he FBI today warned travelers there has been an uptick in malicious software infecting laptops and other devices linked to
hotel Internet connections.
The FBI wasn't specific about any particular hotel chain, nor the software involved but stated: "Recent analysis from the
FBI and other government agencies demonstrates that malicious actors are targeting travelers abroad through pop-up windows
while they are establishing an Internet connection in their hotel rooms.
The FBI recommends that all government, private industry, and
academic personnel who travel abroad take extra caution before
updating software products through their hotel Internet connection.
Checking the author or digital certificate of any prompted
update to see if it corresponds to the software vendor may reveal an
attempted attack. The FBI also recommends that travelers
perform software updates on laptops immediately before traveling, and
that they download software updates directly from the
software vendor's website if updates are necessary while abroad."
The FBI said typically travelers attempting to set up a hotel room Internet connection were presented with a pop-up window
notifying the user to update a widely used software product. If the user clicked to accept and install the update, malicious
software was installed on the laptop. The pop-up window appeared to be offering a routine update to a legitimate software
product for which updates are frequently available.
The warning was issued through the FBI's partnership with the Internet Crime Complaint Center's (IC3) and comes on the heels
of a number of other warnings such as:
Investment scam: The IC3 continues to receive complaints
involving subjects who have obtained the names and Social Security
numbers of individuals
for illegal purposes. Subjects use the information to defraud the
U.S. government by electronically submitting a fraudulent
tax return to Internal Revenue Service for a hefty refund. The
prevalence of such complaints mirrors the recent surge in tax
fraud cases involving identity theft.
The IRS also reported complaints of fraudsters incorporating the use
of bogus IRS documents to perpetrate this scheme. "One
example of how subjects are using bogus IRS documents to commit
investment fraud and steal victims' identities is by the subjects
posing as a tax consulting firm. The subjects engage potential
victims via telephone and attempt to convince them to sell
their underperforming shares in a company. The potential victim is
advised to sell their corporate shares, applicable taxes
must be paid. Some of the victims were also advised they had to buy
other certain shares with their profit. Documents such
as share certificates and invoices for federal and state taxes were
exchanged via e-mail. After the funds were wired, the
subjects became unresponsive to the victim's inquiries. An open source search also revealed multiple complaints concerning this scheme. It is unknown at this time how the subjects obtained knowledge
that the victims actually owned underperforming stocks."
Source : http://www.networkworld.com/news/2012/050912-fbi-internet-259125.html
0 komentar:
Posting Komentar