• Services
    • Asses
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      •     SOC Maturity Assessment
      •     SOC Model Evaluation
      •     SOC Gap Analysis
      •     SIEM Gap Analysis
      •     SIEM Optimization
      •     SOC Content Pack
    • Train
      • Security Awareness and Training
      • Tabletop Exercise
      • Simulated Cyber Attack Exercises
    • Respond
      • Incident Response
      • Incident Analysis
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
Rewterz Threat Advisory – CVE-2018-0732 – F5 Multiple Products OpenSSL Denial of Service Vulnerability
December 28, 2018
Rewterz Threat Alert – Compromised Email account used for targeting financial organizations
January 1, 2019

Rewterz Threat Alert – Message Hoaxing emerges in Pakistan via ScareWare Messages

December 31, 2018

SEVERITY: Medium

 

 

CATEGORY: Informative updates

 

 

ANALYSIS SUMMARY

 

 

An old tactic of scareware messages (message hoaxing) has resurfaced, targeting employees from different sectors. The campaign spreads via emails claiming that the attackers have got passwords of the victims’ social media accounts. The attackers use the fear factor to get a BitCoin payment while threatening with consequences that spoil reputation. This is an old tactic which has been going on for a while in different parts of the world and now it has emerged in Pakistan.

 

 

Targets fall victim to these emails due to the subject used, i.e. usernames and password. Hackers are using real time data (i.e passwords) to blackmail the targets. The emails looks like this:

 

 

 

 

The email contains a bitcoin address and tolerates zero negotiation, discouraging any risk-taking. Therefore most victims will be blackmailed into making the payment, as the hoax offers no flexibility.

 

 

REMEDIATION

 

 

  • Do not respond to this email.
  • Change your password if this seems to be correct. (it is likely that the sender of this email got your password from the leak on the dark web).
  • Check your computer for Firewall and RDP of what ports are open to the world.
  • Make sure you’re running the latest version of Anti Virus that blocks malicious software and other threats.
  • Services
    • Asses
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Respond
      • Incident Response
      • Incident Analysis
  • Transform
    • SOC Consultancy
    •     SOC Maturity Assessment
    •     SOC Model Evaluation
    •     SOC Gap Analysis
    •     SIEM Gap Analysis
    •     SIEM Optimization
    •     SOC Content Pack
  • Train
    • Security Awareness and Training
    • Tabletop Exercise
    • Simulated Cyber Attack Exercises
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.