McAfee has long been a popular target of scammers, but recently, they’ve changed the nature of their game.

In years past, they’d display a web page informing you that any McAfee products on your computer are out of date and provide a link to the company’s virtual storefront where you could renew.

Unbeknownst to the people clicking on those links, they were being redirected by an affiliate link.  Therefore, any purchases made would generate a commission for the site owners.

It was an unscrupulous, underhanded tactic, but not an especially malicious one.  Now though, they’re doing something a bit different and darker.

The same page pops up as before, notifying users that their products are out of date. This time, when a user clicks to renew their products, instead of being sent to the McAfee website, they’re simply presented with a capture box that asks for their credit card and personal information.

Assuming you enter that information in, it gets worse.

After “paying” for your purchase, you’re redirected to another web page with a technical support phone number.  The idea is, you call this number and the technician on the other end of the line will help you install your new software.

When you get someone on the phone, the “tech support representative” will ask to remotely connect to your computer.

Once they have access, they’ll tell you that your credit card information didn’t go through and you need to purchase the software again.  They’d then helpfully open a browser and guide you to the McAfee website, via an affiliate link.

It’s a triple play.  Not only are they earning a nice commission when you purchase the software via their affiliate link, but they also manage to get your credit card and personal information. That information will no doubt be put to use not long after you hang up the phone, and on top of that, they’ve got access to your device.

As ever, the best defense against scams like these is vigilance. When in doubt, go directly to a company’s website and call the number listed for assistance.

Used with permission from Article Aggregator

Did you know your company’s bank account doesn’t enjoy the same protections as a personal bank account when it comes to fraud? If a hacker takes money from your business account, the bank is NOT responsible for replacing your funds.

Don’t believe me? Go ask your bank what their policy is on refunding you money stolen from your business account!

Many people erroneously believe the FDIC protects you from fraud; it does not. It protects you from bank insolvency.

Tip: Call your insurance professional and get a crime policy that will cover stolen funds taken from your bank account by a hacker OR a dishonest employee or vendor.

Cybercrime is at an all-time high, and hackers are setting their sights on small and medium businesses who are “low hanging fruit.” Don’t be their next victim! Click here to download this free report that reveals the most common ways that hackers get in and how to protect yourself today.

There’s a new report out by ProofPoint and its findings for businesses are grim, with business email attacks being the biggest problem.

It’s no secret that businesses of all shapes and sizes are coming under increasing fire from hackers around the world.

Now we have hard data that shows us exactly how big of an increase we’re seeing.

Here are some of the key findings in the report:
  • Email fraud attacks targeting businesses have increased 25 percent in the last quarter alone.
  • They have increased by a staggering 85 percent from this time last year.
  • Phishing links sent via social media platforms have increased by 30 percent.
  • 60 percent of those phishing links specifically targeted individual contributors and lower-level corporate management.
  • 23 percent of attacks targeted employees working in operations and production.
  • Incidents of customer support fraud increased by 39 percent, compared to the previous quarter. This increased a whopping 400 percent compared with this time last year.
Nick Frost (a co-founder of the Cyber Risk Management Group) had this to say about the disturbing report:

“Key to this is engineering emails and spoofing email addresses to a level of sophistication that fails to alert the recipient that there is anything suspicious about the email. Techniques such as web crawling and web scraping are able to collect and collate key information about an individual that can be used in crafting an email, accompanied by a link (as part of a phishing attack) to an unsuspecting user.

Whilst there are many legitimate web crawlers and many are enabled for business reasons, there may be organizations and individuals that wish for their information not to be collected and shared either for legitimate or adversarial purposes. There are tools that organizations can adopt that prevent or even delay web crawlers.”

Training is the first line of defense here. If you’re not doing it already, you should be holding regular phishing simulations so your employees become adept at spotting them.  Brash Concepts offers free employee training to all of our managed services clients.  Contact us to help inform your staff and get your company protected.

Cybercrime is at an all-time high, and hackers are setting their sights on small and medium businesses who are “low hanging fruit.” Don’t be their next victim! Click here to download this free report that reveals the most common ways that hackers get in and how to protect yourself today.

Used with permission from Article Aggregator