Researchers warn of a new ransomware threat dubbed RA Group that also engages in data theft and extortion and has been hitting organizations since late April. The group’s ransomware program is built from the leaked source code of a different threat called Babuk.

“Like other ransomware actors, RA Group also operates a data leak site in which they threaten to publish the data exfiltrated from victims who fail to contact them within a specified time or do not meet their ransom demands,” researchers from Cisco Talos said in a new report. “This form of double extortion increases the chances that a victim will pay the requested ransom.”

To read this article in full, please click here

Read More

Three seconds of audio is all it takes.  

Cybercriminals have taken up newly forged artificial intelligence (AI) voice cloning tools and created a new breed of scam. With a small sample of audio, they can clone the voice of nearly anyone and send bogus messages by voicemail or voice messaging texts. 

The aim, most often, is to trick people out of hundreds, if not thousands, of dollars. 

The rise of AI voice cloning attacks  

Our recent global study found that out of 7,000 people surveyed, one in four said that they had experienced an AI voice cloning scam or knew someone who had. Further, our research team at McAfee Labs discovered just how easily cybercriminals can pull off these scams. 

With a small sample of a person’s voice and a script cooked up by a cybercriminal, these voice clone messages sound convincing, 70% of people in our worldwide survey said they weren’t confident they could tell the difference between a cloned voice and the real thing. 

Cybercriminals create the kind of messages you might expect. Ones full of urgency and distress. They will use the cloning tool to impersonate a victim’s friend or family member with a voice message that says they’ve been in a car accident, or maybe that they’ve been robbed or injured. Either way, the bogus message often says they need money right away. 

In all, the approach has proven quite effective so far. One in ten of people surveyed in our study said they received a message from an AI voice clone, and 77% of those victims said they lost money as a result.  

The cost of AI voice cloning attacks  

Of the people who reported losing money, 36% said they lost between $500 and $3,000, while 7% got taken for sums anywhere between $5,000 and $15,000. 

Of course, a clone needs an original. Cybercriminals have no difficulty sourcing original voice files to create their clones. Our study found that 53% of adults said they share their voice data online or in recorded notes at least once a week, and 49% do so up to ten times a week. All this activity generates voice recordings that could be subject to hacking, theft, or sharing (whether accidental or maliciously intentional).  

Consider that people post videos of themselves on YouTube, share reels on social media, and perhaps even participate in podcasts. Even by accessing relatively public sources, cybercriminals can stockpile their arsenals with powerful source material. 

Nearly half (45%) of our survey respondents said they would reply to a voicemail or voice message purporting to be from a friend or loved one in need of money, particularly if they thought the request had come from their partner or spouse (40%), mother (24%), or child (20%).  

Further, they reported they’d likely respond to one of these messages if the message sender said: 

They’ve been in a car accident (48%). 
They’ve been robbed (47%). 
They’ve lost their phone or wallet (43%). 
They needed help while traveling abroad (41%). 

These messages are the latest examples of targeted “spear phishing” attacks, which target specific people with specific information that seems just credible enough to act on it. Cybercriminals will often source this information from public social media profiles and other places online where people post about themselves, their families, their travels, and so on—and then attempt to cash in.  

Payment methods vary, yet cybercriminals often ask for forms that are difficult to trace or recover, such as gift cards, wire transfers, reloadable debit cards, and even cryptocurrency. As always, requests for these kinds of payments raise a major red flag. It could very well be a scam. 

AI voice cloning tools—freely available to cybercriminals 

In conjunction with this survey, researchers at McAfee Labs spent two weeks investigating the accessibility, ease of use, and efficacy of AI voice cloning tools. Readily, they found more than a dozen freely available on the internet. 

These tools required only a basic level of experience and expertise to use. In one instance, just three seconds of audio was enough to produce a clone with an 85% voice match to the original (based on the benchmarking and assessment of McAfee security researchers). Further effort can increase the accuracy yet more. By training the data models, McAfee researchers achieved a 95% voice match based on just a small number of audio files.   

McAfee’s researchers also discovered that that they could easily replicate accents from around the world, whether they were from the US, UK, India, or Australia. However, more distinctive voices were more challenging to copy, such as people who speak with an unusual pace, rhythm, or style. (Think of actor Christopher Walken.) Such voices require more effort to clone accurately and people with them are less likely to get cloned, at least with where the AI technology stands currently and putting comedic impersonations aside.  

The research team stated that this is yet one more way that AI has lowered the barrier to entry for cybercriminals. Whether that’s using it to create malware, write deceptive messages in romance scams, or now with spear phishing attacks with voice cloning technology, it has never been easier to commit sophisticated looking, and sounding, cybercrime. 

Likewise, the study also found that the rise of deepfakes and other disinformation created with AI tools has made people more skeptical of what they see online. Now, 32% of adults said their trust in social media is less than it’s ever been before. 

Protect yourself from AI voice clone attacks 

Set a verbal codeword with kids, family members, or trusted close friends. Make sure it’s one only you and those closest to you know. (Banks and alarm companies often set up accounts with a codeword in the same way to ensure that you’re really you when you speak with them.) Make sure everyone knows and uses it in messages when they ask for help. 
Always question the source. In addition to voice cloning tools, cybercriminals have other tools that can spoof phone numbers so that they look legitimate. Even if it’s a voicemail or text from a number you recognize, stop, pause, and think. Does that really sound like the person you think it is? Hang up and call the person directly or try to verify the information before responding.  
Think before you click and share. Who is in your social media network? How well do you really know and trust them? The wider your connections, the more risk you may be opening yourself up to when sharing content about yourself. Be thoughtful about the friends and connections you have online and set your profiles to “friends and families” only so your content isn’t available to the greater public. 
Protect your identity. Identity monitoring services can notify you if your personal information makes its way to the dark web and provide guidance for protective measures. This can help shut down other ways that a scammer can attempt to pose as you. 
Clear your name from data broker sites. How’d that scammer get your phone number anyway? It’s possible they pulled that information off a data broker site. Data brokers buy, collect, and sell detailed personal information, which they compile from several public and private sources, such as local, state, and federal records, in addition to third parties. Our Personal Data Cleanup service scans some of the riskiest data broker sites and shows you which ones are selling your personal info. 

Get the full story 

A lot can come from a three-second audio clip. 

With the advent of AI-driven voice cloning tools, cybercriminals have created a new form of scam. With arguably stunning accuracy, these tools can let cybercriminals nearly anyone. All they need is a short audio clip to kick off the cloning process. 

Yet like all scams, you have ways you can protect yourself. A sharp sense of what seems right and wrong, along with a few straightforward security steps can help you and your loved ones from falling for these AI voice clone scams. 

For a closer look at the survey data, along with a nation-by-nation breakdown, download a copy of our report here. 

Survey methodology 

The survey was conducted between January 27th and February 1st, 2023 by Market Research Company MSI-ACI, with people aged 18 years and older invited to complete an online questionnaire. In total 7,000 people completed the survey from nine countries, including the United States, United Kingdom, France, Germany, Australia, India, Japan, Brazil, and Mexico. 

The post Artificial Imposters—Cybercriminals Turn to AI Voice Cloning for a New Breed of Scam appeared first on McAfee Blog.

Read More

It can seem like cybercriminals are running rampant across the world’s digital infrastructure, launching ransomware attacks, scams, and outright thefts with impunity. Over the last year, however, US and global authorities seized $112 million from cryptocurrency investment scams, disrupted the Hive ransomware group, broke up online illegal drug marketplaces, and sanctioned crypto money launderers, among other operations to crack down on internet-enabled crimes.

To read this article in full, please click here

Read More

Maybe you know that sinking feeling all too well. “Where did I leave my phone?” 

The minutes pass as you search around the house, then you head into the garage to look between the driver’s seat and console of your car. No luck. So it’s back into the house where you turn over every couch cushion. Still nothing. Maybe panic is too strong a word, but you’re starting to get a little worried. 

Then comes the relief. You found it. 

But what if your smartphone really was lost? Or worse yet, stolen? 

Not a pretty thought. But you can put protections in place that can help you recover your phone—or remotely erase it if it indeed gets lost for good. A few up-front steps is all it takes. 

Before your phone gets lost or stolen, protect yourself with the basics.  

Preparation is everything. If your phone gets lost or stolen, you’ll want to act quickly. You’ll also want the reassurance that you have measures in place that can help you find it, recover it, or even erase it as needed. These steps can get you set up so you exactly that. 

Lock your phone. 

Locking your phone is one of the most basic smartphone security measures you can take. Trouble is, few of us do it. 

Our recent global research showed that only 56% of adults said that they protect their smartphone with a password, passcode, or other form of lock. In effect, an unlocked phone is an open book to anyone who finds or steals a phone. It gives them unfettered access to everything on it.  

And that likely includes: 

Personal data, such as photos, emails, texts, voicemails, and contact information. 
Location data, possibly for family members who share their location with you.  
Financial apps, for banks, credit cards, and other accounts. 
Payment apps, for transferring money to friends and making payments online. 
Social media apps, which make up a big part of a person’s online identity. 
Medical and wellness apps, each loaded with personal health data and information. 

Now, imagine that into the wrong hands. That might lead to financial fraud, identity theft, and even more egregious crimes like stalking and extortion. Not to mention doxing, which involves maliciously posting someone else’s photos, files, and information online for all to see. 

Setting up a lock screen is easy. It’s a simple feature found on iOS and Android devices. iPhones and Androids have an auto-lock feature that will lock your phone after a certain period of inactivity. Keep this time on the low end, one minute or less, to help prevent unauthorized access. 

We suggest using a PIN or passcode rather than using a gesture to unlock your phone. They’re more complex and secure. Researchers proved as much with a little “shoulder surfing” test. They looked at how well one group of subjects could unlock a phone after observing the way another group of subjects unlocked it. 

They found that that “Six-digit PINs are the most elusive attacking surface where a single observation leads to only 10.8% successful attacks, improving to 26.5% with multiple observations. As a comparison, six-length Android patterns, with one observation, suffered 64.2% attack rate and 79.9% with multiple observations.” 

Biometric locks like fingerprints and facial IDs are a practical option as well. Yet they present some security issues. With effort, fingerprints can get copied, such as by lifting them off a pane of glass or other things you touch. Facial ID can open a phone even when the owner’s eyes are closed. Again with some effort, a thief or bad actor can open the phone by placing it by the sleeping owner’s face. Note that these are more extreme cases, yet you should be aware of them when determining how you lock your phone.  

Turn on “Find My Phone.” 

Another powerful tool you have at your disposal is the find my phone feature made possible thanks to GPS technology. The “find my” feature can help you pinpoint your phone if your lost or stolen phone has an active data or Wi-Fi connection and has its GPS location services enabled. Even if the phone gets powered down or loses its connection, it can guide you to its last known location. 

Setting up this feature is easy. Apple offers a comprehensive web page on how to enable and use their “Find My” feature for phones (and other devices too). Android users can get a step-by-step walkthrough on Google’s Android support page as well. 

<h3>Back up your stuff in the cloud. 

Thanks to cloud storage, you might be able to recover your photos, files, apps, notes, contact information, and more if your phone is lost or stolen. Android owners can learn how to set up cloud backup with Google Drive here, and iPhone users can learn the same for iCloud here.  

Write down your phone’s unique ID number. 

Here come a couple of acronyms. IMEI (International Mobile Equipment Identity) or MEID (Mobile Equipment Identifier) are two types of unique ID numbers assigned to smartphones. Find yours and write it down. In case of loss or theft, your mobile carrier, police department, or insurance provider might ask for the information to assist in its return or reimbursement for loss. 

For Android phones, you can find it in Settings à About Phone. 
On iPhones, you can find it in Settings à General à About. 

More ways to protect your smartphone from loss or theft. 

Beyond digital security measures, plenty of loss and theft prevention falls on you. Treat your phone like the desirable item it is. That’s a big step when it comes to preventing theft. 

Keep your phone close. 

And by close, we mean on your person. It’s easy to leave your phone on the table at a coffeeshop, on a desk in a shared workspace, or on a counter when you’re shopping. Thieves might jump on any of these opportunities for a quick snatch-and-grab. You’re better off with your phone in your pocket or zipped up in a bag that you keep close. 

Secure your bags and the devices you carry in them. 

Enterprising thieves will find a way. They’ll snatch your bag while you’re not looking. Or they might even slice into it with a knife to get at what’s inside, like your phone.  

Keep your bag or backpack close. If you’re stopping to grab a bite to eat, sling the handles through a chair leg. If you have a strong metal carabiner, you can use that too. Securing your bag like that can make it much tougher for a thief to walk by and swipe it. For extra security, look into a slash-resistant bag. 

Stay aware. 

Thieves will also look for an easy mark. People who appear a little distracted, lost, or even dozing off. Aside from securing your bags, keep an eye on your surroundings. Look at people and smile, walk with purpose, and generally put across an air of confidence. Behavior like this sends a clear signal to thieves—you’re aware. That might be enough for them to pass you up. 

Consider what you’re carrying—and where you carry it. 

If you have a credit card and ID holder attached to the back of your phone, you might want to remove your cards from it. That way, if your phone gets snatched, those important cards won’t get snatched as well. Take a pass on keeping things in your back pocket. Use your front pocket where it’s much more difficult for a thief to pick your pocket.  

And if the unfortunate happens, know how to remotely, track, lock or erase your phone. 

In the event of your phone getting lost or stolen, a combination of device tracking, device locking, and remote erasing can help protect your phone and the data on it.  

Different device manufacturers have different ways of going about it. But the result is the same—you can prevent others from using your phone, and even erase it if you’re truly worried that it’s in the wrong hands or gone for good. Apple provides iOS users with a step-by-step guide, and Google offers up a guide for Android users as well.  

Apple’s Find My app takes things a step further. Beyond locating a lost phone or wiping it, Find My can also mark the item as lost, notify you if you’ve left it behind, or trigger a sound to help you locate it. (A huge boon in that couch cushion scenario!) Drop by Apple’s page dedicated to the Find My app for more details on what you can do on what devices, along with instructions how. 

Take these steps as well if your phone gets lost or stolen. 

Contact your mobile provider. They can suspend service to your phone if needed. 
File a police report. Theft is theft. Report it. I could help get your phone back if it’s found. Also, insurance companies may require a police report number if you file a claim. 
Change your passwords. Mail, social media, payment, and other apps may be accessible to anyone who can open your phone. Change the passwords to any important accounts or apps you have on your phone right away.   

All is not lost. 

With preparation and prevention, you can give yourself reassurance if your phone gets lost or stolen. You have plenty of recovery options, in addition to plenty of ways to prevent bad actors from getting their hands on the sensitive info you keep on it. 

The post Where Did I Leave My Phone?” Protecting Your Phone from Loss and Theft. appeared first on McAfee Blog.

Read More

If you were to ask me what I consider to be the most attractive attribute in a person, it would be kindness but only closely followed by a sense of humour. There’s something about somebody who can tell a funny story that I just love. And humour can be a great bonding experience for us humans. Laughing over a funny video or sharing a hilarious story is pure friendship gold! But humour can often be murky territory online. 

Kids Love Humour 

One of my favourite things about being a mum of boys is the jokes. My boys can make me laugh till I cry. And the jokes and banter they share amongst themselves warms my heart. Sometimes it feels like slapstick comedy other times its brutal and direct and often a little cheeky. Over the years, ‘safe’ boundaries have been developed for their banter so that no-one gets hurt. But it hasn’t always been perfect. It takes a certain level of maturity and a healthy dose of empathy to know where to draw the line with your humour and, unfortunately, not everyone gets this right. 

When Is a Joke Just a Joke 

All friends will joke around with each other, and our tweens and teens are no exception. Whether it’s sharing comments on funny memes or TikTok’s or leaving witty comments on each other’s online posts, online banter can be quite the demonstration of friendship and connection.  

But sometimes it is hard to tell if someone is just having fun or trying to ridicule or make fun of another online. Without being able to see someone’s face and read their body language in person, the joker’s intention can often be ambiguous. It may be laughed off with a ‘just kidding’ or ‘relax, you’re too serious’. And so, here we are in the grey area. One of the most common questions I am asked by parents is how to differentiate between jokes and cyberbullying online. And my answer is simple. 

If you feel hurt by a joke or think others are laughing at you (instead of with you) then the joke has gone too far. Yes, we all have different levels of sensitivity but if you are offended then it’s time to take some action. Now, if it continues after asking for it to stop and you are still feeling upset then this is bullying.  

It really is simple – a joke is intended to be humorous without causing harm whereas bullying is intended to cause harm to others. And, of course jokes can sometimes go too far but in most cases an apology and an explanation can remedy any hurt.  

When To Take A Stand 

Navigating friendships when you’re in thick of being a teenager can be really tough for some kids particularly those who aren’t as mature or worldly as others. Kids who are a little younger or less experienced with life may feel that they are on the outskirts of their social group. And in my experience, this can be a tough place to be. Regardless of how many times we tell our kids that being popular or accepted doesn’t matter, when you’re 15 it really can. So, if your shy 15-year-old receives a joking message from a kid at school (who he’d like to be friends with) that upsets him, do you need to take action? Or will it jeopardise any chance your child might have to be friends with this child? 

I always like to give a person the benefit of the doubt. So, my advice here would be to continue to monitor the situation. If your child receives additional messages that upset him, then he needs to ask the ‘joker’ to stop. Some kids would be OK to manage this themselves while others might need some help. If they need help, I suggest contacting the school or sporting club that your kids have in common and asking them to intervene. Do not contact the child directly yourself. 

Teach Your Kids What To Do If They Are Cyberbullied 

One of the best things you can do for your kids is ensure they know what to do if they are on the receiving end of behaviour online that they find upsetting. Even if it doesn’t qualify as cyberbullying, having an action plan can empower them. Here’s what I suggest: 

If appropriate, ask the bully or ‘joker’ to stop. If the behaviour continues, then proceed to next step. 
Collect evidence – take screen shots of all communication. 
Block the perpetrator – show your kids how to use these features. 
Talk to a trusted adult – parent, teacher or family member. 
Involve the school or sporting club, if appropriate. 
If no luck with the school, report the incident to The Office of the eSafety Commissioner. They can work to have offensive material and cyberbullying situations addressed. 

It’s often hard to know when to get involved in your teens’ battles. At the end of the day, our job is to help our kids grow into independent adults. But when your gut tells you things are not right then it’s time to start investigating. Insomnia, anxiety, refusing to go to school and a change in the way they use their devices, are all signs they maybe on the receiving end of aggressive online behaviour. And remember, you know your kids better than anyone! 

Till Next Time 

Stay Safe Online 

Alex  

The post Is My Child Being Cyberbullied Or Is It Just Banter? appeared first on McAfee Blog.

Read More

Group-IB’s threat intelligence team said it infiltrated and analyzed Qilin’s inner workings

Read More

Endpoint-based web and cloud security provider Dope Security has launched a new instant secure socket layer (SSL) error resolution feature on its secure web gateway (SWG) offering, Dope.swg.

The new feature is added to simplify SSL inspection conducted by Dope’s SWG and helps admins bypass SSL errors generated as a result of the inspection.

“Dope’s main differentiation is its ‘fly-direct’ architecture — rather than re-route all of your Internet traffic to a data center for security checks, we perform them on the device,” said Kunal Agarwal, CEO at Dope Security. “With our new instant SSL error resolution feature, we are further simplifying the SSL inspection process.”

To read this article in full, please click here

Read More