bad actors so that we can take the necessary precautions to protect ourselves online. For that reason, we must all work continually to stay educated and savvy about protecting our information.”

Hackers use tried and true methods of attack, such as phishing, malware, and ransomware, but there are some new threats lately that you should understand and better prepare for.

Phishing text messages:

Many of us are now aware of how phishing emails work, and can spot them before we become victims — so hackers have started targeting people through phishing text messages. It’s a pretty simple process: A user receives a text which contains a link. If they click on it, they’re tossed down the hacker’s rabbit hole.

Most smartphones have a ton of personal data stored on them — by following links in phishing texts, hackers can gain access to all of that data.

So what can you do to protect yourself?

  1. Be skeptical if you’re in any way unsure about a text! An example of one of these texts, from AN NBC NEWS STORY, shows that hackers are playing on your emotions: it feels scary, so you want to quickly resolve it. It may say something like, “$500 was just withdrawn from your bank account, did you do it? If not, call this phone number.”
  2. Don’t call any of the numbers, and don’t click on any links. In comparison, a common message sent from a bank to a customer with a notification about an online credit card charge would say this: “$500 was charged at Amazon.com on your Visa card ending in 1234. For questions, call number on back of card.” For questions about your account for either text message, call the number for your bank found on the back of your card. Or use your banking app on your phone.
  3. Don’t respond to these texts in any way. In a lot of cases these texts will ask you to respond with personal information: “To confirm your identity, please respond with the last four digits of your social security number.” Or “To gain access to this fun, free game, enter your Facebook username and password now!”
  4. Report phishing texts to spam@uce.gov and at FTC.gov/complaint – and to the organization impersonated in the text.

Be smart about these texts and protect all of the information on your phone —  from your address, SSN, credit card information, logins and more!

Scareware and ransomware:

Scareware is a form of ransomware, which most of us are aware of. The twist that a scareware attack takes is using a pop-up dialogue box on a website to scare you into calling the spam phone number. Here’s what happens:

  • You visit a website that triggers a pop-up. That dialogue box looks like an error that happened on your own computer. Shoot! Problems with your computer are the worst!
  • The dialogue box prompts you to get help, though. Okay, phew. What should you do?
  • Call the helpful number listed right there!
  • Who answers the call? Hackers, of course, but they’re happy to take your information or collect a payment.

So how can you protect yourself from a scareware attack? Easy: Be aware that computer pop-up messages will never include a phone number to call. Don’t call the scam phone number and instead close the box as well as the website in your browser. Problem solved!

Online advertising:

We are bombarded by targeted ads all of the time – on the websites we visit, through social media, and in emails and text messages. Hackers have jumped into this game as well, using it to lure in more victims. These malicious ads may look like tech support messages, such as “your Adobe flash player is out of date; click here to update.” Recently, an ad security company, CONFIANT, REPORTED UNCOVERING A MASSIVE SOCIAL ENGINEERING CAMPAIGN, which they nicknamed Zirconium. A billion harmful ads were posted online, with the intent of luring users to “scammy sites and trying to social engineer them.” Shutting down these criminals isn’t happening anytime soon, unfortunately. Louis-David Mangin, Confiant’s CEO and co-founder said, “No one has ever gone to jail for ad fraud. It’s an incredibly lucrative avenue that is relatively safe for them to practice.”

So what can you do? Don’t click on website ads. Ever. Never ever ever. Search for it from your browser bar if one of them really catches your fancy, and that way you can be confident that you are accessing a legitimate website.

It’s important for all of us to be aware of new threats and scams so we can protect ourselves from becoming victims. The worst thing we can do is be ignorant and hope that these vicious cyber criminals will just go away. PrivateTunnel’s VPN helps protect against malicious threats by blocking malware and DDoS attacks, and prevents MORE THAN ONE MILLION CYBER THREATS A DAY. By using this product, you can rest easy knowing that your personal information will be kept safe and private.

Better Safe Than Sorry