Anne wants to know if her cellphone has been hacked. She got a Gmail that she renewed a subscription for over $1400. Leo says to check her credit card to make sure she wasn't charged. And NEVER reply. They're trying to get to her response so they can socially engineer personal data from her. And if she responds, they know her account is legit. It's called a phishing scam. Has her cellphone been hacked? Leo says no. It's just SPAM.
T-Mobile has admitted to a recent security breach that compromised the personal information of millions of its customers. The hacker who did it told the Wall Street Journal that their online security was awful and gave him unlimited access for over a week to customer data, including social security numbers and credit card information. Leo recommends every TMobile customer put a fraud alert on their credit account. It's free. The other option is a credit freeze, which will prevent any new credit from being taken in your name. The downside is, it'll prevent you from getting credit either.
The classic router botnet virus Mirai is back, and it's infecting routers to create a denial of service attacks with 17.1 server requests per second. The fix is to reboot your router. But even then, it's easy to get reinfected. Thus, Leo says to reboot it regularly.
Cindy thinks her computer has been hacked by someone she knows. She sees the mouse move around on its own. Leo says if you've given someone physical access to your computer, then it's time to start over by backing up the data, then reformatting your hard drive. Then you can reinstall the operating system and start over. Leo also recommends resetting your phone if they had access to that as well.
Hackers are bragging that they have breached the servers of T-Mobile and have managed to grab the customer data of over 100 million customers, including social security numbers, driver's license numbers, IMEI data, and more. And they are selling it. T-Mobile says they have plugged the break and are "investigating" it, but Leo says this is a mess for T-Mobile if proven true. And according to experts who have seen samples of the data, it looks legit.
Nathan was online and got a popup that his system got compromised and locked up. It then had an 800 number to call from Microsoft. Leo says it wasn't from Microsoft; it was a scam that Nathan got sucked into. Fortunately, he put two and two together and called American Express, who verified it was a scam. Never call the number on the screen that pops up!
Over 100 navy vessels from various countries, including Russia and the US, have had their GPS location hacked to make it look like they are unlawfully entering a nation's waters. Leo says that the hackers have been quite busy with not only messing with military ship GPS but also commercial traffic. And it has governments concerned that they could accidentally cause an international incident or even conflict.
Employees have been warning IT company Kaseya that the company would be hacked for three years. With weak encryption and lackluster cybersecurity, Kaseya was finally breached, exposing over 1500 IT companies to ransomware. The hack was performed by Russian criminal gang REvil, demanding 70 million in bitcoin for the decrypter. Leo says that there's no excuse for it, as the executives of Kaseya left the company a sitting duck for an attack.
Leo also adds that every year, ransomware gets worse and more prevalent.
If you have a Facebook and are taking precautions in case you get hacked (and used to post/click on things that you wouldn't do), you should assign at least one trusted contact. Friends or family you trust can help you recover your account by sending you a special URL via recovery code. Go to Security & Login Settings, scroll to "Choose 3 to 5 friends to contact if you get locked out", and edit which friends you want to assign. You can also change or remove those chosen friends later for whatever reason.
Hugo wants to know why companies pay ransomware when they should normally have a backup to their data and network. Leo says that's a good question. Oftentimes, though, the ransomware isn't triggered right away. It lies in wait. Meanwhile, hackers browse around, looking for valuable data to steal and other weaknesses. The hackers will also look for where the backups are stored and seek to disable the backups or lock them up as well. Then, once the recon is done, the malware is triggered, bringing the network down.