Sep 21 2023
Welcome to Gone Phishing, your daily cybersecurity newsletter that treats cyber criminals guilty from the getgo, pretty much like how Russell Brand is being treated by the UK media. #letsgetthefacts
Today’s hottest cybersecurity news stories:
👨💻 Crypto-hackers steal $1m in 3 weeks with ‘Pig Butchering’ scam 🐷
🌌 Metaverse poses privacy risks for users. Lucky no one’s using it 🙈
💻 Ethereum founder Vitalik Buterin’s X hacked to promote crypto scam 💰
If you are a techie and/or in to compliance and security then this newsletter will be right up your street. Its a well written newsletter with great content on software and websites for developers and businesses that use software or rely on 3rd party suppliers for services with a security and compliance focus, lets be honest all business should have a security and compliance focus 😬
Highlighting companies with fresh new security and compliance certifications ⚡️
Gif by heyarnold on Giphy
Researchers from Sophos have uncovered a shocking crypto scam that has robbed victims of over $1 million in just three months! 😨 Here’s what you need to know:
🧐 Sophisticated Operation: These scammers operated with finesse, using 14 domains and numerous fake websites. 😈
💰 DeFi Deception: The culprits tricked victims using fake trading pools of decentralised finance (DeFi) crypto apps. 😱 One victim lost a whopping $22,000 in just a week!
🐷 Pig Butchers at Work: These fraudsters set up bogus liquidity pools, a kind of crypto trading scheme, to syphon off users’ funds. 🐖
😢 Heartbreaking Tale: Meet ‘Frank,’ who fell victim to an online dating scam orchestrated by the scammers. 💔
🔍 Sophos Steps In: Frank reached out to Sophos after losing his hard-earned money. 👏
🕵️♂️ No Malware Needed: Shockingly, the scammers didn’t use any malware. They relied on social engineering tactics! 😨
🚩 Warning Signs: Sean Gallagher, a Sophos expert, advises caution if someone you don’t know on dating apps suddenly talks crypto investments. 📱
📈 Growing Threat: Pig butchering scams are on the rise, with over 500 fake liquidity pool sites spotted. 😵
🔒 Stay Safe: Don’t trust strangers pushing crypto investments. Be cautious on dating apps and social media. 🚫
🤝 Collaboration: Sophos has teamed up with Chainalysis and Coinbase to investigate these scams further. 🤝
Stay vigilant, and protect your hard-earned cash! 💰 Don’t fall for the crypto con! 🚫💔
I came across ZZZ money club during the crypto market bull run when everyone’s a winner, even during the bear market this discord group has been amazing at giving information on projects and ways to make passive income in various ways.
The group is very active and everyone in this private discord group is very chatty and helpful.
If you are interested in joining the group you can through the link below.
Gif by nounish on Giphy
A recent report from New York University warns that the booming metaverse could jeopardise your privacy if strong regulations aren’t put in place. Here’s what you need to know:
🤖 Metaverse Tech: The metaverse relies on extended reality (XR) technologies, like augmented reality and virtual reality. However, these technologies need to collect tons of personal data, posing a massive privacy risk.
📊 Data Dangers: XR gadgets continuously track user data, including head and eye movements. Over time, this data can reveal sensitive info about you, both physically and mentally.
🏢 Big Players: Tech giants like Meta and Microsoft, hardware makers like Nvidia, and game developers like Epic Games are diving into the metaverse.
🔐 Privacy Best Practices: The report recommends companies establish clear privacy, safety, and cybersecurity standards before launching their products. They should also be transparent about how their tech affects your privacy.
⚡ User Control: Users should have control over their data. Companies should delete unnecessary bodily data and offer options to limit privacy risks.
📜 Legal Protections: The report suggests Congress pass a comprehensive privacy law to safeguard against body-based data profiling. The current American Data Privacy and Protection Act (ADPPA) is a good start, but it needs updates to address these concerns.
🏛️ Legislation Update: The House Energy and Commerce Committee is working on an updated ADPPA version. It must consider the harm of body-based data use, enhance notice and consent standards, and prohibit bodily data for psychographic profiling.
Stay informed and protect your privacy as you step into the metaverse! 🌐🔒
Every few weeks, we carefully select three hot newsletters to show you. Reputation is everything, so any links we share come from personal recommendation or carefully researched businesses at the time of posting. Enjoy!
💊 HealthHack: Tech is making it easier than ever to reach your fitness goals, from wearable devices to nutrition apps, this newsletter does the research for you, get all the latest health tech gadgets delivered to your inbox.
₿ Crypto Nutshell: A well written and beautifully designed newsletter giving you the lowdown on crypto and web3, highly recommend if interested to get up to date info on the crypto/web3 market.
🧠 Big Brain: Trending AI news, jobs and tools delivered in 3 minutes per day.
Let us know what you think!
🔓 The Hack: A hacker gained access to Buterin’s Twitter and posted about a fake NFT giveaway. The post contained a malicious URL that stole funds from users who connected their wallets.
🎨 NFT Scam: Buterin’s tweet promised commemorative NFTs from ConsenSys, enticing users to connect their wallets for a chance to double their assets. Unfortunately, it was a classic giveaway scam, and users lost all their funds.
🤯 Shocking Loss: This incident has stunned the crypto community because Buterin is known for his blockchain expertise. He blamed Twitter’s weak OTP authentication for the hack.
🔐 Security Reminder: It’s a stark reminder of the importance of security, even for high-profile figures. Two-factor authentication (2FA) may not always be enough.
📢 Vitalik’s Father Confirms: Dmitriy Buterin, Vitalik’s father, confirmed the hack and urged followers to ignore the post. Vitalik is working on restoring access.
💡 SIM Swapping Suspected: While some believe it could be a SIM swapping attack, others suggest insider involvement due to Vitalik’s prominence.
💰 Substantial Losses: The hacker made over $147,000 in just an hour, causing collective losses of $691,000. The extent of affected users remains unclear.
Stay vigilant and prioritise security in the crypto world! 🔒💰
So long and thanks for reading all the phish!