Welcome to the Prehnetics Cyber Security Podcast!

In this third episode, we’re diving into the deceptive world of scareware—a cybersecurity threat designed to prey on fear and urgency. This episode is tailored for those who may not be familiar with cyber threats but want to learn how to protect themselves.

What is Scareware?

Scareware is a form of malware that manipulates victims using social engineering tactics. It tricks people into downloading fake antivirus software or paying for fraudulent services by generating panic-inducing alerts. These pop-ups often mimic security warnings from reputable companies like Microsoft or Apple, falsely claiming your device is infected with a virus.

How Scareware Works

Scareware relies on fear tactics to make users act impulsively:

• Pop-up warnings or alerts appear, claiming that a virus has been detected on the device.

• These messages use urgent language like "critical alert," "danger," or "act now" to create panic.

• The user is then prompted to click a link, which downloads either fake security software or actual malware—often in the form of a trojan downloader.

• Some scareware campaigns aim to steal personal information, such as credit card details, while others simply push users to pay for useless software that does nothing.

Common Types of Scareware

• Pop-ups from PUPs (Potentially Unwanted Programs)

o These often originate from cross-site scripting (XSS) or clicking on malicious links in emails, texts, or scam phone calls.

• Fake "Tech Support" Scams

• Some scams instruct users to call a fake help desk, where cybercriminals guide them into providing remote access to their device.

Fraudulent Toll Payment Texts

• A growing trend is fake toll payment scams, where fraudsters send messages that appear to come from a toll company.

• These messages contain spoofed phone numbers and request urgent payment via a phishing link.

• If clicked, users are directed to a fake website designed to steal login credentials or financial data.

• Always verify toll payments directly through official websites or customer support.

Consequences of Falling for Scareware Scams

• Financial Loss – Attackers can drain bank accounts or use stolen credit card info for fraudulent purchases.

• Identity Theft – Cybercriminals may access personal details, such as Social Security numbers, for identity fraud.

• Account Takeover – Hackers may reset passwords and gain control of important online accounts, causing reputational and financial damage.

• How to Protect Yourself from Scareware

• ✅ Verify Alerts: Contact service providers directly using official phone numbers or websites.

✅ Enable 2FA: Use two-factor authentication (2FA) for critical accounts like banking and social media.

✅ Use Authenticator Apps: Rely on apps like Google Authenticator or Authy instead of SMS-based authentication.

✅ Limit SMS Reliance: Attackers can intercept text messages if they have access to your phone number.

✅ Keep Personal Data Private: Be cautious about sharing sensitive information online or via phone—especially answers to security questions (mother’s maiden name, pet’s name, etc.).

• If you found this episode helpful, hit the like button and subscribe for more cybersecurity insights. Stay informed, stay secure, and we’ll see you next time!

Welcome to the Prehnetics Cyber Security Podcast, episode two, Sim Swapping, a cyber security Point of view

A SIM swap attack, also known as Subscriber IdentityModule (SIM) hijacking, occurs when a fraudster gains control of a victim's phone number by having it transferred to a SIM card they control.This allows them to intercept calls and text messages, including security codes, to gain access to the victim's online accounts and financial information.

Mobile phone service providers have the ability toseamlessly port a phone number to a device containing a different subscriber identity module (SIM). This mobile number portability feature is normally used when a phone is lost or stolen, or a customer is switching service to a newphone.

The attacker just needs to convince the service providerthat they are the owner of that phone number

Here's a more detailed look:

How it works:

1. Gathering Information:

Attackers gather information about the victim, such as name,address, and security questions, often from social media or by posing as the victim’s friends to gain their trust. Attackers may use clues from social media as to which victims are more affluent (Pictures of the victim in expensive cars, houses, etc.) making them attractive targets. This Social Engineering is acommon way to initiate most scams or identity theft.

2. Impersonation:

The attacker contacts the victim's mobile carrier,pretending to be the legitimate owner of the phone number and requesting a SIM swap or a replacement SIM card.

3. Successful Swap:

If the attacker provides the correct information, thecarrier transfers the number to the attacker's SIM card. Sometimes this involves a one time password (OTP) sent to the victim. The attacker says they put the wrong phone number in when trying to create a new account, and ask thevictim for the OTP. Don’t ever give a PIN, password, or OTP over the phone, or via message or email.

4. Access to Accounts:

The attacker can then intercept calls and texts, includingsecurity codes, to access the victim's email, and other online accounts like banks, credit cards, and social media, which may use the email address for password resets, or Short Message Service (SMS)

5.  Perform as much theft or fraud as possible, before victim knows they have lost control of their accounts

Consequences:

Financial Loss:

Attackers can steal money from bank accounts or use thevictim's credit card information for fraudulent purchases.

Identity Theft:

Gaining access to personal information like social securitynumbers can be used for identity theft.

Account Takeover:

Attackers can change passwords and gain control of variousonline accounts, causing significant disruption and potential reputational damage.

Prevention:

Verify Alerts: Regularly check account security alerts (oftensent in email or texts) for unusual login attempts or unauthorizedtransactions.

Enable 2FA: Use two-factor authentication for criticalaccounts like banks and social media.

Use Authenticator Apps: Use apps like Google Authenticatoror Authy to generate security codes instead of relying on SMS (because the attacker has your phone number, and will get the SMS on their phone.  Avoid Relying on SMS: Limit the use of SMS for sensitive account information.

Keep Personal Information Private: Be cautious about sharing personal details online. Much of this information (Mother’s maiden name, pet’s names) are also security questions

Number Lock: Some cell phone service providers offer number lock features to prevent unauthorized transfers.

Please hit the like button and subscribe if you liked theVideo.  Come back soon for more cyber security related videos.

Welcome to the Prehnetics Network and device security Podcast,

Episode one, Signal Gate, from a cyber security and Operational Security Point of view

I’d like to discuss the Signal gate leak, we will try toavoid any legal or political discussions.

The Three Main Aspects of Cyber Security are abbreviated (CIA)

C  for Confidentiality

Restricting Access and Disclosure of Sensitive Information

I  for Integrity

Accuracy, Consistency, and Reliability of Information.Signal does not have an error checking mechanism.

A  for Availability

Ability of Authorized users to Access and use Informationwhen Needed

•      CIA in relation to Signal

•      C  Confidentiality

•      Signal relies on its encryption to limit access to the information , and signal relies on the members of the group to limit access to the information.

•      I  Integrity

•      Not a Signal feature

•      A  Availability

•      Signal deletes messages after they are read, messages not easily retrievable

Where was the Opsec?

Operational Security

•      Protecting  sensitive information from unauthorizedaccess

•      Ensuring that adversaries cannot gain an advantage by understanding an organization's capabilities and intentions

•      Confidentiality was not met, the press was given access to the group chat, potentially exposingUS intentions

•      It is not clear if the breach was a hack, the results of a malicious insider, or amistake by the group admin(s)

•      The contact data of some on the group chat, is accessible on the internet, makingthe group an attractive target, if it was a hack

•      Obscuring contact data is a key component of Opsec, since most of the members were public figures before they were given access to sensitive information, they should have gotten secondary contact information.

How can I beef up my Opsec?

Identify Critical Information

•      Determine which information, if disclosed to an adversary, could cause the most harm or lead to the most damaging exploitation.

•      Use a graded approach when protecting information

Critical Information could include travel plans, negotiationstrategies, deployment strategies

Analyze Threats

•      Identify potential adversaries and their capabilities and intentions to collect,analyze, and exploit critical information. Often this will be non alliedforeign entities

Analyze Vulnerabilities

•      This involves identifying weaknesses in your organization's security that could be exploited by an adversary.

Vulnerabilities to include publicly available information, password strength

Assess Risks:

•      Evaluatethe likelihood and impact of an adversary exploiting dentified vulnerabilities

•      Riskis often defined as consequences (1-4) times consequences (also 1-4) and may include monetary risk, reputational risk, operational risk

Apply Appropriate Countermeasures

•      Implement countermeasures to mitigate identified risks and protect critical information.

Counter measure to include stronger admin controls,awareness, DLP (Data Loss Prevention) stronger passwords, 2 factor identification (authenticator stronger then text) purging publicly available information

Remember, if you like this podcast, tell your friends andhit the like button, and subscribe. If you think there are things I can improve, please comment here, or in my youtube podcast Prehnetics, Network and device security.  Thanks for listening.