Beware of sinister WiFi snoops

PETALING JAYA: Devices costing as low as RM47 can hijack your home and office WiFi and broadband connection from as far as 1km away. Worse, they also enable hackers to steal your personal data, including passwords for online transactions.

 

The Star found that the “WiFi hackers”, also known as “WiFi adapters”, were sold openly at gadget stores, supermarkets and digital malls as well as online.

An information technology specialist, who wanted to be known only as Thomas, said that a powerful device could hack WiFi connections as far as 1km away from the source.

“When the device is installed into a personal lap top or computer, its antenna would detect WiFi signals.

“It would then tap into nearby networks by hacking their passwords,” he said.

Thomas, whose personal network had been tapped, said the “man-in-the-street WiFi pirate” would normally use the tapped WiFi connection to download stuff from the Internet like videos and movies.

Din, another IT expert, said the more sinister hackers would even steal personal data.

“There is a method called man-in-the-middle attack. This allows the hacker to ‘sniff’ even sites secured with https such as banking portals, e-mail and social media (Facebook, Twitter).

“What this means is that the safety net of encrypted data is no longer in place,” he added.

Din revealed a far worse case scenario of a WiFi connection being hacked.

“If the hacker uses the connection from your broadband or WiFi account to hack a government or any website, the trail will lead back to you.

“You may then find yourself in trouble for an act that you neither committed nor had any knowledge of,” he said.

 

Dealers selling the device said it could hack most networks. They even offered a money-back guarantee if the device failed. “If the device does not work, you can bring it back for a replacement or claim back your money,” a dealer said.

 

He added that the devices, especially the “more ‘powerful” models that sell for as much as RM200, can detect networks and hack them in a matter of minutes. “Some networks that have strong security or complicated passwords might take a few hours to hack. A network with a simple password usually takes less than an hour to hack.” According to some dealers, the devices are very popular and go out of stock quickly.

 

Source: http://www.thestar.com.my/News/Nation/2013/09/13/Beware-of-sinister-WiFi-snoops.aspx

Internet Banking Scam

A syndicate believed to have stolen about RM250,000 from 12 victims via an Internet phishing and SIM card hijacking scam with the arrest of seven people by PDRM.

Those arrested included three foreign men – the mastermind from Sierra Leone and two others from Jordan and Pakistan – as well as a local man and three women.

Method:
1. Go to an Internet banking kiosk and upload a software that recorded the usernames and passwords of those using it.

2. They will come back a few hours later and download the data into a USB drive

3. With such personal information, would then go to telecommunication companies, posing as the victims’ friends, family members or as the victims themselves and claim to need a replacement SIM card after having lost their mobile phones.

Syndicate members would even produce forged documents to support their claims such as fake police reports, identity cards and authorisation letters.

4. With the SIM card, the syndicate would then be able to get the Transaction Authorisation Code which allows them to transfer funds into their own accounts.

The syndicate members were arrested in separate raids at a luxury condominium in Section 14, Petaling Jaya, and other surrounding areas on Saturday and Monday.

They also seized several computers, bank account books, laptops, USB drives, fake MyKads, forged police reports, router, credit cards and other documents.

All those arrested, aged between 20 and 27, have been remanded until today.

MOre info:
http://www.thestar.com.my/news/story.asp?file=/2011/9/15/nation/9502438&sec=nation

Internet financial scam

The star online 14.5.11
GEORGE TOWN: When college student Kang Ping Ping replied an email which he had been ignoring for several months, little did he know that he would end up RM10,000 poorer.

Kang, 22, a mechatronics student, said he had been receiving the same email purportedly from a local bank for the past three months.I replied the email on May 9 without suspecting anything until I received a call from my bank the next day.

Kang, 22, a mechatronics stu- dent, said he had been receiving the same email purportedly from a local bank for the past three months.
“The bank wanted confirmation from me about the transfer of funds totalling RM10,000 from my account on May 9 and 10.

“I was immediately taken aback by the call and told them that I never made such transactions,” he told a press conference at the Penang MCA headquarters on Jalan Pahang yesterday.

Kang said the contents of the email had looked very convincing.

He lodged a police report on May 10 and approached the state MCA for help.

Penang MCA Public Services and Complaints Bureau deputy chief Lim Thoon Deong said Kang’s money was found to have been transferred to another bank account under a foreigner’s name.

“The police are acting on the report and trying to locate the account holder,” said Lim.

He added that the account with a balance of only RM500 had been frozen.

Cyber Crime Reported 10/5/11 in Kota Kinabalu, Sabah Malaysia (SinChew JitPoh)


Sabah police managed to detect and detained suspect of social network fraudsters.

The fraudster will go through social network to target the female victim which is at the suitable marriage age. By chatting and expressing their feeling of lova and care, the fraudster will send some "very valuable gifts" to the ladies.

A phone call will be made from "Authorities" to informed the lady that the gift need to pay stamp duty / tax. The "Authorities" will pass the account number and ensure the ladies make the payment.

Microsoft Scam

Reported in Singapore 22/4/11

The syndicate uses email blast to internet users to informed that "Your computer inflected by VIRUS".

Victim are guided to a hyperlink for furher dignose on the laptop / PC remotely.

The faudster will call the victim and persuade the victim to pay for some PC / software repair and maintenance fee.

Alert:

1. Do not click any unfamiliar email especially from big corporate.

2. Big corporate send you email because want to sell their new products, they dont really care you PC break down or what.

3. Got a problems with you computer, please visit the nearby computer shop.

E-mail Scam of RM700 IRB refund

The Star: Tuesday March 15, 2011

PETALING JAYA: The Inland Revenue Board (IRB) has clarified that it did not send any e-mail to taxpayers telling them that the IRB will return them RM700 in tax.

The IRB said that it did not issue the e-mail refund-payment@hasil.gov.my and told taxpayers not to click http://62.23.69.2/hasil.gov.my/index.php.htm which supposedly informed taxpayers that there would be a RM700 refund.

“The IRB wants to confirm that the e-mail is false and is a phishing effort by the unscrupulous who want to steal information and funds from taxpayers,” said Corporate Communications director Mazlan Wan Chik in a statement yesterday.

Members of the public are advised not to open the e-mail but delete it and not provide any feedback as requested in the content.

The IRB’s ICT Security Division immediately reported the matter to the Malaysian Communications and Multimedia Commission when the phishing activity was detected on Sunday and the site had been closed.

“This is the third attempt to cheat taxpayers,” said Mazlan.

The IRB gave the assurance that all taxpayers’ data and information were kept secure.

For enquiries, call 1-300-88-3010 or e-mail callcentre@hasil.gov.my.