Tag: cyber security

AI, Cloud Talk, Programming, Security, Tech

I got scammed, here’s how.

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

point of view of road with mountains in the distance
Either see how far you’ve come or how far you have to go.
Photo by Matt Hardy, please support by following @pexel.com

Beginning to an End

It has been a rough ride trying to look for a job in Information Technology (IT). All I want is to change careers and improve my quality of living. Is that too much to ask? Pouring countless hours into Bootcamps, completing online courses, and doing code-along projects.

Fixing up my resume to suit resume screening needs. At this point, things have been pretty interesting, to say the least. After months of facing countless piles of rejection, something came through finally.

I finally got my big break, and this was going to be my meal ticket into the big wide world of IT, and with studying areas such as cloud computing, Python programming, and machine learning, it was clear I was on my way to the big leagues. Someone reached out to me and offered me an interview.

My thoughts were, I finally made it past the computer screening. Someone looked at my resume and envisioned the potential.

light at the end of the tunnel
Not all lights at the end of the tunnel are created equal.
Photo by Xi Xi, please support by following @pexel.com

Moth Set Ablaze

This company wasn’t to the likes of Microsoft, but it wasn’t too small either. I was determined to make this work, even if I stumbled, I was going to give it my all. Like Vin Diesel, I was doing this for “family”.

They gave me a bit of information about their company such as whom they were backed by and what role they are recruiting for. Day came to interview… which was an email by the way. Googled it (it’s a thing) but didn’t think too much of it.

The interviewer was late for the time we agreed to (didn’t think too much of that either), readily filling out this questionnaire. Some questions were easy, others had me trying to figure out how to word my responses.

Whatever the case may be, this was my light at the end of the tunnel, and I wasn’t going to let this slip by since I worked so hard to get here. Tried not to be too in my head. It’s not like I was sitting across from them where I could judge how the question is being asked.

Man in brown jacket sitting on couch thinking.
Despite the opposition, by determination I will make it.
Photo by Andrea Piacquadio, please support by following @pexel.com

Promise with a Dash of Doubt

After filling out the questionnaire and sending it back. I anticipated,” thank you for your interest, despite the fact we are desperately hiring, we decided to go with other candidates”.

However, to my surprise, I received an email the next afternoon congratulating me on the interview and that the board wanted to move forward with my application and grant me the position of application engineer.

I was informed to keep an eye on my email because I would be receiving an offer letter for employment from human resources (HR) to fill out to start my hiring process.  My dreams were coming true, and I could finally and wholeheartedly say I was a part of the oh-so-coveted IT world. I could see greatness on the horizon.

businessman giving a contract to someone to sign
This offer may seem good now but give it time.
Photo by Andrea Piacquaido, please support by following @pexel.com

Beware of The Hand That Feeds You

Later that night, something wasn’t sitting right. I kept reviewing the email that was sent which included that I was going to receive a check via paycheck or electronic deposit that was going to use for purchasing my soon-to-be home office equipment.

This had me promptly questioning with a; “Say what now?” But I quickly dismissed it with an “oh well, I need a job, and if this is going to be my foot in the door. I’ll take it”.

But something still didn’t sit right. I couldn’t just be given a job this quick, and it is a six-figure salary. After scanning the questionnaire several times and viewing there was a street address. I decided to go and see if my having the job was real.

I tracked all my way to this lovely building (which held Microsoft by the way), walked in, knocked on the door, and was greeted by an older fellow who had an AirPod in his ear. I explained my situation and asked if there were any hiring managers around, I could talk to, but before I could get the words out, he replied “It’s a scam, I’m sorry”. My suspicions were correct, how nice.

businessman on smartphone smiling.
When they’re trying to scam you, but they don’t know who they’re dealing with.
Photo by Andrea Piacquadio, please support by following @pexel.com

Turning Tables

Instead of feeling sorry for myself, I decided to make the best of my situation. I waited for my offer letter to be sent to me, which I received right as I was being informed this was a scam. I took to LinkedIn to see If I could connect with these people.

However, turn out to be a dead end. The names did not match the faces. I decided to have some fun to offer up some good spirit and email them a proactive email. I sent the one (the interviewer) an email telling them how happy and hopeful I was to get this position and how I couldn’t wait to start working.

That I wanted to know more about him and how well he was connected to the company and the board. Also, I needed the requisition id number since I needed a list of my duties of what was going to be expected of me. And to the other (HR) email informing them that I would not be needing money for the office equipment since I already have the items.

It has been a while now, so I presume they cut their losses.

amazed man looking at laptop screen.
This guy must know his stuff, he asked for the requisition id number.
Photo by Andrea Piacquadio, please support by following @pexel.com

Look Out!

When dealing with a situation like this there is a two-prong attack.

The Interviewer (attacker one)

-Will reach out for a role, you may or may have not applied to. This person will engage and offer an email interview or interview in some form of messaging service.

The hiring manager or human resources manager (attacker two)

-Will send the offer letter and request to purchase office equipment or mini-office equipment.

List of office or mini-office items

  • MacBook
  • Dual Monitors
  • External hard drive/backup system
  • Laptop Stand
  • A high-quality webcam
  • Comfortable desk chair
  • Hp LaserJet Pro M15w Printer
  • Computer Hardware and Software
  • High-Speed Internet Access
  • Stress Ball

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Have you ever encountered what could be a scammer?

Script a comment about how you handled the situation.

Programming, Security, Tech

Buzzing in Your Computer

Consider following on social media!

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

Tom: Hey, did either of you check out the script?
Aaron: Yeah Tom, now shut up the movie is about to start.
Photo by Pavel Danilyuk, please support by following @pexel.com

So, you’re a fan of Transformers, huh? Well, brace yourself, because this might shock you. You know how those robots can turn into cars, planes, and other stuff?

Well, guess what? Some of them can also hack into your computer or your online accounts without breaking a sweat. It’s crazy, the internet never stops being the place where people can exploit sweet childhood memories.

We’re going to look at what the attack is, who is using it, the functionality and effects upon release, and what are some ways to protect yourself from this transformer transforming your life into a nightmare.

Kim: So uh…we’re just friends huh?
Dave: *Thinking: If I pretend like I’m drinking she’ll stop asking me questions.*
Photo by Pavel Danilyuk, please support by following @pexel.com

The Attack

Have you ever experienced a transforming nightmare?  For those who may not know it’s called “malware” which means “malicious software”.  This refers to any software that is designed to harm, disrupt, or steal data from a computer or a network. You can think of this as your neighbor offering you food knowing it’s laced with naptime medicine.

The newest addition to being laced with something that stings and honey is not included is called “BumbleBee”. BumbleBee is a malware downloader written in C++ language and has a single function that handles various tasks.

This is malware that can hide in plain sight and deliver ransomware payloads to infected systems. In a nutshell, this bee sting giveth and this bee taketh your data.

Not only do I collect pollen but I can give your computer everything you never wanted, like a virus.
Photo by Egor Kamelev, please support by following @pexel.com

Who Can It Be Now

Who would set something like this up to take your data? Well, we’re happy to tell you that this didn’t come out from Beyonce’s beehive. BumbleBee has been linked to several cybercriminal groups, such as EXOTIC LILY and TrickBot.

Let us quickly go over the two. EXOTIC LILY is a financially motivated group that may have acted as initial access brokers for other malicious actors and targets a wide range of industries also involving IT.

TrickBot is a Trojan that threat actors spread via spear phishing campaigns. This is done by using tailored emails that contain malicious links. And you thought ChatGPT was only good for fixing resumes and completing essays.

Enjoy the read so far? Why don’t you consider subscribing so you can keep up to date?

Well, it’s time to mail some ransomware.
Photo by Liza Summer, please support by following @pexel.com

That Sinking Feeling

Now moving on to how something like BumbleBee works. BumbleBee is a downloader that is distributed through malspam (malware spam- spam email with malware) campaigns. Emails are sent with a malicious attachment that has an ISO extension.

When the user opens the attachment, they see a folder with two files: a DLL file and an LNK file. Both files are infected with this troublesome transformer. The LNK file is a shortcut that executes the DLL file when clicked. Trigging the BumbleBee downloader to download and run other malware on the compromised system.

What’s the other malware that could be downloaded we hear you ask. Well, this could be but is not limited to viruses, worms, trojans, spyware, adware, ransomware, and more. What problems can they cause? Don’t worry, we have you on that as well.

Malware can cause various problems, such as slowing down the system, encrypting or deleting files, displaying unwanted ads, or demanding a ransom to restore access. Malware can infect a device through various methods, such as downloading attachments, clicking on links, visiting malicious websites, or using infected USB drives.

So all in all, BumbleBee gets into your system, transforms, drops off, and rolls out. And you thought Optimus was bad.

This isn’t what we meant as far as protecting your information but it’s a start.
Photo by cottonbro studio, please support by following @pexel.com

The Prevention

So how does one protect themselves from what came from the beehive? Well, to protect your computer from malware and other threats of the like. You should follow some basic security practices.

First, avoid opening attachments and clicking on links in emails that look off or are irrelevant to you. Especially if they came from an unknown sender. Second, use only official tools to update and activate the software you use. And never download or run any cracks, keygens, or patches from unknown sources.

Third, keep your operating system and applications updated with the latest security patches and fixes. Fourth, download software and files only from official or reputable websites, and avoid using third-party downloaders.

Lastly, install a reliable antivirus program on your computer and scan your system regularly for any potential infections or vulnerabilities. Many issues will come a buzzing but if you can avoid being stung from a hit and run, then do so.

It’s a good thing I read Scriptingthewhy. I knew these bees were acting funny. IT’S TIME TO GET YA’ll IN ORDER!
Photo by Anete Lusina, please support by following @pexel.com

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, sharing this with whomever, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Do you feel like there is something I may have missed on BumbleBee? Script a comment below.

Security, Tech

Owls Up There with Fed Banking

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

To be or not to be…poor. That is the question. WAIT, WHY IS THAT EVEN A QUESTION!?
Photo by Andrea Piacquadio, please support by following @pexel.com

Let’s start this off by asking a simple question and this is something that many of you can relate to. How many of you enjoy having a bank account full of money? It’s safe to assume that almost everyone reading this script enjoys having a decent sum of money in their bank account.

I know that there may have been a very, very, very small few that might have said, “Money isn’t real, the real value of you isn’t in the form of numbers.” To them, I ask, if that is true then why is it that every time I get a bill, I spiral into a panic attack? Explain that one, however, you’re not wrong, that’s not the point being made here, so hush.

Suppose like in many situations, you check your account before going to sleep to confirm you have a decent amount, but when waking up you get an alert sounding like the accountant bit from South Park talking about your bank account, “Annnd, it’s gone. Your money, it’s all gone.” Let me script for you how this may have happened.

Dear sweet Satan’s cornhole…Z-Daddy was right. My accounts are at zero.
Photo by Andrea Piacquadio, please support by following @pexel.com

Halloween Gone Mobile

So, the numbers in your bank account are gone with the wind and you’re probably wondering how you got to this junction. Well, let me inform you that you may have been infected with a virus called SOVA.

SOVA is a virus designed for mobile phones, as you can predict this is mainly for Android phones, but iPhone users don’t think you’re safe. Your sweet saucy phone jack is just not on the menu for now.

SOVA, in case you were wondering means owl in Russian, the name was given because owls are nocturnal birds of prey, they’re silent, and like a slow jam from the 80s, they stalk and capture their prey. As you could have already guessed, this is Michael Myers of the animal kingdom, and it very well could be on your mobile device.

I don’t stalk my prey; they just don’t see me coming. Stop making a big woot…oh I saw what you did there.
Photo by Pixabay, please support by following @pexel.com

Night-time Owls, Day-time Collection

Outside of SOVA being given a cute name by the threat actor, the first version made its first appearance on the underground markets back in September of 2021. For those who don’t know what the underground markets are, they’re the “dark web” or may also be called the “dark net”. And before you ask, no, there is not an underground store in either of those areas.

SOVA was shown that it not only had the ability to collect usernames, passwords, and other information, but it also has an interesting function that will be brought up later. Trust me, you’re not going to like this. If you suffer from having trust issues with people, you’re really going to have it with your phone after reading this script.

No, no, no, annnnnnd now it’s gone. All of my money, it’s all gone.
Photo by Karolina Grabowska, please support by following @pexel.com

Intruder at Hand

Right now, you’re probably looking at your phone and thinking “I don’t trust you.” And you would be right since your phone is the main attack vector for this malware/virus/trojan. That’s right, viruses have pronouns too.

SOVA is distributed by a smishing attack, which is another form of phishing where the attacker is trying to bait you into clicking on a link for further malicious intent via text messaging.

Once the fake application is installed on the phone, it then sends the list of all applications installed on your device back to the command-and-control server (C2C), this is done with the intent for the attacker to then choose which app to target.

The attacker fires back the malware that can perform collecting keystrokes, steal cookies, intercept multi-factor authentication tokens, copy and paste, and add fake overlays for a range of apps.

But are you ready to have some major trust issues? This malware can perform actions like clicking, swiping, and pretty much interacting the same way as if you were using it. This is all done via the accessibility service, guessing this is the last time you’ll trust a handicap sign.

All of our accounts are wiped clean, if only we kept reading Scriptingthewhy.
Photo by energepic.com, please support by following @pexel.com

Panic, Pause, and Simple Steps

While this seems like the sky is falling and you’re never going to dance again because empty words have no rhythm. Though it’s easy to pretend, knowing this information will not make you a fool. Always be very careful when you download from a friend as this could be potential harm that you have been given.

A few other ways of preventing from downloading such malware are to make sure you check all of the details of the application such as reviews and how often the application is downloaded. Make sure you download from only trusted sources like the manufacturer’s store or from the app store.

Other practices are making sure your OS (Operating System), applications, and anti-virus software are up to date. Most of the ways to keep your devices and information safe are to follow simple best practices but most of the time the combination of “It’s our app and we want it now” and reading takes too much effort that exposes us to possible threats.

This is my third time this month getting a spa treatment, and it’s all thanks to those cursed scripts. Bless you Z-Daddy.
Photo by John Tekeridis, please support by following @pexel.com

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Do you feel like I may have missed something about SOVA? Script a comment below.