This month, hackers are serving up ‘phish and ships’ – as dubbed by Human Security’s Satori Threat Intelligence and Research team – which involves bad actors infecting legitimate websites and luring shoppers to purchase fake products that will never arrive. Forbes and other publications have issued an active list of websites to avoid just ahead of Black Friday and Cyber Monday.
In other news, DocuSign has inadvertently become a tool for scammers through its API environment; meanwhile, Delta and Crowdstrike battle in court to the tune of $500 million in reparation costs due to a major outage in July.
With so much fake content pushed over the airways, it’s important to take the time to find the truth. Without further ado, here’s a brief roundup of the stories I’m following this month.
Phish and Ships Becomes a Popular Scam Ahead of Black Friday Cyber Monday
With “tens of millions of dollars” stolen from “hundreds of thousands” of web users, Forbes and other publications have issued a warning to shoppers on popular browsers like Chrome, Safari, and Firefox. Although Google has removed known websites from search results, fraudulent web shops are still active on social media and messaging platforms.
Buyer Beware
By infecting legitimate websites with a malicious payload, hackers have driven traffic to fake web shops with fake product listings at attention-grabbing prices. Using real meta-data, the product listings go undetected by Google and other companies, and once the consumer clicks on the item link, they’re redirected to websites controlled by the threat actor.
Key Takeaway
Online shoppers are warned to exercise caution when browsing Google Chrome, Safari, and Firefox.
Can You Trust That DocuSign Invoice?
Fueled by the familiarity and credibility of DocuSign, hackers have been exploiting unsuspecting businesses with fake invoices generated by legitimate DocuSign accounts. With unauthorized access to DocuSign’s API, hackers can create and send documents that appear to be genuine invoices or payment requests. For these recipients, who are often employees in accounts payable or finance departments, the only form of protection is to check invoice details versus actuals since the branding on the invoice may appear legitimate at first glance.
Key Takeaway
Read your invoices carefully – they may be fake.
Delta Sues for $500 Million, CrowdStrike Counter Sues
Following a massive IT outage that led to 7,000 canceled flights in less than a week, Delta Air Lines has sued for over $500 million in damages – including $380 million in lost revenue and $170 million in costs – claiming a breach of contract and negligence on the part of Crowdstrike.
The cybersecurity provider has filed its own suit against Delta saying “any damages suffered by Delta following the July 19 Incident are the result primarily of Delta’s own negligence.”
Key Takeaway
Delta and Crowdstrike will battle in court following a major IT outage.
.avif)
China Tapped the Tappers
According to U.S. federal authorities, a Chinese-backed hacking group known as "Salt Typhoon" may have accessed sensitive information about ongoing U.S. investigations. By targeting major U.S. telecommunications companies’ wiretapping systems used for government intelligence collection capabilities, the hacking group has collected intel from Verizon, AT&T, and Lumen Technologies. The investigation is ongoing, and all affected parties declined to comment.
Key Takeaway
U.S. investigations compromised as Chinese hacking group infiltrates major telecom companies’ wiretapping systems.
Are Apple Smart Glasses Coming Soon?
Apple releases information on its latest smart glasses initiative.
Codenamed “Atlas”, Apple has begun collecting feedback from internal stakeholders regarding the development of augmented reality (AR) smart glasses. Keeping everything in-house is fairly typical for Apple, which allows the company to test the waters with internal focus groups while officially staying silent on development plans.
Key Takeaway
Apple releases sparse intel about an upcoming AR smart glasses device.
The Internet Archives Makes Comeback from Third Cyber Attack This Year
Following up on the ongoing saga of the Internet Archive attacks, the nonprofit digital library recently announced that its Wayback Machine has been restored and that the service has begun saving pages from October 9th – when the service was taken down – onward.
Key Takeaway
The Internet Archive resumes service after suffering a breach of PII and then a sustained DDOS attack. The cyberattacks appear to be unrelated and completely coincidental.
Time is Running Out For Google 2FA
Google has released guidance to create a second Gmail account and configure two-factor authentication immediately. While this won’t stop breaches from happening, it ensures business continuity through a backup repository of emails.
Key Takeaway
Create a second Gmail account for a reliable backup of business emails.
