Categories
Hack

Analyzing A First Bank Scam Email

Possibly the same bunch of never-do-wells behind the GTBank scam email that I published on this site last week are also behind the First Bank scam email I received last week – reproduced below.

However, this scam mail is a little less sophisticated than the previous.

My comments, in red, details the red flags you should look out for in any correspondence from your bank;

From: First Online <aabukomsan@maktoob.com> Email originates from a non-First Bank domain address.(@firstbanknigeria.com). SCAM ALERT!!!! More sophisticated scammers may send email purportedly originating from a First Bank email account using a technique called Email Spoofing.
To: Recipients <aabukomsan@maktoob.com> Email was BCC to me. SCAM EMAIL CONFIRMED. Bank mails are sent directly and personally to each recipient.
Sent: Monday, 11 April 2016, 7:01
Subject: First Online New Monthly Debit
Missing Salutation. FBN has a tradition of addressing their mails directly to their customers, with your account number in brackets. “Dear XXXX, XXXXXXX (333XXX3333)”


According to our records, you registered for our FirstOnline Customer Digest monthly bulletin and this comes with a monthly charge of N15,050:00., we would like to ask you to confirm this request
https://www.firstbanknigeria.com/contact-us/feedback-and-complaints/=confirmdebit Hyperlink masks a URL not on any First Bank internet domain, http://autozspa.in/wp-content/plugins/fn.php . The link further redirects to another URL that hosts a cloned version of First Bank Internet banking platform http://www.ecopeas.com.au/tel/fbns/fbn/fbn/fbn.htmlIf you wish to reject the registration request, follow the cancel reference below
https://www.firstbanknigeria.com/contact-us/feedback-and-complaints/=canceldebit  URL masks malicious site hosting a cloned version of First Bank Internet bankingYou would have to confirm you are an active account holder with us by following the procedures from your First Bank account.

Thank you for choosing First Bank

 PRIVACY POLICY ACCESSIBILITY TERMS OF USE SITEMA© FirstOnline2016

Categories
Hack

How To Spot A Scam Bank Email

One common feature of most Nigerian scam emails is the lack of sophistication. They are fraught with grammatical errors and typos. The perpetrators of these scam emails are usually not very educated.

Their lack of sophistication is a good thing. It makes us spot a scam email easily from afar. Many of us have survived thus far because of this.

However, we are witnessing a new crop of “scammers” that are more technologically savvy and much more sophisticated. Grammar is no longer an issue and they are extremely good in writing malicious scripts (softwares).

All hope is not lost though.

Let’s review a scam email that was sent to me earlier this week. We will try to point out the red flags to look out for. With this, we can keep ourselves educated.

My comments in Bold Red.

 

 

From: GTBank <wingerter@snet.net>  Sender’s email address is not from gtbank.com domain. Even if it is, it could be faked by a technique called EMAIL SPOOFING.
Date: Mon, Apr 04, 2016 at 9:22 PM
Subject: Customer Update Alert
To: <*******@yahoo.com> The scammer was smart enough to send the mail to me directly and not BCC. But this email is not associated with any of my bank accounts!

 

Dear customer GTBank sends out personalised emails, with your name in full.

Guaranty Trust Bank eLectronic Notification Service (GeNS)

We wish to inform you that your account with us is due for an update.
Kindly login and update your details:

https:/www.gtbank/ibank3/customer-update/ This hyperlink masks the malicious site I was expected to click on. The URL was further masked using a URL shortening service. However, the link will lead you to BerryLaneDesigns.com where a cloned version of GTBank internet banking site is hosted. 

Please update within 24 Hours of notice to avoid Service Interuption/Suspension.

Thank you for choosing Guaranty Trust Bank plc
alert “Your Internet Banking user ID and password, ATM card number and PIN are confidential and should never be disclosed to anyone”.
Kindly log on to our website www.gtbank.com hyperlink leads to a cloned gtbank internet banking site hosted on BerryLaneDesigns.com  OR
Call GTConnect on 0700 GTConnect (0809 7393494), 01 328 0000, for more information.
NB:
Our notification service sent this mail to you using a default setting and the information you supplied to us when your account was opened.
If you wish to Iimit the type of mails you receive or the email address(es) in use, please send an email to us by clicking on the link below:
Send a Mail to Guaranty Trust Bank eLectronic Notification Service (GeNS)
Categories
Hack Tutorials

The Best Data and Voice Deal For Any Mobile Network In Nigeria

You can only enjoy this cost saving tip if you are subscribed to the Globacom Mobile Network. If you are not, after reading this tip, you may consider if it is worth your while to join the network.

HACK ALERT!

This article contains a reference to a mild hacking technique.

  1. You will need to change the IMEI of your phone to that of a Blackberry phone. The technique was discussed in an earlier post. Works best on phones with MTK processors. The best tool to use for changing your IMEI is MTK Engineering Mode android app, especially for owners of Tecno phones who have difficulties changing their IMEI using Mobileuncle MTK Tools. NOTE THAT YOU NEED NOT ROOT YOUR PHONE TO DO THIS.
  2. Subscribe to Globacom’s Glo Bumpa plan. The plan guarantees you a 200% bonus on every credit you load and is valid for as long as 21 Days. Calls are at 50k/s to any network. Not valid for International calls though. It is advisable to use physical recharge cards as virtual recharges do not seem to offer this benefit.

Here is how it works;

Say you load a card with value N1,000.00. Immediately, you get N2,000.00 for voice calls in your promo account, while still retaining the initial N1,000.00.

The N1,000.00 can go towards your BIS data plan. You do this by sending comonth as a text message to 777. You get 3GB of data for your effort. The data is valid for 30days, though you can subscribe as many times as you wish, while accruing voice credits along the line, thanks to your glo bumpa subscription.

Now the word is out.

 

Categories
Gadgets Hack Tips

Broken Beats by Dr. Dre HeadPhones? A Quick Fix

BeatsByDrDre_TGGot a pair of Dr. Dre Beats headphones that got broken after only a few weeks of use. While the quality of the speakers are well above average, the plastic band and particularly the hinges seems quite cheap. Mine snapped right at the hinges.

These headphones are not cheap, so having it breakup can be very be heart breaking. While it is possible to to get a replacement band, this will probably cost you close to US$100, not including shipping costs to Nigeria.

My quick fix was to grab one of my wife’s black Headbands – a plain one – and using black tapes to blend with the colour of the headphones, taped the band to its inside, creating a sort of splint for the broken hinge of the headphone.

Smart ehn?

2140751

 

Categories
Gadgets Hack

Oh My God! It Works!

chuwi-vx3A while back, I was on a search for the perfect phone. A search that took me to the Far East where i finally settled for the Chuwi VX3, a premium grade Octa Core, 2GB RAM Chinese 7 Inch tablet.

Some may wonder how possible it is to mention “Premium Grade” and “Chinese” in the same breath. But surprisingly, believe me when i say this Phablet will trounce many of the popular brands you know.

This is not a review of this “Phablet”. However, you may read about its specs here and a good video review can be found at the end of this post.

Now to the gist of this story.

Most phone brands from Asia, China especially, are powered by chips made by a company called Mediatek (MTK). Think of Tecno, Infinix, Innjoo, Gionee, etc brands. You catch my drift? My Chuwi VX3 falls smack in the middle of these brands. They are all powered by Mediatek chips.

What makes this brand of chips unique is that they are a hacker’s delight. Depending on who you ask, this might be a good thing or a not so good one.

Perhaps the most useful hack i have stumbled on is the Blackberry IMEI hack. What this hack does is to change the IMEI of your android phone to that reserved for pre OS10 Blackberry devices. What that means is that your phone is registered on your mobile network as a Blackberry phone allowing you to enjoy cheap Blackberry Internet Services data rates on your android phones.

In Nigeria, the hack works best on the Globacom network where you only have to pay N1,000 for a 3GB data allowance. I read up the post from this dude on Geek.ng, applied the Blackberry IMEI hack on my Chuwi VX3 and guess what?! It works! It works!! It really works!!!

Globacom now recognizes my Phablet as a Blackberry 8300 Curve 🙂

 

Categories
Hack

October – National Cyber Security Awareness Month

ncsam_facebook_cover_photo_2014So much has been said about the Internet and the inherent risks that comes with accessing it. Many have fallen victims to identity thieves, phishing attacks and scams.

Lately, hardly any week goes by without news about hacks or attempted hacks on high profile internet websites. The recent icloud hack and the release of nude pictures of some notable celebrities readily comes to mind. News about a breach into Snapchat is also currently unfolding.

What is probably alarming is the seeming ease at which these hacks occur despite the millions of dollars some of the companies have invested into securing their servers.

But what many will never get to hear about are the routine hacks to online resources of ordinary people like you and I.

The month of October has been designated as the National Cyber Security Awareness Month. The goal is to raise public awareness on cybersecurity and educating individuals and families about staying safer online

SingleHop has been in the fore front of this campaign. SingleHop is an IT hosting company and services provider based in the US and provides bare metal dedicated servers, public and private clouds, as well as managed services to more than 4,000 clients in 114 countries.

Below are some myth busters this company has pushed forward in furtherance of this campaign;

[ws_table id=”24″]

Categories
Hack

Using Gmail’s 2- Factor Authentication In Nigeria

Wikipedia defines Two-step verification (also known as Two-factor authentication, abbreviated to TFA) as a process involving two stages to verify the identity of an entity trying to access services in a computer or in a network.

For Gmail, what this means is that even if your password is compromised, no one can have access to your mails unless they also 2f1have access to your mobile line. Unless you add your laptop as a trusted device, everytime you log into your email account over the web, you will be required to also input a one-time code before gaining access to your mails.

Nice, isn’t it.

For Nigerians, the bad part. Curiously, Gmail does not support Nigerian mobile lines at all.

Fortunately, there is a way around this. Simply put, all you need do is get a valid US number that you can receive SMS on.

And How do you get this?

Heywire is the maker of a free consumer text messaging app available on Android, iOS and Windows Phone, with millions of users. It is also available on your PC using your browser. They give you a real US mobile number for free with which you can text or receive SMS from any mobile messaging service. The person you are texting or receiving SMS from DOES NOT need to have a HeyWire account, you can text them directly to their normal phone.

  • The app allows you to send free texts messages to mobile phones in 45 countries over WiFi or 3G – Excluding Nigeria of course.
  • However, you can receive text messages from any mobile line or bulk messaging services.
  • Text FREE from the Web: Go to app.heywire.com, login with your HeyWire number
  • 1 HeyWire account across all your devices — iPhone, iPod Touch, iPad & Computer
  • Text using Wi-Fi, 3G, 4G, or LTE.

With this app, you can configure the 2-Step Verification for your Gmail account using your Heywire US number to receive your code.

2f2

Categories
Hack

Use The ATM And Risk Losing Your Money!

Windows XP finally reached its end-of-life this April (2014), after which Microsoft ceases to release bug fixes for the operating system. If you’ve upgraded your PC then everything should be fine – but what about your bank? Have they upgraded?

The Risk Isn’t Necessarily With You

Have you upgraded from Windows XP yet? If not, you can easily choose from several different options;  Windows 7, Windows 8 or even Linux. While it is important to ensure your home computer system is as up to date as possible, it is also important that the companies you do business with are also suitably secure.

Sadly, this hasn’t been happening. For various reasons (usually cost) a vast number of businesses have been spending time burying their heads in the sand rather than coming to terms with the fact that their systems have suddenly become a lot less secure since Microsoft withdrew support for Windows XP.

Although corporate security support has been extended to April 2015 – only in the UK, this still doesn’t give businesses who haven’t yet made the necessary upgrades an awful lot of time to purchase and roll out new hardware running Windows 7, Windows 8, Linux or even Mac OS X. While you might have taken steps to upgrade, the Windows XPocalypse has wider ramifications.

Among these are the customer-facing systems running on Windows XP, the ATMs especially, and its continued presence represents an open door to digital criminals.

DSC_2031ATMs: Stay Away!

If you visit ATMs to make withdrawals, you likely do so from a system running Windows XP. If you’ve ever seen one of these machines crash or reboot, you’ll know that behind the simple set of options Windows XP is hiding. Once upon a time it was providing security against intrusion from sophisticated hackers; these days, its presence is arguably as big a headache as the breaches it once helped to prevent.

ATMs running Windows XP are rife for exploitation and should be avoided.

Avoid withdrawing money from an ATM by doing so over the counter at your bank. You might consider using point of sale cashback services too. This is not very popular in Nigeria though.

A rule of thumb should be to avoid these at all costs. If you can’t, it is worth being prepared by setting up a separate ATM card with a low balance.

Windows XP: The New Millennium Bug?

15 years ago, the IT world worked itself into a frenzy as it fought to combat the effects of the so-called Millennium Bug (aka Y2K problem) – an issue with the way computers calculate the date that was set to cause chaos come January 1st 2000 (or 1900, if the bug had its way). Although there was plenty of time to prepare for this, many businesses waited until the last few months to apply a fix.

Fast-forward to 2014 and the situation is recognisable, if not identical. Home users are largely protected but businesses seem to have ignored the many warnings issued by Microsoft about Windows XP going end-of-life and the implications of this. The push to get domestic users onto Windows 7 and Windows 8 has been slow, but it would seem that even if you upgraded tomorrow, your bank and other institutions handling sensitive data would still be running XP, with the impending security failings this will bring.

As such, you need to be careful where and how you use credit and debit card. As a rule of thumb, if you’re attempting to use the card at an exposed location, you should already be cautious of the risks. With unsecured Windows XP installations now providing an added threat, automated payment solutions should be avoided.

Culled from Makeuseof

Categories
Hack

Heartbleed – What You need to know

A major new vulnerability called Heartbleed could let attackers gain access to users’ passwords and fool people into using bogus versions of Web sites.

Heartbleed is a recently discovered software flaw that could leave millions of servers on the Internet open to an attack which allows sensitive data, such as user passwords, to be stolen.

The issue – which has been around for over two years but was only recently discovered – should not be ignored. It is a major issue and it appears a significant portion of the Internet has been affected. Because this exploit leaves no trace in almost any system it is very difficult to determine the extent to which anyone has been compromised through this.

The heart of the problem lies in open-source software called OpenSSL that’s widely used to encrypt Web communications. Nayer explained that a flaw in the programming on some versions (OpenSSL 1.0.1-1.0.1f) means attackers can view small portions of what is being stored in the server’s memory which includes data such as usernames, passwords, credit card numbers and any other sensitive information.

Grayson Milbourne, director of security intelligence at Webroot added it is software vulnerability not an infection.

“A vulnerability is a flaw in the code of an application which allows it to be exploited. In the case of the OpenSSL Heartbleed vulnerability, researchers found a flaw in how the data was being encrypted and transmitted,” he said.

Nayer said it is vital that the company’s technical team knows all the websites and web services the organisation has so they can check all the necessary sites. He recommends asking the IT department the following questions in addressing the issue:

  • How have you determined whether each of our websites and web services have OpenSSL service enabled?
  • What type of sensitive information do we have that is accessible from the internet? What type of information would have been at risk?
  • Have we looked at our logs to determine if there have been any successful or unsuccessful attempts to exploit this issue? What did we find? Are we monitoring our network to look for indications of attacks?
  • What steps have we taken to mitigate the issue?
  • How have you confirmed that the fixes have been applied successfully?
  • Have you gotten assurances from our vendors, external hosting providers and application cloud services that they have fixed any vulnerable systems?

Nayer said if the company’s website is internally hosted the organisation can run the command ‘openssl version’ on the server to find which if an affected version is being used. However, if it is hosted externally it is necessary to contact the hosting provider for more information.

“If your system uses a vulnerable version of OpenSSL (1.0.1-1.0.1f) you should immediately upgrade to OpenSSL 1.0.1g. If you are unable to immediately upgrade you can recompile the version of OpenSSL you have with ‘-DOPENSSL_NO_HEARTBEATS’ set,” he advised.

It would also pay to consider if it is appropriate to revoke any Certificates which were used while the organisation ran exposed versions of OpenSSL.

“Even after a fix is applied, the private cryptographic keys your systems are relying on to protect their communications could already have been compromised and this fix won’t address that compromise,” he said.

Nayer recommends increasing monitoring for unexpected activity in your systems, and train call centre and client facing staff on how to respond to inquiries on the topic.

Additionally, Milbourne recommends changing passwords although this isn’t a full-proof solution as it’ll only help if the website in question has put in place required security patches.

“To be on the safe side, I recommend changing passwords at least every three months and to make sure your personal email password is different from every other password,” he said.

Source

Categories
Hack

Bank App Users Warned Over Android Security

Mobile banking on Android smartphones could put consumers at risk of fraud and cost banks millions.

An IT security company, MWR Labs, investigated the security standards of Android mobile phone brands to determine the overall exposure to risk of consumers who use mobile banking. It said that its results indicated that on some handsets as many as 64 per cent of manufacturer added applications were exposing users to serious security issues.

Mobile-moneyThe company looked at six classes of potential vulnerabilities in apps and packages in the leading brands and mobile phones using a modified version of Mercury, its security testing framework, to automatically scan the devices and identify security weaknesses.

The research discovered security vulnerabilities in software added by phone manufacturers or network providers which could be targeted by a malicious application inadvertently downloaded by the user. These weak apps often have more permissions that allow them to access contacts, make telephone calls and even record the content of those calls, meaning that the potential consequences are serious and sensitive data could be compromised. Other applications were found that allowed further apps to be installed with an arbitrary set of permissions, essentially leaving consumers fully exposed to fraud.

“We found that while banking apps were generally well written and had very few security issues, the integrity of consumer phones was often compromised by software provided by the phone manufacturer or additional software added by the network provider, exposing online banking customers to potential fraud,” said MWR’s managing director Harry Grobbelaar.

“Some of the leading Android handset manufacturers are already looking at shipping mobile devices with native near-field communication (NFC) payment functionalities but if the software in the phones is not secure, the risk will then be even higher,” he said.

He said that as more businesses use smartphones as mobile point-of-sale devices, these devices will become critical in the payment chain and if not adequately protected could “introduce additional risks for card fraud that could cost banks millions a year.”

Grobbelaar added that there were many examples of malicious apps sending premium rate text messages and expected there will be a “natural progression” to higher value areas such as payments and banking.

This article was first published on ITPro