Author: comptroller

Fake Recruitment Campaign

This scammer is pretending to be from Michael Page recruitment, but it’s a pathetic attempt

The sender’s email is indochinaholdings at a Vietnamese domain name.

The email starts with hello, as the scammer doesn’t know who she’s sending it to.

We have gotten a very impressive feedback about you based on your previous work experience in your current company”  i.e. she has no clue who I am.

The email continues with general statements about how wonderful I am and how impressed the ‘recruiter’ is and the great remuneration.

I have to click the link to see the job description and remuneration package.

I wont be doing that.

If you have any experiences with these scams do let me know, by email.

Fightback Ninja Signature

The Impact of Cyber Attacks on Business

The impact of cyber-attacks can be bruising for a business with both short and long term effects to consider.

A survey of 428 businesses that have suffered cyber-attacks in the previous months.

 

You can see from the statistics above  that the biggest impact reported by businesses that have suffered from cyber-attacks is the provision of new measures to prevent further attacks. This can be costly but is essential to protect against further attacks.

There are the short term issues:-

  • Bringing in expert technical staff to find out how the attack happened
  • Technical expertise needed to start to build defences against further such attacks
  • Extra staff to deal with recovery, communications with customers, legal ramifications etc.
  • Disruption to staff and service to customers

Then there are the long term effects:-

  • Reputation damage
  • Steps needed to restore reputation and customer confidence
  • Share price

It is better to build strong defences against cyber-attacks than simply trust to luck.

It is prudent to have plans in place for how to deal with such attacks as the FBI now say that it’s not a question of whether any organisation will be attacked, but simply when.

Do Share this post on social media – click on the post title then scroll down to the social media share buttons.

Fightback Ninja Signature

 

L’Occitane Fined

L’Occitane “Almond Beautiful Shape” cream, promised to trim 1.3 inches from users’ thighs in four weeks

L’Occitane was required to pay $450,000 after suggesting its “Almond Beautiful Shape” cream was scientifically proven to trim 1.3 inches from a user’s thighs in four weeks while significantly reducing cellulite.

The company also indicated that scientific tests proved its “Almond Shaping Delight” cream “significantly slims the body in just four weeks.”

The fee was intended for consumer redress. The company was prohibited from “making future false and deceptive weight-loss claims,”.

Very naughty of them.

Fightback Ninja Signature

How Malvertising Affects ………

Malvertising Affects Web Users

Malvertising might perform the following attacks on users viewing the malvertisement without clicking it:

  • A “drive-by download” — installation of malware or adware on the computer of a user viewing the ad. This type of attack is usually made possible due to browser vulnerabilities.
  • Redirect of the browser to a malicious site.
  • Displaying unwanted advertising, malicious content, or pop-ups, beyond the ads legitimately displayed by the ad network.

Malvertising Affects Publishers

The threat to publishers is damaged reputation, loss of traffic and revenues, and legal liability to damages caused to users visiting their sites.

While publishers are aware of the problem, they find it difficult to test for or block malicious ads. Ad networks serve ads from millions of advertisers, and display ads dynamically according to real-time bidding, making it very difficult to test all the ads that are actually shown to users.

Malware in ad calls — when a website displays a page that contains an ad, the ad exchange pushes ads to the user via many third parties. One of these third party servers may be compromised by an attacker, who can add malicious code to the ad payload.

Malware injected post-click — when the user clicks on an ad, they are typically redirected between several URLs, ending with the ad landing page. If an attacker compromises any of the URLs along this delivery path, they can execute malicious code.

Malware in ad creative — malware can be embedded in a text or banner ad. For example, in HTML5 it is possible to deliver an ad as a combination of images and JavaScript, which might contain malicious code. Ad networks that deliver ads in Flash (.swf) format are especially vulnerable.

Malware on a landing page — even on legitimate landing pages served by reputable websites, there may be clickable elements that execute malicious code. This type of malware is particularly dangerous because users click an ad, land on a real, legitimate landing page, but are infected by a malicious on-page element.

If you have any experiences with these scams do let me know, by email.

Fightback Ninja Signature