Tag Archives: Phishing

The Phish Who Got Away

The veterans of today’s online wars don’t have to carry guns and ammo to protect us: they use keyboards and electronic equipment. I praise them, too.

The day after I posted “Happy Veterans Day” with a link to an article from Reader’s Digest about scammers/fraudsters, I received a Wells Fargo email instructing me to call a number if I hadn’t received my new debit card.

(Read the referenced articles inside the Reader’s Digest article to learn more about online scams: [Reader’s Digest published a great article that I read and shared on Facebook and Twitter because of all of the information contained about protecting online identity, by having links to other articles not included in the title, 13 Signs Amazon Seller Can’t Be Trusted. https://www.rd.com/advice/signs-amazon-seller-cant-be-trusted/?_cmp=readuprdus&_ebid=readuprdus10272019&_mid=309700&ehid=8fbcb9fd291744b840632983d832178c40787096 ])

I knew the card was just mailed that morning and suspected a scam. Being the investigative-type of person I am, I called the number to investigate: I was correct!

The speaker said they knew from the phone number what my bank account number was, so all they needed was the last four digits of my social security number.

I hung up, and immediately went online to my bank account that I use the two-step verification process on (my phone must be used in conjunction with the login information), and then turned off my card that was soon to expire (I was waiting for its replacement).

After knowing the card and account was safe, I called the bank number I knew was legit and reported the attempted phishing.

Well, this phish broke the line and got away to fight another day. I don’t reckon they liked my blogging about their scamming.

I stayed up late running various security scans and changing passwords to protect myself. Please read some of the articles in Reader’s Digest to enlighten yourself on how to identify the fraudsters who want to steal your money or identity. Don’t be lazy or so arrogant that you think you do not need to worry about some scandalous son of a bitch who wants to be you long enough to steal your funds and identity: it may happen to anyone.

The following excerpt came from one of the articles I sent out on Facebook and Twitter. It is 100% correct.

“MARVENT/SHUTTERSTOCK

“’If you receive a suspicious email from a friend’s email address, don’t reply, ‘Is it really you?’ because the fraudster will answer ‘Yes.’ If a suspicious email from your bank contains a phone number, don’t call it. Instead, look up the bank’s phone number in the Yellow Pages or Google it.’” —Mark Gazit, CEO of ThetaRay, a provider of big data analytics solutions.”

https://www.rd.com/advice/work-career/clear-signs-youre-about-to-be-hacked/

As I stated, I knew to call the bank phone number I knew wasn’t a scam.

Then I received my weekly updated email from Wordfence.com that told of a security issue with WordPress Email Subscribers & Newsletters.  Here are some excerpts. I posted the URL to the complete article for those who want to read the full report.

“Multiple Vulnerabilities Patched in Email Subscribers & Newsletters Plugin

This entry was posted in VulnerabilitiesWordPress Security on November 13, 2019 by Chloe Chamberland

“A few weeks ago, our Threat Intelligence team identified several vulnerabilities present in Email Subscribers & Newsletters, a WordPress plugin with approximately 100,000+ active installs. We disclosed this issue privately to the plugin’s development team who responded quickly, releasing interim patches just a few days after our initial disclosure. The plugin team also worked with us to implement additional security measures.

“Plugin versions of Email Subscribers & Newsletters up to 4.2.3 are vulnerable to attacks against all of the vulnerabilities described below, and versions up to 4.3.0 are vulnerable to the SQL injection vulnerability. All Email Subscribers & Newsletters users should update to version 4.3.1 immediately. Wordfence Premium customers received new firewall rules on October 14th to protect against exploits targeting these vulnerabilities. Free Wordfence users receive these rules on November 14th.

“Unauthenticated File Download w/ Information Disclosure

Description: Unauthenticated File Download w/ Information Disclosure
CVSS v3.0 Score: 5.8 (Medium)
CVSS Vector String: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
Affected Plugin: Email Subscribers & Newsletters
Plugin Slug: email-subscribers
Affected Versions: <= 4.2.2
Patched Version: 4.2.3

“Email Subscribers & Newsletter provides site owners with the ability to create newsletter campaigns that site users can subscribe to. One feature of this plugin is the ability to export all of the site’s subscribers into a single CSV file containing first names, last names, email addresses, mailing lists the subscriber is on, and more. Unfortunately, there was a flaw in this plugin that allowed unauthenticated users to export subscriber lists and gain all of the information provided by subscribers.”

For the complete report go to https://www.wordfence.com/blog/2019/11/multiple-vulnerabilities-patched-in-email-subscribers-newsletters-plugin/?utm_campaign=Wordfence%20Blog%20Emails&utm_source=hs_email&utm_medium=email&utm_content=79364920&_hsenc=p2ANqtz-8BWZWGcayl7CmLA8_0ZOuqUMxFleAxNa1XzLNtcjmm_PWVISfoOeViJk0XBMmja4fUtyG9alUFRXA6PRL4cnymLjx62a0YXm_ZWbqwjxsINMHzwyE&_hsmi=79364920

In the words of a biblical writer, “Be Aware Lest Ye Fall.”

That time I got away by breaking the line before the hook set, and I have maintained heightened security measures since then, adding additional computer security programs to check for malware, spyware, viruses, and all sorts of various poisons used to attack and infect unsuspecting citizens.

Even with all of those measures in place, I know to remain aware, to keep updating computer program security features and processes, and to never get so relaxed that I think those hooks aren’t in the water waiting for some unsuspecting PHISH to come swimming by.