News: Apple Phishing Scams and Flawed Security Cameras
Are you looking to avoid new Apple phishing scams or to secure your security cameras? Our articles for this week’s Cyber Security news are here to keep you ahead of the game. Read on to learn how to avoid these headaches!
9 to 5 Mac: “PSA: Watch out for these convincing App Store subscription phishing emails.”
A new Apple phishing scam is going around, trying to scare victims with fake subscription renewals. The emails appear to show an expensive upcoming charge for YouTube in hopes of making people click a link.
Clicking the link to “unsubscribe” does not install malware. But it does ask for your user name, credit card, and many other private details. Users that fall for the scam may never realize crooks stole their information until it is too late.
Scams like these are not particularly new, but this one is gaining speed quickly. Apple themselves issued a warning about phishing because the emails look so authentic. They recommend looking for your address in the email, because their billing always includes it. Unfortunately, more targeted phishing could get around this easily with online data.
We recommend good filtering of your email and a healthy dose of common sense. YouTube does not have a such high priced subscriptions, and you can check this kind of billing by visiting their site directly.
When you see a suspicious email like this and you want to double check, try going to the company website without clicking a link in the email. If they think you owe them money, they will tell you one way or another. This way you don’t click any dangerous links leading to phishing or malware.
CSO Online: “Severe flaws could turn your smart camera into someone else’s surveillance tool.”
We discuss Internet of Things (IoT) devices fairly often in our blog. Often times, manufacturers rush to develop nice features but fail to set up even basic security. Unfortunately this can happen in companies of all sizes, especially when they use another company to make their products.
In this case, Kaspersky Labs found serious flaws in security cameras made by HanWha, who provides firmware for Samsung. They used the Samsung SmartCam brand until 2018 when they separated their company. But many Samsung branded cameras and other similar products from other brands continue to use this firmware and are vulnerable.
So what are the issues? Because you can only manage these cameras through their poorly secured cloud, attackers can essentially take over your cameras. They can access the video, audio, and control them however they need. They could even clone the camera and show a fake video, so people who monitor it would have no idea if a burglary was taking place.
Then what can you do if you have one of these cameras? Unfortunately, not much. Because they require you use their cloud to manage the cameras, there is no way to isolate them from the internet and still use them. So it may be best to remove them from the network until the patches go through later this month.