How Malware takes remote control of your HP after you download 3rd party apps
Update 29 Dec 2023: DEEPFAKE VIDEO OF PM LEE PROMOTING SOME INVESTMENT SCAMS
Prime Minister (PM) Lee Hsien Loong appears to be promoting a crypto-trading video on the Beijing-based news outlet China Global Television Network (CGTN). Yes, PM Lee seems to be discussing the benefits of a hands-free crypto trading platform, which boasts the ability to compute algorithms, analyse market trends, make strategic investment decisions, and execute trades—all autonomously, without any manual input from the user.
On 29 Dec, PM Lee shared a recent deepfake video that has been circulating online. Elaborating on the type of scam involved, PM Lee explained that scammers employ AI (artificial intelligence) technology to mimic our voices and images. They transform real footage of us, taken from official events, into very convincing but entirely bogus videos of us purportedly saying things we have never said. PM Lee urged people not to respond to such scam videos, which promise guaranteed returns on investments.
DEEPFAKE VIDEO OF DPM LAWRENCE WONG SELLING SOME INVESTMENT SCAM
Deepfakes are media that have been altered by AI to look or sound like someone. In the video, DPM Wong’s mouth is altered to synchronise with a fake voiceover that sounds like him. Yes, the voiceover mimics the pitch and intonation of DPM Wong’s actual voice. Don’t believe me? You can watch the deepfake video here.
Notably, the video was made from modified footage of DPM Wong giving an interview recorded by The Straits Times. The deepfake video promotes an investment scam, even using terms reminiscent of a DPM speech, like “my dear Singaporeans”.
Spate of Online Scams
Ms Jacqueline Khoo, 58, lost $44,487 from two credit card accounts and three bank savings accounts from POSB in a few hours after she clicked on a link to download a third-party app, following which scammers then increased her credit limits and siphoned out her money. Ms Khoo had chanced upon a Facebook advertisement for grouper fillets from a seafood supplier called “Fresh Market TGS” on Aug 25.
She was attracted by a deal that offered $10 grouper fillet with free shipping and contacted the seller on Facebook. “Although I never bought anything from Facebook before, I had previously bought fish and pork from Shopee and Qoo10. I was not suspicious of the ad and it never occurred to me that this was a scam,” she told The Straits Times.
Dangers of Public WiFi: What You Need to Know
Public WiFi networks are everywhere in this day and age, and pretty much every business — whether it’s a coffee shop, hotel or supermarket — will have one. For many of us, asking for the WiFi password may be the first thing we do when we sit down for a bite to eat, and although this is certainly convenient, the dangers of public WiFi are not to be underestimated.
In this piece, we’ll run through what these dangers are, what avenues of attack can be used against you, and finally how to protect yourself from danger and prevent attacks if you frequently make use of open WiFi networks. What are the Risks of Using Unsecured WiFi? There are many risks associated with unsecured or public WiFi networks.
Even if the network in question is a secure public WiFi hotspot, if all you need to do is ask one of the employees for the password, then anyone who wants access can get in anyway. Even worse, many networks will have open WiFi settings, allowing anyone who’s connected to gain admin access to the router. With this access, there are numerous ways for cybercriminals to take advantage of unsuspecting users who are simply looking to browse the web, mostly in the form of what is known as “man-in-the-middle” attacks.
When accessing free Wi-Fi could lead you to lose life savings to scammers
A total of $346.5 million was lost to scams in the first half of 2022. PHOTO: ST FILE
Keying in your personal details to access free Wi-Fi at a cafe might sound harmless, but it could lead to a lifetime of regret.
Fraudsters can get their hands on such information – through hacking or buying it illegally – and claim to be from government agencies to manipulate people into handing over their life savings, said Assistant Professor Kang Hyunjin from Nanyang Technological University (NTU). She said: “Many victims don’t realise they are being cheated as they underestimate the lengths these swindlers will go to steal from them.”
5 common types of scams:
- E-commerce scam
- Investment scam
- Job scam
- China officials impersonation scam
- Internet love scam
Warning as public wi-fi scams on the rise
AS hybrid working continues and is bigger than ever in 2023, a warning has been issued to those connecting to public wi-fi networks. Data proxy experts at Geonode have issued a warning to those connecting to public wi-fi networks. The team at have put together some simple tips to avoid hackers gaining entry to people's personal data, with a recent survey by the company revealing that 78 per cent of people join free public wi-fi networks everyday, with 56 per cent of those aged between 16-35 years old.
Head of Geonode PR and Comms, Sophie Chanel, said: "It's extremely important to be vigilant when connecting to free wi-fi networks, although it's tempting, follow simple security checks such as confirming the network name with the owner, if you can. "Hackers are evolving everyday, and public wi-fi scams can have an impact on the vulnerable as we continue in the cost of living crisis, where more people will opt to work outside of their homes, in public places." According to Geonode, instances where a choice appears between multiple free network names that are similar but not the same are attacks by hackers – dubbed wi-phishing – which tries to trick people into logging into the wrong network to get their info. Most people jump on the strongest, open signal they see, but they should always check that they pick the legitimate network. Just ask someone who works there for the proper network name if it is not posted. The team have also urged caution when using passwords or personal information on public networks.
There are a lot of passwords to remember, and users probably have to enter a few even while they are on public wi-fi. This, says Geonode, is one of the many reasons people should use a password manager which stores passwords and keeps them encrypted, even on mobile apps. There is also a warning not to access personal or financial information – always assume a public wi-fi network is not secure. Users should not stay signed in to accounts, logging out immediately after finishing using it. The Geonode team urge people not to avoid warning messages and log off immediately should they appear. Banking apps should not be opened on public access networks.
Don't fall victim to the 'Free Wi-Fi' scam
The next time you're at an airport looking for a wireless hot spot, and you see one called "Free Wi-Fi" or a similar name, beware -- you may end up being victimized by the latest hot-spot scam hitting airports across the country.
You could end up being the target of a "man in the middle" attack, in which a hacker is able to steal the information you send over the Internet, including usernames and passwords. And you could also have your files and identity stolen, end up with a spyware-infested PC and have your PC turned into a spam-spewing zombie. The attack could even leave your laptop open to hackers every time you turn it on, by allowing anyone to connect to it without your knowledge.
If you're a Windows Vista user, you're especially susceptible to this attack because of the difficulty in identifying it when using Vista. In this article, you'll learn how the attack works and how to keep yourself safe from it if you use Windows XP or Vista.
A new twist on the 'free Wi-Fi' scam
As technology professionals you are undoubtedly aware of the various “Free Wi-Fi” scams that turn up from time to time, from the issues with Windows XP and access points to actual honey traps and unscrupulous operations that weren’t exactly free. But I heard today about a new scam from a client who does trade show operations.
Keep in mind that the majority of trade shows are on a much smaller scale than those we traditionally associate with IT, and that for non-IT products, the attendees are usually not exceptionally technically astute. So when the trade show operators promote free Wi-Fi for attendees and vendors it is usually accepted as a given that there will be some form of free Wi-Fi available, though there may be no better performance than the level offered by budget motels.
And as we all know, the most effective malware attacks often come in the form of social engineering; give someone something they expect to see and they will likely click on it and move on. And that is what this scheme is based on. I discovered this when a friend called me this morning to tell me about their experience at a mid-sized, industrial equipment, trade show.
The Free Wi-Fi Scam
Computerworld reports that in testing at airports, they found honeypots intended to lure unsuspecting users: I'm a bit lagging on this story, reported two weeks ago, but it's still relevant. The "Free Wi-Fi" scam involves password snatchers setting up fake Wi-Fi networks in public places, like airports, that use free in their network name. Connecting to these locations puts your machine at risk. Further, for Windows users, your laptop might connect in the future to other identically named locations without asking if you want to connect. The attacker can snarf unprotected passwords and unencrypted email, as well as infect your computer.
Computerworld cites security firm Authentium as having found dozens of "free," ad-hoc wireless networks of this sort at airports across the U.S. The firm told Computerworld that in multiple visits to O'Hare, they found over 20 ad-hoc networks advertising free service each time, and saw "fake or misleading" MAC addresses, the numbers designed to identify each Wi-Fi or Ethernet adapter uniquely.
The article offers specific advice on how to avoid this problem. The most prominent in my mind? Use a VPN. Several firms offer VPN-for-hire for travelers who don't work for companies that offer or require VPN use on the road. Try JiWire's Hotspot Helper (Windows only, $25/year) or WiTopia.net's personalVPN (Windows/Mac, $40/year), for instance.
How to Protect Yourself against ‘Free WiFi’ Scams?
You’re sitting at your next-door Starbucks and ingconnecting your device to the local WiFi network while waiting for your friend to show up. It’s free, so why not use it to kill some time? However, this may put your public WiFi security at risk as you could be tapping into a fake WiFi hotspot and exposing yourself to a hacker.
If you regularly use free WiFi, it’s important to double-check before logging into open WiFi hotspots on your device. After all, you wouldn’t want the information you send through apps or websites to be accessed by somebody else. Read on to learn more about free WiFi scams and how to stay protected. How do Free WiFi Scams work? Hackers will set up a fake WiFi hotspot at the airport, hotel lobby, coffee shop, restaurant, or other public places with innocuous names like “Public WiFi network” or “Free WiFi.” They might use a service set identifier (SSID) similar to a nearby legitimate WiFi hotspot so that users don’t hesitate to connect to it.
While you can browse the Internet once connected, the hackers can see everything you do online as all your traffic passes through them. This is how they can steal your personal information, such as your credit card details, or even take over your device and its contents – if you’ve left your file sharing on! There’s another version where you have to pay a small fee for Internet access. Upon signing into the fake WiFi hotspot, you’re redirected to a new page and prompted to enter your credit card information. Of course, these details are then accessible to hackers and used to commit identity fraud and other crimes.
Cybercrime: The Complete Guide to All Things Criminal on the Web
The idea of using the internet to commit crimes isn’t new, but the problem continues to grow as people become more reliant on the internet for making purchases and storing personal information. In this guide to cybercrime, we’ll explore the most potent threats on the internet today.
We’re going to give you an overview of the common kinds of cybercrime, provide real-world examples and suggest tools you can use to protect yourself.
Unfortunately, you can’t justify assuming that common sense will get you past these hurdles. Just as you’d take steps to defend yourself from crime in a major city, you should do so while using the internet. Sometimes, avoiding a questionable areas isn’t enough.
How can you act against scams? MHA outlines 3 steps you can take
The ACT acronym in the new campaign tagline outlines how members of the public can Add security features, Check for signs, and Tell the authorities and others about scams
What is ACT? ACT outlines three actions individuals should take to safeguard themselves and the community against scams:
- Add security features such as ScamShield and two-factor authentication for personal accounts. Also, set up transaction limits for Internet banking, to limit the amount of funds possibly lost in the event of a scam.
- Check for potential signs of a scam by asking questions, fact-checking requests for personal information and money transfers, and verifying the legitimacy of online listings and reviews. Take the time to pause and check. If it is too good to be true, it is probably untrue, and a scam.
- Tell the authorities and others about scam encounters by reporting to the bank, ScamShield, or by filing a police report. Tell others about ongoing scams and preventive steps they can take.
There were 14,349 scam cases reported in the first half of 2022, with a total of $346.5 million lost, of which $227.8 million was lost to the top 10 types of scams. Both the number of cases and total amount lost were more than half of the 23,931 cases reported and $633.3 million lost in the whole of 2021. The top 10 scams for the first half of 2022 were:
- Job
- Phishing
- E-commerce
- Investment
- Social media impersonation
- Fake friend call
- Loan
- Internet love
- Credit for sex
- Fake gambling platforms
How does ScamShield work?
The app filters incoming calls and text messages. ScamShield compares an incoming call against a list maintained by the Singapore Police Force to determine if the number has been used for illegal purposes and blocks it.
When you receive an incoming SMS from an unknown contact, ScamShield will determine if the SMS is a scam using an on-device algorithm. For iOS, it filters the messages to a junk SMS folder. For Android, a notification is sent to users to notify them that a scam message has been received.
Scam SMSes will be sent to NCPC and SPF for collation. This keeps the app updated and will help protect others from such scam calls and messages.
Top 10 Scams in Singapore
New scam? Man pretends to be hit by car in Serangoon
What a dramatic accident — except that there was no collision involved. A man was caught on camera throwing himself out in front of an oncoming car and then falling onto the ground even though the vehicle did not hit him.
Several readers alerted Stomp to the video that has been circulating online since Wednesday (Sept 28). The incident reportedly occurred along Serangoon North Avenue 5 on Monday evening. In the video, the pedestrian is seen flinging himself onto the road in an exaggerated tumble.
The driver who captured the video, however, had honked and stopped in time while still some distance away from the man. She can be heard saying, "What are you doing?" It is unclear what the man replied but he continued to sit on the road. Many netizens called out the incident for being a "100 per cent insurance scam" and made sarcastic comments about the man's acting.
Protect yourself from fraud & scams
Failing to protect your digital privacy can lead to a host of issues, from identity theft to your accounts being hacked
In the age where every Google search inevitably results in customised ads showing up on your screen, and social media platforms suggest friends of friends to follow, it’s understandable why many people give up on digital privacy. After all, why bother when the Internet already knows so much about you (and all the cat videos you watch)?
In reality, we should all be doing our best to maintain our digital privacy. More than just having your embarrassing social media photos shared in public, a lack of digital privacy can have far-reaching consequences.
For example, password leaks and hacks can lead to your accounts being hijacked. Even if your passwords are safe, your identity may not be: If your full name and IC number are retrieved by a malicious actor, they can be used to apply for credit cards or loans, or even commit fraud at medical institutions. In some cases, the victim might not even be aware that their accounts or information have been compromised until they attempt to log in or are notified by the authorities.
Phishing and other SMS scams
New measures for digital banking are to be rolled out for banks in Singapore, after a recent spate of SMS phishing scams affected at least 469 of OCBC's customers
Banks in Singapore will be removing clickable links in emails or SMS messages sent to retail customers and set the threshold for funds transfer notifications to customers by default at S$100 or lower. These are part of several measures to protect account holders from phishing scams. The changes, announced by the Monetary Authority of Singapore (MAS) and the Association of Banks in Singapore (ABS) in a joint statement on Wednesday (Jan 19), will be implemented within the next two weeks.
The new measures came after at least 469 customers were affected by an SMS phishing scam targeting OCBC bank customers, with losses totalling at least S$8.5 million. The fraudsters had sent out fake bank alerts that spoofed the bank's official SMS channel, duping many of them into clicking on web links and giving up their personal account information last month. In the joint statement, MAS and ABS said that these measures will bolster the security of digital banking, given that it will lengthen the time taken for certain online banking transactions and also provide an added layer of security to protect customers’ funds.
Other measures that banks will be putting in place include:
- Delaying activation of a new soft token on a mobile device by at least 12 hours
- Sending notification to a customer's existing mobile number or email registered with the bank whenever there is a request to change a customer’s mobile number or email address
- Introducing a cooling-off period before executing requests to important account changes such as in a customer’s key contact details
- Having dedicated and well-resourced customer assistance teams to deal with feedback on potential fraud cases on a priority basis
- More frequent scam education alerts
Investment Scams
财叔投资到身上长满蜘蛛网了😥 Did Uncle Cai invest in spider webs? Why are they all over him?
#金刚媒体 #kingkongmediaproduction MoneySense
What Is Pig-Butchering Scam 杀猪盘
I want to raise awareness on the Pig-Butchering scam or Sha Zhu Pan in Chinese. So called because victims are patiently worked on every day for 1-3 months before scamming them big time, like fattening up a pig before slaughter. They have extremely well-planned operations and have really been successful in the Chinese-speaking world. Sha Zhu Pan scam has become one of the top Chinese buzzwords in 2019-2020.
Victims are scammed on average $24k, and millions in total have been lost. It's a huge cottage industry that Chinese police has had a hard time stamping out. There are scores of recent news stories, blogs, video clips, and other media online about Sha Zhu Pan victims and scammers. Sadly, almost all are in Chinese. I think the rest of the world has to wise up to this, because now as most Chinese are becoming aware of this Pig-Butchering Scam, the scammers are turning their skills more towards non-Chinese, more so this year.
This first half is somewhat detailed because since everyone is generally aware of romance scams, being vague won't convince someone who is in the thick of it and thinks that his/her online friend is THE exception. Exposing specific details of the Pig-Butchering scam is most convincing to current victims that the "spontaneous" events are actually planned.
related:
