They called you.

They e-mailed you.

They stole your credit card numbers.

Now high-ranking members of an alleged hacker gang are under arrest and indictment.

This and more in this week’s scam alert.

Watch here:



Gang Arrests

Let’s say you run a restaurant and you get a message like this from the FDA — your food made people sick, and they’re coming in to investigate.

You’d probably open the attachment to find out when inspectors arrive.


Fake FDA message sent by FIN7 gang members, according to FireEye. Image credit: FireEye


But that’s how a gang of Ukrainian hackers got in to more than 100 restaurants and companies, using these kinds of sneaky tactics, according to security company FireEye.

They allegedly stole 15 million credit card numbers from customers at Chipotle, Chili’s, Arby’s, Red Robin and more.

The U.S. Justice Department announced today that three high-ranking gang members are under arrest and indictment for the crimes. 

Investigators say the gang used a company called Combi Security, with addresses in Russia and Israel, as a front to recruit other gang members.

The gang — known as FIN7, Carbanak and Navigator — not only sent fake e-mails, but also called their targets to make the scam seem more real before they swiped numbers and sold them on the dark web, the DOJ said.

The alleged hackers are in custody in Seattle, Spain and Poland, with the first trial is set for October.


The gang used a company called Combi Security as a cover for their activities, according to the USDOJ. Image credit: FireEye


State of Emergency

A county in Alaska has declared a state of emergency after a “worst-of-the-worst” cyber attack on its computers.

The borough of Matanuska-Susitna near Anchorage says it will take weeks to get its systems fully back and functioning and citizens are being affected.

The borough’s director of information services, Eric Wyatt, spoke on Radio Free Palmer about what happened last week when the IT staff noticed some problems and tried to clean up the system.

“We ran that script and the virus or the infection realized we were attacking back,” Wyatt said. “It came back with a vengeance and launched another kind of attack.”

Wyatt said the borough contacted the FBI.

“What I will tell you — this is not some kid in his mother’s basement,” Wyatt explained. “It comes from somewhere, I would believe, outside of the U.S.”

“I believe its purpose is to disrupt,” he added. “And I think it’s meant to disrupt our way of life.”

The city of Valdez, Alaska, said it was hit with the same kind of attack last week and is reportedly planning to declare an emergency as well.


The Matanuska-Susitna Borough declared a state of emergency after a “worst-of-the-worst” cyber attack. Image credit: Google Maps


Fake Facebook Text

Watch out for a suspicious message coming in on your phone.

It looks like it’s from Facebook, telling you, “We removed the abusive content that was posted on your facebook account” and telling you to visit a link.

But look closer — security researcher Johannes Ullrich says it’s fake.


Scammers send out fake messages to trick you into giving away your Facebook password. Image credit: Johannes Ullrich/SANS


Click and you go to a fake Facebook login page that can steal your name and password, Ullrich said.

It will then pass you through to the real Facebook login page so you don’t know you’ve been hit.

Multi-Factor Authentication

A password is not enough anymore.

Experts say you now need multi-factor authentication to protect yourself.

That’s where you put in your password, then add another layer, like a code from your phone or a key.


An example of a multi-factor authentication key. Image credit: Yubico


Now companies say cranky employees are making it harder to use multi-factor authentication on their systems.

A new survey says two-thirds of companies are getting pushback from workers who don’t want to add the extra step, though it could make the difference between safe working and a big breach.

Virginia Tech faced similar problems when it first tried to do multi-factor authentication in 2015 after a big breach.

Students signed a petition demanding an end to it all, but did not succeed in banning the new security tool. 

Experts say multi-factor authentication is not a magic bullet, but offers extra protection.


Students protested the use of two-factor authentication at Virginia Tech after a big breach. Image credit: iPetitions


Football Spying

A battle between Florida high school football coaches got a little nastier when one team was caught doing some digital spying.

Teams use the site Hudl to upload videos of players so recruiters can take a look at high school prospects, among other things.

But the videos can also show valuable info on team practices and strategy.

The Sarasota Herald Tribune reported that Hudl found coaches from the Braden River High School football program spying on rival teams.

Hudl said the coaches in Bradenton were using a college recruiter account to watch other teams’ practice videos.


Coaches for the Braden River High School football team were found to be accessing football player videos for other schools. Image: Twitter/Braden River Football


The recruiter’s Hudl account was “eliminated.”

No word yet on any discipline for the school, but this is just one part of rival versus rival controversy that already involves illegal practices, game bans and a possible $40,000 fine, according to the Herald Tribune.


See other scam alerts:

Scam Alert #24 — Car sharing crooks & hackers in the control room

Scam Alert #23 — Hacking the military & a security bra

Scam Alert #22 — Travel bots & ship hacking

More scam alerts here at Archer News.


Main image: Christoph Scholz on Trend Hype / CC BY-SA