Tuesday, March 16, 2021

What the Spoof

All Spoofs All the Time. 

By Dominic Alvieri, @AlvieriD
March 10th 2021



The Cyber Show by Dominic Alvieri



Everyone wants something for free.



Free Netflix and Hulu for a year?


Free Netflix and Hulu for a year to help us stay home? 

Forget about that the BMW lottery came in, and some alert in France? 







All of the following offers are coming from China. 



Spoofed SMS texts


Fake USPS delivery notices continue.




Fake USPS delivery notice.

Fake USPS SMS spoofs coming from China.


------.py


Free Netflix for a year to help you stay home.



This is a Netflix spoof.


Free Hulu for a year to help you stay home?

Is it Netflix or Hulu?





The new short domain attack continues.



                                  DO NOT

                               [click here] 









Spoofed emails have been around since the beginning of the internet. Spoofed SMS texts have been proliferating in the past few years. Knowing the domain endings is critical. Newly created short domains have been popping up with the same group. 

Technological reverse psychology if you will by tracking the bad guys back. The building below is from a Google Earth trace address of the malicious links geolocation. 



Geolocation of malicious SMS texts.
Geolocation of malicious SMS text links.


Time to harden your network security. Use VPNs and encrypted communication like Signal to minimize your surface. Use MFA and tokenized apps like Google or Microsoft Authenticator over SMS. Incognito mode is not optimal security for your browser. Tor is acceptable but slow. Nothing is full proof. Check your home network and make sure to disable port forwarding and also disable the plug n play otherwise you are leaving a back door open.

IoT devices should be secured. Check for open standards, basic passwords and check for any and all updates and patches. Patch often and early. Do not hesitate. Within 12 hours of the server exchange hack Russian bad actors were scanning for the vulnerability according to Bad Packets, a malicious scanning alert firm. 

Security minimums are no longer effective. Update to longer more difficult passwords and do not click on any suspicious link. Or avoid all links. Not realistic but you get the point. 

This IP with "no site" is the USPS spoofed SMS malicious text link above in this report.



IP address of SMS text malicious links.
Courtesy of DomainTools.



The enemies are at the gates, computers, networks, phones...








The Cyber Show on Google Blogger
by Dominic Alvieri


Twitter @AlvieriD

Are You Trollin Me?

 Did Black Suit Ransomware just try to troll me? by Dominic Alvieri July 3rd, 2024 @AlvieriD The story goes a little something like this... ...