After analysing this email, we determined that it is a sextortion scam threatening to share (disclose) videos of recipients visiting adult websites and their personal information. This email aims to trick recipients into sending a specified amount of Bitcoins to the provided wallet. None of the claims in this email are true. Thus, it must be ignored

More about the “I Regret To Inform You About Some Sad News For You” sextortion scam

This email claims that access to a computer has been gained, and Internet activities have been observed. It states that an email account has been hacked. It also claims that the operating system has been infected with a Trojan that accessed the webcam, microphone, social network accounts, messengers, contact lists, downloaded photos, web browsing history, and other data.

The purpose of this email is to trick recipients into believing that compromising videos have been recorded and will be disclosed if $1490 in Bitcoins are not paid to the provided BTC wallet. It urges recipients to pay a ransom within 48 hours from receiving it.

It is worth mentioning that this email appears to be sent from the recipient’s address. Scammers behind it use a spoofing technique to trick unsuspecting recipients into believing that their email account has been hacked.

Similar scams in general

As a rule, scammers behind sextortion scams coerce recipients to pay a ransom for not sharing the obtained material (videos, photos, personal files/data). They claim that they have accessed a webcam, a microphone, or gained access to a computer in some other way. Most scammers demand to be paid in cryptocurrency (they provide a crypto wallet address in their email addresses).

Examples of similar emails are “I Broke Into Your Computer System Using The Wireless Network Router Email Scam“, “We Are Ukrainian Hackers And We Hacked Your Site Email Scam“, and “Your System Has Been Hacked With A Trojan Virus Email Scam“. It is important to know that email can be used as a channel for delivering malware.

How do spam campaigns infect computers?

When emails are used to spread malware, they contain malicious attachments or links. In both cases, threat actors use them to trick recipients into downloading and executing malware. Usually, such emails are disguised as important/official/urgent letters from legitimate entities.

Most commonly used files to distribute malware are PDF, Microsoft and other documents, JavaScript files, executables, ISO files, and archive files containing malicious files.

How to avoid installation of malware?

Do not trust irrelevant emails sent from unknown, suspicious addresses (e.g., emails sent from your address). Do not open files or links presented in emails of this kind. Files/links in such emails can be malicious. Use official websites and stores to download applications and files. Do not trust other sources.

Keep the operating system and installed programs up to date. Use functions/tools provided (created) by the official software developers to update and activate the installed software.

If you’ve already opened malicious attachments, we recommend running a scan with Combo Cleaner Antivirus for Windows to automatically eliminate infiltrated malware.

Text presented in the “I Regret To Inform You About Some Sad News For You” email letter:

Subject: Don’t miss your unsettled payment. Complete your debt payment now.

Hi there!

I regret to inform you about some sad news for you.
Approximately a month or two ago I have succeeded to gain a total access to all your devices utilized for browsing internet.
Moving forward, I have started observing your internet activities on continuous basis.

Go ahead and take a look at the sequence of events provided below for your reference:
Initially I bought an exclusive access from hackers to a long list of email accounts (in today’s world, that is really a common thing, which can arranged via internet).
Evidently, it wasn’t hard for me to proceed with logging in your email account (-).

Within the same week, I moved on with installing a Trojan virus in Operating Systems for all devices that you use to login to email.
Frankly speaking, it wasn’t a challenging task for me at all (since you were kind enough to click some of the links in your inbox emails before).
Yeah, geniuses are among us.

Because of this Trojan I am able to gain access to entire set of controllers in devices (e.g., your video camera, keyboard, microphone and others).
As result, I effortlessly downloaded all data, as well as photos, web browsing history and other types of data to my servers.
Moreover, I have access to all social networks accounts that you regularly use, including emails, including chat history, messengers, contacts list etc.
My unique virus is incessantly refreshing its signatures (due to control by a driver), and hence remains undetected by any type of antiviruses.

Hence, I guess by now you can already see the reason why I always remained undetected until this very letter…

During the process of compilation of all the materials associated with you,
I also noticed that you are a huge supporter and regular user of websites hosting nasty adult content.
Turns out to be, you really love visiting porn websites, as well as watching exciting videos and enduring unforgettable pleasures.
As a matter of fact, I was not able to withstand the temptation, but to record certain nasty solo action with you in main role,
and later produced a few videos exposing your masturbation and cumming scenes.

If until now you don’t believe me, all I need is one-two mouse clicks to make all those videos with everyone you know,
including your friends, colleagues, relatives and others.
Moreover, I am able to upload all that video content online for everyone to see.
I sincerely think, you certainly would not wish such incidents to take place, in view of the lustful things demonstrated in your commonly watched videos,
(you absolutely know what I mean by that) it will cause a huge adversity for you.

There is still a solution to this matter, and here is what you need to do:
You make a transaction of $1490 USD to my account (an equivalent in bitcoins, which recorded depending on the exchange rate at the date of funds transfer),
hence upon receiving the transfer, I will immediately get rid of all those lustful videos without delay.
After that we can make it look like there was nothing happening beforehand.
Additionally, I can confirm that all the Trojan software is going to be disabled and erased from all devices that you use. You have nothing to worry about,
because I keep my word at all times.

That is indeed a beneficial bargain that comes with a relatively reduced price,
taking into consideration that your profile and traffic were under close monitoring during a long time frame.
If you are still unclear regarding how to buy and perform transactions with bitcoins – everything is available online.

Below is my bitcoin wallet for your further reference: 1r8KDQsoFUWLdV1D2L1vc66YibNDrrYys

All you have is 48 hours and the countdown begins once this email is opened (in other words 2 days).

The following list includes things you should remember and avoid doing:
> There’s no point to try replying my email (since this email and return address were created inside your inbox).
> There’s no point in calling police or any other types of security services either. Furthermore, don’t you dare sharing this info with any of your friends.
 If I discover that (taking into consideration my skills, it will be really simple, because I control all your systems and continuously monitor them) –
 your nasty clip will be shared with public straight away.
> There’s no point in looking for me too – it won’t result in any success. Transactions with cryptocurrency are completely anonymous and untraceable.
> There’s no point in reinstalling your OS on devices or trying to throw them away. That won’t solve the issue,
 since all clips with you as main character are already uploaded on remote servers.

Things that may be concerning you:
> That funds transfer won’t be delivered to me.
 Breathe out, I can track down everything right away, so once funds transfer is finished,
 I will know for sure, since I interminably track down all activities done by you (my Trojan virus controls all processes remotely, just as TeamViewer).
> That your videos will be distributed, even though you have completed money transfer to my wallet.
Trust me, it is worthless for me to still bother you after money transfer is successful. Moreover, if that was ever part of my plan, I would do make it happen way earlier!

We are going to approach and deal with it in a clear manner!

In conclusion, I’d like to recommend one more thing… after this you need to make certain you don’t get involved in similar kind of unpleasant events anymore!
My recommendation – ensure all your passwords are replaced with new ones on a regular basis.

The post How to spot scams like I Regret To Inform You About Some Sad News For You scam appeared first on Cyber Security Plus.

The post Your Mac Is Not Virus Proof. It Never Has Been. appeared first on Cyber Security Plus.

Two-factor authentication, the added security step that requires people enter a code sent to their phone or email, has traditionally worked to keep usernames and passwords safe from phishing attacks.

However, security experts have demonstrated an automated phishing attack that can cut through that added layer of security—also called 2FA—potentially tricking unsuspecting users into sharing their private credentials.

The attack was first demonstrated at the Hack in the Box Security Conference in Amsterdam last month. A video of the presentation was posted on YouTube on June 2, bringing renewed attention to how hackers are getting better at penetrating extra layers of security, despite people using stronger tools, like 2FA.

The hack employs two tools, called Muraena and NecroBrowser, which work in tandem to automate the attacks. The two tools work together like the perfect crime duo. Think of Muraena as the clever bank robber, and NecroBrowser as the getaway driver.

Muraena intercepts traffic between the user and the target website, acting as a proxy between the victim and a legitimate website. Once Muraena has the victim on a phony site that looks like a real login page, users will be asked to enter their login credentials, and 2FA code, as usual. Once the Muraena authenticates the session’s cookie, it is then passed along to NecroBrowser, which can create windows to keep track of the private accounts of tens of thousands of victims.

A demonstration of the attack was also released on GitHub, an open source coding site, to provide developers an opportunity to see how it works.

Amit Sethi, senior principal consultant at Synopsys, who was not affiliated with the presentation, says that while attacks against 2FA have been demonstrated in the past, these tools “make one of these attacks easier to execute for lower-skilled attackers.”

Despite this hack, 2FA is still considered a best security practice—far better than the alternative of simply relying on a username and strong password, according to security experts.

“Of course this does not mean that people should not worry,” says Sethi. “We now need to be even more diligent about detecting phishing attempts.”

The researchers, and Sethi, both say that universal second factor is a strong solution, when available. A U2F key is a secondary, physical device that can be plugged into a computer port as an additional way of verifying a person’s identity after they enter their username or password.

If that’s not an option, Sethi also says being vigilant can help thwart potential 2FA phishing attacks. That includes not clicking on links in suspicious emails, checking the a web address in the browser before entering credentials, and avoiding entering sensitive information when using public Wi-Fi.

“If you suspect that your credentials for a website have been compromised, act quickly to change your password, and report the event to the website

The post Hackers Can Now Bypass Two-Factor Authentication With a New Kind of Phishing Scam appeared first on Cyber Security Plus.

As a parent, you have young ones to monitor at all times – not to mention the rest of the household. Being full-time manager of your child’s online activity can feel like a big chore. But we all know that it is necessary.

While we know that it is necessary, did you know that parental controls can go beyond a few websites or Netflix accounts? You can set up parental controls on your entire WiFi network (and you need to).

Here’s why:

Why you need parental controls on your home WiFi network

There are three key reasons to set up parental controls on your home WiFi network:

1. Controlling devices and content access
2. Setting time limits on daily Internet usage
3. Customisation for your home network

Setting up parental controls on your home WiFi helps you monitor your child’s (and their friends’) online content access as well as device usage. With parental controls set on your entire WiFi network, you control everything.

Overall, these settings let you know exactly what everyone is doing on your network and when (because you customized it!).

Here’s how to set them up:

How to set up parental controls on your home WiFi network

Setting up parental controls for your WiFi network is easier than you might think. Often you can just log into your account and configure your router with the parental control settings.

Since your router is the centre of your entire network, you can filter the web for any or all devices that are connected through it. This means you can control your child’s computer, smartphone, tablet, gaming console, you name it.

If your router does not have these settings by default, consider investing in a newer model that does. This will make WiFi security much easier on your part.

The post Why You Should Setup Parental Control On Your Home Network appeared first on Cyber Security Plus.