WMRCCU is joining Friends Against Scams
Anyone can become a victim of a scam, so WMRCCU are joining Friends Against Scams to support their FASathon campaign to get as many people #ScamAware as possible! Join the FASathon and complete the online scams awareness session today!
London's Hackney Council Systems Still Paralysed After "Serious Cyber Attack"

The attack was first revealed on the 13th of this month yet many of the systems affected remain paralysed. The attack has had serious implications on the councils ability to operate key services and systems that allow residents to pay rent and council tax. The incident is now being investigated by the NCSC.
Russian intelligence officers charged in US for Pyeongchang 2018 cyber-attack
Six Russian intelligence officers have been charged with; conspiracy to conduct computer fraud and abuse, conspiracy to commit wire fraud, wire fraud, damaging protected computers, and aggravated identity theft in relation to an alleged global hacking operation that included the 2018 winter Olympics. According to the NCSC, the UK and allies have warned Russia  against further destructive cyber attacks
Global pharmaceutical Pfizer exposed PII of hundreds of prescription drug users
Pharmaceutical company Pfizer has leaked the personal information of hundreds of US users after failing to secure a Google Cloud bucket that contained contained transcripts between users of various Pfizer drugs and the company’s automated customer support software. Each transcript contained sensitive information about prescription drugs being used by customers as well as their full names, home and email addresses, phone numbers, and partial details of their health and medical status.
Montreal's STM public transport system hit by ransomware attack
British Airways receives $20M fine for cyber-incident
Survey reveals 4 in 5 fraud prevention professionals believe businesses unprepared for 2020 fraud levels
Stop your business being scammed- 5 top tips
As part of European Cybersecurity Month the European Union Agency for Cybersecurity (ENISA) shared some top tips on what you can do in order to prevent your business becoming the next victim of a scam.

💻 Stay calm if you receive an 'urgent' email from a senior member of staff (especially if they request a payment).
Fraudsters and cybercriminals will often pretend to be a trusted member of staff, such as a senior manager or CEO, and ask for a confidential payment for a seemingly legitimate reason. Always check the email address of the sender and call the individual to verify the request is legitimate. Do not call any number that was sent with the email if it differs to the contact details you have.
💻 Always double check a suppliers request to change payment details.
A call, email or letter from a supplier requesting to change the way that your business pays them could be a scam. It is good practice to call the suppler independently to confirm the request.
💻 Watch out for fake 'security alters'
Fraudsters will often use fake security alters to trick employees into thinking there has been a security breach on the companies system or an internet banking systems. Often these scammers will claim to need your financial information in order to 'fix' the breach. To help ensure the source is who they are claiming to be hang up and call them back using a number from your own records and not the number you received the call from.
💻 Think before you click
If something about an email seems suspicious do not open any links, attachments or download any files. This is one of the many ways that fraudsters can trick individuals into downloading malware. Instead inform your IT department as they can check the content.
💻 Think before you share
Never share any sensitive information about your company on social media as this can increase the risk of becoming a target. Check your companies policies regarding what can be shared on social media and if in doubt, don't post.
Charity Fraud Awareness Week
According to Action Fraud, since the start of the pandemic in March 645 charities have reported being victims of fraud or cybercrime. This amounts to around £3.6 million in losses to charitable organisations, however due to the vast underreporting of fraud the true number is unknown but believed to be much higher. 

As part of Charity Fraud Awareness Week charities can find free tools and advice at:
Weekly Threat Report 16th October 2020
Call for caution during online shopping events
Passenger data compromise confirmed by Carnival
Microsoft security updates now available
Threat actors chaining vulnerabilities
SonicWall VPN Portal Critical Flaw 
The issue can be triggered by an unauthenticated HTTP request involving a custom protocol handler. Attackers could potentially use this security flaw to a cause a persistent DoS attack. SonicWall has released patch updates to rectify the issue.
Hackers hijack Telegram, email accounts in SS7 mobile attack
The Signaling System 7 (SS7) is used for connecting mobile networks across the world were, hackers with access to this system were able to gain access to the Telegram messenger and subsequently the email data of high-profile persons within the cryptocurrency business.
NSA Lists 25 Vulnerabilities Chinese APT Groups Are Chasing Right Now
The National Security agency has recently published a report that details the top 25 vulnerabilities exploited by hackers. According to their report, the NSA claimed that these vulnerabilities have been abused and exploited by China-backed cybercriminals.
Cybercriminals Develop New Windows Trojan That can be Controlled via Telegram Channel
Researchers have discovered a new RAT (remote access trojan), named T-RAT, the malware has been advertised on Russian-speaking hacking forums and is available for only $45. For cybercriminals, the main appeal of this malware is its ability to utilise the Telegram channel to control infected systems.
What can we offer you?
Click here to subscribe to the Cyber Crime Sentinel Newsletter!
Get in Touch

Our lives are relying on technology more every day. Join us each week for your bitesize cybersecurity podcast. In this increasingly technical world we deliver non-technical cyber news, and identify the current threats we’re facing.

The WMCRC work with local Universities and Police forces in Staffordshire, West Midlands, West Mercia and Warwickshire to provide you access to the latest information on emerging cyber threats, criminal trends and best practice to protect your business.
Apple Podcast
Copyright © 2020 West Midlands Regional Cyber Crime Unit, All rights reserved.

Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list.

Email Marketing Powered by Mailchimp