Android Users Need To Watch Out For Teabot Trojan

If you have smart devices in the Android ecosystem, there's a new threat to be aware of in the form of a malware strain called Teabot.  This bit of malicious code is a Remote Access Trojan or RAT for short. The group behind the code is making a big push to see it spread worldwide.

Researchers from Cleafy can confirm that the malware targets more than 400 different applications and the folk behind the code have begun to pivot away from their initial tactic of "smishing."

Smishing, if you're not familiar with the term, is a tactic used to compromise a mobile device via spam text messages that contain poisoned links.  If a recipient clicks on one of these links, they're taken to a site controlled by the hackers and the malware is installed on the user's computer in the background.

This bit of code emerged near the beginning of 2021. Back then, in its earliest incarnations it was known as Toddler/Anatsa.

In its primitive form, it was distributed exclusively via smishing and only had a list of sixty lures.  Granted they were big well-known lures like VLC Media player and DHL shipping but there were only sixty of them.

By July of last year, the owners of the malicious code had modified it to strike at dozens of banks based all over Europe. In the months that followed, at least 18 banks fell victim to Teabot attacks.

More recently, the malicious code has undergone additional changes. The malware has migrated from Europe spreading to Russia, the US, Hong Kong, and beyond.  In addition to that, it's no longer targeting banks exclusively but cryptocurrency exchanges and digital insurance providers as well.  Even worse is that in at least one case Teabot has managed to infiltrate official Android repositories via dropper apps.

In terms of how big a problem this is, here is how it goes. Once Teabot is installed on a target system it can primarily log keystrokes and take screenshots. Then it can exfiltrate them to the malware's controllers which means that in short order any site you log onto using your phone can quickly be compromised.

Stay vigilant out there.  It's still early in the year and Teabot will certainly not be the last threat we face. Call SpartanTec if you suspect your computer or phone has  been compromised.

SpartanTec, Inc.
800 25th Ave S #4320
North Myrtle Beach, SC 29582
(843) 418-4792
https://www.spartantec.com/

Scammers Cost Americans Billions Of Dollars In 2021

The US Federal Trade Commission reports that Americans lost almost six billion dollars to fraud last year.  The $5.8 billion total represented a catastrophic 70 percent increase compared to the losses reported in 2020.

The FTC maintains a database of millions of consumer records it uses to track such information. Based on the statistics gleaned from that database, US consumers filed 2,789,161 fraud reports during 2021. Roughly a quarter of those indicated a monetary loss.

A spokesman for the FTC had this to say about the data:

"Of the losses reported by consumers, more than $2.3 billion of losses reported last year were due to imposter scams--up from $1.2 billion in 2020, while online shopping accounted for about $392 million in reported losses from consumers--up from $246 million in 2020.

While younger people lost money 41 percent of the time they experienced fraud, older adults lost money only 17 percent of the time...but when older people did lose money, they lost a median amount of $1,500, or three times the median amount younger people lost."

The scope and scale of this problem is simply staggering. Although it's doubtful we'll see another 70 percent increase this year the fact remains that US consumers are more at-risk now than ever before.

Odds are good that you've already had conversations about internet safety and security with your employees.  Most likely those conversations have centered around network security.  That's completely understandable, but it pays to have additional conversations that focus on spotting and avoiding online scams.

One thing you can be sure of is that hackers and scammers will be ever watchful for opportunities to take advantage of the unsuspecting.  Don't let your employees, coworkers, family, or friends be among their victims.  Stay vigilant out there.

Call SpartanTec, Inc. if you need help in minimizing your risks of getting scammed.

SpartanTec, Inc.
Myrtle Beach, SC 29577
(843) 420-9760
https://www.spartantec.com/

Serving: Myrtle Beach, North Myrtle Beach, Columbia, Wilmington, Fayetteville, Florence, Charleston

New Phishing Emails Target Citibank Account Holders

Are you a Citibank customer?  If so, be aware that a group of scammers is specifically targeting Citibank account holders.

The campaign is incredibly convincing, and the emails look just like official communications from the company.  All logos have been copied and are positioned correctly.  The sender address appears genuine at first glance and the body of the email message is free of typos which is a common "tell" among poorly orchestrated phishing campaigns.

The content they receive in the email varies. However, the general summary of the phishing emails is that the recipient's Citibank account has been put on hold due to a suspicious transaction or a login attempt made in a location than the recipient would normally log in from.

The solution according to the email is simple.  Take swift action now to protect your account.  Click the link below to verify your account information and avoid a permanent suspension.

Social engineering is common in phishing campaigns, and this is a tried-and-true technique to build a sense of urgency into the communication.

Unfortunately, if the recipient of this email clicks the link they will be taken to a website controlled by the threat actors. While it may appear to be an official Citibank portal, it isn't. Any user who "verifies their credentials" by entering them in the capture boxes on this site is handing their account information to the scammers who will promptly empty their accounts or max out their credit cards or both.

This campaign is targeted primarily at users in the United States with statistics indicating that 81 percent of the recipients of these emails are residing in the U.S. So if you are a Citibank customer, be aware that the campaign is ongoing. If you get an email that appears to come from Citibank, rather than clicking embedded links, either call the company direct or open a new browser tab and manually type in the URL.  Never trust embedded links!

Call SpartanTec, Inc. if you need help in protecting your organization against phishing and other online threats.

SpartanTec, Inc.
Myrtle Beach, SC 29577
(843) 420-9760
https://www.spartantec.com/

Serving: Myrtle Beach, North Myrtle Beach, Columbia, Wilmington, Fayetteville, Florence, Charleston

Employee Information Was Leaked At Cookware Company Meyer

Meyer Corporation is a California-based company and a giant in the cookware industry. Meyer is the latest victim in a seemingly never-ending parade of hacking attacks. The full extent of the attack has not yet been disclosed because an investigation into the matter is ongoing. However, we do know at this point that the attackers made off with at least one database containing the personal information of thousands of Meyer employees.

The company issued a breach notification and has filed papers with the Attorney General office in both Maine and California.  Notification letters have already been sent to individuals impacted by the breach.

The notification reads in part, as follows:

"Meyer was the victim of a cybersecurity attack by an unauthorized third party that impacted our systems and operations. Upon detecting the attack, Meyer initiated an investigation with the assistance of our cybersecurity experts, including third-party forensic professionals. On or around December 1, 2021, our investigation identified potential unauthorized access to employee information.

The types of personal information that may have been accessed during this incident will depend on the types of information you have provided to your employer, but may include: first and last name; address; date of birth; gender; race/ethnicity; Social Security number; health insurance information; medical condition(s) and diagnoses; random drug screening results; COVID vaccination cards and status; driver's license, passport, or government-issued identification number; Permanent Resident Card and information regarding immigration status; and information regarding your dependents (including Social Security numbers), if applicable that you may have provided to the company in the course of your employment."

The company has not confirmed that the attack was a ransomware attack. However, the Conti gang who makes heavy use of ransomware successfully breached the company's defenses last November (in 2021).  Their leak site contained nearly 250 MB of data which represented about 2 percent of the total data stolen from the company during that attack.

It's not much of a silver lining. At least in this case, unless you work for the company, your personal information does not appear to be at risk.  Even if you are one of the unfortunate people who received a notification letter from Meyer you will be offered two years' worth of free identity protection.  That's small consolation but it's something.

Call SpartanTec, Inc. now if you need help in protecting your company against online threats.

SpartanTec, Inc.
Myrtle Beach, SC 29577
(843) 420-9760
https://www.spartantec.com/

Serving: Myrtle Beach, North Myrtle Beach, Columbia, Wilmington, Fayetteville, Florence, Charleston

4 Ways To Protect Yourself From Keyloggers

Hacking is a becoming an increasing problem. Hackers are finding new ways to steal sensitive data, as well as using old techniques, as more people use smartphones and computers. Keep reading to learn more about how to protect yourself against keylogger.

What is a keylogger?

Keylogger is shorthand for the keystroke logger. It is surveillance software that records each keystroke of a user.  The Soviet Union created and deployed a keylogger for typewriters in 1970s.

A keylogger can be used for legitimate purposes today, including monitoring children's online activities or monitoring the computers of employers and employees. Keyloggers are often used to malicious ends. Keyloggers are used by cybercriminals to steal passwords and personal information.

Phishing attempts are one way keyloggers can be spread. The software infects your computer by clicking on or opening a fake attachment.

There are many ways to protect your company and information from keyloggers. These are four ways to be proactive.

Keylogger Protection and Prevention

1.  Training your employees to spot phishing attacks.

It is important to educate your employees about phishing so they are aware of its basics. Cyber awareness is the first step. SpartanTec, Inc. can train your employees the current security practices.

Hackers are constantly evolving and finding new and innovative ways to steal data. Make sure your employees are aware of the latest attacks so that they can be prepared. Remind your employees to be cautious. Even when systems and caution are in place, sometimes things can still happen.

1. Use a password manager

While keyloggers cannot track what is being typed, relying on the browser's remember password’ feature may not be the best way to protect your information.

For example, hackers can access Google Chrome's password settings to gain access to all your saved passwords. You should instead use an identity management and access control system that encrypts all passwords and allows for single-click login.

1. Implement Multifactor Authentication

Multifactor authentication strengthens and enhances user logins through multiple steps in the login process. MFA requires two of three identifiers: username and password, hardware, phone, or biometrics.

The password can be recorded using a keylogger but the hacker who attempts to gain access to the account must have the same hardware or be you. Hackers who use a keylogger can't bypass this security measure, as there is no keyboard that can be tracked.

1. Use software to help protect yourself against phishing attacks

A Third party vendor, such as SpartanTec, Inc., can help stop attacks by providing built-in software that alerts users and allows them to manage potential attacks. Automated systems that prevent these cyberattacks are the most effective defense, and it doesn't rely on human error.

Stop typing personal information or passwords if you suspect you might have been compromised by a keylogger. You can use your onscreen keyboard, which is available in your computer's settings under accessories - accessibility. After you have removed the keylogger, change your passwords.

Call SpartanTec, Inc. now if you need the help of an IT professional in protecting your network against keyloggers and other cyberthreat.

SpartanTec, Inc.
Myrtle Beach, SC 29577
(843) 420-9760
https://www.spartantec.com/

Serving: Myrtle Beach, North Myrtle Beach, Columbia, Wilmington, Fayetteville, Florence, Charleston

What You Need To Know About Co-Managed IT Services

When it comes to the technology plan or managed IT services that your business needs, a one-size-fits-all or a cookie-cutter approach isn’t what most businesses need. A proven process should be set in place if you want your business to move forward. A reliable firm, like Spartantec, Inc.,  will work with your company’s in-house IT team to address certain concerns during the proprietary business and onboarding process review.

This involves the following:

1. Evaluating your business cybersecurity plan and network infrastructure  against the industry standards
2. Identifying technology risks and determining business impact
3. Concentrating on sequencing top priorities that address business risks
4. Prioritizing IT initiatives that support the goals of your business

All these information will then be used to create recommendations, which will be provided during the consultation. After that, our IT professionals will create a plan, budget, and roadmap from comprehensive onboarding and business process. We will also take into account suggested business intelligence solution, application integration and selection, advisement and strategy, industry compliance and security, remediation plan, cybersecurity action, business continuity solutions, and disaster recovery.

With a co-managed IT service, we will improve your internal IT department. The model used for the co-managed IT services will overlay the tested and proven procedure onto your existing IT structure. Our experts will work with your tech team to create a technology plan that is aligned with your specific business and assist in managing your daily IT operations, where you can make the most out of your investment.

Co-managed IT solutions generally include:

1. Continual standards alignment and dedicated network administration
2. Development of an effective technology strategy
3. Preventative maintenance for the network as well as the end-point environment
4. Managed end-point security
5. Escalation support for your in-house IT-department
6. Cloud computing
7. Backup and disaster recovery
8. Data and IT security

Do you have an internal IT team? Are you confident they are able to handle all of todays security challenges? If you have any doubt, call SpartanTec, Inc. to learn more about how your company will benefit from co-managed IT services.

SpartanTec, Inc.
Myrtle Beach, SC  29577
843-561-9788
https://www.spartantec.com/

Puma Sportswear Recently Impacted By A Data Breach

We have recently learned that Puma Sportswear was impacted by a data breach in the waning days of 2021.

It's important to note that Puma's networks were not attacked directly.  The attack was made against Kronos which is one of the company's North American workforce management service providers.

In a recently filed data breach notification it was disclosed that the still unidentified attackers stole a variety of personal information belonging to Puma employees and their dependents from the Kronos Private Cloud. In addition, they deployed ransomware on the Kronos network.

The investigation into the breach is ongoing but it presently appears that nearly half of Puma's employees were impacted.  Kronos sent a letter to all impacted individuals.  Unfortunately, the letter was terse and contained little in the way of actionable information.

The letter states:

"On January 7, 2022, Kronos confirmed that some of your personal information was among the stolen data. We notified PUMA of this incident on January 10, 2022."

All impacted individuals have been offered two free years of Experian IdentityWorks, which includes credit monitoring, identify theft insurance, and identity restoration.

This is the second hacking incident involving Puma in recent months.  Back in August of 2021 the company's network was breached and source code for an internal application was stolen and put up for sale on the Dark Web.

The company stressed that no customer data was compromised and that the stolen information was connected solely to the company's employees.

This attack underscores the risks and dangers inherent in our increasingly interconnected world.  A data breach on a trusted vendor's network can impact your company in ways you never even imagined. That means no matter how much you spend on your own IT security, you may still be vulnerable if one of the vendors you rely on doesn't take security as seriously as your firm does.

Call SpartanTec, Inc. now if you need help in protecting your company against data breach.

SpartanTec, Inc.
Myrtle Beach, SC 29577
(843) 420-9760
https://www.spartantec.com/

Serving: Myrtle Beach, North Myrtle Beach, Columbia, Wilmington, Fayetteville, Florence, Charleston