Wayne Shaw’s Post

Recovering from a WhatsApp account compromise due to phishing involves a strategic approach to regain access and secure your digital presence: 1. Reactivate WhatsApp on Your Device Attempt to reactivate your account on your device with your phone number. This can potentially log out the attacker. 2. Contact WhatsApp Support If unable to reactivate, email support@whatsapp.com with “Lost/Stolen: Please deactivate my account” and your phone number in international format. WhatsApp will temporarily deactivate your account, preventing further misuse. 3. Inform Your Contacts Alert your contacts about the compromise to prevent the spread of the scam. 4. Secure Your Email and Other Accounts Change passwords and enable two-factor authentication on your email and any accounts linked to your phone number. 5. Regain Control of Your Phone Number Contact your mobile service provider to secure your phone number if it has been cloned or ported. 6. Reactivate and Secure Your WhatsApp Account Once your phone number is secure, reactivate your WhatsApp account. Immediately enable two-step verification for added security. 7. Review Account Security Examine and utilize security features on WhatsApp and other platforms to enhance your digital security. 8. Educate Yourself Learn about cybersecurity practices to protect yourself from future attacks and share your knowledge to help others. 9. Consider Legal Action Report the incident to law enforcement if it involved financial loss or identity theft. Quick and informed actions are crucial for mitigating damage and preventing future compromises.

New FakeCall Malware Variant Hijacks Android Devices for Fraudulent Banking Calls . Cybersecurity researchers have discovered a new version of a well-known Android malware family dubbed FakeCall that employs voice phishing (aka vishing) techniques to trick users into parting with their personal information. "FakeCall is an extremely sophisticated Vishing attack that leverages malware to take almost complete control of the mobile device, including the interception of incoming and outgoing calls," Zimperium researcher Fernando Ortega said in a report published last week. "Victims are tricked into calling fraudulent phone numbers controlled by the attacker and mimicking the normal user experience on the device." FakeCall, also tracked under the names FakeCalls and Letscall, has been the subject of multiple analyses by Kaspersky, Check Point, and ThreatFabric since its emergence in April 2022. Previous attack waves have primarily targeted mobile users in South Korea. The names of the malicious package names, i.e., dropper apps, bearing the malware are listed below - com.qaz123789.serviceone com.sbbqcfnvd.skgkkvba com.securegroup.assistant com.seplatmsm.skfplzbh eugmx.xjrhry.eroreqxo gqcvctl.msthh.swxgkyv ouyudz.wqrecg.blxal plnfexcq.fehlwuggm.kyxvb xkeqoi.iochvm.vmyab Like other Android banking malware families that are known to abuse accessibility services APIs to seize control of the devices and perform malicious actions, FakeCall uses it to capture information displayed on the screen and grant itself additional permissions as required. Some of the other espionage features include capturing a wide range of information, such as SMS messages, contact lists, locations, and installed apps, taking pictures, recording a live stream from both the rear- and front-facing cameras, adding and deleting contacts, grabbing audio snippets, uploading images, and imitating a video stream of all the actions on the device using the MediaProjection API. The newer versions are also designed to monitor Bluetooth status and the device screen state. But what makes the malware more dangerous is that it instructs the user to set the app as the default dialer, thus giving it the ability to keep tabs on all incoming and outgoing calls. This not only allows FakeCall to intercept and hijack calls, but also enables it to modify a dialed number, such as those to a bank, to a rogue number under their control, and lure the victims into performing unintended actions.

Quick Reminder! Last week we had a customer reach out with a credit card question about a cancelled card. This customer shared their ENTIRE credit card <a screenshot> within the email. SHOCKED! We kindly let the customer know the dangers of sharing credit cards in this fashion. Got some good one line replies from chat GPT for any future outreach of this type; even though it rarely if ever happens. Here are several reasons why it's not safe to send a picture of your credit card via email, even if it's cancelled: 1. Email is not secure by default Emails can be intercepted while being transmitted. Hackers can use tools to capture and read email contents, exposing your credit card details to potential misuse. 2. Phishing attacks Your email could be compromised through phishing schemes. If a hacker gains access to your email, they can find sensitive information, including your cancelled card details, and exploit it. 3. Personal Information Exposure A cancelled card still contains personal and account information, like your name and card number, that can be used for identity theft or fraud. 4. Stored Information Vulnerability Once you send an email, copies of that email may be stored in your inbox, the recipient's inbox, and on multiple servers. This leaves your card details exposed for future breaches or hacks. 5. Human error Emails can be misdirected easily. If you accidentally send the email to the wrong address, your card information could fall into the wrong hands. 6. Potential card reactivation In some cases, banks may allow for reactivation of a cancelled card or still associate the card with your account. If someone gets access, they could manipulate this to cause issues. 7. Email access on multiple devices Emails can be accessed on multiple devices (like phones, tablets, and laptops), which might not all be secure, increasing the chances of your information being compromised.

"Organizations and businesses in India faced 135,173 phishing attacks related to financial matters—e-commerce, banking, and payment systems—for the period from January to June 2024. The number of attacks rose 175 per cent compared to the same period last year, driven by increased digital adoption and the use of artificial intelligence and automation by threat actors to create convincing content and target victims more effectively." Cyber criminals are adopting new technologies and methodologies on a daily basis. Why aren't YOU? Training, simulations, SEG's and reporting solutions are simply NOT working. It's time for change! It's time for PhishCloud Inc. PhishCloud gives your security team the real-time visibility and control they need to see and block #phishing attacks your employees see. And with real-time metrics, you no longer need to rely on simulations and reporting to understand your phishing risk. PhishCloud arms employees with the tools they need to clearly spot and avoid #phishingattacks, across all digital platforms – not just email – letting them Click With Confidence. And PhishCloud delivers reality-based training that imparts real knowledge, not just awareness. Sound too good to be true? Give us 15 minutes to show you the power of PhishCloud Inc. www.phishcloud.com https://lnkd.in/g2-gYEHd

"Organizations and businesses in India faced 135,173 phishing attacks related to financial matters—e-commerce, banking, and payment systems—for the period from January to June 2024. The number of attacks rose 175 per cent compared to the same period last year, driven by increased digital adoption and the use of artificial intelligence and automation by threat actors to create convincing content and target victims more effectively." Cyber criminals are adopting new technologies and methodologies on a daily basis. Why aren't YOU? Training, simulations, SEG's and reporting solutions are simply NOT working. It's time for change! It's time for PhishCloud Inc. PhishCloud gives your security team the real-time visibility and control they need to see and block #phishing attacks your employees see. And with real-time metrics, you no longer need to rely on simulations and reporting to understand your phishing risk. PhishCloud arms employees with the tools they need to clearly spot and avoid #phishingattacks, across all digital platforms – not just email – letting them Click With Confidence. And PhishCloud delivers reality-based training that imparts real knowledge, not just awareness. Sound too good to be true? Give us 15 minutes to show you the power of PhishCloud Inc. www.phishcloud.com https://lnkd.in/gGnBbzAB

"Organizations and businesses in India faced 135,173 phishing attacks related to financial matters—e-commerce, banking, and payment systems—for the period from January to June 2024. The number of attacks rose 175 per cent compared to the same period last year, driven by increased digital adoption and the use of artificial intelligence and automation by threat actors to create convincing content and target victims more effectively." Cyber criminals are adopting new technologies and methodologies on a daily basis. Why aren't YOU? Training, simulations, SEG's and reporting solutions are simply NOT working. It's time for change! It's time for PhishCloud Inc. PhishCloud gives your security team the real-time visibility and control they need to see and block #phishing attacks your employees see. And with real-time metrics, you no longer need to rely on simulations and reporting to understand your phishing risk. PhishCloud arms employees with the tools they need to clearly spot and avoid #phishingattacks, across all digital platforms – not just email – letting them Click With Confidence. And PhishCloud delivers reality-based training that imparts real knowledge, not just awareness. Sound too good to be true? Give us 15 minutes to show you the power of PhishCloud Inc. www.phishcloud.com https://lnkd.in/gGnBbzAB

🔒 Protecting Your M-Wallet: Common Fraud Tactics and Prevention Tips 🔒 With mobile wallets gaining popularity, it’s crucial to be aware of potential fraud tactics and how to keep your money safe. Here are some common ways fraud can happen in M-wallet accounts and tips to prevent it: Phishing Attacks 🎣 Fake emails and SMS can lead to fraudulent login pages. Always use official apps and enable two-factor authentication (2FA). SIM Swapping 📱 Fraudsters may hijack your phone number to access accounts. Ask your telecom provider for extra SIM swap security. Weak Passwords or PINs 🔑 Strong, unique passwords and regular updates can save you from brute force attacks. Fake Apps or Malware 🚨 Only download apps from official stores and use antivirus software to avoid malicious downloads. Social Engineering Scams 📞 Fraudsters may impersonate customer service reps to gain sensitive info. Remember, legitimate support won’t ask for your OTP or PIN. QR Code Scams 📸 Verify QR codes before scanning—always double-check transaction details! Fake Transaction Screenshots 📲 Trust only your account history, not screenshots, to confirm payments. Public Wi-Fi Risks 🌐 Avoid logging into M-wallets over public Wi-Fi, or use a VPN. Device Theft 🔐 Use biometric locks and app PINs, and enable remote wipe if your device is lost or stolen. Being vigilant is key to staying safe in today’s digital world. Enable security features, be cautious with information requests, and regularly review your transactions. Stay secure! 🚀

Insightful tips on protecting M-Wallets from common fraud tactics!

⚠️ Types of Cyber Attacks via Calls & SMS in India You Should Know! 🚨 Cybercriminals are getting smarter with calls 📞 and SMS 📲 to steal your sensitive information. India has seen a rise in these clever scams using social engineering tactics. Let’s break them down in a way you’ll never forget! 🚀 🔎 Top 6 Cyber Attacks You MUST Be Aware Of 🔥 1️⃣ Vishing (Voice Phishing) 📞 🚨 What it is: Fraudsters impersonate banks, government officials, or customer care. 🎯 How it works: They ask for your OTPs, PINs, or account details over a call. 🕵️ Example: “Your account will be blocked if you don’t update KYC immediately!” 2️⃣ Smishing (SMS Phishing) 💬 🚨 What it is: Fake SMS with malicious links designed to steal credentials. 🎯 How it works: Messages create urgency or fake offers to make you click. 🕵️ Example: “🚨 Your account will be deactivated. Click here to fix!” 3️⃣ SIM Card Swapping 🔄 🚨 What it is: Fraudsters convince telecom providers to transfer your SIM to their control. 🎯 How it works: Once they have your number, they bypass 2FA and gain access to your bank or accounts. 🕵️ Example: “Your SIM card needs a replacement for better service.” 4️⃣ Fake Customer Care Calls 🕵️♂️ 🚨 What it is: Scammers offer refunds, loans, or KYC verification during fake calls. 🎯 How it works: They install malware or request remote access via apps like AnyDesk or TeamViewer. 🕵️ Example: “I’m from customer support, let me verify your issue!” 5️⃣ Lottery & Prize Scams 🏆 🚨 What it is: Promises of lottery wins or prizes to lure victims into sharing bank details. 🎯 How it works: You’re asked to pay a “processing fee” for non-existent prizes. 🕵️ Example: “🎁 Congratulations! You’ve won ₹10L! Pay ₹5,000 to claim.” 6️⃣ Urgent KYC/Bank Verification Scams ⏳ 🚨 What it is: Calls or SMS warning you to update your KYC or bank account urgently. 🎯 How it works: Victims are redirected to fake links or apps to “update details.” 🕵️ Example: “⚠️ Update your account now, or it will be blocked!” 🛡️ Pro Tips to Stay Safe 💡 ✅ Never share OTPs, PINs, or personal details. ✅ Avoid clicking on links from unknown SMS sources. ✅ Verify every call/SMS with the official helpline. ✅ Report fraud to cybercrime.gov.in 🚨 Your awareness is your shield. ⚔️ Stay smart, stay safe! #CyberSecurity #Vishing #Smishing #SIMSwap #OnlineFraud #CyberAwareness #DigitalSafety #SOC #IndiaCyberCrime

ALIVE AND KICKING: "The Android banking trojan "Grandoreiro" is spreading in a large-scale phishing campaign in over 60 countries, targeting customer accounts of roughly 1,500 banks." Since multiple threat actors rent the malware, the phishing lures are diverse and crafted specifically for the organizations a particular cybercriminal is targeting. Also, the trojan itself has undergone "a technical revamp that added many new powerful features and improvements", indicating that its creators evaded arrest and weren't deterred by the previous crackdown. Another notable new feature is Grandoreiro's ability to perform detailed victim profiling and decide whether or not it will execute on the device. https://lnkd.in/gJs7-8rU