Paul Bergman

Category: Public Service

  • Got an Unpatched iPhone? A Darksword Hangs Over It!

    Got an Unpatched iPhone? A Darksword Hangs Over It!

    There is a dangerous assumption that iPhones are immune to real risk. That assumption continues to cost people.

    A recent report from Malwarebytes highlights a new threat being tracked as “Darksword.” This is not theoretical. It is a real exploit targeting unpatched iPhones, and it reinforces something we see over and over in cybersecurity.

    The vulnerability is not the problem.

    The delay in patching is.

    What is happening

    The Darksword exploit takes advantage of a vulnerability in iOS that has already been addressed by Apple. That means there is a fix available.

    But here is the issue. Devices that have not been updated remain exposed. That creates a window where attackers can operate with very little resistance.

    This is where most organizations and individuals fail. Not because they lack tools. Because they lack discipline.

    Why this matters

    If you are running an unpatched iPhone, you are not just slightly at risk. You are operating with a known open door.

    Attackers do not need to be creative when users are predictable.

    Unpatched devices allow:

    Unauthorized access to data
    Potential execution of malicious code
    Compromise of credentials and accounts
    Lateral movement into business systems if the device is used for work

    For business environments, this is not just a device issue. It becomes a company risk.

    The real problem is not technical

    This is not about Apple versus Android. It is not about whether iOS is secure.

    It is about behavior.

    We continue to see the same pattern across organizations:

    Updates are delayed
    Devices fall out of compliance
    No one is accountable for patching
    Security is treated as optional until something breaks

    Then the incident happens and everyone asks how it got through.

    It got through because no one closed the door.

    What you should be doing right now

    If you are an individual:

    • Update your iPhone immediately
    • Turn on automatic updates
    • Do not ignore update prompts

    If you are running a business:

    • Enforce mobile device management policies
    • Require current OS versions for access to company resources
    • Track compliance and follow up on exceptions
    • Treat mobile devices as endpoints, not accessories

    This is basic hygiene. But basic does not mean optional.

    A practical takeaway

    You do not need advanced threat detection to stop something like this.

    You need consistency.

    The organizations that avoid these incidents are not the ones with the most tools. They are the ones that execute the fundamentals every time.

    Patch. Verify. Enforce.

    That is it.

  • Protecting Yourself from FinTech Fraud: Five Common Scams and How to Stay Safe

    Protecting Yourself from FinTech Fraud: Five Common Scams and How to Stay Safe

    Financial technology, or FinTech, has made managing money faster and easier than ever. Apps can send money, invest, or pay bills in seconds. That same convenience can also make you a target for fraud.

    According to Stripe’s Guide to FinTech Fraud Detection, criminals use many different tricks to steal money or personal data. Understanding how these scams work is the best way to protect yourself.

    Below are five of the most common FinTech fraud attacks and what you can do to stop them before they happen.

    You will notice that I use “IMMEDIATELY” a lot. I don’t want you to misunderstand and think that I use it for impact. I use it because while transactions seem to happen in the blink of an eye, there is actually a window of time in which they can be reversed. It’s NOT a very long window, so reacting “IMMEDIATELY” is important.

    1. Account Takeover

    What happens: A criminal gets access to your account by stealing or guessing your password and then uses it to move money, make purchases, or change your settings.

    How to protect yourself:

    • Turn on multi factor authentication (MFA) in every app that offers it, especially your bank and payment apps.
    • Never reuse passwords across multiple sites. Consider using a password manager to generate and store strong, unique passwords.
    • Watch for unusual login alerts or changes to your account and report them immediately.

    2. Payment Fraud and Card Testing

    What happens: Thieves use stolen card numbers to make fake purchases or to test which cards still work. Even a few small transactions can quickly add up.

    How to protect yourself:

    • Check your bank and card statements regularly. Set up transaction alerts so you are notified of any activity right away.
    • Use virtual card numbers for online shopping when possible since many banks and payment platforms now offer this feature.
    • Report any unauthorized charges immediately. Your bank can usually stop additional fraudulent activity.

    3. Identity Theft and Fake Accounts

    What happens: Fraudsters use your personal information, such as your Social Security number or driver’s license, to open new accounts or apply for loans in your name.

    How to protect yourself:

    • Never share your personal information unless you initiated the contact and are sure of the company’s legitimacy.
    • Use an identity monitoring or credit report service to track any new accounts opened in your name.
    • Shred old financial documents and store sensitive information securely.

    4. SIM Swaps and Phone Hijacking

    What happens: A scammer convinces your phone carrier to move your number to a SIM card they control. Once they have it, they can intercept text messages, including security codes, and access your accounts.

    How to protect yourself:

    • Avoid using text messages as your only form of authentication. Use an authenticator app or security key instead.
    • Add a PIN or password to your mobile carrier account to prevent unauthorized changes.
    • Be cautious of sudden loss of cell service because it can be a sign of a SIM swap attack.

    5. Insider and Fake Business Scams

    What happens: Sometimes fraud comes from within an organization or from fake businesses pretending to be legitimate merchants or investment firms. These scammers process fake payments or trick victims into transferring funds.

    How to protect yourself:

    • Before sending money or investing, verify the business. Check their website, contact details, and online reviews.
    • Be skeptical of any company that pressures you to act fast or promises guaranteed returns.
    • Use well-known payment apps and platforms that have fraud protection policies.

    Stay Alert, Stay Secure

    Fraud is constantly evolving, but awareness is your best defense. Use strong authentication, monitor your accounts regularly, and think carefully before sharing personal or financial details.

    As Stripe points out, fintech companies are working hard to detect and prevent fraud, but users play an equally important role in staying safe.

    In Summary:
    Fraudsters are always looking for weak spots, but with a few smart habits, you can make their job much harder. Protect your passwords, verify who you are dealing with, and act quickly if something does not look right.

  • Are you hosting a BotNet node?

    Are you hosting a BotNet node?

    Cybercrime Alert: FBI Warns of Botnet-Driven Attacks on old network routers

    The FBI’s Internet Crime Complaint Center (IC3) has issued a critical alert regarding the 5Socks proxy service, a tool exploited by cybercriminals to mask malicious activities. This service facilitates the operation of botnets—networks of compromised devices—enabling a range of cyberattacks that threaten individuals and organizations alike.​

    Understanding Botnets: The Hidden Threat

    A botnet is a collection of internet-connected devices, such as computers and smartphones, that have been infected with malware and are controlled remotely by cybercriminals. These compromised devices, often referred to as “bots” or “zombies,” can be orchestrated to perform coordinated attacks without the owners’ knowledge.​

    Botnets are utilized for various malicious purposes, including:​

    • Distributed Denial-of-Service (DDoS) Attacks: Overwhelming targeted systems with traffic to disrupt services.​
    • Spam Distribution: Sending massive volumes of unsolicited emails.​
    • Data Theft: Harvesting personal and financial information.​
    • Credential Stuffing: Using stolen login credentials to access multiple accounts.​
    • Cryptocurrency Mining: Exploiting device resources to mine digital currencies.​

    5Socks Proxy Service: A Cybercriminal’s Tool

    The 5Socks proxy service has been identified as a facilitator for cybercriminals to anonymize their activities. By routing malicious traffic through this service, attackers can obscure their origins, making it challenging for law enforcement and cybersecurity professionals to trace and mitigate threats.​

    Protecting Yourself Against Botnet Threats

    To safeguard against botnet-related attacks:

    • Maintain Updated Software: Regularly update operating systems and applications to patch vulnerabilities.​
    • Use Robust Security Solutions: Employ reputable antivirus and anti-malware programs.​
    • Be Cautious with Emails and Links: Avoid clicking on suspicious links or downloading attachments from unknown sources.​
    • Implement Strong Passwords: Use complex passwords and consider multi-factor authentication.​
    • Monitor Network Activity: Keep an eye on unusual device behavior or network traffic.​

    Reporting Suspicious Activities

    If you suspect your device is part of a botnet or notice unusual online activities:

    • Report to IC3: Visit www.ic3.gov to file a complaint.​
    • Seek Professional Assistance: Consult cybersecurity experts to assess and remediate potential infections.

    Free Device Tracking Spreadsheet
    If you would like a template for device tracking, here is an Excel template.

  • Beware of Discount Health Insurance Scams: What You Need to Know

    Beware of Discount Health Insurance Scams: What You Need to Know

    In times of financial strain, especially with rising healthcare costs, many seek affordable health insurance options. Unfortunately, scammers exploit this vulnerability by offering fraudulent discount health insurance plans. The FBI has issued a public service announcement warning consumers about these deceptive schemes. Here’s what you need to know to protect yourself. This is a summary of the FBI – Public Service Announcement.

    Understanding the Scam

    These scams typically involve unsolicited calls, texts, or emails offering low-cost health insurance plans. The offers often come with high-pressure tactics, urging immediate action to secure a “limited-time” deal. Victims are promised comprehensive coverage at reduced rates but later discover that the plans provide little to no actual insurance benefits.​

    Real-Life Examples

    • Pennsylvania Couple: Enticed by a discounted plan, they signed up quickly. After medical visits, they learned their plan didn’t cover any expenses, leaving them with substantial bills.​
    • Texas Senior: Responded to an ad offering aid for essentials. He was told to enroll in a dental plan to receive the aid. Attempts to cancel the policy were ignored, leading to unauthorized charges.​
    • Maryland Resident: Paid upfront for a plan promising extensive coverage. After emergency surgery, he discovered the hospital didn’t accept his insurance, resulting in a $7,000 bill.​

    Protecting Yourself

    To avoid falling victim to such scams:

    • Verify Legitimacy: Ensure the insurance company is licensed in your state. Check with your state’s insurance commissioner or the Better Business Bureau.​
    • Consult Providers: Confirm that your healthcare providers accept the insurance plan before enrolling.​
    • Demand Documentation: Legitimate plans provide detailed policy documents. Review them thoroughly before making any payments.
    • Avoid Upfront Payments: Be cautious of plans requiring large upfront fees or pressuring you to make immediate decisions.​
    • Research Offers: If a deal sounds too good to be true, it probably is. Take time to research and compare plans.​

    Warning Signs

    ???? High-Pressure Sales Tactics

    • You’re told to act immediately or you’ll lose the offer.
    • The representative discourages you from reviewing documentation or asking questions.

    ???? Vague or Misleading Information

    • The plan is described as “not technically insurance” but promises “full coverage.”
    • They avoid giving detailed policy information or use vague language like “unlimited benefits.”

    ???? Upfront Payment Requests

    • You’re asked to pay high upfront fees or provide your bank account/credit card before seeing policy documents.

    ???? Limited or No Written Documentation

    • You don’t receive a formal policy or are only sent a generic brochure or a brief summary.
    • They refuse to send written confirmation until after payment.

    ???? Not Licensed or Registered

    • The company is not listed with your state’s department of insurance.
    • They can’t provide a valid license number or direct you to a physical office location.

    ???? Too Good to Be True Offers

    • Extremely low monthly rates or “limited time only” discounts that seem unrealistic.
    • Claims to cover everything without exclusions, limits, or deductibles.

    ???? Suspicious Contact Methods

    • Unsolicited calls, texts, emails, or social media ads—especially if they’re from generic names like “Health Services” or “Benefits Center.”

    ???? Difficulty Canceling or Reaching the Company

    • Once you’ve paid, it’s hard to get a real person on the phone, or canceling the policy is nearly impossible.

    Reporting Fraud

    If you suspect you’ve been targeted or have fallen victim to a health insurance scam:

    • Report to the FBI: Visit the Internet Crime Complaint Center at www.ic3.gov to file a report. Provide as much information as possible about the fraudulent company.​
    • Contact Medicare: For issues related to Medicare, reach out at www.Medicare.gov or call 1-800-MEDICARE (1-800-633-4227).​

    In our free society, scams like this are easy to deploy. Stay vigilant and informed to protect yourself and your loved ones from these deceptive practices.

  • ???? How AI-powered bots are redefining online fraud

    ???? How AI-powered bots are redefining online fraud

    AI-Powered Payment Fraud Is Now—and Online Financial Services Must Act Now

    Online financial services companies—mobile banking apps, digital payments platforms, and online lenders, to name a few—are changing how we manage cash. But where there’s innovation, there’s risk. There’s a new breed of cyber attacks coming down the pike, and they’re powered by something otherworldly advanced: artificial intelligence.

    What’s Happening?
    Cyberthieves today are no longer just using simple bots to commit fraud. They’re using programs with AI capabilities to pretend to be humans—bending traditional security tests like CAPTCHAs and even creating counterfeit but realistic identities. These types of bots would cycle through stolen passwords at remarkable speed, take over user accounts, and subscribe to new services with fake information.

    Indeed, according to the latest reports, account takeovers surged 13% in the previous year, and synthetic identity fraud (with AI-generated fake identities) accounted for over $35 billion worth of losses. This is no longer a specialty issue—it’s a mass crisis.

    Why It Matters
    For financial services firms that are digital, this isn’t just about missing dollars. It’s about trust. When hackers break into user accounts or trigger counterfeit payments, the damage is far more than the dollars. Firms must contend with chargebacks, regulatory penalties, time-consuming investigations, and—most importantly—irate, anxious customers who may never return.

    How Companies Can Protect Themselves
    The old ways of preventing fraud no longer work. The scamming threats of today need more modern safeguards—solutions as smart as the bots they use to breach them.

    The solution? Security tools that employ AI, monitoring user activity, raising alarm to suspicious activity in real-time, and preventing bot activity from spreading damage. DataDome and others lead in multi-layer security that takes a both- sides-of-the-hill approach by preventing false alarms and sustaining uninterrupted customer journeys.

    The Clock Is Ticking
    This risk isn’t coming—it’s here. Online financial companies must move quickly to tighten their fraud protection or risk being left vulnerable to ever more complex and automated attacks. AI-facilitated fraud is evolving quickly, but with the right security, online financial services can stay one step ahead.

  • Beware of Tax-Themed Scams: Protect Yourself This Tax Season

    Beware of Tax-Themed Scams: Protect Yourself This Tax Season

    Tax season is upon us, and while many are busy, cybercriminals are equally active, crafting deceptive schemes to exploit unsuspecting taxpayers. Two prevalent methods they employ are phishing and smishing attacks, designed to steal personal and financial information. Understanding these threats and the tactics used can help you stay vigilant and safeguard your sensitive data.

    Understanding Phishing and Smishing

    • Phishing involves cybercriminals sending fraudulent emails that appear to come from legitimate organizations, such as the IRS or tax preparation services. These emails often contain links to fake websites or attachments laden with malware, aiming to trick recipients into revealing confidential information like Social Security numbers or bank account details.
    • Smishing is similar but utilizes text messages (SMS) instead of emails. Scammers send messages that may prompt you to click on malicious links or call a fraudulent phone number, leading to potential identity theft or financial loss.

    How Cybercriminals Use File Hosting and Link Shortening Services

    To make their deceptive messages more convincing and evade detection, scammers often employ file hosting and link shortening tools:

    • File Hosting Services: Attackers may upload malicious documents or forms to reputable file-sharing platforms. They then include links to these files in their phishing emails or smishing texts. Since the links point to well-known services, recipients might be less suspicious and more likely to click.
    • Link Shortening Tools: By shortening URLs, scammers can disguise the true destination of a link. A shortened link can obscure a malicious website’s address, making it challenging for recipients to identify fraudulent links at a glance.

    For instance, a phishing email might claim to be from the IRS, alerting you to an issue with your tax return and urging you to review a document via a shortened link. Clicking on this link could lead to a counterfeit IRS website designed to harvest your login credentials or install malware on your device.

    The IRS doesn’t initiate contact with taxpayers by email, text messages or social media channels to request personal or financial information. This includes requests for PIN numbers, passwords or similar access information for credit cards, banks or other financial accounts.

    Recent Trends and Warnings

    The IRS has reported a significant increase in texting scams, warning taxpayers to remain vigilant. In 2022, thousands of fraudulent domains tied to smishing scams were identified, with messages often luring victims with fake COVID relief or tax credits.

    Similarly, Microsoft has observed phishing campaigns using tax-related themes to steal credentials and deploy malware. These campaigns notably use redirection methods such as URL shorteners and QR codes contained in malicious attachments, abusing legitimate services like file-hosting platforms to avoid detection.

    Protecting Yourself from Tax Scams

    To reduce the risk of falling victim to these scams, the best advice is to simply think before you act. If you are tempted to act, consider the following precautions:

    1. Be Skeptical of Unsolicited Communications: The IRS typically initiates contact through regular mail. Be cautious of unexpected emails or text messages claiming to be from the IRS or other tax-related entities.
    2. Verify Links Before Clicking: Hover over links to preview the URL before clicking. Be especially wary of shortened URLs or links directing to file-sharing services, as they may conceal malicious destinations.
    3. Avoid Sharing Personal Information: Never provide sensitive information like Social Security numbers or bank details in response to unsolicited messages. Legitimate organizations will not request such information through email or text.
    4. Use Strong, Unique Passwords: Ensure your online accounts have robust passwords. Consider using a password manager to generate and store complex passwords securely.
    5. Enable Multi-Factor Authentication (MFA): MFA adds an extra layer of security by requiring additional verification beyond just a password. This can significantly reduce the risk of unauthorized account access.
    6. Keep Software Updated: Regularly update your devices and applications to patch security vulnerabilities that scammers might exploit.
    7. Report Suspicious Activity: If you receive a suspicious email or text claiming to be from the IRS, report it to phishing@irs.gov. This helps authorities track and combat emerging scams.

    Conclusion

    As tax season progresses, staying informed about the tactics used by cybercriminals is crucial. By understanding how phishing and smishing scams operate, particularly their use of file hosting and link shortening tools to obscure malicious intentions, you can take proactive steps to protect your personal and financial information. Remain vigilant, verify communications, and prioritize your cybersecurity to navigate this tax season safely.