Welcome to the latest edition of the Neu Cyber Threats, a weekly series in which we bring attention to the latest cyber attacks, scams, frauds, malware including Ransomware and DDoS, in order to ensure you stay safe online.

Here are the most prominent threats which you should be aware of:



WH Smith victim to a cyber attack

WH Smith, a well-known high street book and stationery retailer, has been targeted in a cyber attack on World Book Day.

During the attack, the cyber criminals were able to access information about current and former employees of WH Smith, which was over 12500 total. A spokesperson for the company confirmed that as soonest they became aware of the incident, they started an investigation, hired a specialist support service and put incident response plans in place.

The incident did not impact WH Smith trading activities, and the website, customer data and database stayed unaffected in separate systems.

There is no more information about the attack, but the impact reported is consistent with a ransomware attack.

SMS Pumping Fraud Epidemic

Industry experts released a warning of increased risk to companies called SMS Pumping Scams which abuse one-time password generation.

The problem was highlighted by Elon Mask on Twitter when he claimed that Twitter lost around $60 million dollars last year because of the SMS Pumping Fraud when 390 different telecom companies used bots to inflate A2P SMS.

SMS Pumping Fraud is when scammers try to make money by ambushing online web forms on websites that generate automated one-time password texts. These OTP are received by text, usually when a user sign up for a new app or service. The fraud then happens when scammers use a premium rate number for the OTP SMS to be sent. So, by generating thousands of OTP texts, the scammers can get paid quickly.

‘Small businesses and startups are particularly vulnerable to SMS pumping fraud. They are less likely to have the resources required to make their web forms more secure.’ – said Henry Cazalet, director of TheSMSWorks for infosecurity.com. ‘In the interests of speed and keeping costs down, they are often prepared to cut a few corners, which leaves their service vulnerable to ambush by the fraudsters.’

The SMS OTP Fraud is also known as ‘artificially generated traffic’.

There are a few tell-tale signals that your web form is being used by scammers:

  • Increased web traffic an auto-generated SMS
  • High volume of text being sent out of the country
  • Abandoned half-filled web forms by bots

To protect yourself and your business, disable SMS OTPs from countries your business does not operate. Set limitiations on the number of SMS that could be sent to any range of numbers and set detect and discourage bots.

US Marshal Services became the latest ransomware target

Cyber criminals have no intentions of slowing down. Quite the opposite. The ransomware attacks continue to spread, with the latest ransomware targeting the US Marshal Services.

The USMS is the oldest federal law enforcement agency in the US. Some of their services include hunting for fugitives or administrating the witness protection programme. The cyber security breach compromised sensitive law enforcement information.

The investigation is still taking place. During the incident, the hackers accessed a standalone computer that contained records about ongoing investigations, employee personal data and internal processes.

According to their spokesperson, the computer didn’t include any personal details about people who were added to the Federal Witness Protection Programme, which could mean that their lives could be in danger if exposed to the public.

They shut down the breach as soonest it was discovered.

If you are concerned about any cyber security issues within your business, contact us today on 01283 753 333 or email hello@neuways.com.