Have you been getting random calendar invitations from unfamiliar sources about events you have never heard of before? It seems we are not the only ones. Most of the calendar invitations seem to be coming from email accounts from other countries, promising deals on brand name products such as Ray-Bans.
This is just another type of phishing scam. Do not accept or decline calendar invitations from unknown senders. If possible, try not to open the invitation at all, and if you do open the invitation, do not click any links that may be attached. From what we know about email phishing and malware, this is most likely an attempt at retrieving personal information from your device.
Apple is in the process of blocking the suspicious email addresses and hopefully putting a quick end to the unknown invitations. In the meantime, you can do a few things to protect yourself. Firstly, do not decline the invitations, this only alerts the sender of an active email account, and will most likely lead to even more invitations. Go into your calendar settings and change invitations to be sent via email rather than device iPhone notifications. Finally you can create a junk calendar, purely for these spam invitations. These are temporary alternatives while we wait for Apple to block the email addresses and secure the problem. If you would like to create an alternative calendar for these invitations, which is the best way to protect yourself at the moment, click here.
If you would like to educate yourself in more detail about the information presented in this blog post please visit: www.mashable.com
Now that ransomware is on the brain, a few crooks posing as tech support are tailoring their skills to work the system. A lock screen appears on your PC and claims that a users Windows license has expired and to simply call the tech support number provided in order to quickly and effortlessly solve the problem. A fake Microsoft technician answers the line and is more than happy to help, if you are willing to pay the price.
Users will see a lock screen appear on their machine that truly resembles a genuine Microsoft program. After the program installs it waits patiently for the user to restart the PC. After the restart the program activates and sequentially takes over the desktop and displays a highly sophisticated Windows Update screen. Unrecognizable to the naked eye that this is in fact ransomware.
After the program activation, the infected PC will display a screen that tells the user the desktop has been made effectively disabled because of an expired license key, with the computer name being taken from the victims actual PC. Now that the PC is locked, the user thinks they are doing the right thing by calling the number provided and talking to who they think is a tech support working for Microsoft.
Malwarebytes called the number, and a fake Microsoft technician revealed a hidden functionality. Hitting Ctrl+Shift+T would bring up a built-in installer for TeamViewer. The tech support scammer on the other end of the call refused to give much more information without the $250 to unlock the PC, which of course, Malwarebytes did not pay.
If a user refused to pay the fee requested, they would have little resources to fix the machine on their own. Fortunately, security researchers have found a small loop hole. Discovered by @TheWack0lian, Ctrl+Shift+S will allow users to kill the winlocker without touching the contents of their machine. The hardcoded values “h7c9-7c67-jb” or “g6r-qrp6-h2” or “yt-mq-6w” can be entered as the product key. These may work to unlock the machine, but is not a fix across the board as they will not work for all versions of the lockers.
If you would like to educate yourself in more detail about the information presented in this blog post please visit: Ransomware-like tech support scam locks screen, labels Windows product key as invalid