Information Technology Professionals - IT Pros USA


Breach Report – March 2020

This month in cybersecurity news, COVID-19 scams abound, hackers make millions on the Dark Web, and data breach dangers continue.

Security Topics of the Month

Coronavirus Phishing Scams Capitalizing on Fear

As COVID-19 spreads around the globe, hackers are exploiting the atmosphere of panic and fear created by the pandemic to steal peoples’ personal information. More than 4,000 coronavirus-related domains have been registered since the beginning of the year.

Experts consider 3% of these to be outright malicious and 5% are categorized as suspicious – more than double the usual number. Hackers are likely to target organizations with phishing attacks in an attempt to steer employees toward these malicious sites where they can steal critical data.

It’s a reminder that while phishing scam awareness training is an effective defense against cybercrime, security education isn’t a static endeavor. It must always adapt to address today’s shifting threats in order to keep your organization a step ahead of tomorrow’s bad actors.

Hackers Cash in on Stolen Payment Card Records

Payment card skimming malware is a growing threat to both customers and retailers – and a profitable business for the bad guys. According to cybersecurity researchers, hackers recently hauled in $1.6 million from selling 239,000 stolen payment cards on the Dark Web.

The card information was stolen throughout 2019 as thousands of retailers fell victim to malware. In this web-skimming incident, attackers used malicious JavaScript to steal payment data at checkout from stores hosted on the Volusion cloud platform.

Unfortunately, the high yield is likely to incentivize other cybercriminals to pursue payment card skimming, creating a serious liability for companies and customers processing payments online.

Customers routinely demonstrate an unwillingness to shop at online retailers after a data breach. Making cybersecurity at the point of sale a top priority could be the difference between a flourishing online store and a floundering operation. Any business planning to implement online sales needs to have a strong cybersecurity strategy, including regular malware assessments and Dark Web monitoring.

Avoid Data Breaches While Working From Home

Around the globe, more than 40% of all workers are currently working from home, a significant jump even in just the past week. In addition to phishing scams, cybersecurity researchers identified a spike in malicious remote access attempts.

Cybercriminals are taking advantage of the jump in employees teleworking to mask their activity and gain access to company data. The U.S. Department of Homeland Security recommends that organizations remain vigilant about equipping employees to identify phishing scams and that they enable two-factor authentication to protect accounts from unauthorized access.

The Month in Breach

J. Crew Customer Information Compromised

Clothing retailer J. Crew recently revealed that an April 2019 data breach by an unauthorized party impacted customers’ account login credentials, email addresses, and passwords. Partial payment card data and order information was also compromised.

The company has closed the affected accounts, but this incident comes when many consumers are shunning companies that don’t secure their information.

Unprotected Database Reveals the Secrets of Whisper Users

In an ironic twist of fate, Whisper, an anonymous secret-sharing app, failed to keep messages or profiles private.

Developers overlooked basic security protocols when they left a database containing customer information unprotected by even a password, and hackers pounced. As a result, 900 million files dating back to the company’s launch in 2012 were made available online. Although the company was quick to secure the database, its reactive efforts will do little to assuage the doubts and concerns of its privacy-minded customer base.

Users’ names were not stored in the exposed database, but nicknames, ages, ethnicities, genders, hometowns, group memberships, and location data were all available. Some personal information was highly sensitive and could be used to execute spear phishing campaigns or targeted ransomware attacks.

WHO Framed in Phishing Attack

Hospital workers are receiving an email purportedly from Dr. Tedros Adhanom Ghebreyesus, director of the World Health Organization (WHO). The email contains a personalized message using the recipients’ valid username and an innocuous-looking attachment.

Unfortunately, it’s a phishing attack. When the attachment is opened, it installs malware capable of stealing credentials from the computer. According to cybersecurity researchers, the messages specifically prey on the altruism of recipients, by purporting to include information about novel, preventative drugs and COVID-19 cures.

At this time, there are no reports of recipients falling for this scam. However, anyone who does click on the attachment has likely allowed malware to compromise their credentials. In that case, they should immediately take steps to remove the malware, reset account passwords, and notify their employers of the incident.

Past Breach Reports

Breach Report – February 2020

Breach Report – January 2020


Get Started

Share This