Latest articles

INTRODUCTION​

In May 2023, the Cl0p ransomware group started exploiting a newly discovered vulnerability in Progress Software’s MOVEit Transfer, a tool for enterprise file transfer. Although Progress swiftly released a fix, the impact was already significant. This extensive cyberattack by Cl0p targeted a wide range of sectors globally, affecting entities such as the public school system in New York City, a UK-based company providing HR and payroll services to clients like British Airways and the BBC, among others.

Over 2,000 organizations have reported being attacked, with data thefts affecting more than 62 million people

FALL OUT OF THE INCIDENT​

With such a large exposure, many people have begun to receive notices that their personal information was compromised as part of this breach. Many of the organizations that people entrust their data to, like accounting firms and wealth management companies, were affected by this breach. Companies affected by this breach have a legal obligation in Canada to report to their customers if they believe their customers have had their personal information breached.​

Companies that notify their customers of the breach often offer one to two years of credit monitoring and identity protection services at no cost. ​

Richter recommends that victims receiving these notices enroll in the free credit monitoring and identity protection services provided. ​

IMPLICATIONS

The diagram on the right illustrates how hackers use personal information to carry out attacks using your personal information. Credit monitoring and identity protection services can assist with identity theft and financial fraud implications; however, this protection is insufficient. ​

Hackers can still use your personal information to conduct blackmail and ransom operations. They can impersonate you online and wreak havoc on your social reputation. They can use it to mount very sophisticated phishing attacks.

SOLUTION​

Richter Guardian is a state-of-the-art service that leverages AI to protect your digital life. Our service gives exclusive access to commercial-grade protection unavailable in the consumer market. ​

By protecting your online presence, Richter Guardian will defend you from impersonations, inadvertent leakage of critical data and worse, any compromise to your digital safety. By protecting your devices, Richter Guardian will thwart sophisticated phishing and other technical attacks. You can rest assured that our seasoned cybersecurity professionals are there for you to address any of your cybersecurity concerns.

Read the full advisory

INTRODUCTION

Voice-cloning AI, which is the technology that enables the replication of a person’s voice, can assist researchers with collecting and analyzing data from different languages, dialects, and accents. Voice-cloning AI is versatile and finds applications in various creative domains.

voice-cloning artifical intelligence and small businesses with voice-cloning AI. Deep learning models can now replicate the nuances, inflections, and specific characteristics of a person’s voice with just a few minutes of sample media.

IMPLICATIONS FOR FAMILIES AND SMALL BUSINESSES

While there are positive and creative uses for voice-cloning AI, it is important to be aware of the potential risks and misuse. Here are some ways in which voice-cloning AI could lead to cybercriminal activity:

1. Impersonation and Social Engineering: Cybercriminals could use voice-cloning AI to mimic the voices of individuals in positions of authority, such as company executives. In doing so, cybercriminals could instruct employees into making unauthorized transactions.
2. Phishing Attacks: Voice-cloning could be used to voice-phish; individuals can be deceived into sharing sensitive information over a call.
3. Extortion and Blackmail: Cybercriminals may leverage voice-cloning to create audio deepfakes of the targeted individual for the purpose of extortion or blackmail.

RECOMMENDATIONS

Given the sophistication of these threats, Richter recommends individuals and businesses to safeguard themselves by employing the following:

1. Multi-factor authentication (MFA) – If you currently use voice verification as a type of authentication, ensure to include another form of verification to help safeguard against voice-cloning AI.
2. Establish protocol within your small-business – Set clear protocols for financial transactions and sensitive data sharing. Keep these protocols confidential.
3. Remain skeptical – Individuals should exercise caution when receiving unexpected calls, especially if the caller requests sensitive information.

INTRODUCTION​

Authorized push payments involve an account holder granting permission to their bank or payment service to transfer funds directly from their account to another account. The payer usually triggers this transaction using services like online banking, phone banking, or peer-to-peer payment platforms.​

Authorized push payment (APP) fraud, also known as bank transfer scams or authorised bank transfer fraud, occurs when a victim is tricked into authorizing a payment to an account controlled by a scammer. ​

Unlike unauthorized transactions where a fraudster gains access to someone’s account without permission, in APP fraud, the victim is deceived into willingly making the payment, often believing they are paying a legitimate entity or individual.​​

HOW DOES APP FRAUD HAPPEN?​

Authorized push payment fraud can happen in various ways. ​
​

1. Advance Fee Scams: The victims are asked to pay a fee to access a service or a prize, which are never delivered. For example, a scammer may impersonate a lottery organization, and will withhold the prize until an administrative fee is paid. When the payment is made, the victim never receives the reward. ​
   ​
2. Impersonation: The scammer poses as a trusted entity, such as a bank, government agency, utility company, or even a friend or family member, and requests payment for a fake invoice, overdue bill, or urgent situation.​
3. Fake Services or Goods: The victim pays for goods or services that are never delivered or are significantly different from what was advertised. The scammer may set up a fake online store, auction, or classified ad to lure victims.​
4. Social Engineering: The scammer manipulates the victim through psychological tactics, exploiting emotions like fear, urgency, or greed to coerce them into making the payment.​
5. Business Email Compromise (BEC): Scammers compromise email accounts of businesses or individuals, or create lookalike accounts, and use them to request payments from employees, clients, or partners, often by impersonating company executives or vendors.​
6. Invoice Fraud: The scammer pretends to be a vendor and sends fake invoices to the business. The invoice may request payment for goods or services that were never delivered. ​

PREVENTION​

We recommend the following measures to mitigate the risks of authorized push payment fraud.​

1. Verify the authenticity of requests for payments – ensure that the request for payment is legitimate by confirming the identity of the individual, organization or service you are initiating a payment for. If the payment is sent to an organization, check the organization’s website and contact their phone number to confirm the request. ​
   ​
2. Establish payment protocols – establish clear protocols within your organization that outline how to properly authorize payments. Ensure relevant employees are aware of these protocols and procedures.​
   ​
3. Monitor transactions – check your accounts to identify any unusual activity that could indicate fraud.

HOW RICHTER GUARDIAN CAN HELP YOU​

To combat APP fraud, it’s essential for individuals and businesses to remain vigilant and verify the authenticity of requests for payments. We understand that It can be difficult to approach this alone. ​

• Call us or send us an email at: +1 844-908-3950 and support@www.richterguardian.com if you are unsure. Connect with our cyber concierge to verify the legitimacy of a situation.​
  ​
• Transunion identity protection is included on our platform. Transunion identity protection will alert you of any unusual activity on your credit monitoring report that could indicate fraud.

INTRODUCTION​

It’s natural to want to capture the moments from your special vacations and share them on platforms like Facebook and Instagram with family and friends. However, posting these photos while you are still on your trip can expose you to various cybersecurity risks. Cybercriminals often exploit social media to gather information about your travel plans, and by sharing your vacation in real time, you may unknowingly make yourself a target.​​

HOW TO ENHANCE YOUR SECURITY ON VACATION

By following these precautions, you can enjoy your vacation while minimizing the risks associated with social media sharing:

1. Set Your Account to Private: Restrict access to your personal information by sharing only with people you know. Public settings allow anyone to view your posts, potentially putting you at risk.​
2. Decline Requests from Unfamiliar Individuals: Be cautious when receiving friend requests from strangers. Unfamiliar profiles might be cybercriminals in disguise, aiming to extract money or steal your identity.​
3. Avoid Posting Travel Details or Itineraries: Keep your travel arrangements private. Sharing confirmation numbers for hotel reservations, airline tickets, or excursions online can provide cybercriminals with valuable information they can exploit.​
4. Share Photos After Returning Home: Although it may be tempting to post in real-time, consider waiting until you’re back home. You can still share your vacation highlights, and it’s a safer approach.​
5. Educate Your Children on Social Media Safety: While you might be aware of how to stay safe online, your children might not. Ensure they understand the importance of secure sharing practices during and after the trip.

HOW RICHTER GUARDIAN CAN HELP YOU

• Richter Guardian’s concierge service can help you secure your social media accounts during setup. Call us or send us an email at: +1 844-908-3950 and support@www.richterguardian.com if you need further guidance.

INTRODUCTION​

​On July 19, CrowdStrike released a flawed update to its Falcon sensor for Windows devices, triggering widespread system crashes. Due to a bug in the content validator and insufficient testing, the update bypassed CrowdStrike’s internal quality checks.​

The update reached over 8.5 million Windows devices, resulting in an out-of-bounds memory read that caused the Falcon sensor to crash the operating system, leading to the infamous Blue Screen of Death (BSOD). The impact was severe, with enterprises across various sectors, including airports, hospitals, government agencies, media outlets, and financial institutions, experiencing critical and costly IT disruptions.​

Both Windows workstations and servers were affected, leading to massive outages that incapacitated entire organizations and rendered hundreds of thousands of computers inoperable.​

ROOT CAUSE​

The issue stemmed from a recent update to the CrowdStrike Falcon sensor, which caused Windows systems to either get stuck in a boot loop or crash with the Blue Screen of Death. CrowdStrike acknowledged the problem and issued a technical alert, stating that its engineers had “identified a content deployment related to this issue and reverted those changes.​

Despite the swift response, it took days for some organizations to restore normal operations, resulting in prolonged outages and delays. While most organizations have since recovered, the repercussions of the incident continue to unfold, with increased cybercriminal activity, loss of trust, and potential litigation.​

According to a report by Guy Carpenter, the estimated insured losses from the faulty Falcon update range between $300 million and $1 billion, while CyberCube has suggested the figure could be as high as $1.5 billion.​

THE IMPACT ON PERSONAL COMPUTERS​

CrowdStrike warned users that cybercriminals were exploiting the Falcon outage. Phishing attempts, posing as CrowdStrike representatives, surged as attackers sought to distribute malware. A significant example involved a fake recovery manual that installed a new information-stealing malware called Daolpu. Once active, this malware harvested account credentials, browser history, and authentication cookies stored in browsers like Chrome, Edge, and Firefox.

INTRODUCTION​

In an increasingly interconnected digital world, safeguarding personal and financial information has never been more crucial. Cybercriminals can exploit stolen identity information to commit financial fraud, gain unauthorized access to accounts, and engage in other criminal activities. In the context of identity theft – there is both synthetic identity theft and traditional identity theft. ​

Synthetic identity theft combines personally identifiable information (PII) to manufacture a person or entity for the use of illegal, nefarious activity. ​

Traditional identity theft involves stealing an individual’s existing personal data to impersonate them. ​

Alternatively, synthetic identity theft involves criminals obtaining small fragments of a real person’s identity to fabricate a completely new identity. The real elements of the fabricated individual adds a sense of legitimacy to the identity. ​

PREVENTING IDENTITY THEFT OF ALL KINDS​

​Protecting yourself from identity theft, fraud, and unauthorized access to your sensitive data is our responsibility. Below, we have compiled a comprehensive list of security measures and best practices to help you fortify your defenses against potential threats. ​

By following these guidelines, you can take proactive steps to enhance your security and financial well-being. From monitoring your credit report to secure document disposal, each suggestion in this list is designed to empower you with the knowledge and tools to protect your valuable information and minimize the risks associated with identity theft and fraud.​

1. Monitor Your Credit Report: Regularly monitor your credit report to detect any unauthorized activity. If you come across information unrelated to you, contact the creditor and inquire about the account or inquiry.
   
2. Limit What You Carry: Avoid carrying additional credit cards, birth certificates, SIN cards, or passports in your wallet or purse unless absolutely necessary. This precaution reduces the amount of information a potential thief could access if your wallet or purse gets lost.
3. Secure Your Mailbox: Consider installing a mailbox with a lock at your residence to minimize the risk of mail theft.
4. Securely Dispose: Never dispose of credit card receipts or personal information documents in a public trash container; use a shredder instead.
   
5. Secure Your Purse or Wallet: Never leave your purse or wallet unattended, whether at work or in places like churches, restaurants, fitness clubs, parties, or shopping carts. Also, avoid leaving your purse or wallet visible in your car, even if the vehicle is locked.
   
6. Limit Your Credit: Limit the number of credit cards you possess and cancel inactive accounts to simplify your financial security.
7. Be Careful of What you Disclose: Do not disclose your credit card, bank, or Social Insurance information over the phone, even if you initiated the call, unless you can confidently verify the call’s legitimacy
8. Secure Receipts: Securely store and shred credit, debit, and ATM card receipts before disposing of them.
9. Scrutinize Your Bills: Scrutinize your utility and subscription bills regularly to confirm the accuracy of the charges.
10. Do Not Write Down Your Passwords (except in a Password Vault): Memorize your passwords and personal identification numbers (PINs) to eliminate the need to write them down or use a password vault. Remain vigilant when entering your PIN to ensure no one is observing you.
11. Secure Your Information: Maintain a comprehensive list of all your credit and bank accounts in a secure location, such as a password vault. This will facilitate quick communication with issuers if your cards go missing, including providing account numbers, expiration dates, and customer service and fraud department contact numbers.
12. Shred Pre-approved Credit Offers: Before discarding pre-approved credit offers, credit card receipts, or phone bills, tear them into small pieces or cross-cut shred them to prevent potential identity theft. Thieves can use such offers to apply for credit cards in your name and redirect them to their address.
13. Keep Your Credit Information Accurate: According to consumer reporting legislation, if you believe any entry on your credit report is incorrect or incomplete, you can notify a major credit reporting bureau, which will verify the information at no charge. Remember that they typically do not accept disputes from third parties unless accompanied by a notarized power of attorney authorizing a licensed attorney or a family member to represent you or if the power of attorney is unlimited and irrevocable.

INTRODUCTION

Of the many digital traces we leave in daily life, location metadata may be the most revealing. Location tracking is common in many applications because it’s so useful – it can allow you to get directions from here to there, discover the closest restaurants near you, or tell you your local weather conditions. These perks, however, can come with large privacy risks.

Companies that you would never suspect needing so much of your data, are quietly collecting enormous amounts of data. For example, in 2020, an investigation was done on Tim Hortons, as the Tim Hortons app reportedly tracked an individual’s location more than 2,700 times in five months. Commissioners say Tim Hortons collected “vast amounts” of granular location data with the aim of delivering targeted advertising, to better promote its coffee and associated products, but that it never actually used the data for this purpose.  

Some of the apps on our phone sell or share location data about their users with companies that analyze the data and sell their insights. There are many ways location data can be used, and the market for this data is huge – the location data industry is an estimated $12 billion market. Collectors, aggregators, marketplaces, and location intelligence firms are potential buyers interested in your location data.  

WHAT IS BEING COLLECTED?

Some apps genuinely need your location to work properly, but others have different motives. Many collect location data for reasons unrelated to their main function, like targeted ads or selling it to data brokers.

Once an app collects your location data, you lose control over where it goes. It can be sold repeatedly—from data providers to aggregators that combine information from multiple sources. It could end up in the hands of a “location intelligence” firm that uses the raw data to analyze foot traffic for retail shopping areas and the demographics associated with its visitors.  

You might think, “I have nothing to hide.” But location data can reveal much more than you realize, such as:

• Where you get medical treatment and what kind
• If you visit a domestic abuse shelter
• Where you worship
• Where your kids play (if they have phones)
• When you’re on vacation and where you go
• Where you shop, eat, and bank
• Who you spend time with

Even though this data isn’t directly linked to your name, experts have shown that it’s easy to match location history with other data to identify people and their habits. In 2020, a religious publication used smartphone app data to infer the sexual orientation of a high-ranking Roman Catholic official. The publication claimed it obtained “commercially available” location data from an unnamed vendor and linked it to the priest’s phone, revealing visits to gay bars and private residences while using Grindr, a dating app popular with the LGBTQ+ community.  

Privacy advocates have long cautioned that advertisers gather location and personal data, which is then compiled and sold by data brokers. This information can be used to identify individuals and is not subject to regulations requiring clear consent from those being tracked.

WHAT CAN I DO TO LIMIT LOCATION TRACKING?

The quickest and easiest way to reduce tracking is to delete unnecessary apps. Both Android and Apple allow you to check which apps have access to your location and whether they track it only while in use or all the time. If you don’t use an app often, consider removing it.

Your location can be tracked through your phone, logged-in accounts, internet connection, and location services. To limit oversharing, take these steps:

• Only allow location access for apps that truly need it.
• Set location permissions to “While Using the App” instead of “Always.”
• Only share “Find My Phone” with trusted friends and family.
• Review third-party apps in location settings—you might be sharing more than you realize.

Despite these precautions, location tracking can’t be completely eliminated. It’s important to support companies that provide clear and transparent privacy policies.

INTRODUCTION​

​PetSmart, a pet retail giant in the United States, is alerting certain customers about password resets resulting from an ongoing credential stuffing attack attempting to breach existing accounts. The company released a statement on March 6 to let customers know about the credential stuffing attack. ​

As a precaution, PetSmart reset the passwords for any accounts logged in during the credential stuffing attack. Additionally, they reassured customers that there was no evidence of compromise to petsmart.com or any of their systems during the incident.​

WHAT IS CREDENTIAL STUFFING?​

​
A credential stuffing attack is a type of cyber-attack in which threat actors use previously acquired usernames and passwords, typically obtained from data breaches, to gain unauthorized access to user accounts on various online platforms. ​

Threat actors usually automate the process of trying these login credentials across multiple websites and services. Threat actors are cognizant of the fact that people commonly reuse passwords across various accounts, making them even more inclined to exploit this widespread behavior.

HOW TO PROTECT YOURSELF AGAINST CREDENTIAL STUFFING ATTACKS​

Although cyber breaches may be unavoidable, you can still prevent breached details from being used on other websites or services by taking the following precautions:

1. Use Unique Passwords For Each Account – Minimize the impact if one account is compromised.​
   ​
2. Enable Multi-Factor Authentication (MFA) – Implement MFA wherever possible to add an additional layer of security.​
   ​
3. Update Outdated Passwords – Change your passwords periodically, especially for critical accounts like email, banking, and social media.​
   ​
4. Limit Access – Only use trusted devices and networks to access sensitive accounts. Avoid logging in from public computers or unsecured Wi-Fi networks to access sensitive accounts. Ensure that you are not saving your credentials on a public computer.

HOW RICHTER GUARDIAN CAN HELP YOU​

• Our dark web monitoring platform can identify compromised credentials linked to your personal and work email addresses. We’ll also provide guidance on improving your password practices.
• Call us or send us an email at: +1 844-908-3950 and support@www.richterguardian.com if you are unsure. Connect with our cyber concierge to verify the legitimacy of a situation.

INTRODUCTION​

As technology rapidly advances, so do the threats to business security, underscoring the critical importance of regular software updates. Cyber-attacks are becoming increasingly sophisticated and widespread, posing significant risks to organizations of all sizes. To defend against these malicious threats, businesses must prioritize keeping their software up to date.​

Software updates not only introduce new features but also provide essential security patches to address potential vulnerabilities. Failing to update can leave individuals and businesses exposed to cyber breaches, data theft, and financial loss. Given the growing reliance on technology for daily operations, maintaining strong security measures is more important than ever.​

Regular software updates are a crucial line of defense against cyber threats, making it imperative for businesses to stay current to protect their data, customers, and reputation. ​

HOW CAN I CHECK IF MY SOFTWARE IS UP TO DATE?

You can check if your device’s software is up to date by going into the device’s settings and looking for the “software update” option. Here’s how to do it on different types of devices:

• On Apple devices (iPhone, iPad): Go to Settings > General > Software Update to see if any updates are available.
• On Android devices (like Samsung Galaxy): Go to Settings and tap on Software Update or System Update. The exact location may vary depending on the model, but it’s usually found in the main settings menu.
• On Windows devices: Go to Settings and find the Windows Update section. From there, click Check for updates to see if your system needs an update.
• On macOS (iMac, MacBook): From the Apple menu n the corner of your screen, choose System Settings. Click General in the sidebar of the window that opens, then click Software Update on the right.

Whenever possible, activate automatic updates to receive the latest patches immediately upon release.

HOW RICHTER GUARDIAN CAN HELP YOU

• Call us or send us an email at: +1 844-908-3950 and support@www.richterguardian.com if you need further guidance on updating your devices.

Introduction

In Early November, Apple released ‘NameDrop’ as part of the iOS 17.1 operating system update. NameDrop allows users to share saved contacts between other newer iPhones or Apple Watches within an inch of each other. While the prompt must be accepted to share contact information, several law enforcement agencies recommend parents to change this feature for children.  

Summary Of the Incident

The ‘NameDrop’ feature is similar to Apple’s AirDrop functionality. When NameDrop is enabled, two iPhone users can activate the feature by holding the top ends of their iPhones together. After that, the users can tap ‘Share’ or ‘Receive Only’. The NameDrop feature is automatically enabled once a user updates to iOS 17.1.  

While the feature itself is not a threat, law enforcement agencies are concerned that the feature puts children at a bigger risk with connecting to strangers. Children may not be completely aware when accepting a new ‘Share’ or ‘Receive Only’ prompt. Police recommend turning the feature off for children once they upgrade to iOS 17.1.  

Recommendations

1. Turn the ‘NameDrop’ Feature Off for Children – It is good practice to upgrade your iPhone devices to the latest operating system update. The latest operating system update will include ‘NameDrop’ and automatically enable the feature. To turn off the NameDrop feature, complete the following:
   Navigate to iPhone Settings > General > Airdrop > Bringing Devices Together > Off.

How Richter Guardian can help you

Richter Guardian can help you determine what settings and policies you should set on your children’s device to keep them safe.  

• Richter Guardian’s mobile and endpoint platform can help your children navigate the Internet safely.  

• Call us or send us an email at: +1 844-908-3950 and support@www.richterguardian.com if you are unsure about a situation and need assistance with disabling certain features on your devices.