Welcome to the latest edition of the Cyber Safe Cyber Threats Updates, a weekly series in which we bring attention to the latest cyber attacks, scams, frauds, and malware including Ransomware, to ensure you stay safe online.

Here are the most prominent threats which you should be aware of:

Bank Fraud Victims Need to be Even More Vigilant

The UK’s Payment Systems Regulator (PSR) has proposed changes to protections against bank transfer fraud, raising concerns that these alterations could weaken existing safeguards. Authorised push payment (APP) fraud, where individuals are deceived into transferring money to criminals, has significant financial and emotional impacts. In 2022, bank customers lost £485.2 million to APP fraud, though many cases go unreported.

Consumer advocacy group Which? has been advocating for fairer and consistent redress for APP fraud victims since 2016. They highlighted gaps in protection, leading to the introduction of mandatory reimbursement for victims. However, recent PSR proposals have raised concerns.

The new rules are scheduled to be implemented in 2024, with a delay of at least six months from the initially announced date. The proposed changes include a delay in the implementation, a claims excess, and a maximum reimbursement level, all of which could dilute existing protections.

Under the voluntary scheme, banks and customers are expected to meet specific standards of care. However, the PSR’s new proposals may shift more responsibility onto consumers, potentially requiring them to pay a claims excess of £100 or £250 for reimbursement. This could pose challenges, especially for lower-income individuals and could deter reporting of fraud cases below the excess level.

Additionally, the PSR has backtracked on its earlier stance of having no claims limit and now plans to introduce a cap on reimbursement for APP fraud claims. However, consumer advocates argue that the proposed cap should align with higher protections akin to those provided by the Financial Services Compensation Scheme (FSCS) and the Financial Ombudsman Service (FOS).

Which? has expressed concerns that the PSR’s proposals may weaken current protections and reduce reimbursement levels for APP fraud victims. The PSR is expected to finalise its position on these proposals later in the year.

Source: https://www.which.co.uk/news/article/bank-transfer-fraud-protections-risk-being-weakened-by-regulator-aMYSd9m99GJN


Bogus Advent Calendars are being sold online in the latest Christmas scam

Shoppers need to be vigilant as a series of scam advertisements have surfaced on Facebook, enticing potential buyers with fake Jo Malone advent calendars at an astonishingly low price of £30, significantly below the genuine retail price of £350 for the official limited edition Jo Malone advent calendar. The scam ads employ misleading tactics, featuring promotional videos that replicate the authentic Jo Malone adverts circulating on the platform.

In these deceptive ads, buyers can spot red flags such as poor spelling and grammar and random profile names unrelated to the Jo Malone brand, all of which signal their fraudulent nature. Taking action against this fraudulent activity, the scam advertisements have been reported to Facebook and subsequently removed.

What’s particularly concerning is that some misleading ads direct individuals to malicious websites designed for phishing personal details. These scam websites employ various strategies, including countdown timers, notifications showcasing purchases in ‘real-time,’ and falsely indicating a limited number of advent calendars in stock. These tactics aim to pressure victims into making quick decisions without verifying the credibility of the information presented.

The URLs of the seven identified scam websites are vruleil.com, wcostisticmi.com, dpreventiblemi.com, lcusby.com, xmyzeoustl.com, oteachencebp.com, and scinerianmi.com. These websites are designed to deceive visitors with lengthy and seemingly genuine product descriptions, leading them to a payment page where scammers request personal information such as name, address, email address, phone number, and financial details.

The findings have been communicated to Jo Malone, who has emphasised that the brand does not authorise such offers. They have urged consumers to purchase only from authorised retailers online or in-store or directly from Jo Malone London’s official outlets. Lists of authorised retailers can be found on their official website, jomalone.co.uk.

To avoid falling victim to shopping scams, consumers should exercise caution if an offer seems too good. This especially applies to high-end or sought-after items sold at considerably lower prices. Essential precautions include carefully scrutinising websites for signs of fraudulent activity, such as poor language usage, lack of terms and conditions, and absence of contact details. Additionally, verifying the website’s creation date through domain checker tools like who.is can raise suspicions regarding its legitimacy.

If individuals come across a scam ad on Facebook, reporting it using the platform’s reporting feature is crucial. Furthermore, suspicious scam websites like those identified in this instance should be reported to the National Cyber Security Centre.

If someone has fallen victim to this scam or a similar one, immediate action is necessary. Contacting the bank to report the incident is vital, ensuring that scammers are not provided with any additional personal information or financial details, even if they claim to be issuing a ‘refund.’ Reporting the scam to Action Fraud or contacting the police on 101 (if in Scotland) is essential to thwart further fraudulent activities and protect others from falling victim to similar scams. Stay informed, stay cautious, and stay protected.

Source: https://www.dailymail.co.uk/sciencetech/article-12618367/Urgent-warning-Facebook-users-Jo-Malone-advent-calendar-scam-heres-make-sure-youre-not-duped.html


23andMe confirms significant data leak involving user information

Biotechnology giant 23andMe, renowned for its popular DNA testing kits, has confirmed a significant data leak involving user information such as full names, geographic locations, photos, and other sensitive data. This breach resulted from a credential-stuffing attack, where cybercriminals use compromised user credentials (like usernames and passwords) obtained from one platform to gain unauthorised access to another.

Fortunately, 23andMe has clarified that the breach did not compromise genetic testing results. The company has emphasised that the incident did not appear to breach its internal systems but involved individual account breaches. In response to this breach, 23andMe swiftly initiated investigations to understand the extent and impact, and appropriate actions are being taken to mitigate potential risks.

The breach initially came to light with the leak of approximately “1 million lines of data for Ashkenazi people.” Subsequently, by October 4, this data was being sold in bulk on hacker forums, with quantities ranging from 100 to 100,000 profiles. The precise scope and scale of the attack are still under investigation, but the potential ramifications could be far-reaching, potentially impacting a significant portion of 23andMe’s user base.

One concerning factor that might have amplified the breach’s impact is 23andMe’s ‘DNA Relatives’ feature. This functionality enables users to identify genetic relatives by comparing their DNA with that of other 23andMe members who participate in the service.

After gaining unauthorised access through credential-stuffing, the threat actors involved in this breach have scraped ‘DNA Relatives’ results, gaining access to even more sensitive data. Notably, the number of listed relatives grows over time as more users join 23andMe, potentially increasing the data exposure.

In its fiscal year 2023 report, 23andMe disclosed that it had “genotyped” approximately 14 million customers, making it one of the largest repositories of genetic information globally. Given the susceptible medical data it manages, including information related to disease predispositions such as Alzheimer’s, Type 2 diabetes, and cancer, 23andMe has been under increased scrutiny regarding its data protection practices since going public in 2021. The company, however, asserts on its official website that it surpasses industry standards for data protection.

This incident underscores the critical need for robust cybersecurity measures, especially for organisations handling sensitive personal and medical data. Users are urged to remain vigilant, update their passwords regularly, employ two-factor authentication where possible, and monitor their accounts for suspicious activity. Additionally, organisations must continuously enhance their security protocols to adapt to evolving cyber threats and protect user data effectively.

Source: https://www.teiss.co.uk/news/biotech-firm-23andme-confirms-user-data-leak-in-credential-stuffing-attack-12954


Contact Neuways to help your business become

Cyber Safe

If you need any assistance with cyber security assistance, then please contact Neuways and we will help you where we can. Just get in touch with our team today.