Those Annoying Scam Calls and Texts: How to Fight Back Against Vishing and Smishing

Read Time:7 Minute, 16 Second

With a ring or a ping, scammers come calling and texting. 

It probably happens often enough. You get a call from an unknown number, and you wonder if you should even bother answering it. It’s probably a scammer. Or is it? What if it’s something important? You answer. Sure enough, it’s a robocall. But the voice says it’s your bank and that there’s a problem with your account. Now what do you do? 

Same things with texts. Maybe you get a message that goes something like: 

“We have detected unusual activity on your account. Please call this number to speak to a customer service representative.”  

Enter the world of vishing and smishing.  

The term vishing stems from a combination of “voice” and “phishing.” Likewise, smishing comes from a combination of “SMS” (text) and “phishing.” Taken all together, they’re two ways that scammers will try and reach you on your phone. 

The con is the same as it always is with any form of phishing. The scammers want things like credit card numbers, account logins, and other personal information so that they can rip you off or steal your identity altogether. 

Yet you have ways you can protect yourself. And you have tools that might help you reduce the number of scam calls and texts you get in the first place. 

How do vishers and smishers get your phone number? 

The scammers behind these attacks often cast a wide net. They send calls and messages to thousands and thousands of phones in one fell swoop. Even if they catch a tiny percentage of victims, the attack can still return a decent profit.  

The secret is volume, and scammers can get phone numbers in bulk in several ways: 

Data breaches: While some data breaches involve the loss of credit card and government ID numbers, others involve names, email addresses, and phone numbers. That’s still damaging, because these breaches provide hackers and scammers with the basic information they need to launch all kinds of phishing, vishing, and smishing attacks. 
Data brokers: Scammers can also buy entire lists of numbers for a few dollars with a few clicks. Online data brokers collect and sell highly detailed information about millions of people. The records vary from broker to broker, yet they can include dozens or even hundreds of entries gathered from public sources and from third parties. Data brokers will often sell such lists to advertisers for targeted campaigns—but they’ll sell them to scammers too. Data brokers will sell to anyone. 
The dark web: Plenty of personal information ends up in dark web marketplaces. Scammers will often share lists of potential victims with other scammers for free. In other cases, they’ll sell them for a profit. Either way, the dark web provides scammers with several resources for obtaining phone numbers. 
Dumpster Diving: And old-school “hack” involves digging through a bank or business’ dumpster and salvaging any lists of client phone numbers. With that list, scammers can program the numbers into their dialers for a more targeted attack. 
Auto-dialers: As the name suggests, this piece of gear calls random phone numbers with a recorded message. Sometimes, scammers will make calls to specific area codes with a message that involves a regional bank or credit union. This way, the scammer takes aim at potential members in the targeted area. 

What are some examples of smishing? 

There’s a good chance you’ve seen several examples of smishing yourself. Maybe you’ve come across something like these: 

“Hi! We noticed that you’re a recent customer of ours. To finish setting up your account, please tap this link and enter your personal information.”  
“Urgent! Your bank account has been compromised. Please tap this link to reset your password and prevent any further fraud.”  
“We have a package for you, but we were unable to deliver it. Please tap this link to update your information so that we can get your package to you.” 
“Hi! It’s me, Mandy. Are we still on for lunch today?” 
“You owe back taxes. Pay using this link within three days or we will turn your case over to law enforcement.” 

Messages like these can seem plausible at first, until you look at them more closely.  

First off, they usually include a link. The link might include unusual strings of characters and a web address that doesn’t match who the message says it’s coming from. Like a bogus notice from the post office that doesn’t use the official post office URL. Or, the link might look almost like a legitimate address, but changes the name in a way that indicates it’s bogus.  

Another indicator might be that you don’t know “Mandy” at all. This is by design. In fact, the scammer hopes you don’t recognize the name. They want you to respond with a “sorry, wrong number” text. From there, the scammer will try to strike up a conversation and launch the first steps of a romance scam or a similar con game. 

Lastly, the message might employ a scare tactic or threat. Scammers love this approach because it successfully plays on people’s emotions and gets them to act quickly without much thinking. The bank and tax scares offer a couple prime examples of this approach. As do messages that appear to come from family members who say they’re in trouble. Like their car has broken down in the middle of nowhere or that they’re off to urgent care with a sudden illness.  

In all, the scammers behind these texts are after the same thing—your personal information, money, or a combination of both. 

How to protect yourself from vishing and smishing attacks 

Don’t trust caller ID: Scammers can tamper with caller ID. Scammers have several tools available that can help them populate the caller ID with a specific bank or credit union, or with the words “Bank” or “Credit Union.” 
Follow up directly: If you receive a phone call from a person or a recording requesting personal information, hang up. If the call appears like it came from a trusted organization, call them directly to confirm their request. Do the same for any texts that ask you to select a link to provide information. 
Report any fraud attempts immediately: Document the call, note what was said, what was asked for, and the number the caller or texter used. Report this to the company in question. Many organizations have dedicated fraud pages that have email addresses to report fraud committed in their name. Netflix offers a good example, and so does the Internal Revenue Service (IRS) in the U.S. McAfee has a page dedicated to fraud as well. 
Look for errors in spelling or grammar. Legitimate businesses and organizations go to great lengths to ensure their messages are free from mistakes. Scammers, less so. Misspellings and awkward sentences often find their way into smishing attacks. 
Contact the sender: Did you get an urgent text message from someone who appears to be a friend or family member? Follow up with them in some way other than responding to the text message you just received, particularly if it came from a new or unknown number. 
Don’t tap on links in text messages: If you follow one piece of advice, it’s this. As mentioned above, if you have concerns, follow up directly. 

Another way to cut down on scam calls and texts: online protection software 

With comprehensive online protection software like McAfee+ on your smartphone, you can stay safer in several ways. 

It offers web protection that warns you of sketchy links in texts, search, and while you browse, which can steer you clear of websites that steal information. It can also monitor dozens of pieces of personal information and alert you if any of it appears on the dark web—and offer guidance for what to do next. 

Further, it can help you remove your personal information from data broker sites with our Personal Data Cleanup. You’ve seen how scammers use data brokers to create their call and text lists. Telemarketers turn to data brokers for the same reason too. Removing your information can lower your exposure to data brokers and telemarketers alike and help reduce scam and spam calls as a result. 

When it comes to vishing and smishing, you have several tips, tactics, and tools at your disposal. When in place, they can help prevent scammers from ringing and pinging—or fooling you if they still somehow do. 

The post Those Annoying Scam Calls and Texts: How to Fight Back Against Vishing and Smishing appeared first on McAfee Blog.

Read More

USN-6187-1: Linux kernel (IBM) vulnerabilities

Read Time:1 Minute, 55 Second

William Zhao discovered that the Traffic Control (TC) subsystem in the
Linux kernel did not properly handle network packet retransmission in
certain situations. A local attacker could use this to cause a denial of
service (kernel deadlock). (CVE-2022-4269)

It was discovered that the TUN/TAP driver in the Linux kernel did not
properly initialize socket data. A local attacker could use this to cause a
denial of service (system crash). (CVE-2023-1076)

It was discovered that the Real-Time Scheduling Class implementation in the
Linux kernel contained a type confusion vulnerability in some situations. A
local attacker could use this to cause a denial of service (system crash).
(CVE-2023-1077)

It was discovered that the ASUS HID driver in the Linux kernel did not
properly handle device removal, leading to a use-after-free vulnerability.
A local attacker with physical access could plug in a specially crafted USB
device to cause a denial of service (system crash). (CVE-2023-1079)

It was discovered that the Xircom PCMCIA network device driver in the Linux
kernel did not properly handle device removal events. A physically
proximate attacker could use this to cause a denial of service (system
crash). (CVE-2023-1670)

It was discovered that a race condition existed in the Xen transport layer
implementation for the 9P file system protocol in the Linux kernel, leading
to a use-after-free vulnerability. A local attacker could use this to cause
a denial of service (guest crash) or expose sensitive information (guest
kernel memory). (CVE-2023-1859)

Jose Oliveira and Rodrigo Branco discovered that the Spectre Variant 2
mitigations with prctl syscall were insufficient in some situations. A
local attacker could possibly use this to expose sensitive information.
(CVE-2023-1998)

It was discovered that the BigBen Interactive Kids’ gamepad driver in the
Linux kernel did not properly handle device removal, leading to a use-
after-free vulnerability. A local attacker with physical access could plug
in a specially crafted USB device to cause a denial of service (system
crash). (CVE-2023-25012)

It was discovered that a use-after-free vulnerability existed in the HFS+
file system implementation in the Linux kernel. A local attacker could
possibly use this to cause a denial of service (system crash).
(CVE-2023-2985)

Read More

Opaque Systems releases new data security, privacy-preserving features for LLMs

Read Time:33 Second

Opaque Systems has announced new features in its confidential computing platform to protect the confidentiality of organizational data during large language model (LLM) use. Through new privacy-preserving generative AI and zero-trust data clean rooms (DCRs) optimized for Microsoft Azure confidential computing, Opaque said it also now enables organizations to securely analyze their combined confidential data without sharing or revealing the underlying raw data. Meanwhile, broader support for confidential AI use cases provides safeguards for machine learning and AI models to use encrypted data inside of trusted executions environments (TEEs), preventing exposure to unauthorized parties, according to Opaque.

To read this article in full, please click here

Read More

pcs-0.11.6-1.fc39

Read Time:21 Second

FEDORA-2023-e4cb7a5bda

Packages in this update:

pcs-0.11.6-1.fc39

Update description:

Automatic update for pcs-0.11.6-1.fc39.

Changelog

* Wed Jun 21 2023 Michal Pospisil <mpospisi@redhat.com> – 0.11.6-1
– Rebased to the latest upstream sources (see CHANGELOG.md)
– Updated pcs-web-ui
– Removed dependency fedora-logos – favicon is now correctly provided by pcs-web-ui
– Resolves: rhbz#2109852 rhbz#2170648

Read More

USN-6186-1: Linux kernel vulnerabilities

Read Time:4 Minute, 36 Second

Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in
the netfilter subsystem of the Linux kernel when processing batch requests,
leading to a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2023-32233)

Gwangun Jung discovered that the Quick Fair Queueing scheduler
implementation in the Linux kernel contained an out-of-bounds write
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-31436)

Reima Ishii discovered that the nested KVM implementation for Intel x86
processors in the Linux kernel did not properly validate control registers
in certain situations. An attacker in a guest VM could use this to cause a
denial of service (guest crash). (CVE-2023-30456)

It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux
kernel did not properly perform data buffer size validation in some
situations. A physically proximate attacker could use this to craft a
malicious USB device that when inserted, could cause a denial of service
(system crash) or possibly expose sensitive information. (CVE-2023-1380)

William Zhao discovered that the Traffic Control (TC) subsystem in the
Linux kernel did not properly handle network packet retransmission in
certain situations. A local attacker could use this to cause a denial of
service (kernel deadlock). (CVE-2022-4269)

It was discovered that the io_uring subsystem in the Linux kernel did not
properly perform file table updates in some situations, leading to a null
pointer dereference vulnerability. A local attacker could use this to cause
a denial of service (system crash). (CVE-2023-1583)

It was discovered that a race condition existed in the btrfs file system
implementation in the Linux kernel, leading to a use-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly expose sensitive information. (CVE-2023-1611)

It was discovered that the Xircom PCMCIA network device driver in the Linux
kernel did not properly handle device removal events. A physically
proximate attacker could use this to cause a denial of service (system
crash). (CVE-2023-1670)

It was discovered that the APM X-Gene SoC hardware monitoring driver in the
Linux kernel contained a race condition, leading to a use-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or expose sensitive information (kernel memory).
(CVE-2023-1855)

It was discovered that a race condition existed in the Xen transport layer
implementation for the 9P file system protocol in the Linux kernel, leading
to a use-after-free vulnerability. A local attacker could use this to cause
a denial of service (guest crash) or expose sensitive information (guest
kernel memory). (CVE-2023-1859)

It was discovered that a race condition existed in the Bluetooth HCI SDIO
driver, leading to a use-after-free vulnerability. A local attacker could
use this to cause a denial of service (system crash). (CVE-2023-1989)

It was discovered that the ST NCI NFC driver did not properly handle device
removal events. A physically proximate attacker could use this to cause a
denial of service (system crash). (CVE-2023-1990)

It was discovered that the SLIMpro I2C device driver in the Linux kernel
did not properly validate user-supplied data in some situations, leading to
an out-of-bounds write vulnerability. A privileged attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2023-2194)

It was discovered that the perf subsystem in the Linux kernel contained a
use-after-free vulnerability. A privileged local attacker could possibly
use this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2023-2235)

Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu
Linux kernel contained a race condition when handling inode locking in some
situations. A local attacker could use this to cause a denial of service
(kernel deadlock). (CVE-2023-2612)

It was discovered that a race condition existed in the TLS subsystem in the
Linux kernel, leading to a use-after-free or a null pointer dereference
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-28466)

It was discovered that the Bluetooth subsystem in the Linux kernel did not
properly initialize some data structures, leading to an out-of-bounds
access vulnerability in certain situations. An attacker could use this to
expose sensitive information (kernel memory). (CVE-2023-28866)

It was discovered that the DA9150 charger driver in the Linux kernel did
not properly handle device removal, leading to a user-after free
vulnerability. A physically proximate attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2023-30772)

It was discovered that the Qualcomm EMAC ethernet driver in the Linux
kernel did not properly handle device removal, leading to a user-after free
vulnerability. A physically proximate attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2023-33203)

It was discovered that the BQ24190 charger driver in the Linux kernel did
not properly handle device removal, leading to a user-after free
vulnerability. A physically proximate attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2023-33288)

Read More