Data Insights: September Executive Report -HackSurfer

September 2014 was an eventful month in terms of cybercrime. Some of the multiple cybercrime targets included:

The Home Depot was the victim of one of the largest credit card data breaches to date

Jimmy John’s had their third-party point-of-sales vendor compromised, making customers of Jimmy John’s victims of credit card theft

Criminals were able to obtain and release intimate photos of several notable celebrities such as Jennifer Lawrence and Kim Kardashian

The Shellshock Bug was discovered, creating criticism towards The GNU Project for not doing enough to update the Bash command shell the company manages

JPMorgan Chase was rocked after hackers accessed over 76 million households’ and 7 million businesses’ data.

Looking at the whole cyber-risk landscape, many sectors saw ups and downs depending on the specific effect of these attacks. The heatmap graph below from SurfWatch Labs’ Cybercrime and the C-Suite report illustrates the level of cybercrime effects facing an industry in the month of September as well as if there was a significant change from the sector’s average.

Key Takeaways from the chart:

DataStolen/Leaked saw a large jump in the Industrials and Financials sectors

Damaged Reputation saw a decrease in multiple sectors, and Device Hijackings decreased for Healthcare

Continuously large numbers of breaches in Consumer Goods mean that levels of Stolen Data and Stolen Financial Information are both fairly high and stable

Top Industry practices also saw a few changes in the month of September

Key Takeaways from the chart:

Several practices increased in September, with Network Intrusion seeing a significant increase across all industries

Espionage in the Healthcare sector decreased after a rise last month due to Data Theft from Community Health Systems being connected to Chinese actors

Consumer Goods and Government were the most predictable sectors, with all attack practices except for Network Intrusion remaining steady.

For more, check out SurfWatch Labs’ reports.

via Data Insights: September Executive Report -HackSurfer.


Spam in September 2014 – Securelist

Spam in the spotlightIn September, “Nigerian” scammers sent out stories relating to the breaking news of the Ebola epidemic. There was festive spam, focusing on both the US Labor Day celebration and the upcoming winter holidays: spammers have started to offer products and services for Christmas. A large part of the major theme mailings promoted products and services using popular social networking sites: the spammers promised an instant influx of new customers and income growth.

Sources of spam by country

In September, the Top 3 most popular sources of spam were as follows. The USA remained in first position (12%) although its contribution was down nearly 4 percentage points from the previous month. Vietnam moved from fourth to second place with 9.3%; up 4.6 percentage points. Russia was in third place with 5.8% – there was little change in its numbers and it dropped one place in the table.


…………..more via Spam in September 2014 – Securelist.


LegalBeagles launches new Online Vehicle Fraud Information Site

2014-10-24 13_18_52-LegalBeagles - Online Vehicle Fraud Information - Always go and see the vehicleFollowing up on LegalBeagles work fighting against online vehicle scams we have built a basic information and advice website separate from the main forum. We hope this will help to spread the message about the scams.  You can find the site at It is part of LegalBeagles site but has an additional URL to assist in publicising it.  We welcome any views on the site and any suggestions for improvement of the content would be gratefully received. And please feel free to share the site with your friends and colleagues.












Top ten online scams – and how fraudsters stole a victim’s money and conned his Facebook friends too | This is Money

The ten biggest online scams lost victims across the country £670million over the last year – and this figure is likely to be far higher due to unreported cases, National Fraud Intelligence Bureau data reveals.The case of a victim known only as Chris, who had thousands stolen by fraudsters who simply rang his bank to gain details and also conned his Facebook friends into sending money too, is highlighted by Get Safe Online Week, which started yesterday.It comes as a study found half of those who have been a victim of cyber fraud – which includes ID theft, economic losses, hacking and viruses – said they felt either ‘very’ or ‘extremely violated’ by their ordeal.

via Top ten online scams – and how fraudsters stole a victim’s money and conned his Facebook friends too | This is Money.


eCrime team exposes online jobs scam

A man who deceived online jobseekers into paying for non-existent employment checks has pleaded guilty today to fraud

The man, Alexandru Hincu, posed as a legitimate recruitment consultant placing recruitment ads on Gumtree, the popular, classified, community website. He targeted vulnerable and eager overseas jobseekers, whose second language was English, and who were living in, and who wanted to work in the UK.

Hincu persuaded them to pay between £50 and £60 pounds for bogus Criminal Record Bureau, or CRB checks. He convinced them the checks were needed prior to giving them details for a job induction day that he never arranged.

His deception was brought to light following jobseekers’ complaints to the Citizens Advice Helpline Number and Action Fraud, and a subsequent investigation by the National Trading Standards eCrime Team (NTSeCT) jointly based at the City of York Council and North Yorkshire County Council.

Hincu, aged 27 of North London, admitted various fraud offences contrary to sections 1 and 2 of the Fraud Act and was given a six month prison sentence, suspended for two years, and ordered to do 180 hours unpaid community work. He was also ordered to pay a total of £2466 compensation to his victims, which included £150 per victim for their inconvenience, and £5048.48 prosecution costs. Hincu had pleaded guilty to these offences at a previous hearing at York Magistrate’s court in September, but was referred to Leeds Crown Court for sentencing.

via eCrime team exposes online jobs scam.