Tag Archives: Wisconsin

Davidson County Schools among about 20 districts hit by phishing scams

Phishing scams similar to the one that collected the W-2s and personal information of approximately 3,200 Davidson County Schools employees have hit at least 20 other school systems across the country over the past two years. In at least one case, the scam was traced back to Russia, and authorities say that may be the case here.

Each of the school systems that fell victim to the scams received emails whose sender posed as the district superintendent and requested employees’ W-2 forms or personal information.

Though many of the scams are still under investigation, Central Illinois Proud – a website for two television stations in Illinois – reported Jan. 31 that an email used to trick an employee of the Morton School District there into releasing names and Social Security numbers of employees was traced back to Russia.

Davidson County Sheriff David Grice said the phishing scam that targeted Davidson County Schools remains under investigation, so he couldn’t say definitively that it originated in Russia. However, he said, “there is a strong possibility in our situation that is the case.”

Grice said scams such as these typically seem to be working out of countries like Great Britain and Russia.

Dr. Lory Morrow, Davidson County Schools superintendent, could not be reached for comment regarding updated information on the scam. The school system has created a page on its website to answer victims’ frequently asked questions.

The number of people affected by the phishing scams varied from district to district. The School District of Manatee County, in Florida, inadvertently released the information of 7,700 employees on Feb. 6, according to an article in the Bradenton Herald. In the Barron Area School District, in Wisconsin, five employees’ information was sent to the unknown scammer on Feb. 15, the Barron News-Shield reported.

Barron Area’s numbers are considered an outlier in comparison to the rest of the school districts who sent off information, with the next lowest number of employees affected landing at 400 in the Brunswick School Department, in Maine.

Brunswick was targeted on March 31, 2016; however the employee who sent out the information was wary enough of the email to mark through dates of birth and Social Security numbers of the employees before sending the information. When the scammer responded and requested the forms to be sent again with all of the information, administrators within the system realized the request was not valid, the Bangor Daily News reported.

Three out of the 20 cases affecting school districts were in Texas, including: Argyle Independent School District, which sent employees’ W-2 information on Jan. 20; Corsicana Independent School District, which was hit Feb. 8; and the Belton Independent School District, which released the information for 1,700 of its employees on Jan. 27. The news agencies that reported on these scams were NBCFW5, Corsicana Daily Sun and CENTV, respectively.

YubiKey anti-phishing device saw 'huge spike' in orders this year

The 2016 holiday season truly began when notoriously nosy Santa Claus brought us a rash of hacking attempts against the Gmail accounts of prominent journalists and academics.

Since then, security experts pointed over and over again to maybe the best cybersecurity stocking-stuffer of the year: YubiKey, a tiny authentication key that provides phishing-proof defense in an age where phishing continues to be the biggest attack vector against the powerful and ordinary alike.

Launched in 2004 by the Swedish-American security firm Yubico, the product has exploded over the last year with a “huge spike” in orders, Jerrod Chong, the company’s Vice President of Solutions, told CyberScoop.

“We’ve been traditionally getting individual orders in the hundreds for agencies, divisions, small groups over the past years,” Chong said. “This year we are seeing orders in the tens of thousands. It’s a sizable magnitude.”

YubiKeys are a small keychain-sized device widely lauded (along with competitors) as “the most effective” protection against phishing attacks. Just plug the YubiKey into your computer, touch it, and gain access to your account. The key holds your identity and generates one-time passwords so that no one else can login without that extra authentication.

Devices like YubiKeys are significant steps up from other forms of 2 Factor Authentication (2FA) like text messages and authenticator apps that can be spoofed, phished, and surveilled.

It’s also a device to store encryption keys (how exactly they do that recently generated a bit of controversy) and a handful of other important security functionalities. But it’s the 2FA that got people’s attention first.

As any security expert will shout from the rooftops you should have 2FA of some sort turned on for all your accounts at a bare minimum. YubiKey is the most secure way to do it, followed by an authentication app and then SMS.

In just the past few days, Christopher Soghoian at the American Civil Liberities Union has sung YubiKey’s praises. Zeynep Tufekci from the New York Times told her followers to buy it, use it and gift it. Martin Shelton, a privacy user researcher who works with the Times and OpenNews, endorses YubiKey as well.

2016 has been a perfect storm for Yubico. A growing tide of high-profile data breaches, new legislative mandates, and popular demand is pushing potential customers to pull the trigger on purchases big and small.

On the government side, it’s been a “milestone year.” Numerous civilian federal agencies in the U.S. made large purchases from the company in 2016 — it declined to specify which agencies or how big the purchases were — based largely on the YubiKey’s expanding ability to replace the federal smart card. Governments in Sweden, the United Kingdom, and Germany are big and growing YubiKey customers as well.

Through partnerships with the Electronic Frontier Foundation and the Freedom of the Press Foundation, Yubico is also working to equip highly targeted but often low-tech communities like journalists and LGBT activist groups with security knowledge and tools that might be otherwise out of their reach.

Building the buzz further, there’s been attention-grabbing work with Google and several industry awards. The company also won a $2.27 million grant that Yubico wants to lead to strong authentication for “all citizens of the U.S.,” Chong explained. The pilot program is currently going on with students and residents in Wisconsin and Colorado.

“The goal is that this could be a model for a larger-scale deployment,” he said.

On the regulation front, the company is dedicating resources toward aggressively moving forward. The newest YubiKeys are in the National Institute of Standards and Technology (NIST) validation process for compliance with the Federal Information Processing Standard (FIPS) Publication 140-2. Moves like that are not just immediate big-deal green lights within the kind of enterprise customers that YubiKey thrives on and makes 70 percent of its revenue from — they also make big purchases easier and more streamlined for the future.

(If you’re putting a little cybersecurity in your family and friends’ stockings this December, remember to add some chocolate after that.)

Bitcoin Phishing Increases as Interest in Cryptocurrency Grows

2016/06/22 5:00 AM

As bitcoin and ether prices surged in recent months, interest in cryptocurrency has grown. From investors,  speculators, entrepreneurs, libertarians, and curious newcomers — a large swath of people have decided to join in on the fun. However, not everyone that has involved themselves in the last few months have done so with good intentions in mind.

Also read: NanoPay Announces the Deployment of MintChip Digital Currency

Phishing Attacks Increase Following Bitcoin Price Surge

It seems the recent success of digital currency has attracted the attention of the ill-intentioned and criminally-minded.

Apparently, malicious agents have been attempting to benefit from the increased interest in Bitcoin and Ether through phishing and typosquatting tactics. In essence, people have been setting up fake sites with typographically similar URLs to legitimate bitcoin wallet download websites.  

These phony sites have not only shared typographically similar URLs to legit sites, but they have been made to look visually the same as the pages they are mimicking.

One such example is that of blocklchain[.]info, a site made to mirror Blockchain.info, a popular bitcoin wallet provider. This particular example was discovered by the cloud-based Israeli security-firm, Cyren, after observing the domain spreading through a pay-per-click advertising scam via Google AdWords.

Many attackers have followed this lead by setting up phishing sites of their own that function in the same way, creating domains that both cryptographically and visually mimic a legitimate site, which if visited bring users to replicas of the real-thing that can trick them into divulging their wallet credentials.Bitcoin phishing

Indeed, quite a few deceptive sites have been discovered since the first one was found by Cyren in early June, including blolkchain[.]com, blockchain-wallet[.]top, blokchain-wallet[.]info, and localbitcons[.]com. Nearly all of them were imitating the Blockchain.info site, and all of them were tied to the same IP. 

This same IP, along with similar IPs in range, were investigated by OpenDNS, and it was discovered that they all shared a provider that had three different names over the last year, and has been previously called out for hosting what OpenDNS refers to as “criminal and toxic content.”

The IP space was used to promote child pornography, child modeling, fake merchandise, and a series of phishing sites.

Over 100 different sites have been set-up so far, with most of them being registered on May 26th, 2016. The fact that these sites were registered on or after May 26th seems to suggest that these attacks were at least partially the result of people attempting to benefit from the renewed interest in Bitcoin by exploiting naive or new bitcoinists.

Google has begun tagging these websites as deceptive, warning users of the risks before entering.

What do you think of the recent uptick in phishing attempts? Let us know in the comments below!

Source: Threatpost

Images Courtesy of Threatpost, Shutterstock.

Post Views: 597

Trevor Hill

Trevor Hill

Trevor is a writer at Bitcoinist. He is currently attending his first year at the University of Wisconsin-Fox Valley, with a selected major in Economics. Subscribes to the Austrian school of economics.