Data Scrapers Expose 2.6 Million Instagram and TikTok Users

Security researchers have discovered over two million social media user profiles scraped from the internet after they were unwittingly exposed online by an analytics firm. This data was located on a misconfigured Elasticsearch server, with no password protection or encryption in place. The researchers traced 3.6 GB of data to the social media insights firm IGBlade. Data scraping isn’t illegal however the problem here comes from the fact that all of this data was publically available which breaks the Instagram and TikTok terms of service. Also this data which includes email addresses, phone numbers and location data could be used by cyber criminals for social engineering.
Google warns of surge in activity by state-backed hackers

Google has warned of a surge in activity by government-backed hackers this year, including attacks from an Iranian group whose targets included a UK university. The search group said that so far in 2021 it had sent more than 50,000 warnings to account holders that they had been a target of government-backed phishing or malware attempts. This represents an increase of a third on the same period last year. One group in particular that Google is monitoring is linked to Iran’s Revolutionary Guards, known as APT35 or Charming Kitten, as for years this group has hijacked accounts, deployed malware and used novel techniques  to conduct espionage in the interest of the Iranian Government.

Watch NCSC CEO Lindy Cameron's Speech Here 
A New Crypto Romance Scam is in Town, Rakes in Millions

Cryptocurrency scammers are abusing Apple’s Enterprise Developer Program to get targets to install absolutely fake apps in their iPhones. They have managed to rake in almost $1.4 million from the scam, as per the analysis of a bitcoin wallet owned by them. The scam has been dubbed CryptoRom by Sophos researchers, the cam often starts with criminals using dating apps to form friendships with the victims, then they try to persuade them to install a bogus trading app and convince them to invest in the app, which is how they steal the money.
In Other News

Let's Talk About the Massive DDoS Attack Blocked by Microsoft

Google Crushes YouTube Cookie-Stealing Channel Hijackers

Australia’s essential services could be forced to report when they are under cyber-attack
U.S. Government Bans Sale of Hacking Tools to Authoritarian Regimes


This week is Charity Fraud Awareness Week so we will be covering what threats charities face and how they can increase their cyber security.
Much like businesses, charities are increasingly reliant on IT and technology and are falling victim to a range of malicious cyber activity. Losing access to this technology, having funds stolen or suffering a data breach through a cyber-attack can be devastating, both financially and reputationally. This is why donors, volunteers, employees, professional advisers and trustees have a role to play in protecting the charity sector.
Backing up your data
It is important to think about how much you rely on your charity’s critical data and how easy it would be operate without this data. There is a variety of reasons for charities keeping backups, but in the context of cyber security it could reduce the impact of ransomware, as if you have a backup there would be less temptation to pay the ransom.
Keeping your smartphones (and tablets) safe
Nowadays there is an increasing amount of data stored on smartphones, data that could be critical to the operation of a charity. The problems come from fact that phones often leave the safety of the office, so it is even more important that phones have sufficient protection. Useful security measures include password protection, tracking stolen or lost phones, keep your device up to date and don’t connect to unknown Wi-Fi hotspots.
Protecting your charity from malware
Malware is software or web content that can harm your charity. The most well-known form of malware is viruses, which are self-copying programs that infect legitimate software. Some useful tips include installing anti-virus software, stop users from downloading unsafe apps, update software, and switch on your firewall. 
Avoiding Phishing attacks
In a typical phishing attack, scammers send fake emails to thousands of people, asking for sensitive information (such as bank details), or containing links to bad websites. In order to prepare for phishing attacks accounts should be configured to reduce the impact from an attack using the principle of least privilege and staff should be educated on how to recognise common phishing techniques. It is very important that if you do fall victim to a phishing attack that you report it to Action Fraud and to the Charity Commission. 
Using passwords to protect your data
The use of strong passwords is a simple but highly effective method of protecting your organisation and personal data. However it is essential that passwords are used effectively, firstly the need to be strong the current NCSC guidance is to use three random words, two factor authentication should be used, all default passwords should be changed and password managers should be used to prevent ‘password overload’.
Further guidance can be found on the NCSC website, which has been created with the help of the Charity Commission.

If your apps or gadgets break down on Sunday, this may be why:

A bug in gpsd that rolls clocks back to March, 2002, is set to strike this coming weekend. The programming blunder and the errant code commit, written two years ago, has since been fixed. Now it is just case of making sure every application deploying gpsd has applied the fix. Gpsd is a service daemon that translates data into a common format that's suitable for client applications. It's used to provide clock information, to sync a device’s system clock to time provided by a GPS receiver.

REvil Ransomware Claims Group is Ending Activity 

REvil Ransomware operators are now claiming that the group is ending its activity, again. According to ZDNet, cybercriminals that are claiming to be part of the notorious REvil ransomware group have actually allegedly said that the gang is supposedly closing shop. Dimitry Smilyanets, a Recorded Future security expert shared messages on Twitter coming from "0_neday" which is a known REvil operator. He reportedly claimed that someone took control of the group's very own Tor payment portal as well as a data leak website.


Hacker steals government ID database for Argentina's entire population: Lionel Messi data leaked!

A hacker has breached the Argentinian government’s IT network and stolen ID card details for the country’s entire population, data that is now being sold in private circles. The hack, which took place last month, targeted RENAPER, which stands for Registro Nacional de las Personas, translated as National Registry of Persons. The first evidence that someone breached RENAPER surfaced earlier this month on Twitter when a newly registered account named @AnibalLeaks published ID card photos and personal details for 44 Argentinian celebrities. This included details for the country’s president Alberto Fernández, even data for soccer superstars Lionel Messi and Sergio Aguero.
FBI Warns of fake Government sites used to steal financial, personal data

The FBI warned the US public that threat actors actively use fake and spoofed unemployment benefit websites to harvest sensitive financial and personal information from unsuspecting victims. The FBI said it identified 385 domains, with eight of them impersonating government sites linked to official unemployment benefits platforms. There is also a high chance that the information stolen through these spoofed sites could get into the hands of identity thieves, which can exploit in various benefits fraud schemes.

What can we offer you?
Click here to subscribe to the Cyber Crime Sentinel Newsletter!
Get in Touch

UK Education and Childcare Sector Alert and Resources

The National Cyber Security Centre has released the following guidance to schools - Cyber Security for Schools.  This page houses free resources for everyone working with schools. The education sector has recently been affected by a number of cyber incidents. 

Alert: Further targeted ransomware attacks on the UK education sector by cyber criminals

Support for UK education sector after growth in cyber attacks

New NCSC guidance aimed at the UK Early Years education and Childcare sector
The new guidance, produced in association with key stakeholders in the Early Years sector, will help organisations protect the growing amounts of sensitive information held on children and their families, from both accidental damage or from online criminals.

Keeping children safe in education 2021

Please get in touch with us if you'd like to know more about the free education sector cyber protection support services we provide. 

If you think you may have been the victim of fraud or cybercrime and incurred a financial loss or have been hacked as a result of responding to a phishing message, you should report this to Action Fraud 

Spotted a suspicious email? If you have received an email which you’re not quite sure about, forward it to the Suspicious Email Reporting Service (SERS):

Alternatively you can call 0300 123 2040
to report and obtain advice about fraud or cyber crime
Our lives are relying on technology more every day. Join us each week for your bitesize cybersecurity podcast. In this increasingly technical world we deliver non-technical cyber news, and identify the current threats we’re facing.
The West Midlands Regional Cyber Crime Unit will be taking part in this years Cyber Fringe Festival on the 23-27th November 2021. Get your free delegate pass today!

On the fringe of Cyber & Security: 5 days of Strategic, Operational and Technical sessions, covering: Cyber industry, Defence & Emergency services, Diversity, Government, Acceleration, and Skills.


The WMCRC work with local Universities and Police forces in Staffordshire, West Midlands, West Mercia and Warwickshire to provide you access to the latest information on emerging cyber threats, criminal trends and best practice to protect your business.
Apple Podcast
Copyright © 2021 West Midlands Regional Cyber Crime Unit, All rights reserved.

Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list.

Email Marketing Powered by Mailchimp