Warshipping, a new cyberattack technique, is on the rise, and consumers should be wary. Most of us online shop, expecting fast delivery times, so it isn’t a surprise to come home to a package, or multiple packages, on our doorsteps. What should come as a shock is that some of these packages could be malicious, acting as a vehicle for stealing confidential information.
Warshipping involves shipping a small, hidden computer with networking capabilities to a target. A hacker may choose a physical package to send, equipped with a cheap device that can be hidden; the device is usually a single board computer or Raspberry Pi, powered by a phone battery with 3G capability, that can be remotely controlled. The computer can then be used to connect to an under-protected wireless network in order to perform a multitude of scans or attacks. The hacker has the ability to program the ‘warship’ and once delivered to the target environment leaves the hacker with several capabilities. The option is appealing, being cost-effective and less time-consuming than other older types of attacks like wardialing.
To learn more about warshipping, as well as wardialing and wardriving, plus how to prevent such attacks, visit here.
Second Stimulus Check
As the IRS is still trying to distribute pandemic relief, that text about a second check is not real. Scammers are taking advantage of the COVID-19 pandemic by trying to steal people’s money or financial information by sending fraudulent text messages.
The IRS is warning that the text-message scam is piggybacking on the economic impact payments, or stimulus checks, under the Coronavirus Aid, Relief and Economic Security (CARES) Act. The text reads: “You have received a direct deposit of $1,200 from covid-19 TREAS FUND. Further action is required to accept this payment into your account. Continue here to accept this payment,”. If you receive the text, you should not click the link, as it will drive you to a fake phishing Web address. What you can do is screenshot the text and send the picture to [email protected].
To learn more about the texting scam, and what is really going on with stimulus checks, visit here.
Tip of the Month
There is a known issue regarding Adobe keyboard shortcuts and Webroot on Mac devices. Webroot will prevent the keyboard shortcuts that many designers typically use within Adobe apps. Adobe uses a keylogger to pull keyboard information that Webroot’s Identity Protection prevents. To workaround this issue, Webroot has created a ‘Pause Secure Keyboard Entry’ from the Webroot tray icon. This ‘pause’ feature will now allow Adobe Mac users regain access to their keyboard shortcuts!