Stay Away from Money Laundering Scams

Recently there was a sms from an unknown cancer patient who wanted to transfer her funds to help poor people in our country. Who would not love to accept the fund and help the needy? But do you think it is wise decision to accept money from a stranger and help the needy? To know more about the possibilities you need to read this.

Apart from sms, there can be similar emails also which convey somewhat similar message. Are you the person, who got an email from an unknown person about money transferring?

An individual receives an email from a spammer who makes use of eye grabbing subject such as “Your assistance is required”. The spammer states in the email that the recipient

would be offered a large amount of money with one of the reasons given below:

  • Sender introduces himself as a John Doe, a wealthy merchant and is seriously ill. John seeks assistance in distributing his wealth to charity, as he has no relatives.
  • Sender portrays himself as a bank manager, whose customer was late Bob. Since Bob and his wife are no more, the bank manager initially decided to handover the savings account money left by Bob to his relatives, who were reluctant. As a result the bank manager suggested the recipient to be the next kin of the deceased and claim the money.
  • The Spammer claims to be from a genuine lottery organization, who informs the recipient that he has won a large sum of money in a lottery through a computer ballot system.

In order to receive the money, one needs to furnish his confidential details such as name, phone number, bank account number along with a certain amount of fees, which is to be paid. Fees are nothing but processing costs, taxes and other legalities that would be completed by the spammer. Spammer also mentions to recipient that Western Union or MoneyGram as the payment mode for fees.

Do you think after following Spammer’s instructions, the recipient will get the money, which he was assured before? The answer is ‘No’ and he has become a victim of Nigerian 419 Scam.

What is Nigerian 419 Scam?

It is a money transfer scam, which started from Nigeria. The scam is no longer limited to Nigeria, as it has been reported from various parts of the world .The number ‘419’ in the name was derived from the Nigeria Criminal Code, which outlaws the practice.

The attackers use Western Union or MoneyGram because it is fast. International money transfers cannot be cancelled or reversed. And most importantly, the scammer can easily forge his identity and collect the money.

Do you think, the spammer will continue to extort the money from the victim, even   after he pays him the required fees? The answer is ‘Yes’, as the Scammer will continue to ask more money with justifiable reasons to the recipient such as telling him about the amount will be required for import tax, bribing the custom officials .By the time the victim realizes the scam, his account has been drained out.

There are many scams which are quite similar to Nigerian 419 Scam such as Employment Scam, Social Networking Scam to name a few.

Employment Scam

This is intended to target people, who have registered in job searching sites along with their resume. The scammer offers the job seeker a job offer with a lucrative salary along with an Offer Letter, written in a company’s letterhead. The letterhead may belong to an illegitimate company or a legitimate company. The job seeker is asked to deposit a certain amount in the account number provided to him in his email address. After the victim deposits the money, the scammer is nowhere to be seen.

Social Networking Scam

The Scammers also use popular social Networking sites such as LinkedIn, Facebook for money transferring.


How can a user identify such scams?

  • Getting an opportunity to help an unidentified person from a different country, that which involves transfer of money.
  • Asking you to furnish your confidential information such as Name, bank account number.
  • The spammer has a quite long story to tell.
  • Checking the spammer’s email address, URL if provided.
  • The amount mentioned to the recipient by the spammer is quite enormous.
  • The English used by the spammer is awkward.

To avoid being a victim of such scams, users should follow the below steps:

  • Delete suspicious emails, without having any second thoughts.
  • Never provide confidential information such as name, phone number, bank account number over the phone or through email to an unknown person.
  • In the case of the employment scam, user should report the scam details to the legitimate company.
  • In case of social networking scam, user should never accept strangers’ proposals without a proper background check.
Posted in Security | Tagged , , , , , , | Leave a comment

Latest Ransomware is ready with its Trap

eScan Security team has recently found out a new Ransomware in Android devices who are having OS below 5.0 (Lollipop) dubbed ‘Android.Trojan.SLocker.CV’ distributed by a malicious adult app called ‘Porn O Mania’. However, at the time of writing this blog, the malicious app was removed from Google’s official store Google Play.

According to US-CERT, Ransomware is a type of malware that infects a computer and restricts a user’s access to the infected computer. This type of malware, which has now been observed for several years, attempts to extort money from victims by displaying an on-screen alert. These alerts often state that their computer has been locked or that all of their files have been encrypted, and demand that a ransom is paid to restore access. This ransom is typically in the range of $100–$300 dollars and sometimes demands in virtual currency, such as Bitcoin.

What is Android.Trojan.SLocker.CV?

It is Android based ransomware which is able to lock devices, change PINs and delete entire victim data through factory reset.

How does Android.Trojan.SLocker.CV work?

The Malware enters the device when the user downloads and installs malicious app in his/ her device. Once installation is complete, it displays a fake “Package installation” dialog. The innocent victim clicks on the package installation thinking it to be a necessary Google-related package but remains unaware that the app is encrypting the files present in his/ her external storage and it is gathering sensitive information. This Malware makes our research team believe that it uses sophisticated social engineering to gain Administrator rights. A pop-up is displayed to the victim, which shows an error message (TYPE_SYSTEM_ERROR) to older Android versions allows to appear on top of the window that asks for permissions. After some time, second pop-up is displayed “Installation is complete” and activate a “Continue” button, which is elevated to privileges on the screen. It is observed that cyber-crooks make use of clickjacking technique to root the device. eScan Research team has also found that Android devices having Lollipop OS are not vulnerable to clickjacking technique, i.e. Google doesn’t prevent the above mentioned dialog types from displaying over the system permission dialog.

So how can we safeguard ourselves against Android.Trojan.SLocker.CV Ransomware?

  • Use a trustworthy antivirus (eScan) on your Android phone and update it on frequent basis.
  • Always download apps from their official website or Google Play Store instead of unknown sources because many apps store are still offering the app.
  • Download applications of a reliable app developer. In addition, check the user ratings and reviews of the app.
Posted in Security | Tagged , , , , , , | Leave a comment

Don’t Fall for Cyber Scams in this Festive Season

With Christmas and New Year round the corner, eScan would like to advise its readers and users to be extremely cautious against all possible online threats and scams.

1 Mobile Malware: Festival season often prompts the launch of new mobile apps, which would make Christmas shopping simpler. Scammers would be making use of this opportunity to create a malicious app for stealing personal information or rob your money. This kind of miscreant can happen only when inadequate research is done on the app before installation. With number of apps hosted in Play store there is possibility of downloading a fake app in the form of innocent looking app.  eScan recommends to download apps from official stores only and use eScan Mobile Security solutions for both iPhone and Android.

2 Text Message: Ever wondered a simple text message from you can reveal your personal information? Known as SMS phishing or smishing, cyber crook lures recipient with an assured gift or prize. Following the link, the cellphone user is exposed to identity theft or asks the user to download malicious software which would infect his device.

3 Gift Scams: Every year there are advertisements on must-have items such as Xbox One, new iPhone 6s are sure to grab attention of shoppers. Cyber-criminals would start luring users by advertising gifts on malicious sites, conduct fake contests on popular social networking websites or send phishing emails offering great deals in a bid to reveal their personal information or get their devices infected with Malware.

4 Festive Travel: According to US-Cert, Phishing is an attempt by an individual or group to solicit personal information from unsuspecting users by employing social engineering techniques. Phishing emails are crafted to appear as if they have been sent from a legitimate organization or known individual. These emails often attempt to entice users to click on a link that will take them to a fraudulent website that appears legitimate. The user then may be asked to provide personal information, such as account usernames and passwords that can further expose them to future compromises. Additionally, these fraudulent websites may contain malicious code. Cyber-criminals are aware of the fact that people look for visiting their loved ones during festivals. They make use of well-crafted websites with beautiful pictures with fake offers and holiday themes. This is done to trick the customers into entering their Credit Card details and other sensitive information.

5 Dangerous e-Card greeting: Online Christmas shopping is incomplete without posting any greeting card. eScan warns its readers and users not to open e-cards from someone whom they don’t know. The scammers use this opportunity to trap users to download a Malware onto their system by clicking a link or opening an attachment.

6 Deceptive Online Games: Who doesn’t love to purchase and play latest Games during Xmas? There are many unknown sites which offer full version downloads of games but users and readers need to be careful about Game’s download source. The download source might be laden with Malware. eScan advises all to download games from authorized app stores, legitimate company website and check online for reviews before downloading.

7 Shipment Notification Scams: Any online purchase gives shipping notification to the buyers. There are crooks who chalk out wrong intension with such notifications such as update your account details to know the shipment status. These carry malware that could infect the user’s system. eScan advises to check the authenticity of the sender’s e-mail addresses with such messages and check for unusual usage of language and grammar.

Don’t let Scammers spoil your Christmas and New Year shopping. Be aware and stay safe!



Posted in Security | Tagged , , , , , , , | Leave a comment

Threat Predictions 2016

2015 is coming to an end and 2016 is already knocking at out doorsteps. This year would be remembered as year of Data breach as we witnessed data leaks from Ashley Madison to JP Morgan Chase & Co. There is no magic-bullet technology which would stop crime being committed but they being well prepared to combat such attacks are wise one. With companies seeing the importance of cyber security in the digital era, eScan team predicts that 2016 can be alarming. There are several security predictions for the coming year as discussed below:

1 Ransomware: Ransomware will be a major threat in the year 2016.It is one of the easiest way for a cyber-criminal to extract money from victim. In 2015, we witnessed Ransomware-as-a-service (RaaS) hosted on the Tox, Tor supporting client and makes use of virtual currency for payment purpose. This is expected to grow in the coming year as technological prowess cyber-criminals will make an attempt to access it and use it in hacking into user’s computer. In addition to it, Ransomware creators would be looking to target new operating system such as Mac and would be looking for an unpredictable encryption key on Linux platforms.

2 Requirement of Improved Security on IoT Devices: Since the demand for smart devices and other Internet of Things (IoT) device are increasing every day, thus the need for advanced security for these devices has also increased. According to recent statistics, there will be almost 30 billion connected things in major industries and IoT will touch every role across the corporates. Ready devises are going to be in the market. Simultaneously, the attacks against these devices will also rise.

Besides, medical device security might become a mainstream topic in 2016. Life-saving devices like pacemakers or insulin pumps can get hacked. Though no such cases have been reported till now, yet the potentiality always remains high. Under the evolving umbrella of mobile health, the hackers might catch up with the latest technologies to cripple them with unlawful activities. Some industries might even begin to develop guidelines that might address the new risks of information use and data ownership presented by IoT.

3. Increase in sextortion:  There would be raise in “sextortion” attack as scammers believe they can blackmail and threaten to leak personal photographs and videos of celebrities in return of money.  This has set the trend of extorting money from them. The Ashley Madison was the most infamous internet scam ever as it opened Pandora box of scams. The hackers were quick to capitalize on Ashely Madison breach by sending impressive coherent spam messages. The Ashley Madison incident was a classic example of Privacy Breach and the registered users are reportedly having a bigger problem of Identity Theft.

4 Increase in Android threats would be murkier: There will be sharp increase in number of Android exploits in the coming year. The Stagefright vulnerability which was heavily reported in 2015 took Android market into storm. It allowed hackers to take over an Android smartphone by enabling malicious programs into audio files, delivered via MP3 or MP4 format.

5 Increase in iOS Malware:  Apple witnessed security breaches in its App Store, once with the Instagram app- InstaAgent after it was found to store usernames and passwords for Instagram users and sends them to an unknown server. This app was removed from both Google Play Store and Apple Store and prior to that Xcodeghost Malware which infiltrated the App Store. The cyber-criminals created an illegitimate version of Xcode, Apple Software for creating apps, which convinced iOS developers to download. When the apps were developed and downloaded, the attackers were able to steal data of users and send it to servers they control.  With millions of apps hosted and tested rigorously in both Apple and Google store, Android allows installation of applications from third party markets, thus making it easier for cyber-criminals to inject malware into unofficial markets.

6 Payment systems: To buy something, all you need is cash in your pocket. But thanks to mobile era, Payment systems have been transformed into other forms like Mobile Wallet such as Apple Pay, Android Pay etc. Cyber-criminals would be keen to get their hands on these payment systems and untested financial services.

7 Virtualization Firmware: Vulnerabilities in Virtualization Firmware could become an access point for cyber-crooks to gain entry into infrastructure of an enterprise. Virtual machines would be at risk as they could be the next target with system firmware rootkits. This could be the new tactic adopted by cyber-crook to gain entry into any corporate network by compromising it and extract valuable information.

Lastly we can conclude that our users, readers and administrators should be on their toes to escape the deadly fangs of the cyber crooks. Implementation of 3D security policy after understanding the exact requirement thoroughly will help the organization in minimizing the chances of any kind of cyber-attacks. Use eScan and stay safe! Cheers!

Posted in Security | Tagged , , , , , , , , , , | Leave a comment