PHISHING ALERT – BVI BEING TARGETED

There is presently a targeted E-Mail Phishing campaign against the British Virgin Islands with someone using LIME as the mechanism. They have cloned the Lime Email login site.

The actual website that users get sent to is hosted in Greece and they are harvesting email and password information from users that log in.

The picture below shows what the email looks like. If you receive an email like this DO NOT CLICK ANY LINKS! Delete it immediately.

Lime Phishing Email

The following pictures show the source code being used in the attack and the email script.

Lime Phishing

This is the Source Code:

Lime Phishing Source

As ever, remain vigilant. If you have even the slightest doubt over the veracity of an email, delete it and contact the company directly.

Advertisements

We’re under ever-increasing attack

Regular readers will recognise Cyber Security as a common theme of my blogs. Without wishing to sound shrill it is getting worse – attacks are becoming more frequent, more sophisticated and more successful. Worse, this is no longer limited to major retailers and banks (eg Target), but small businesses and individuals are falling victim to cyber attack. On this blog I can provide three examples that have occurred in the BVI in the past week. Read on….

1) Our client called us in because they were having non-specific IT and email problems. On investigation we found their email had been hacked, giving access to all their past and current emails to the hacker. However, what had happened next was scary.

The hacker, with access to their previous emails, posed as a regular supplier based in the US. They sent utterly convincing emails to our client, culminating in a “change of bank account” email. All of this was highly authentic, with the only clue to the scam being the server account the emails were sent from. Our client understandably trusted the emails and duly changed the bank account. Only after several thousand dollars were transferred to it did they discover the scam, by which time of course it was too late.

One way to have averted this was to spot that the emails were from a different server – not easy in these days of “name only” emails. The other was to change their own email address entirely after the initial hack, and inform known suppliers and customers of the new email address. Of course they would have needed to realise the hack had taken place to do this….

2) A client received a “Phishing” email purportedly from Amazon.com. Again, very convincing, it looked exactly like an email you would receive from Amazon. This one was an order acknowledgment which included a “click this link” if you had’t placed the order. The client had not placed the order, clicked the link and BAM! – malicious software was uploaded to their computer and all their online accounts were immediately compromised. Fortunately we spotted it before the attackers were able to make any monetary gain.

3) I personally received a “change of password” notification to one of my email accounts. This included a link to click in the event that I had not actually changed my password, so my email provider could investigate. Not having changed my password, my finger was poised on the mouse about to press the link when alarm bells went off in my head. Rather than click, I hovered over the link so the address would pop-up. Sure enough it was an address unrelated to my email provider – it was a phishing email. I was millimeters from clicking a link which would have downloaded malicious software to my computer, with all the misery that would then follow.

Was I pleased with myself for not clicking the link? Not really. I was relieved at such a close call. But then I thought about it – I write about cyber security almost every day on social media and blogs. Yet I had almost fallen foul. People with less awareness, or more likely busy people simply trying to get through their emails, could easily fall victim.

What to do? Well, remain vigilant.  If you do click a link and have even the slightest concern, call in your IT manager to review your computer. More proactively, you can take the following steps:

  1. Cyber training – user awareness training for you and your staff on what to do (and what not to do) in your daily computer usage
  2. Cyber review – have a cyber security expert review your IT systems for weaknesses, malicious software and hacks
  3. Penetration test – have a cyber security expert attempt to hack into your system remotely so as to expose any weaknesses and plug the gaps. Don’t kid yourself – a good expert will gain access. The question is how easily can they do so?
  4. Repeat regularly!

Sorry folks, there is no good news on this one. Today’s thief is unlikely to break into your home and steal the DVD player. They’re more likely to be thousands of miles away, want to steal your identity and then empty the contents of your bank account.