Would you take the bait? Take our phishing quiz to find out!

Is the message real or fake? Take our Phishing Derby quiz to find out how much you know about phishing.

Phishing comes in a number of forms and remains one of the most pervasive online scams, as both consumers and businesses face an incessant stream of unsolicited emails, texts and even phone calls where bad actors impersonate a trusted institution and attempt to purloin login data, money and identities. Indeed, per Google’s technology incubator Jigsaw, one in every 100 emails sent today is a phishing attempt.

Even more worryingly, many of these attempts are successful, which along with the ease with which these attacks can be unleashed helps explain the longevity of the technique. It’s no wonder then that the ability to recognize and avoid a phishing attack is such an important skill to master these days.

Which is also where our fun quiz comes in – go ahead and test yourself to see if you would outsmart the fraudsters! The test comes complete with brief explanations about why each message is real or fake.



Below are three more quizzes that you may also want to take. Indeed, why not also consider taking ESET’s cybersecurity awareness training?

Can you spot the phish? Take Google’s test
Would you get hooked by a phishing scam? Test yourself
This test will tell you how likely you are to fall for fraud

Stay safe in 2021!

31 Dec 2020 – 11:30AM

Newsletter Newsletter Discussion

New warning issued over COVID‑19 vaccine fraud, cyberattacks

Cybercriminals look to cash in on the vaccine rollout, including by falsely offering to help people jump the line

The US Department of Treasury has added its voice to a growing chorus of warnings about ransomware attacks, fraud and other cybercrimes that attempt to exploit the rollout of COVID-19 vaccines.

“The Financial Crimes Enforcement Network (FinCEN) is issuing this Notice to alert financial institutions about the potential for fraud, ransomware attacks, or similar types of criminal activity related to COVID-19 vaccines and their distribution,” reads an alert by FinCEN, a bureau of the Treasury Department.

The warning notes that “cybercriminals, including ransomware operators, will continue to exploit the COVID-19 pandemic alongside legitimate efforts to develop, distribute, and administer vaccines”. With that in mind, FinCEN urged banks and other financial institutions to keep an eye out for ransomware targeting vaccine distribution and the supply chains required to manufacture the vaccines.

In recent months, pharmaceutical companies, vaccine researchers and organizations involved in vaccine storage and transport have all been targeted by multiple cyber-espionage groups. This includes a campaign by the Lazarus group leveraging malware that ESET researchers had linked to the group.

Jump to the front of the line? Hardly

FinCEN’s alert also highlights schemes that pitch non-existent vaccines or counterfeit versions of approved vaccines, as well as ploys involving illegally diverting legitimate vaccines onto black markets.

“Already, fraudsters have offered, for a fee, to provide potential victims with the vaccine sooner than permitted under the applicable vaccine distribution plan,” said the agency.

A number of other agencies, notably the Federal Bureau of Investigation (FBI) and the Federal Trade Commission (FTC), as well as Interpol and Europol, have all sounded the alarm over various flavors of vaccine-themed fraud, as well as over offers of counterfeit vaccines that circulate on the dark web.

Some of these activities take the form of phishing attacks that target the general public. Using emails, text messages and phone calls, con artists attempt to trick people into divulging their personal data under the guise of assessing their eligibility for the vaccine, joining fabricated waitlists or getting a jab early.

As of December 16th, the FTC received 275,000 reports of fraud and identity theft related to the pandemic, with the victims reporting losing US$211 million in total. Scams exploiting the general anxiety surrounding COVID-19 have spread as fast as the coronavirus itself; earlier this year, we looked at a broad array of such fraudulent schemes in a series of articles, starting with this one.

Over the months, coronavirus-themed fraud involved everything from touting non-existent face masks, testing kits and miracle cures to extorting the targets, spewing out malware-laden emails, promoting fake donations, dispensing bogus health advice and disbursing bogus financial relief.

Staying safe

How can you stay safe while eagerly waiting your turn for vaccination? For starters, be wary of unsolicited communications offering early access to a vaccine, especially for a fee or in return for your personal data. Consult official sources for up-to-date information about vaccination and check with your known and trusted health care provider for additional guidance.

As ever, staying vigilant is the best way to avoid falling prey to a scam. Always avoid clicking on any links or downloading any attachments in emails or texts that come out of the blue from unknown sources. Use two-factor authentication at least on your most important online accounts, as well as reputable multi-layered security software with anti-phishing protection.

21 arrested after allegedly using stolen logins to commit fraud

UK police also give some food for thought to those on the verge of breaking the law

The long arm of the law has caught up with 21 people who are believed to have bought purloined login credentials on the now-defunct WeLeakInfo.com website and used them to break into other people’s online accounts and commit various cybercrimes.

Some of those arrested are also suspected of having used the criminal marketplace for trading in tools such as Remote Access Trojans (RATs) and crypters. The nationwide sting took place over a five-week period starting in the middle of November, according to the United Kingdom’s National Crime Agency.

“Through the identification of UK customers of WeLeakInfo, we were able to locate and arrest those who we believe have used stolen personal credentials to commit further cyber and fraud offences,” Paul Creffield from the NCA’s National Cyber Crime Unit was quoted as saying.

21 people have been arrested in a nationwide cyber crime crackdown targeting customers of an online criminal marketplace that advertised stolen personal credentials.

Read more ➡️ https://t.co/9OTnQyXHlI pic.twitter.com/k3YxfnrrCo

— National Crime Agency (NCA) (@NCA_UK) December 25, 2020

“Of those 21 arrested – all men aged between 18-38 – nine were detained on suspicion of Computer Misuse Act offences, nine for Fraud offences and three are under investigation for both,” said the agency. Some £41,000 (US$55,000) worth of bitcoin was seized.

In addition, the police visited another 69 people who had bought stolen personal information on WeLeakInfo to warn them against using the data. Many more such personal warnings are due to be dispensed over the coming months, said the agency.

In a way, the operation brings echoes of a global crackdown in 2018 on webstresser.org, the then-largest marketplace for hiring distributed denial-of-service (DDoS) attacks, and the subsequent public warning by law enforcement for buyers of such services.

RELATED READING: Cybercrime deterrence: 6 important steps

WeLeakInfo itself was impounded early this year, with two alleged operators nabbed in Northern Ireland and the Netherlands. In its heyday, the site claimed to allow searching through more than 12 billion records stolen in 10,000 data breaches. The data, which mainly consisted of username and password combinations, could be had dirt-cheap, with subscriptions starting from as little as US$2 – compare that to the damage after somebody pilfers your personal details for identity theft.

“Cyber criminals rely on the fact that people duplicate passwords on multiple sites and data breaches create the opportunity for fraudsters to exploit that,” said the NCA.

Indeed, one thing you can do to slash the risk of falling victim to identity theft is avoid making one of the most common and costly mistakes in people’s password habits – reusing login details across multiple accounts. This rampant practice is then often exploited for credential stuffing attacks, which were behind no fewer than 30 billion login attempts in 2018.

To help avoid falling prey to these and other attacks that may ultimately cost you dearly, read our article about various password-related mistakes. Additionally, here’s how you can check if your login details may have been compromised in a known security breach.

Smart tech gifts: How to keep your kids and family safe

Cyberthreats can take the fun out of connected gadgets – here’s how to make sure your children enjoy the tech without putting themselves or their family at risk

This Holiday season, you may have treated your kids to a smart gadget. But have you also remembered to set up the shiny new device for them and make sure they use it safely? By taking a couple of easy and sensible steps now, you can save yourself a lot of headache further down the road. Here are some simple but important actions you should take and so help ensure your children get the most out of their gadgets and stay safe in the process.

Watch the video to learn:

why you need to understand the device’s features and how they can be used – and abused how software vulnerabilities come into play and how you can patch the security holes how to prevent unauthorized access to the device why the features your children don’t need should be turned off why you should read the privacy policy

Happy holidays!



To learn more about more dangers faced by children online as well as about how technology can help, head over to Safer Kids Online.

7 ways malware can get into your device

You know that malware is bad, but are you also aware of the various common ways in which it can infiltrate your devices?

Malware has been one of the most common threats that netizens face daily. However, although you have heard about the various types of malware you can encounter, chances are you don’t know how these malicious programs are able to infest your devices.

While knowing what types of threats exist is the first step towards protecting yourself and your devices, the next and arguably more important step is to know how threat actors try to sneak these malicious pieces of code into your computers, smartphones, and tablets. To help you combat these threats, we look at some of the most common methods and tactics used to tricking netizens into downloading malware and compromising their data and security.

Phishing and malspam emails

While usually the main objective of phishing emails is to wheedle sensitive information out of you such as your access credentials to various services, your card verification code (last three digits on the backside of your payment card), PIN code, or other personally identifiable information (PII) by masquerading as a trusted institution, they may contain attachments or links that will lead to your device getting infested with malware.

Therefore, it’s always prudent to not just skim over your emails but read them thoroughly. More often than not you’ll notice dead giveaways that you’re dealing with a scam. Telltale signs usually include spelling mistakes, evoking a sense of urgency, requesting personal information, or the email originating from a suspicious domain.

Fraudulent websites

To trick victims into downloading malicious apps, cybercriminals like to spoof websites of famous brands or organizations. The scammers create fraudulent webpages masquerading as the real deal, with the domain name resembling the domain of the organization being spoofed as closely as possible, with some subtle differences here and there, such as adding a letter or symbol or even a whole word. The websites will be malware-laced and will try to dupe the target into clicking on links that will download malware into their devices.

To avoid getting your device infested with malware by visiting one of these websites, always search for the official domain by typing it into a search engine or by typing it manually into the address bar. It bears repeating that a proper security solution will also protect you from most threats and will also block you from accessing known malicious websites.

USB flash drives

External storage devices are a popular form of storing and transferring files; however, they do carry a number of risks. For example, threat actors like to use the “lost” flash-drive social engineering strategy, to dupe unwitting good Samaritans into plugging a compromised thumb drive into their computers. Once an afflicted drive is plugged in and opened your device can get infested with a keylogger or ransomware.

Alternatively, if you aren’t careful about how you handle your flash drive, your computer may get infested by cross-contamination. To mitigate the chances of contaminating your PC you should use a reputable and up-to-date endpoint security solution that will scan an external media plugged into your device and warn you if it contains anything suspicious.

P2P sharing and torrents

While over the years peer-to-peer sharing and torrents have gained a reputation for being a place to illegally download software, games, and media, they have been used by developers as an easy way to disseminate their open-source software or musicians to spread their songs. However, they are also infamous for being abused by black hats who inject the shared files with malicious code. Most recently, ESET researchers uncovered cybercriminals misusing the BitTorrent protocol and Tor network to spread KryptoCibule, a multitasking multicurrency cryptostealer.

To minimize the risk of being compromised, you should use a reputable Virtual Private Network (VPN) to encrypt your traffic and keep it safe from prying eyes. You should also use an up-to-date security solution that can protect you from most threats including viruses or malware that may be a part of the files you’re trying to torrent.

Compromised software

Although it may not happen often, software being directly compromised by threat actors isn’t a rare occurrence. One prominent example of an application’s security being compromised was the case of CCleaner. In these attacks, the black hats inject the malware directly into the application, which is then used to spread the malware when unsuspecting users download the app.

Since CCleaner is a trusted application, it wouldn’t have occurred to a user to overly scrutinize it. However, you should be careful when downloading any type of software even the one you trust. You also can’t go wrong by using a reputable security solution and don’t forget to patch and update your apps regularly, security patches usually deal with any vulnerabilities or loopholes found in the affected apps.

Adware

Some websites are often riddled with various ads that pop up whenever you click on any section of the webpage or can even appear immediately whenever you access certain websites. While the aim of these ads is to generally generate revenue for these sites, sometimes they are laced with various types of malware and by clicking on these ads or adware, you may involuntarily download it onto your device. Some ads even use scare tactics telling users that their device has been compromised and only their solution can clean it up, however, that is almost never the case.

A sizeable amount of the adware can be avoided by using trusted ad-blocking extensions on your browser, which will, as the name suggests, block ads from appearing on the website you’re visiting. Another thing you can do is avoid suspicious websites that use such advertisements altogether.

Fake apps

The last item on this list deals with fake mobile applications. These apps usually masquerade as the real thing and try to dupe users into downloading them into their devices, thereby compromising them. They can take on the guise of anything, posing as fitness-tracking toolscryptocurrency apps, or even COVID-19 tracing apps. However,

Cybersecurity Advent calendar: Stay aware, stay safe!

When it comes to holiday gifts, surprise and wonder are always welcome. When it comes to protecting your security, however, you don’t want to leave anything to chance.

Jingle bells are ringing, kids are getting as excited as ever as they look at the Christmas tree with anticipation, and depending on where you live, a blanket of snow might cover the city streets. The Holidays are here, and while we are getting ready to celebrate (virtually) with our loved ones, it is also a season to reflect on our actions and make resolutions for the upcoming year. Here’s some inspiration for simple actions that will greatly bolster your security and privacy.

Educate yourself about cybersecurity and privacy protection

If you are a frequent reader of this blog, it is not your first rodeo when it comes to cybersecurity. As you certainly know, it is quintessential for you to protect your devices and personally identifiable information (PII) from ever-evolving threats. The first step to protect yourself is to educate yourself regarding privacy and security threats and protection. And who knows, while learning more about cybersecurity, maybe you will find your future career?

Learn how to spot phishing attempts and test yourself with free online quizzes and exercises
Training yourself, your team members and your family about cybersecurity is important. But you must be able to transfer this theoretical knowledge to practice. Once you know how to identify phishing attempts, it would be best to test yourself by doing quizzes using gamification to add fun and challenge and combine learning with pleasure. Would you catch the phish? Why not take the test!

Magical thinking might be comforting, but the truth is, even with the best security awareness training and procedures, there still is a risk that your organization will face a cybersecurity incident at some point whether as the primary target of the attack or as a customer whose personal information was stolen.

As the saying goes, better safe than sorry. Taking time to think logically and deliberately about your assets, before you face any security incident, can help you determine what steps your organization need to take to prevent and react to any incidents. Plan the steps to take if your organization faces an incident, and how you would inform your employees, clients, partners and the authorities, in this case. You should also periodically review everyone’s steps in case of an incident. After all, you probably test your evacuation plan in case of fire; the same can be done with your cybersecurity incident response plan!

Talk to your kids and your all loved ones about social media privacy and online safety

If you are a parent of young kids or teenagers, you may already be wondering how best to have a conversation with them regarding privacy, cybersecurity and their social media usage. It might be a tricky question indeed, but a major aspect of cybersecurity is making everyone in your family aware of the risks associated with networking and social media usage.

First of all, make sure you are aware of the platforms used by your child them and their friends. You need to know the basics of these, so that you can know their characteristics, limitations, safety features and risks. Familiarize yourself with the platforms your kids are using or want to use.

Plenty of resources are available to help you, including our section on social media. For example, this article is a good introduction and present some key elements your children should know about before they use social media.

Use security software

You probably have some security software installed on your devices. But do you know what kind of protection it offers? From antiphishing to antimalware and from antispam to firewall and device theft protection, there are many different ways how a comprehensive security suite can protect you. Use security software that is produced by a reputable company and includes multiple protective layers. Also, make sure the product is patched and up-to-date.

By the way, do you know if all your devices are protected and when your solution is due for renewal? Take a look!

Make sure your team has received a security training

Obviously cybercriminals often target businesses as well. From phishing campaigns to ransomware attacks and data theft and breaches, businesses of all sizes and from all industries have plenty of reason to take cybersecurity seriously.

In cybersecurity, an organization is never stronger than its weakest link. This is why providing cybersecurity awareness training too all team-members is essential. Many resources are available to help you, including many free training guides and tools (for example, ESET’s free cybersecurity awareness training).

Stay informed about threats and vulnerabilities with regular updates from reliable sources

Our most recent reports all confirm that cyberthreats are constantly evolving. From Europe to California and elsewhere, legislation protecting privacy and security too are ever changing. This is enough of a reason to follow security news. Stay informed about the latest vulnerabilities, patches, and steps to protect yourself and your loved ones.

There are several trustworthy sources for cybersecurity information, including from renowned experts such as those at ESET. Regularly visit those sites to stay informed. One easy resolution for you would be to subscribe to our weekly newsletter to get the most important cybersecurity news, directly in your mailbox!

This ends our Cybersecurity Advent calendar series – the previous three articles are available below. We wish you all the best for the Holiday and a great and safe 2021!

Cybersecurity Advent calendar: Let Santa in, keep hackers out!
Cybersecurity Advent calendar: Tips for buying gifts and not receiving coal
Cybersecurity Advent calendar: Stay close to one another… Safely!

Week in security with Tony Anscombe

Supply‑chain attack against a certification authority in Southeast Asia. Holiday online… Safely! Scammers targeting PayPal users. Week in security with Tony Anscombe

ESET researchers have uncovered Operation SignSight, a supply-chain attack on the website of a government in Southeast Asia.
This year, many of us will be celebrating Christmas with our loved ones virtually; however, we should not underestimate the value of securing our online communication. Tips to stay close (virtually), safely. What are some common ploys targeting PayPal users? Here is what you should watch out for when using the popular payment service.
All this – and more – on WeLiveSecurity.com.

Operation SignSight: Supply‑chain attack against a certification authority in Southeast Asia

ESET researchers have uncovered a supply-chain attack on the website of a government in Southeast Asia.

The post Operation SignSight: Supply‑chain attack against a certification authority in Southeast Asia appeared first on WeLiveSecurity

Cybersecurity Advent calendar: Stay close to one another… Safely!

This year, many of us will be celebrating Christmas with our loved ones virtually, however we shouldn’t underestimate the value of securing our online communication.

In the run-up to Christmas, many of us are probably already making plans on how to spend it with loved ones, such as planning various get-togethers with colleagues, friends and significant others before we each head out to our families’ homes. However, in most places traditional Christmas plans have had to be put on hold due to the pandemic raging outside and, in an effort to be responsible, all of us will have to find other ways to celebrate and socialize together.

Although we are fortunate enough to have technology that helps us connect in these trying times, online communication platforms, be it social media, video calls, or online dating applications, still carry risks if not used properly. So, here are some quick tips to stay close and safe online while connecting with other people.

Whether you are in a work meeting or sharing good times with your loved ones, secure your access to Zoom or videoconferencing platforms.

One of the main ways we can stay connected with our friends and family to celebrate Christmas during these trying times while keeping our distance is using the various online video communication platforms such as Zoom. Since the beginning of the pandemic, these platforms have enjoyed a surge in popularity and hence have also become a target of cybercriminals. To remain safe during your online calls be sure to audit your Zoom security settings when setting up your Zoom meeting, or you can refer to our tips for secure videoconferencing in general.

Think twice before sharing any personal info on social media. Or anything really. Think audience, content, impact.

While keeping up with your family and friends from a distance is easier in the digital age, it also carries a certain amount of risk; you have to be mindful of what you’re sharing and with whom. When is the last time you’ve audited your list of friends on Facebook, do you really know all of them? Maybe you want to upload a photo Christmas greeting with your kid, but have you considered all the information a photo can hold? The details in the photo or the metadata could reveal the location where it was taken. Those are all risks you may want to consider before you post.

Your friend created a new social media account? Double-check with them that this is not a doppelgänger.

Cloning social media accounts is a common tactic used by scammers to defraud people. The premise is that the cybercriminal will basically copy their target’s whole profile and start contacting the target’s friend list. The doppelgänger will claim that cybercriminals have compromised their social media account and even gained access to their bank accounts and cleaned them out and will ask for money. So if you see any claims that a friend has a whole new account that is a copy of their regular one, check in with them through another channel to see if it’s not a cloning attack.

Only download apps – whether to play, get in touch with others, or anything in between – from an official app store, and regularly update your apps.

If you’re planning to download any new apps to your device, be they messaging platforms or games to pass the time, the best thing you could do is to download them from your platform’s official app store. While alternative or unofficial stores may offer applications for less or sometimes for free you might be opening yourself to possible avenues of attack since apps on such stores aren’t curated nor do they pass rigorous approval processes. This could lead you to download malicious apps that could do a world of harm.

If you are dating online, beware of romance scams.

While online dating was popular before COVID-19 hit, the pandemic has made it one of the few options for meeting people while social distancing, but it does carry its own set of risks. If you meet someone on a dating platform there are a number of things you should keep an eye out for. If your potential new flame tries to move the conversation out of the confines of the app to another messaging platform, or they are quick to profess their love, or even start asking for money you should immediately start being suspicious lest they break your heart and your bank account . You should also look out for fake photos (which can be checked through reverse image search).

Online gaming scams are prevalent too. If the offer seems wrong or too good to be true, double-check.

Online gaming is a good way to pass the quarantine while remaining in touch with your friends. However, this favorite pastime is also a favored target for fraudsters who use various scams to trick avid gamers. For example, if you’d like to get an in-game item quickly but you don’t have the patience to grind for it, some games offer in-game purchases as a shortcut, but it may cost more than you’re willing to pay. So, scammers often try to trick gamers by offering “amazing deals”, which will leave you both without money and the item you wanted to purchase. Therefore, if you want to buy something stick with the game’s official store.

Look out for cyberbullying, whether it affects you as a victim or a bystander (and it goes without saying, but don’t be a bully).

Although most people associate cyberbullying with kids, adults can be victims too. If you are ever a victim or a witness of such an incident you should never remain silent and speak up. Luckily, online platforms are aware that cyberbullying is a perennial problem and have adopted tools that allow users to report any such behavior. So, the next time that you see anything like that happen, you can use the tools provided by social media and other platforms and report abusers so that they may get punished

Medical scans of millions of patients exposed online

Other leaked data included a range of personal information such as names, addresses and personal healthcare information.

Over 45 million medical imaging files including x-rays and CT scans have been found sitting on internet-facing unprotected servers and accessible for anyone to view. 

The discovery of the leaked data from hospitals and medical centers from around the world was the result of CybelAngel’s research team’s six-month-long investigation into Network Attached Storage (NAS) and Digital Imaging and Communications in Medicine (DICOM). The investigation uncovered millions of unique images stored on more than 2,140 unprotected servers located across 67 countries including the United States, the United Kingdom and Germany, among others.   

However, to make matters worse some images included dozens of lines of metadata per record disclosing Personally Identifiable Information (PII) such as names, birth dates, addresses, and personal healthcare information indicating patient’s height, weight, and even diagnosis. 

The sum of all the data could allow threat actors with malicious intent to create a comprehensive portrait of their potential targets. This could lead to the affected patients becoming victims of identity theft, phishing, extortion, financial and other types of fraud. Alternatively, cybercriminals could also sell the data on dark web marketplaces 

“This is a concerning discovery and proves that more stringent security processes must be put in place to protect how sensitive medical data is shared and stored by healthcare professionals. A balance between security and accessibility is imperative to prevent leaks from becoming a major data breach,” said David Sygula a Senior Cybersecurity Analyst at Cybel Angel. 

Since some of the medical institutions are located in the European Union (EU), they are subject to the EU’s General Data Protection Regulation, which means that the failure to secure patients’ sensitive data could lead to penalties and legal actions. 

Misconfigured and unsecured internet-facing databases can hardly be considered an uncommon occurrence. The investigation may bring echoes of a similar incident we reported on earlier this year which involved sensitive plastic surgery photos being exposed online.