Christmas bells jangled for cyber criminals

MIKE O'DONNELL
Last updated 09:55 27/01/2014

Relevant offers

OPINION: The older I get the more I reckon Christmas is encapsulated by two things: children and traditions. Kids' electrically charged anticipation leading up to the event and the pure joy of watching them opening presents in front of the tree; and family traditions, whether it be food, music or events.

The two big Christmas traditions in the O'Donnell household are Bob Dylan's dreadful Christmas carol album and a bathtub-green 1971 Volkswagen Kombi. We picked up the Kombi eight years ago, spent a year doing it up and take to the road every January in search of remote beaches and no cellphone coverage.

Kombis go everywhere slowly. Ours has the 1600 "twin port" motor, so instead of the regular 45 horsepower we get the positively athletic 48-horse option. This means our open-road speed is a tad under 90kmh, so there's plenty of time to smell the countryside we pass through.

For all that, it's never let us down. Part of this is good design, but the big part is preventive maintenance. It gets fresh oil every 4000 kilometres and a grease every three months, and as a result it's always delivered a stress-free Christmas.

Plenty of people didn't have a stress-free Christmas in cyber- land. The holidays provide scammers with three conditions that increase the likelihood of scamming innocents: the much- increased volume of credit card activity (so you are less vigilant at reviewing transactions); the overloaded shipping volumes (so you are unsurprised if a purchase is delayed); and the impact of holidays on clearing emails (so you are more likely to be opening emails on a smartphone than firewall-enabled machines).

This year was no exception, with a large range of underhanded activity and cyber attacks. The first inkling I had was when I was emailed by the chairman of one of New Zealand's largest companies saying he had files he urgently wanted me to see. Turns out he was one of thousands of gmail clients whose identity was compromised as a result of a phishing attack out of Malaysia, seeking to steal punters' bank identities over the holiday period.

The next big one was photo messaging service Snapchat, which had 4.6 million usernames and phone numbers pinched through a known weakness on its website. Not only did the hackers steal the data, they published it online, opening the door for consequent identity theft.

The biggest local cyber nasty of the holidays was the combination of spoofing and phishing that hit Telecom and its besieged Yahoo!Xtra webmail service. This was the fourth time that Telecom's webmail service had been compromised in the last year. The Internet Safety Group called a previous event the biggest attack of its type to occur in Godzone with 87,000 folks reported as having had their email accounts corrupted.

Ad Feedback

Spoofing involves forging an email address to send vexatious or malicious emails. The email looks like it's coming from someone you know and trust, but it's more likely to be some scumball in Asia or Central Europe. Phishing selects large-scale online service providers (typically banks, ISPs, marketplaces and tax departments) and sends you an email that purports to be from them.

It then connects you to a duplicate of their website which harvests your login details to steal your money or your identity.

Both are numbers games. The perpetrators harness server farms which send millions of emails a week, as the opportunity cost is virtually zero and the returns lucrative.

The question that both come down to, is how did the scammers source the Xtra email addresses in the first place? There are two main possibilities.

The first is that they were harvested through web crawlers, or using the simple formula of firstname.secondname@corporate name.co.nz. And the biggest corporate names to use are ISPs - so think Xtra, Vodaphone, Slingshot, Telstra, and the like.

The second is that the email addresses were obtained during last year's hacking of the Yahoo!Xtra platform. In other words, the scammers put the data aside until the perfect storm of the Christmas holidays was underway, and then let battle commence.

Given both the timing and the targeting of Telecom clients, I reckon it's the latter. I put the question to Telecom five days ago but they didn't reply.

If my paranoid theory is right, then there's little you can do but delete queer-looking emails, change your password and perhaps your email provider. However, there is a very simple step you can take to prevent being targeted through web harvesting, and that's to avoid having a personal email address of firstname.secondname@isp.co.nz.

In terms of bang for buck, I reckon it's the best preventative maintenance you can carry out. And hopefully, like my dear old Kombi, it might help deliver a stress-free Christmas next year.

Mike "MOD" O'Donnell is a professional director, eCommerce manager and former Netsafe board member. His Twitter handle is @modsta and he's lost more money on old cars than online scams (so far).

- The Press

Comments

Special offers
Opinion poll

How should the council plug its financial black hole?

Increase rates

Ask the Government for more money

Cut spending on roads

Cut spending on community facilities eg pools

Cut spending on capital projects eg cycleways

Sell, or partially sell, assets

All of the above

None of the above

Vote Result

Related story: Council coffers fall short for rebuild funding

Featured Promotions

Sponsored Content