Scam Alert #22 — Travel Bots & Ship Hacking

You’re not the only one trying to make reservations on that hotel, airline or cruise site.

Millions of bots are fighting for your spot.

See why in this week’s scam alert — plus ship hacking and how to stay safe at the gas pump. 

Watch here:

 

 

Bot Attacks

Saving up airline miles?

Bots are working hard to get into your account and steal your points, your password and your credit card number.

Security company Akamai says bots tried to break into travel accounts 3.9 billion times between November and April.

Crooks made up almost 5 out of every 6 travel site logins, Akamai said.

It’s not just airlines — they go for hotel, cruise and rental car sites, too.

The company says crime gangs like travel sites because stolen points can be hard to track.

 

Criminal gangs may focus on stealing airline miles because they can be hard to track, according to Akamai. Image credit: Stela/Di

 

It’s a good reminder for you to check your travel accounts every so often to make sure no one has broken in.

A 2017 study by Bond Brand Loyalty showed people are sitting on $100 million worth of unused loyalty points.

Ship Hacking

In the old days, pirates came aboard and commandeered your vessel.

Now hackers can take over ships from afar and steer them off course.

Researcher Ken Munro showed how in a post this week.

He says ship operators need to keep their operations technology separate from other technology, encrypt or scramble their communications and change the passwords that come on their devices, among other safe practices.

 

Ken Munro at Pen Test Partners demonstrates how ships can be hacked. Credit: Pen Test Partners

 

Gas Pump Safety

A security expert is warning people to watch out for people who put skimmers on the gas pumps.

Police in San Antonio, Texas, say it’s become a big problem, according to Brian Krebs of KrebsOnSecurity.

They’ve found more than 100 skimmers on gas pumps so far in 2018.

 

Police found a skimmer on a pump at this San Antonio gas station, according to MySanAntonio.com. Image credit: Google Maps

 

 Krebs says bad guys are installing the skimmers on older pumps.

The newer ones may be more secure.

He recommends you don’t use your debit card at the pump because crooks can drain your account — use a credit card instead.

 

 

Krebs says thieves put skimmers on older pumps, like the one above, as opposed to newer pumps, like the one below. Images credit: KrebsOnSecurity

 

Darknet Bust

The Bonnie and Clyde of the dark web — or at least one of them — is under arrest.

The Department of Justice says “BonnienClyde,” who also goes by “BCPHARMA,” is one of the 35 drug sellers and associates taken into custody in a big operation against drugs on the darknet

Nicholas J. Powell of Parma, Ohio was charged with conspiracy to distribute controlled substances and laundering money using the dark web, one the many arrests from Vermont to California.

Investigators say the suspects used darknet sites like Silk Road 2, AlphaBay, and HANSA to sell illegal drugs.  

In a first-of-its-kind investigation, agents went undercover as money launderers, pretending to help darknet criminals trade Bitcoin and other digital currency for real cash.

The Department of Justice says the feds seized drugs like Oxycodone, fentanyl, Xanax, cocaine, LSD, as well as assault rifles, a grenade launcher, gold bars and more than twenty million dollars.

 

Law enforcement seized the dark web site Hansa last year. Image credit: Europol

 

Safer Wi-Fi

Using the Wi-Fi at your favorite coffee shop? 

Chances are it’s a security mess, leaving you wide open for attacks.

But soon you’ll get more security for your Wi-Fi at home, at work and in public places.

Security experts have come up with a new protocol called WPA3, which will replace the current WPA2.

The new protocol will make it harder for attackers to guess your password and steal your info.

However, you’ll have to wait a bit before you get it.

Router makers have to implement the new protocol first.

That could take months.

Then, you’ll need to check your router for firmware updates.

 

An example of a router. Image credit: Janbarkmann

 

It’s not always easy to update your router.

“Your router is the most important part of your home internet setup,” writes Marshall Honoroff in Tom’s Guide.com. “It’s also probably the most vulnerable.”

“Updating your router’s firmware is a pain, but you’ve got to do it,” he adds.

Tom’s Guide provides info on how to update various brands of routers.

Here’s example of how you can update your D-Link router, according to Tom’s Guide:

 

—First, ensure that you’re on the same network as your router. 

—Then, visit either “dlinkrouter.local” or “192.168.0.1” in a web browser. 

—Enter your password (if you never set one up, just leave the field blank) and log in.

—Once you’re in the interface, click on Management, then Upgrade. 

—Click the “Check for new firmware” button, and the router will handle the rest.

 

Smart Home Abuse

A smart house may seem convenient, but for some people it becomes a trap.

Domestic violence victims report their abusers are using smart home technology to torture them, according to the New York Times.

They turn lights on and off, watch on cameras, change thermostats and the codes on smart locks.

Victims say they have trouble convincing police that they’re not crazy, that these things are really happening.

Smart device makers say you can reset the devices and change your Wi-Fi password.

Domestic violence advocates say you can ask the judge to include smart devices in a restraining order.

 

An example of a smart lock. Image credit: Xiaomi Global Community

 

RoboCup

While the world’s top soccer players fight it out in the World Cup in Russia, robot soccer players battled for victory in Montreal, Canada.

The RoboCup Federation encourages teams to create smart robots for homes, officers, factories and rescue work, as well as on the athletic field.

 

Robots soccer players vs. robot soccer players in the RoboCup 2018. Credit: HTWK Robots

 

Once the game starts, humans do not control the robots — they decide for themselves what to do next.

The goal is to have robot players play against human players — and win — by the year 2050.

 

See other scam alerts:

Scam Alert #21 — Lockdown app & Bitcoin Baron

Scam Alert #20 — New baby cam warning & toy dangers

Scam Alert #19 — Chasing your ambulance & World Cup scams

See more Scam Alerts here at Archer News.