Cyber Insights | September 2024
Mercury IT
Mercury IT is an Australian innovative Information, Communication & Technologies (ICT) providing customer focused IT
SCAM ALERT
In this scam, cybercriminals are using Google search results to try to trick you into calling a phone number that they control. If you search for an organisation on Google, scammers can manipulate the search results to display a fake phone number for the organisation. Don't take a chance of losing your investments on a risky phone call.
If you search on Google and call the fake number from one of these manipulated search results, you will be connected to a scammer. They will attempt to trick you out of your money by saying that your account needs updates or you need to transfer funds. They may ask you for your login information so that they can access your account. Once they gain access to your account, they can quickly transfer your funds to accounts that they control. This is one investment that you don’t want to risk!
Follow these tips to avoid falling victim to a phone number scam:
Exploit: Ransomware
The Washington Times: Newspaper
Risk to Business: MODERATE
The Washington Times, an influential U.S. newspaper, was reportedly compromised by the Rhysida ransomware group, which listed the paper as a victim on its dark web blog. The group claims to be auctioning the Washington Times’ “exclusive” data, including corporate files and employee documents, for 5 bitcoins (approximately $304,518) with a seven-day deadline to start the auction.?Read more?here
Exploit:?Third Party (Misconfiguration)
Toyota: Carmaker
Risk to Business:?MODERATE
Toyota revealed that a misconfigured cloud bucket exposed over 2.15 million customer records to the open internet for over 10 years, from November 2013 to April 2023. The breach affects customers of Toyota’s Connected services in Japan. Additionally, the ZeroSevenGroup cybercrime gang claims to have stolen data “from a U.S. branch”, potentially a Toyota dealer, including employee and customer details, but the provenance of the data they published has not been confirmed. Toyota says that none of its internal systems were breached, pointing to an unnamed third party as the source of the data.?Read more here
What are AI Art and Deepfakes?
AI art is generated using billions of images and examples of art. When you enter a prompt, the AI art generator builds an image for you by combining many of these examples into a single image. Deepfake technology is similar, but it involves manipulating real photographs and videos of people and places. This technology can make it look like a person did or said something that they never did. Both of these technologies can be used in a harmless way, but cybercriminals have learned to use them maliciously.
Deepfake Scams
Scammers can use deepfake technology to impersonate celebrities or other public figures. This type of scam can make it seem like a celebrity has endorsed a product even though they have not. Scammers use this technique to trick people into purchasing a fake product, and they will steal consumers’ personal or financial information. Deepfakes can be used for political figures as well. A deepfake video can make it appear that a government official said or did something that they didn’t say or do. These types of videos can be used to lure people into visiting fake websites or clicking on fake news articles.
AI-Generated Art and Photograph Scams
Cybercriminals commonly use AI in online romance scams. They can generate fake photographs to use in dating profiles to try and steal money or information from their victims. The cybercriminals will also use current events as the subject of their scams. They use AI to create realistic photographs of tragedies and other events. They post the photographs on fake websites to coerce people into donating money to a charity organisation. The organisation is fake, of course, and the cybercriminals will keep any donated money.?
What Can I Do to Stay Safe?
Follow the tips below to keep yourself safe from AI art scams:
Tech Insights: Episode 1
The True Cost of a Cyber Breach with Chris Haigh
Join cybersecurity expert Chris Haigh as he shares real-life ransomware examples like the Robin Hood attack, debunks common myths about cyber insurance, and offers practical, actionable security tips.
If you would like to discuss your cybersecurity needs, book a complimentary consultation here