It shows that behind a ransom commodity like GandCrab lies a completely normal, illegal business model. After the Ransomware has earned about two billion USD, the developers retreat. [Read more…] about GandCrab retires – two billion USD is enough!
The annual report 2019 of the Huawei Cyber Security Evaluation Centre Oversight Board (HCSEC) shows that Huawei has ignored basic (partly their own) rules of software development for years and uses partly unmanageable software. Microsoft also reports that Huawei software unnecessarily used techniques otherwise known from malware.
With the so-called ping call, people are lured into high cost traps by being called by fake telephone numbers. There are no ways to answer the call. It usually only rings for a second or less.
Those who are curious and call back quickly pay a lot of money. The federal net agency acted meanwhile!
Call ID Spoofing – Template for Fraud!
Some people are suspicious of callers who call with a suppressed, invisible phone number. Also, many people are more suspicious if the displayed phone number is not known or if the number has a strange area code. This is exactly why many fraudsters try to call with a visible number, but with one that inspires confidence in the victim. Often the 110 or the 112 was used, so that the victim accepts the telephone call and thus can be involved in a conversation.
The aim of Call ID Spoofing is to tell the victim as realistic a story as possible in order to obtain jewellery or cash. The fake phone number helps the perpetrator to assume a different identity, e.g. as chief commissioner, if the call was made with 110.
How you can best protect yourself against this fraud can be found in the article about the Call ID Spoofing-Masche.
Ping call: Short ringer – long ringer.
The target group is the same as for the Call ID spoofing attacks. Older people whose telephone numbers are publicly stored in the telephone book are popular. Through a little research, the perpetrator finds enough information to determine whether the selected target can fall for this scam. However, telephone numbers are also often tried out one after the other.
In contrast to Call ID spoofing, ping calls do not aim to involve the victim in a conversation, but only to make it look like this. The ping call is characterized by the fact that the victim is called with a fake phone number, but the perpetrator hangs up immediately after the first ring. This means that the victim receives a call in absentia. Anyone who is curious and/or careless will quickly fall into the cost trap.
Affected victims often reported the dialling code 00676, which can be traced back to the island state of Tonga. This area code is particularly successful, as the difference between 0676 (area code for mobile phone providers from Austria) and 00676 is very small and some ping calls were classified as national calls and therefore recalled.
Accept, Reject or Call Back.
Basically you should look exactly which number is calling or has called you. Calls with unknown area codes should be ignored in the first step. If you can’t estimate the area code, you can simply look it up on the Internet and find out from which region the call is coming. Some devices display the country/location directly.
If you are making a call while you are away, you should do the same. It is important not to call back immediately without knowing which country the call is going to.
In the long run you can protect yourself by blocking such calls, depending on the area code. How you can implement this security measure depends on your operating system. In addition, both the App Store (Apple) and the Play Store (Google) offer suitable apps to help you protect yourself against ping calls.
Meanwhile, the Federal Network Agency has also acted. Since the beginning of 2019, a free band announcement has been played for calls abroad, warning of the high costs. At the latest when this announcement sounds, but you did not expect it, you should pause again.
Live hacking is a great way to raise employee awareness in the short term and is great for starting an enterprise-wide awareness campaign. [Read more…] about How much does Live-Hacking cost?
This week we could win Matteo from AWARE7 as Cybersecurity experts for our blog (or more or less forced according to him).
Already at the Startup-Nights last Thursday (15.11.) he gave us exciting insights into the Cybersecurity-Startup-Hotspot Gelsenkirchen and shared basic Best Practices with us. Now we could persuade him to write the advantages of Gelsenkirchen (YES, also Schalke has advantages) for you. Et voilà: [Read more…] about AWARE7 at the Startup Night of the Ruhr HUB !