Fake PayPal emails lead to nearly £8 million in losses this year
Cyber criminals have been targeting online sellers by emailing them claiming to be from PayPal, these emails are intended to trick the victims into believing that they are receiving a payment for an item they are selling. Typically after receiving these emails the victim will send the item to the criminal believing a legitimate payment has been made. This, unfortunately, leaves the seller at a disadvantage and out of pocket.
From January to September 2020 Action Fraud received 21,349 reports regarding fake PayPal accounts amounting to victims losses a totalling £7,891,077.44.
Beware a New Google Drive Scam Landing in Inboxes
Scammers are utilising a newly found flaw in Google Drive to phish unsuspecting victims. The flaw is being exploited to send out what appears to be legitimate emails and push notifications that seemingly originate from google that, when opened, lead to potentially malicious websites.
Brazil's court system under massive RansomExx ransomware attack
Brazil's Superior Court of Justice was hit by a ransomware attack on the 3rd November during judgement sessions that were taking place via video conference. As a result of the attack all operations within the Superior Court of Justice remained suspended until the 9th November for system recovery. Although not officially stated by the Brazilian court, a ransom note left on one of the encrypted computers shows that the RansomeExx gang where responsible for this attack.
Using Video Conferencing Services Safely

Working from home has become the new norm for many of us in recent months and, with the implementation of the second lockdown, may continue to be for the foreseeable future.

For many of us video calls have become a routine activity. Whether its video conferencing, hosting/attending webinars or presenting to colleagues for work purposes or simply using these services to virtually chat with friends and family it is important to ensure that you are using these services safely.
Downloading and Setting up Software
  • Only download software from trusted sources, i.e. the app store on your phone, tablet or computer or, alternatively, from the providers official website. Be wary of advertised links and pages claiming to offer the software as these are not always the official sites.
  • Once downloaded check, and if needed change, the privacy features. It is important to understand what data, if any, is shared with the service provider. It is recommended to opt out of data sharing.
  • Ensure your account is protected with a strong password. If available, consider setting up set up two factor authentication (2FA) as this adds an extra layer of protection that can stop criminals accessing your account.
Hosting and Joining
  • Utilise features such as virtual waiting rooms.  This will allow you, as the host, to only admit people who are meant to be attending the meeting and remove any unwanted visitors.
  • Do not make the call details public. Connect directly to the people you want to invite using your contacts/address book, or provide private links to the individual contacts. Some video conferencing services allow you to set up the call so that a password is required in order to join, if you have this feature available consider utilising it for an extra layer of protection.
  • Treat any unsolicited links you receive to join a video conference with caution.
  • If you are presenting/meeting with external parties be mindful of your surroundings. A malicious individual may take note of your surroundings in order to construct a convincing social engineering attack, consider changing or blurring your background.
  • Always install the latest software and App updates.
Weekly Threat Report 6th November 2020
Patching still lagging
Zero-day vulnerability warning from Google
Oracle WebLogic Server remote code execution vulnerabilities
Facebook pays out $25k bug bounty for chained DOM-based XSS
A security researcher was awarded $25,000 bug bounty after uncovering a DOM-based cross-site scripting vulnerability in Facebook. The vulnerability meant that a logged in user could fall pray to an attack exploiting the flaw in Facebooks payments redirect page.

Gaming Giant Capcom Suffers Security Breach
Capcom, the Japanese game developing and publishing company responsible games such as Resident Evil and Street Fighter, has disclosed a recent security breach. The breach impacted email and file servers, among other systems. Due to lack of information, it’s too early to say whether the attack was intended to steal sensitive information, deploy ransomware or perhaps both.
Zoom lied to users about end-to-end encryption for years, FTC say
The Federal Trade Commission (FTC) alleged that zoom lied about providing users with end-to-end encryption. The FTC stated that "since at least 2016, Zoom misled users by touting that it offered 'end-to-end, 256-bit encryption' to secure users' communications, when in fact it provided a lower level of security". Zoom has now agreed to upgrade its security policies in a tentative settlement with the FTC, however, there will be no compensation for effected users.
New RegretLocker ransomware targets Windows virtual machines
A new ransomware called RegretLocker, with advanced features and that allow it to encrypt virtual hard drives and close open files for encryption has been discovered this month. In terms of appearance, RegretLocker uses email for communication rather than a Tor payment site and long ransom notes.
What can we offer you?
Click here to subscribe to the Cyber Crime Sentinel Newsletter!
Get in Touch
If you think you may have been the victim of fraud or cybercrime and incurred a financial loss or have been hacked as a result of responding to a phishing message, you should report this to Action Fraud 

Spotted a suspicious email? If you have received an email which you’re not quite sure about, forward it to the Suspicious Email Reporting Service (SERS):

Alternatively you can call 0300 123 2040 for 
 report and get advice about fraud or cyber crime

Our lives are relying on technology more every day. Join us each week for your bitesize cybersecurity podcast. In this increasingly technical world we deliver non-technical cyber news, and identify the current threats we’re facing.

The WMCRC work with local Universities and Police forces in Staffordshire, West Midlands, West Mercia and Warwickshire to provide you access to the latest information on emerging cyber threats, criminal trends and best practice to protect your business.
Apple Podcast
Copyright © 2020 West Midlands Regional Cyber Crime Unit, All rights reserved.

Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list.

Email Marketing Powered by Mailchimp