Impress Computers

Amazon and Audible flooded with 'forex trading' and warez listings. Amazon, Amazon Music, and Audible, an Amazon-owned online audiobook and podcast service, have been flooded with bogus listings that push dubious "forex trading" sites, Telegram channels, and suspicious links claiming to offer pirated software. Amazon listings promote illicit sites. Yesterday, BleepingComputer reported how threat actors were abusing Spotify playlists and podcasts to promote pirated software and game cheats. The playlist names, podcast descriptions, and bogus "episodes" in these listings urged listeners to visit external links to dubious websites. We have now come across several listings on Amazon's websites including amazon.com, amazon.co.uk, amazon.com.au, and Amazon Music that promote dubious "forex trading" schemes and link to "warez" sites. Spammers are additionally abusing Audible podcasts as another vector to promote their illicit operations. No digital platform that's open to all is immune from being spammed. What makes cases involving Spotify or Amazon peculiarly interesting is, one would instinctively expect the overhead associated with podcast and digital music distribution to deter spammers who'd otherwise rely on low hanging fruits, such as writing spammy social media posts or uploading YouTube videos with tainted descriptions. https://lnkd.in/g7tagFXf

“Sad announcement” email implies your friend has died. Tech support scammers are again stooping low with their email campaigns. This particular one hints that one of your contacts may have met an untimely end. It all starts with an email titled “Sad announcement” followed by a full name of someone you know. The email may appear to come from the person themselves. A co-worker who received such an email pointed it out to our team. Looking around, I found the first report about such an email in a tweet dating back to February 5, 2024. With some more information about what I was looking for, I managed to find several more. https://lnkd.in/epFbTBtp

?? Why You Should Update to Windows 11 ?? In today's digital world, staying up-to-date with your operating system is more important than ever! If you're still running Windows 10, it might be time to consider making the leap to Windows 11. Here's why: ?? Better Security: Windows 11 includes features like TPM 2.0 and secure boot for stronger protection against threats. ? Improved Performance: Enjoy faster startup times, smoother multitasking, and better power efficiency, optimized for modern hardware. ?? Productivity Boost: New tools like Snap Layouts and Virtual Desktops make it easier to stay organized and productive. ?? Future Compatibility: Windows 11 is built for the latest apps and updates, ensuring you stay ahead. ?? Free Upgrade: If you're on Windows 10, the upgrade is free and easy—just check your PC’s system requirements! Remember, software and OS updates aren’t just about getting new features—they’re also about maintaining security, performance, and compatibility. Don’t wait for issues to arise—stay ahead of the curve! ???? www.ImpressComputers.com 281-647-9977 ?? Have you upgraded to Windows 11? Drop a comment below! ?? #Windows11 #TechTips #Security #PerformanceBoost #UpgradeNow

The Evasive Nature of an Emerging Two-step Phishing Threat. In a campaign targeting hundreds of organizations worldwide, cyber criminals are exploiting Microsoft Visio files (.vsdx) and SharePoint to execute two-step phishing attacks. With malicious URLs embedded in the .vsdx format files, as to bypass traditional security measures, this cyber criminal campaign is reaching end-users. Ultimately, victimization can lead to Microsoft 365 account credential theft, account takeovers, Man-in-the-Middle attacks, and more. https://lnkd.in/gEtKzqxP

Now BlueSky hit with crypto scams as it crosses 20 million users. As many more users are flocking to BlueSky from social media platforms like X/Twitter, so are threat actors. BleepingComputer has spotted cryptocurrency scams popping up on BlueSky just as the decentralized microblogging service surpassed 20 million users this week. It didn't take long. Over the past few years, X/Twitter has become the hotbed of scammers from those targeting banking customers to ones impersonating high-profile accounts to push posts promoting fake crypto giveaways, websites that utilize wallet drainers, and Discord channels promoting pump-and-dumps. As BlueSky nears a 21 million strong userbase, BleepingComputer has observed threat actors are starting to get their foot in too, and push their agenda. A BlueSky post from last week featured an AI-generated image of Mark Zuckerberg and promoted crypto assets like "MetaChain" and "MetaCoin." As evident from the messaging and graphics, the post misleads viewers into associating the advertised products with tech giant Meta and its concept "Metaverse". https://lnkd.in/d68_3YNp

If your employees use their personal, unprotected devices to access company information, that information is now exposed to any malicious software that could unknowingly be installed on their device. It’s important to have strict policies around what is and isn’t allowed concerning personal devices. If you’re not sure what that should include, send us a message or set up a discovery call with a member of our team who can give you the information you need to allow work-from-home employees to work efficiently AND keep your company secure. #cybersecurity #hackers #antivirus #Impress #Texas

Ford data breach involved a third-party supplier. Ford investigates a data breach linked to a third-party supplier and pointed out that its systems and customer data were not compromised. Ford investigation investigated a data breach after a threat actors claimed the theft of customer information on the BreachForums cybercrime. On November 17, threat actors IntelBroker and EnergyWeaponUser published a post on BreachForums announcing they have stolen 44,000 Ford customer records. In November 2024, Ford Motor Company, an American multinational automobile company, suffered a data breach. It exposed 44k records of Customer Names, Physical Locations, Bought Product. Compromised user data: Customer Names, Physical Locations, Bought Product” Compromised data include names, physical addresses, and purchase info. Ford provided the following statement to the media [1,2], it confirmed that threat actors did not hack its systems. “Ford’s investigation has determined that there was no breach of Ford’s systems or customer data. The matter involved a third-party supplier and a small batch of publicly available dealers’ business addresses. It is our understanding that the matter has now been resolved.”a Ford spokesperson told media. https://lnkd.in/gQgBhjdp

Spotify abused to promote pirated software and game cheats. Spotify playlists and podcasts are being abused to push pirated software, game cheat codes, spam links, and "warez" sites. By injecting targeted keywords and links in playlist names and podcast descriptions, threat actors may benefit from boosting SEO for their dubious online properties, since Spotify's web player results appear in search engines like Google. Spotify playlists pushing warez. When abusing platforms, spammers and scammers leave no stone unturned to promote their agenda. Most recently, a Spotify playlist with the title "Sony Vegas Pro 13 Crack..." appeared to drive traffic to one or more "free" software sites listed in the playlist title and description. Cybersecurity ethusiast Karol Paciorek who spotted the playlist said, "cybercriminals exploit Spotify for malware distribution. Why? Spotify has a strong reputation and its pages are easily indexed by search engines, making it an effective platform to promote malicious links." https://lnkd.in/gDJS5GzG

NodeStealer Malware Targets Facebook Ad Accounts, Harvesting Credit Card Data. Threat hunters are warning about an updated version of the Python-based NodeStealer that's now equipped to extract more information from victims' Facebook Ads Manager accounts and harvest credit card data stored in web browsers. "They collect budget details of Facebook Ads Manager accounts of their victims, which might be a gateway for Facebook malvertisement," Netskope Threat Labs researcher Jan Michael Alcantara said in a report shared with The Hacker News. "New techniques used by NodeStealer include using Windows Restart Manager to unlock browser database files, adding junk code, and using a batch script to dynamically generate and execute the Python script." NodeStealer, first publicly documented by Meta in May 2023, started off as JavaScript malware before evolving into a Python stealer capable of gathering data related to Facebook accounts in order to facilitate their takeover. It's assessed to be developed by Vietnamese threat actors, who have a history of leveraging various malware families that are centered around hijacking Facebook advertising and business accounts to fuel other malicious activities. https://lnkd.in/gK83PUX5

QuickBooks popup scam still being delivered via Google ads. Accounting software QuickBooks, by Intuit, is a popular target for India-based scammers, only rivaled for top spot by the classic Microsoft tech support scams. We’ve seen two main lures, both via Google ads: the first one is simply a website promoting online support for QuickBooks and shows a phone number, while the latter requires victims to download and install a program that will generate a popup, also showing a phone number. In both instances, that number is fraudulent. The fake QuickBooks popup was previously described in detail by eSentire and reveals how scammers are able to hijack the software functionality by generating bogus alert messages. We ran into an active malvertising campaign recently, indicating that this scheme is still very much alive and well. In this blog post, we review how QuickBooks users that downloaded the program from a malicious ad will be plagued with a popup generated at certain intervals, instilling fear that their data may be corrupt so that they call for assistance. https://lnkd.in/g9Bqj8d2