Taking advantage of the newly-released fourth season of the highly-anticipated Netflix series, Stranger Things, some cybercriminals have scammed users by enticing them with an offer to watch the new episodes ahead of time at just US$1 (RM4.45).
Cybersecurity firm Kaspersky detected scams that were leveraging the thriller drama series.
To access the offer, users were asked to register a new account and enter their personal information, including address and bank details. Using that information, fraudsters then drained victims’ ewallets without granting them access to their favourite series as promised.
Kaspersky also detected spam emails used to sell products of dubious quality that were spread through promotional emails without the recipient’s consent.
For example, in one of the spam emails, users were given the opportunity to buy limited-edition graphic T-shirts related to the new season of Stranger Things. The site supported all languages and currencies for payment. It may not necessarily be a phishing page, but the fact that the ads for these products were promoted through spam and the domain itself was only recently created raises suspicions about the safety of buying from the page.
To avoid falling victim to such scams, Kaspersky recommends that users check the authenticity of links and websites before sharing personal data, and to be wary of odd file extension formats such as .exe and .msi.
The company also recommends installing a reliable security solution such as the Kaspersky Security Cloud that identifies malicious attachments and block phishing sites.
Touch ’n Go Group via Touch ’n Go eWallet, together with Payment Network Malaysia Sdn Bhd (PayNet), have launched the “Mai Kita Cashless” campaign for the benefit of merchants at Pasar Tani Kekal in Changlun, Kedah. Changlun is located approximately 42km from Alor Setar in the Kubang Pasu district. The campaign focuses on the communities in three villages within the area of Changlun: Kampung Baru Changloon, Kampung Paya Nongmi and Kampung Tradisi Lembah Keriang. The objective is to educate and enhance the villagers’ understanding of cashless transactions as a mode of payment.
There are more than 300 merchants at Pasar Tani Kekal and the surrounding areas. The “Mai Kita Cashless” campaign aims to encourage these traders to switch their business operations strategy to Touch ’n Go eWallet and DuitNow QR as the primary mode of payment for convenience.
From now till Aug 31, shoppers who use their Touch ’n Go eWallet for purchases at Pasar Tani Kekal will enjoy a RM5 cashback for a minimum transaction of RM10. Merchants who sign up within this period will get a RM20 reward upon completion of 10 transactions.
The “Mai Kita Cashless” campaign ends on Dec 31.
Denmark-based blockchain business company, Vleppo, has developed a blockchain contract management system (CMS) that enables non-fungible token (NFT) owners to create a digital contract by embedding their NFTs on-chain directly into the blockchain record of the same digital contract.
On-chain refers to a blockchain-based identity system that identifies individuals and organisations, allowing them to enforce compliance and access digital assets.
Smart contracts are tied to a NFT to prove ownership and agreement, but they are often dismissed by traditional regulations.
In order for a contract to be legally enforceable by law, it needs to fully satisfy five elements: offer; acceptance; consideration; capacity of the parties to contract; and, an intention between parties to create and be bound by legal relations.
However, smart contracts are not able to definitively prove that all the abovementioned elements have been met. Therefore, most smart contracts are often accompanied by a separate traditional contract in the real world to authenticate agreements and ownerships.
To solve that, the Vleppo CMS provides users with easy and affordable access to payments, escrow and blockchain-governed dispute resolution — essentially everything needed to execute and resolve contracts.
Additionally, as it is built based on the Komodo Protocol blockchain’s superior design and lack of reliance on “gas-style” transaction fees, the Vleppo CMS can also accommodate even the highly complex contractual agreements in an affordable and efficient way.
The Vleppo CMS system is able to deliver legal enforceability enhancement to NFT owners across all blockchain systems including Ethereum, Polygon, Solana or any other blockchain.
Cyber threat intelligence company Check Point reported that a new Android banking malware, MaliBot, has taken third place among the most prevalent mobile malwares in June after it emerged following the takedown of FluBot at the end of May.
MaliBot disguises itself as cryptocurrency mining apps under different names and targets users of mobile banking to steal financial information. Similar to FluBot, MaliBot uses phishing SMS messages (smishing) to lure victims into clicking on a malicious link that redirects them to the download of a fake app containing the malware.
Check Point Research added that for July, Emotet, another notorious malware, is still the most prevalent malware overall. Snake Keylogger comes in third after an increase in activity since appearing in eighth place in May.
Snake Keylogger’s main functionality is to record users’ keystrokes and transmit collected data to threat actors. In May, Check Point found that Snake Keylogger was being delivered via PDF files but now it has been spread through emails containing Word attachments tagged as requests for quotations.
Its researchers also reported a new variant of Emotet in June that has credit card stealing capabilities and targets Chrome browser users.
Mobiles are not excluded from threats too. AlienBot is the most prevalent mobile malware, followed by Anubis and MaliBot. The AlienBot malware family is a malware-as-a-service (Maas) software for Android devices that allows a remote attacker to inject malicious code into legitimate financial applications. The attacker then obtains access to victims’ accounts, and eventually completely controls the device.
Furthermore, the report stated that the education and research field is the top attacked industry globally, followed by government or military and healthcare.
The report also revealed that the “Apache Log4j Remote Code Execution” is the most commonly exploited vulnerability, affecting 43% of organisations worldwide, closely followed by “Web Server Exposed Git Repository Information Disclosure” which has a global impact of 42.3%, and “Web Servers Malicious URL Directory Traversal” with a global impact of 42.1%.
COMPETITIONS & GRANTS
After wrapping up the third cohort in March, local start-up accelerator ScaleUp Malaysia has announced the registration opening for its Cohort 2022 that is scheduled to commence in the last quarter of the year.
It has also increased its investments in successful start-ups to US$100,000 (RM440,000), making ScaleUp Malaysia the largest benefactor of Southeast Asian accelerator programmes. Ten start-ups will be chosen to receive the grant at the end of the programme.
Combining accelerator and post-investment programmes under one cohort, ScaleUp Malaysia prepares start-ups for fundraising through a one-month bootcamp and 24 months’ access to an external management team of C-suite positions, among other benefits from its extensive network.
Registration for ScaleUp Malaysia’s Cohort 2022 ends Aug 31. For more information, visit www.scaleup.my/cohort-2022
China