IRS Warns: New Email Phishing Combines W-2 Theft, Wire Fraud

February 5th, 2017   •   Blog   •   Comments Off on IRS Warns: New Email Phishing Combines W-2 Theft, Wire Fraud   

 
The IRS is currently warning of one of the “most dangerous” types of scams, where criminals are successfully tricking businesses and organizations into sending wage data on employees, and then making fraudulent wire transfers.
 
Some companies have already lost thousands of dollars to this scheme this year, the IRS says. The criminals  not only target businesses, but also school districts, not-for-profit organizations, casinos, restaurants and temporary staffing agencies.
 
“This is one of the most dangerous email phishing scams we’ve seen in a long time,” says IRS Commissioner John Koskinen. “It can result in the large-scale theft of sensitive data that criminals can use to commit various crimes, including filing fraudulent tax returns.”
 
Last year, the IRS saw for the first time attempts to trick companies into sending out batches of employees’ W-2 forms, the annual wage and salary reports required to file a tax return. The forms contain names, addresses, Social Security numbers and wage data.
 
To convince unwitting employees to send the information, the criminals modify emails, to make it appear the message comes from someone within the same organization. The emails often target payroll or human resources officers, with the sender purporting to be an executive.
 
On Jan. 25, the IRS warned it was seeing new attempts for W-2-related fraud this year. But then just over a week later, the IRS said it is seeing that scam combined with fraudulent wire transfers.
 
Wire Fraud
If the request for the W-2s is successful, the criminals then send another request for a wire transfer.
 
“Some companies have lost both employees’ W-2s and thousands of dollars due to wire transfers,” the IRS says.
 
The FBI started tracking this activity in October 2013. Since then, the agency estimates criminals have collectively stolen or attempted to steal $3.1 billion globally.
 
The FBI’s Boston bureau warned in December of a dramatic increase in the scams. In Massachusetts, Maine, New Hampshire and Rhode Island, $33 million has been stolen, with an average loss of $90,000.
 
The scam is simple social engineering that takes advantage of weak internal security controls. But the spoofing of email addresses can be difficult to catch. In another variation of the scheme, the criminals will create email addresses using domain names that are one letter different, in hopes no one will catch the mistake.
 
More advanced fraudsters run phishing schemes to get email credentials to actually log into legitimate accounts. They then do extensive reconnaissance, figuring out an organization’s procedures in order to craft an email request for a wire transfer that won’t look suspicious.
 
Verify Wire Transfer Requests
The best defense against the attacks is focuses on security policies and processes.
 
“Employers should consider creating an internal policy, if one is lacking, on the distribution of employee W-2 information and conducting wire transfers,” the IRS advises.
 
The FBI recommends that any email requests to send money be verified with the person who requests it, either on the phone or in person. That same advice could be safely applied to mass requests for W-2s.
 
The IRS says it has put in place measures that can identify fraudulent tax returns, if an organization reports the theft of W-2s. The agency also advises that victims file a report with the FBI’s Internet Crime Complaint Center.
 
Contact the Chatham Group to prevent data theft in your organization.  If your business or organization has been a victim of this scam, contact us, as well.  We can assist your employees, and prevent further data theft.

Why Your Business Email is NOT Secure

January 2nd, 2017   •   Blog   •   Comments Off on Why Your Business Email is NOT Secure   

It’s estimated that nearly 205 billion emails are sent each day. That’s nearly 2.5 million emails each second and 76 trillion per year: that number is expected to exceed 100 trillion emails annually in the coming years.
 
With the number, and sophistication, of hackers increasing, companies, including small and medium-sized businesses, need to take proper precautions to safeguard confidential information, including using a secure email service.  According to Sophos, an IT Security firm, only 44% of 1,700 organizations surveyed extensively use encryption to secure their email messages. The number of high-profile data breaches in recent years illustrates the seriousness of this issue.
 
The fact is, your emails are NOT secure. This applies to Gmail, and your business email. A hacker can intercept any content you or your customers send by email, and have access to that information. If you send confidential business information, health information, financial information, such as credit card numbers, or other personal information, you are at risk.  Your emails must be encrypted to be secure email.
 
Almost 1 in 3 Americans is the victim of identity theft. One of the primary ways identity theft occurs is through the interception of emails. The interception of emails can lead to the compromise of sensitive company or client information that can be used to perpetrate fraudulent activities. The effects of fraud and identity theft can be highly damaging, not only personally and financially, but also for the security and reputation of a business or institution.
 
In addition, your business may not be in compliance with several Federal and state regulations which may apply to you.  Industries to which these laws apply include:  a) the financial services industry; b) the healthcare industry; c) the legal profession:  d) publicly traded companies; e) companies subject to state-specific laws.
 
The Chatham Group provides an easy to use, affordable secure email system for:

  • Small and medium-sized Businesses
  • Attorneys and the Legal Profession
  • Physicians and the Healthcare Industry
  • Non-profit Organizations
  • Financial Institutions and Financial Advisors

 
 Learn more about our secure email system here.
 
Contact us for a no obligation demonstration of our secure email system.

Why HTTPS does not secure your website from hacking and malware

January 2nd, 2017   •   Blog   •   Comments Off on Why HTTPS does not secure your website from hacking and malware   

Hyper Text Transport Protocol Secure (HTTPS) is the secure connection protocol for HTTP, the connection protocol we all use to navigate the web, and to visit websites, it is a vital part of web security.

 

HTTPS is used whenever a secure connection is needed between your web browser and a website.  This includes:

  • Transfer of private, personal information, such as social security number, name, address, etc.
  • Transfer of data in e-commerce transactions
  • Transfer of other sensitive data

 
Why does HTTPS not make my website secure?
 
HTTPS, while an important piece of web security, is a mechanism for securing information in transit. It ensures that the information being transferred between a browser and web server is safe from hackers that may be trying to steal your information as it is in transit.
 
The actual act of securing a website  and web security is a very complex process. HTTPS does not stop attackers from hacking a website, web server or network. It only secures the data from your visitors to the web server and back.
 
Your website’s software itself is probably open and vulnerable to attack
 
Even if your business website was created by a web pro, and is hosted by a reputable hosting company, your website is likely wide open to hacking, viruses and malware.  Web security is an ongoing process, and is usually not addressed by web designers or hosting companies (they will keep their server secure, but not your site).
 
HTTPS will not stop an attacker from:

  1. Exploiting software vulnerabilities in your site
  2. Brute forcing your access controls
  3. Or attacking your website’s availability by Distributed Denial of Services (DDOS) attacks.

 
The Chatham Group’s FireForce™ website security service keeps your business website secure, and reduces your risk of liability on an ongoing basis, 24/7, 365.  Contact us for a no obligation analysis of your web security.

Many Popular Netgear Routers Have Major Security Flaws, Open to Hackers

December 18th, 2016   •   Blog   •   Comments Off on Many Popular Netgear Routers Have Major Security Flaws, Open to Hackers   

 
Many popular Netgear routers have major security flaws, leaving them potentially open to hackers.

The flaw, was first discovered in August but wasn’t widely publicized until a few days ago, includes many routers in Netgear’s popular Nighthawk series.

The company is offering patches for some, but not all models yet.

The list of affected models includes the R7000, R6250, R6400, R6700, R7100LG, R7300, R7900, and R8000.

Netgear has a full list of affected routers on its website.
 
How are You Vulnerable?
 
Attackers, possibly, but not necessarily, posing as Netgear, email you a link containing the URL for your Netgear router’s control panel.  If you unknowingly click on this link, you grant full access to your router’s administrative controls.

This enables an attacker to direct you to other infected websites, which will allow them to: steal your personal identity and banking information; turn on your webcams; and see all data that you send and receive, whether it is encrypted or not.
 
How to Fix It
 
You need to install the security patch yourself, or change routers.

The list of affected routers may grow, as Netgear continues to test models. In fact, a Dutch computer researcher claims  that he has already identified others.

The US Computer Emergency Response Team (US-CERT) issued a warning about the bug last Friday, but Netgear was alerted to the flaw in August, via its security advisory page.
 
Contact the Chatham Group to learn how to secure your business and home networks.

Wi-fi Enabled Devices (Iot), including Routers, are Vulnerable, Used for Internet Attacks Against Businesses

December 11th, 2016   •   Blog   •   Comments Off on Wi-fi Enabled Devices (Iot), including Routers, are Vulnerable, Used for Internet Attacks Against Businesses   

Millions of networked, IoT (Internet of Things) devices – webcams, digital video recorders, CCTV cameras and routers – have been used to launch unpredecented attacks on businesses, and business websites in recent weeks.

“Never before in human history have so many people across the world been utterly dependent upon such a fragile, brittle technology as the Internet,” says Roland Dobbins, a principal engineer at Arbor Networks in Singapore.

Gartner consulting predicts that 6.4 billion internet-connected devices will be online this year. By 2020, 25 percent of cyberattacks within businesses will involve IoT devices, but just 10 percent of IT security budgets will be dedicated to safeguarding them, Gartner forecasts.

One of the most intense attacks recently was directed against the website of cybersecurity journalist Brian Krebs. His site was hit Sept. 20 with 620 gigabits per second of traffic, in one of the largest-ever DDoS (distributed denial of service) attacks ever seen.

The IoT devices used to launch the attack against Krebs and other sites recently, are easy to hijack, because they have very little security, and are rarely monitored by users. Many even have known vulnerabilities that never get patched=, or for which no patches are available.

Contact the Chatham Group for a complete analysis of your data security now.

Criminal Background Checks are an Important Part of Keeping your Business Safe

November 29th, 2016   •   Blog   •   Comments Off on Criminal Background Checks are an Important Part of Keeping your Business Safe   

When it comes to hiring new team members, there’s nothing more critical to ensuring the safety of your employees, volunteers, and your business than conducting thorough background checks. Searching for criminal records under aliases (AKA’s) is an essential part of the screening process.

Common Reasons Applicants Have Aliases

  • Changed name after marriage
  • Married multiple times
  • Uses a hyphenated last name
  • Dropped a hyphenated name
  • Uses a nickname

Applicants may not always think to provide a potential employer or volunteer organization with all of the names they have used in the past. Some applicants may even be intentionally trying to keep you from locating a criminal record that might affect your hiring decision.

Our criminal record specialists are trained to locate any names associated with an applicant’s social security number and sort through the long list of misspellings and nicknames to find true aliases.

Contact the Chatham Group today to learn how our criminal background check services can protect your business and employees.

New IRS Snail Mail Scam

October 19th, 2016   •   Blog   •   Comments Off on New IRS Snail Mail Scam   

Caution:  Scammers know that their IRS phone scams are not as effective because people know that the IRS does not call by phone.   So, a new scam impersonating the IRS is now being perpetrated.
 
IRS Mail Scam – How it Works

You receive an official-looking letter from the IRS saying you owe taxes related to the Affordable Care Act. The notice is labeled CP2000 for tax year 2015. The letter instructs payment be sent to the “IRS” care of an Austin, Texas post office box.

If the IRS issues a notice under CP2000, it’s when income or payment information doesn’t match the information reported on your tax return. A legitimate notice will provide a number for you to call and a way to resolve the issue. Also, payments wouldn’t be to “IRS” but rather to the U.S. Department of the Treasury.
 
What You Should Do:
If you get a notice like this but doubt its integrity, contact the IRS at 1-800-366-4484.

This same scam runs through email. If you get an IRS notice by email, delete it immediately; IRS will not reach out to you by email, nor will they call demanding payment.

Report it to the Federal Trade Commission’s complaint center.

ID Theft Scams Target Parents Trying to Protect their Children

July 17th, 2016   •   Blog   •   Comments Off on ID Theft Scams Target Parents Trying to Protect their Children   

id theft scams

 

The Identity Theft Resource Center and the National Center for Missing and Exploited Children recently issued a warning, telling parents to watch out for scams in the form of child ID kits. These kits have personal identifying information that is meant to help law enforcement if the child is suddenly missing.

These kits may contain:  a detailed description of the child, a color photo, fingerprints, DNA samples, dental records and medical reports. While these kits can be helpful in case of a missing child,  some child ID kits actually put a child at risk, and some are ID theft scams, according to the two agencies.

It’s important to ask questions before paying a company to create a child ID kit  for you, according to the Identity Theft Resource Center and the National Center for Missing and Exploited Children.  Here are some important questions, which could prevent you from falling victim to ID theft scams.

1. What Happens to the Kit?

The centers urge parents to hold onto the kits, and keep them in a safe place.   A company that offers to keep copies of the records should probably be avoided, the centers warn.

2. What Information Are They Asking For?

Information like Social Security numbers and birth certificates are not needed by law enforcement if your child is missing.  The centers advise parents to avoid companies asking for this information as part of a child ID kit.

3. Are their endorsements by law enforcement real?

Parents are urged to contact the law enforcement organizations supposedly making the endorsements to see if they are real.  Also, researching the child ID kit company through the Better Business Bureau web site can prevent you from being a victim of an ID theft scam.

4. Does the company use pressure to sell a Child ID kit?

You can construct your own ID kit for your child, and keep it in a safe place in your home.  Many companies wanting you to buy their kits, and keep your child’s information with them are ID theft scams.

Be especially careful giving out your child’s Social Security number and biometric data

It is simply a good practice to NOT give your own or your child’s social security number out to anyone, especially for child ID kits.  Also, because biometric data, such as DNA samples and fingerprints are becoming parts of common security strategies, the centers urge parents to be cautious when giving your child’s data to anyone.

Children are often victims of identity theft before age 10

Identity thieves are more frequently targeting children since their data is not monitored as closely as adults’.  If your child is receiving credit card offers, or mail that is not appropriate for their age, it is very likely that they are already the victims of identity theft.

Learn more about the most effective Identity Theft Protection for you and your family now.

Ransomware Now Attacks Smart TV’s

June 19th, 2016   •   Blog   •   Comments Off on Ransomware Now Attacks Smart TV’s   

FLocker-payment

Smart TV’s are now vulnerable to a new strain of ransomware, known as FLocker.  The strain also infects Android smartphones and tablets.

FLocker is a trojan that announces that it is the “US Cyber Police,” and accuses the owners of vulnerable devices of crimes they did not commit.  The victim must pay $200 in iTunes gift cards in order to have their device restored.  The gift cards may then be resold to launder the money.

Victims have to be deceived into downloading and executing the ransomware.  It may be attached to a phishing message, or could be disguised as a firmware update.

After installation, the trojan checks to see what country the victim is located in – not activating if it is in Eastern Europe or Russia – giving a clue to its origins.  It requests admin privileges on the device, in order to by pass security software.

Phones and tablets can be wiped and restored from a recent backup. However, with smart TV’s this is probably not possible.  Victims should contact the manufacturer of the TV for assistance.

Contact The Chatham Group for strategies to keep all your devices safe and free from malware and hacking.

 

Massive Heist of Twitter usernames and passwords

June 9th, 2016   •   Blog   •   Comments Off on Massive Heist of Twitter usernames and passwords   

The credentials for nearly 33 million Twitter customers were stolen, and reported on Wednesday. Incredibly, “123456” was by far the most commonly used password, according to security company LeakedSource. More than 120,000 people had used “123456”as their Twitter password.

That was followed by “123456789,” “qwerty,” “password,” and many other passwords that are easily guessed and easily hacked. According to LeakedSource, a hacker stole 32,888,300 Twitter credentials. LeakedSource found the database on an online black market, for sale for 10 bitcoins (about $6,000).

Twitter says it is “confident” its systems weren’t compromised. It’s possible that the hacker used malware installed on the Twitter users’ computers to gain access to the usernames and passwords. Twitter said it is monitoring the list, and working with LeakedSource and working to assist customers who had their credentials stolen.

Several celebrities and well-known business’ Twitter accounts have recently been hacked. This may be related to this theft of credentials.

We recommend using complex passphrases, as well as two-step logins for social media accounts, such as Twitter.

Contact The Chatham Group for computer and network security, identity theft risk management for business, and identity theft protection.