Connect with us

Technology

Alarming rise of fake legal requests: What it means for your privacy

Published

on

Alarming rise of fake legal requests: What it means for your privacy

Phishing emails are one of the most common tricks scammers use, but they’re usually easy to catch if you pay attention. Awkward grammar, random details and, most importantly, an unofficial email address are dead giveaways. For example, you might get an email saying your Apple ID’s been disabled, but the sender’s email won’t actually be from Apple. Now, though, scammers are finding ways to get around this.

According to the FBI, there’s been a recent rise in cybercriminal services using hacked police and government email accounts to send fake subpoenas and data requests to U.S.-based tech companies.

I’M GIVING AWAY A $500 GIFT CARD FOR THE HOLIDAYS
Enter by signing up for my free newsletter!

Illustration of a scammer at work (Kurt “CyberGuy” Knutsson)

What you need to know

The FBI has seen a spike in criminal forum posts about emergency data requests and stolen email credentials from police departments and government agencies. Cybercriminals are getting into compromised U.S. and foreign government email accounts and using them to send fake emergency data requests to U.S.-based companies, which exposes customer data for further misuse in other crimes.

Advertisement

In August 2024, a popular cybercriminal on an online forum advertised “high-quality .gov emails” for sale, meant for espionage, social engineering, data extortion, emergency data requests and more. The listing even included U.S. credentials, and the seller claimed they could guide buyers on making emergency data requests and even sell real stolen subpoena documents to help them pose as law enforcement.

Another cybercriminal boasted about owning government emails from over 25 countries. They claimed anyone can use these emails to send a subpoena to a tech company and get access to usernames, emails, phone numbers and other personal client info. Some con artists are even hosting a “masterclass” on how to create and submit their own emergency data requests to pull data on any social media account, charging $100 for the full rundown.

Alarming rise of fake legal requests: What it means for your privacy

Illustration of a scammer at work (Kurt “CyberGuy” Knutsson)

WINDOWS FLAW LETS HACKERS SNEAK INTO YOUR PC OVER WI-FI

How this phishing scam works

When law enforcement, whether federal, state or local, wants information about someone’s account at a tech company, like their email address or other account details, they typically need a warrant, subpoena or court order. When a tech company receives one of these requests from an official email address, they’re required to comply. So, if a scammer gets access to a government email, they can fake a subpoena and get information on just about anyone.

To bypass verification, scammers often send emergency data requests, claiming that someone’s life is at risk and that the data is needed urgently. Because companies don’t want to delay in case of an actual emergency, they may hand over the information, even if the request turns out to be fake. By portraying it as a life-or-death situation, scammers make it harder for companies to take time to verify the request.

Advertisement

For example, the FBI reported that earlier this year, a known cybercriminal posted pictures on an online forum of a fake emergency data request they’d sent to PayPal. The scammer tried to make it look legitimate by using a fraudulent mutual legal assistance treaty, claiming it was part of a local investigation into child trafficking, complete with a case number and legal code for verification. However, PayPal recognized that it wasn’t a real law enforcement request and denied it.

Alarming rise of fake legal requests: What it means for your privacy

Illustration of a person receiving a phishing email (Kurt “CyberGuy” Knutsson)

CYBERSCAMMERS USE AI TO MANIPULATE GOOGLE SEARCH RESULTS

What can companies do to avoid falling for these phishing scams?

1) Verify all data requests: Before sharing sensitive information, companies should verify every data request, even those that look legitimate. Establish a protocol for confirming requests directly with the agency or organization that supposedly sent them.

2) Strengthen email security: Use email authentication protocols like DMARC, SPF and DKIM to block emails from unauthorized sources. Implement anti-phishing filters to detect suspicious content in messages.

3) Train employees on phishing awareness: Regular training sessions on phishing scams can help employees recognize red flags, such as urgent language, unusual requests or emails from unknown addresses. Employees should be encouraged to report suspicious emails.

Advertisement

4) Limit access to sensitive data: Restrict who can view or share sensitive customer data. Fewer people with access means fewer chances for accidental or intentional data leaks.

5) Implement emergency verification procedures: Have a clear verification process in place for “emergency” data requests, including steps for double-checking with higher management or legal teams before responding to any urgent request for customer information.

Alarming rise of fake legal requests: What it means for your privacy

Illustration of a scammer at work (Kurt “CyberGuy” Knutsson)

Is there something you need to do?

This particular phishing scam mostly targets big tech companies, so there’s not much you can do directly. However, it’s a reminder that you shouldn’t automatically trust an email, even if it comes from a .gov address. Here are some steps you can take to stay safe.

1) Double-check email addresses and links: Even if an email looks official, take a moment to check the sender’s email address and hover over any links to see where they actually lead. Be cautious if anything looks off. The best way to safeguard yourself from malicious links is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android and iOS devices.

2) Enable two-factor authentication (2FA): Use 2FA for all sensitive accounts. This extra layer of security helps protect you even if your login credentials are compromised.

Advertisement

3) Stay updated on phishing scams: Keep an eye on the latest phishing tactics, so you know what to look out for. Regular updates help you spot new types of scams before they affect you.

4) Verify suspicious requests: If you get an unexpected email asking for sensitive info, contact the sender directly through an official channel to confirm the request.

Alarming rise of fake legal requests: What it means for your privacy

Illustration of a scammer at work (Kurt “CyberGuy” Knutsson)

DON’T LET SNOOPS NEARBY LISTEN TO YOUR VOICEMAIL WITH THIS QUICK TIP

Kurt’s key takeaway

Scammers are taking phishing emails to a whole new level. I often recommend checking the email carefully when you receive anything suspicious to see if it’s legit. But now, since scammers can even access government emails, you need to be extra cautious. This phishing scam seems to target mostly big tech companies, so it’s on them to strengthen their security and verify every request thoroughly before sharing any user information. It’s also up to governments worldwide to protect their digital assets from being compromised.

What’s your stance on how governments are handling cybersecurity? Are they doing enough to protect sensitive data? Let us know by writing us at Cyberguy.com/Contact.

Advertisement

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.

Ask Kurt a question or let us know what stories you’d like us to cover.

Follow Kurt on his social channels:

Answers to the most asked CyberGuy questions:

Advertisement

New from Kurt:

Copyright 2024 CyberGuy.com. All rights reserved.

Advertisement
Continue Reading
Advertisement
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Technology

Google to court: we’ll change our Apple deal, but please let us keep Chrome

Published

on

Google to court: we’ll change our Apple deal, but please let us keep Chrome

A court found Google liable for unlawfully monopolizing online search, and its remedies are supposed to reset the market, letting rivals fairly compete. Google (obviously) disagrees that it’s running a monopoly, but before it can appeal that underlying conclusion, it’s trying to limit the fallout if it loses.

Google’s justification is that search deals were at the heart of the case, so they’re what a court should target. Under the proposal, Google couldn’t enter deals with Android phone manufacturers that require adding mobile search in exchange for access to other Google apps. It couldn’t require phone makers to exclude rival search engines or third-party browsers. Browser companies like Mozilla would be given more flexibility in setting rival search engines as defaults.

Perhaps the biggest concession is that this agreement would specifically end Google’s long-running multibillion-dollar search deal with Apple. It would bar Google from entering agreements that make Google Search the default engine on any “proprietary Apple feature or functionality, including Siri and Spotlight” in the US — unless the deal lets Apple choose a different default search engine on its browser annually and “expressly permits” it to promote other search engines.

And in a nod to some DOJ concerns about Google locking out rival AI-powered search tools and chatbots, Google proposes it should be disallowed from requiring phone makers to add its Gemini Assistant mobile app in order to access other Google offerings.

The government has proposed ten years of restrictions, but Google’s counterproposal is only three — it argues nothing more is necessary because “the pace of innovation in search has been extraordinary” and regulating a “fast-changing industry” like search would slow innovation.

Advertisement

If the court accepts Google’s streamlined proposal over the DOJ’s, the company could lose out on some lucrative or strategically advantageous deals, but its business would remain intact. It wouldn’t have to spin out its Chrome browser or have the threat of an Android divestment order hanging over it. And it wouldn’t need to share many of the underlying signals that help it figure out how to serve useful search results, so that rivals could catch up and serve as a true competitive pressure, as the DOJ hopes.

Both Google and the DOJ’s proposals are essentially starting points from which the judge can work. But Google is betting it could have an easier time selling a simple proposal that addresses a major, specific problem raised in the trial. It’s positioning the government’s proposals as extreme and reaching beyond the scope of the judge’s earlier decision, perhaps — Google will likely tell the court — even in a way that could get overturned on appeal.

This hasn’t been received well by at least one of Google’s rivals, the search engine company DuckDuckGo. “Google’s proposal attempts to maintain the status quo and change as little as possible,” spokesperson Kamyl Bazbaz said in a statement. Both sides will argue their case in a federal court in Washington, DC beginning on April 22.

Continue Reading

Technology

More than 910,000 patients at risk after ConnectOnCall health data breach

Published

on

More than 910,000 patients at risk after ConnectOnCall health data breach

Data breaches are becoming an alarming trend, and health care incidents stand out for their potentially lifelong consequences. I just reported how a data breach at a physician-led vein center exposed almost half a million people’s data to hackers. And now, another health care data breach has come to light and this one affects even more people. The data breach exposes sensitive personal and medical information belonging to over 910,000 patients through ConnectOnCall, a telehealth platform and after-hours call service owned by Phreesia.

GET SECURITY ALERTS, EXPERT TIPS – SIGN UP FOR KURT’S NEWSLETTER – THE CYBERGUY REPORT HERE

A medical professional working on a laptop (Kurt “CyberGuy” Knutsson)

What you need to know

Health care software provider Phreesia has revealed that its ConnectOnCall service was hit by a data breach that lasted from Feb. 16 to May 12, 2024. During this time, an unknown hacker gained access to the platform and pulled data from provider-patient communications. ConnectOnCall helps health care providers handle after-hours communication and automate patient call tracking.

Phreesia, which bought ConnectOnCall in October 2023, discovered the breach on May 12 and says it jumped into action right away. The company brought in external cybersecurity pros to lock down the platform and reported the breach to federal law enforcement.

Advertisement

“On May 12, 2024, ConnectOnCall learned of an issue impacting ConnectOnCall and immediately began an investigation and took steps to secure the product and ensure the overall security of its environment,” the company revealed in a press release.

According to a report filed with the U.S. Department of Health and Human Services, the breach impacted 914,138 patients (via Bleeping Computer). The stolen data includes names, phone numbers, medical record numbers, dates of birth and details about health conditions, treatments or prescriptions. In a few cases, Social Security numbers were also compromised.

Phreesia claims its other services, like the patient intake platform, were not affected. The company has since taken ConnectOnCall offline and is working on bringing it back in a more secure setup.

We reached out to ConnectOnCall for a comment but did not hear back by our deadline.

More than 910,000 patients at risk after ConnectOnCall health data breach

Emergency room sign (Kurt “CyberGuy” Knutsson)

UNDERSTANDING BRUSHING SCAMS AND HOW TO PROTECT YOURSELF

Advertisement

The risks associated with the ConnectOnCall data breach

The impact of this breach is significant due to the sensitive nature of health care data. Unlike financial breaches, where compromised accounts can be frozen or replaced, health information is permanent and highly sought after on the dark web. Cybercriminals may exploit this data to commit identity theft, including obtaining prescription drugs fraudulently or filing false insurance claims.

Plus, the detailed health information exposed – such as diagnoses, treatments and medications – can be used for targeted phishing attacks. Scammers could exploit victims’ medical histories to create highly convincing schemes, increasing the likelihood of success.

Phreesia has mailed notification letters to all affected individuals for whom health care providers had valid mailing addresses as of Dec. 11, 2024. For those whose Social Security numbers were exposed, the company is offering identity and credit monitoring services.

More than 910,000 patients at risk after ConnectOnCall health data breach

A doctor writing notes (Kurt “CyberGuy” Knutsson)

CYBER SCAMMERS USE AI TO MANIPULATE GOOGLE SEARCH RESULTS

7 ways to keep yourself safe from such data breaches

1) Regularly monitor your financial and medical accounts: Periodically review your medical records and health insurance statements for any unusual or unauthorized activity. This can help you quickly identify and address any discrepancies or fraudulent activities.

Advertisement

Use patient portals provided by health care providers to access your medical records online. These portals often have features that allow you to track your medical history and appointments. 

2) Use strong passwords and two-factor authentication (2FA): Create strong, unique passwords for your online accounts, including health care portals. Avoid using easily guessable information like birthdays or common words. Consider using a password manager to generate and store complex passwords.

3) Enable two-factor authentication wherever possible: 2FA adds an extra layer of security by requiring a second form of verification, such as a text message code or authentication app, in addition to your password.

4) Don’t fall for phishing scams; use strong antivirus software: Be mindful of the information you share online and with whom you share it. Avoid providing sensitive personal information, such as Social Security numbers or medical details, unless absolutely necessary. Verify the legitimacy of any requests for personal information. Scammers often pose as health care providers or insurance companies to trick you into revealing sensitive data by asking you to click on links in emails or messages.  

The best way to safeguard yourself from malicious links is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android and iOS devices.

Advertisement

5) Use identity theft protection services: Consider enrolling in identity theft protection services that monitor your personal information and alert you to potential threats. These services can help you detect and respond to identity theft more quickly. Some identity theft protection services also offer insurance and assistance with recovering from identity theft, providing additional peace of mind. See my tips and best picks on how to protect yourself from identity theft.

6) Freeze your credit: A credit freeze prevents anyone from opening new credit accounts in your name without your authorization, reducing the risk of identity theft. Contact the major credit bureaus (Experian, Equifax and TransUnion) to request a credit freeze. This is often free and can be temporarily lifted when you need to apply for credit.

 7) Remove your personal data from the internet: After being part of a data breach, it’s crucial to minimize your online presence to reduce the risk of future scams. Consider using a personal data removal service that can help you delete your information from various websites and data brokers. This can greatly diminish the chances of your data being used maliciously. Check out my top picks for data removal services here.

DON’T LET SNOOPS NEARBY LISTEN TO YOUR VOICEMAIL WITH THIS QUICK TIP

Kurt’s key takeaway

The ConnectOnCall health data breach highlights the critical need for robust cybersecurity measures within the health care sector, where the stakes are often much higher than in other industries. With over 910,000 patients affected, this incident shows the serious risks posed by cyberattacks on health care platforms. Sensitive data like medical records and Social Security numbers are permanent and can be misused for identity theft and fraud. If you were impacted, stay vigilant by monitoring your accounts, enabling fraud alerts and considering identity theft protection services. 

Advertisement

Do you think health care providers should face stricter regulations for protecting sensitive patient information? Let us know by writing us at Cyberguy.com/Contact.

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.

Ask Kurt a question or let us know what stories you’d like us to cover.

Follow Kurt on his social channels:

Answers to the most asked CyberGuy questions:

Advertisement

New from Kurt:

Copyright 2024 CyberGuy.com. All rights reserved.

Advertisement
Continue Reading

Technology

X raises Premium Plus subscription pricing by almost 40 percent

Published

on

X raises Premium Plus subscription pricing by almost 40 percent

X has substantially raised the price of its top-tier user subscription in multiple regions to help bolster the platform’s creator payouts. The increase for Premium Plus came into effect on December 21st according to X, raising prices in the US from $16 per month to $22, or from $168 to $229 for annual subscriptions.

Many European countries like France, Germany, and Spain are impacted by a similar increase, taking monthly prices from €16 to €21. Monthly subscribers in Canada (currently paying $20), Australia ($26) and the UK (£16) will also see pricing increased to $26, $35, and £17 respectively. The higher pricing is immediately applicable to new subscribers, with existing users grandfathered into their current rates until January 20th. X’s basic subscription tier remains unaffected.

The pricing changes for US subscribers are the highest increase introduced since Elon Musk purchased the social media platform in 2022. X gave several reasons to justify the price hike, citing that Premium Plus is now completely ad-free — which it described as a “significant enhancement” to the current user experience.

X also references changes made to the X revenue sharing program in October, saying that subscriptions “now more directly fuels” creator payouts to “reward content quality and engagement rather than ad views alone.” Premium Plus subscribers will additionally receive priority user support, access to additional features like X’s Radar trend monitoring tool, and higher limits on the platform’s Grok AI models.

Continue Reading
Advertisement

Trending