Tag Archives: Cyber threats

Is WEF Planning Cyber Attack To Disrupt 2024 Election?!

Is the WEF planning to launch a ‘false flag’ cyber attack to disrupt the 2024 US Presidential election?! Take a look at the viral claim, and find out what the facts really are!

 

Claim : WEF Plans Cyber Attack To Disrupt 2024 Election!

People are sharing an article (archive) by The People’s Voice (formerly NewsPunch), which claimed or suggested that the World Economic Forum (WEF) is planning to launch a ‘false flag’ cyber attack to disrupt the 2024 US Presidential election!

WEF Insider: Imminent ‘False Flag’ Cyber Attack Will Disrupt 2024 Election

Recommended : WEF ordered electors to not certify Trump’s 2024 election win?!

 

No Evidence WEF Plans Cyber Attack To Disrupt 2024 Election!

This is yet another example of fake news created / promoted by The People’s Voice, and here are the reasons why…

Fact #1 : No Evidence WEF Plans Cyber Attack To Disrupt 2024 Election!

Let me start by pointing out that there is no evidence of the World Economic Forum (WEF) plans to launch a cyber attack to disrupt the 2024 President election.

If a WEF insider did indeed reveal such a plan, it would have gone viral, and it would have been condemned by everyone from the left to the right. The FBI and US Department of Homeland Security would also have launched criminal investigations.

Yet, there was no such report by the mainstream media, and no social media outrage. Heck, even right-wing American websites did not so much as squeak about a juicy WEF plot to launch a cyber attack against the United States???

That’s because that never happened. The People’s Voice article, unsurprisingly, offered no evidence to back up its “fact checked” claim.

Fact #2 : Voters Don’t Use Ballot Tabulators

The People’s Voice article claimed that South Carolina primary voters were “reportedly unable to vote due to ballot tabulators being unable to connect to the internet [sic]”.

Well, I could find no report of South Carolina primary voters not being able to vote because ballot tabulators were unable to connect to the Internet. That’s probably because no voter ever uses ballot tabulators to cast their vote.

Ballot tabulators are machines used to scan and count ballots, and are never used by voters to cast their votes! So how would any ballot tabulator failure prevent voters from casting their votes?

Unsurprisingly, The People’s Voice article offered no evidence of such ballot tabulator failure, or that South Carolina voters were prevented from voting in its 2024 Presidential primary elections.

Recommended : Biden hired Bill Gates to flood Internet with AI censorship bots?!

Fact #3 : South Carolina Voting System Isn’t Connected To Internet

According to the South Carolina Election Commission, the South Carolina voting system is never connected to the Internet.

In fact, the ballot marking devices (BMD), ballot scanners, and computers used to tabulate the votes, are not even capable of being connected to the Internet!

Is the voting system connected to the Internet?

No, the voting system is never connected to the internet. Computers used to tabulate votes, BMDs, and ballot scanners used in South Carolina are not even capable of being connected to the Internet.

Needless to say, The People’s Voice article provided no evidence that ballot tabulators used in South Carolina were even capable of being connected to the Internet, never mind requiring it to work!

Fact #4 : WEF Screenshot Is Fake

The cover image used by The People’s Voice article and video has a screenshot which purportedly shows the World Economic Forum (WEF) posting on X (formerly Twitter) that:

The coming cyber attack will allow a New World Order to emerge.

That is most definitely a fake screenshot, because there is no such post on X by the World Economic Forum. And it’s a really silly creation too – why would the WEF reveal its nefarious cyber attack plan publicly?

Yet again, The People’s Voice article provided no evidence that such a post ever existed! In fact, it would not need some “WEF insider” to spill the beans when the WEF itself already publicly revealed its cyber attack plan!

Recommended : Did EU Legalise Child Porn As WEF Pedophilia Agenda?!

Fact #5 : The People’s Voice Is Known For Fake News

The People’s Voice is the current name for NewsPunch, which possibly changed its name because its brand has been so thoroughly discredited after posting numerous shocking but fake stories.

Founded as Your News Wire in 2014, it was rebranded as NewsPunch in November 2018, before becoming The People’s Voice. A 2017 BuzzFeed report identified NewsPunch as the second-largest source of popular fake news on Facebook that year.

Its articles have been regularly debunked as fake news, so you should never share anything from NewsPunch / The People’s Voice.  Here are some of its fake stories that I fact checked earlier:

Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | PoliticsTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Will Microsoft Disable Your Computer If You Share Fake News?!

Is Microsoft planning to disable your computer if you post or share fake news / misinformation?!

Take a look at the viral claim, and find out what the facts really are!

 

Claim : Microsoft To Disable Your Computer If You Share Fake News!

People are sharing an article (archive) by The People’s Voice (formerly NewsPunch), which claims that Microsoft is planning to disable your computer if you post or share fake news / misinformation!

Microsoft To Disable Computers of Users Who Share ‘Non-Mainstream Content’ Online

Recommended : Is Interpol Investigating Bill Gates For Murder?!

 

Truth : Microsoft Won’t Disable Your Computer If You Share Fake News!

This is yet another example of FAKE NEWS created / promoted by The People’s Voice, and here are the reasons why…

Fact #1 : Microsoft Did Not Announce Plans To Disable Computers

Let me start by pointing out that Microsoft did not announce any plans to disable computers of people who share “non-mainstream” content online, in an attempt to combat “misinformation” in the run-up to the 2024 US Presidential election.

If Microsoft actually announced such plans, it would have been major news covered by news outlets all over the world. It would also have gone viral on social media, with conservative and right-wing personalities criticising those plans.

Microsoft certainly made no such announcement, and The People’s Voice offered no evidence to back up its “fact checked” claim.

Fact #2 : Satya Nadella Is Microsoft CEO, Not Bill Gates

Interestingly, The People’s Voice article used a photo of Bill Gates, even though he handed over day-to-day operations at Microsoft more than 15 years ago. He also stepped down as Microsoft Chairman, when Satya Nadella was appointed as CEO in February 2014.

If Microsoft does indeed plan to disable computers to fight fake news, that decision would have to be approved by its CEO and Chairman, Satya Nadella. Not its former founder, Bill Gates.

How is Bill Gates involved in this “story”? Nothing in the article even remotely suggests that Bill Gates is, in any way, involved in Microsoft affairs, or the non-existent plan to disable computers of people who share fake news / misinformation.

Recommended : Is Bill Gates Planning To Kill Billions Using Turbo AIDS?!

Fact #3 : Satya Nadella Never Said Anything About Disabling Computers

The People’s Voice article used a video of Lester Holt from NBC News interviewing Satya Nadella as evidence that Microsoft plans to disable computers of people who share misinformation. However, that’s completely nonsensical.

The NBC News video only shows Satya Nadella saying that the tech industry is using technological solutions like watermarking [AI created content], detecting deep fakes, and implementing content IDs, to fight disinformation and misinformation.

This is not the first election where we dealt with disinformation or propaganda campaigns by adversaries and election interference.

We’re doing all the work across the tech industry around watermarking, detecting deep fakes and content IDs. There is going to be enough and more technology quite frankly in order to be able to identify the issues around disinformation and misinformation.

Fact #4 : Microsoft Can’t “Magically” Disable Computers Remotely

Even if Microsoft is so inclined, disabling a computer remotely isn’t like waving a magic wand, or chanting “Abracadabra”!

With the possible exception of specifically hacking into your computer to gain access, or tricking you into installing malware, it is not possible for Microsoft to remotely disable your computer simply because you shared fake news or misinformation.

The People’s Voice article certainly offered no explanation of how Microsoft might conceivably disable your computer remotely… like magic!

Recommended : Is Bill Gates Facing Life Behind Bars For Child Rape?!

Fact #5 : The People’s Voice Is Known For Publishing Fake News

The People’s Voice is the current name for NewsPunch, which possibly changed its name because its brand has been so thoroughly discredited after posting numerous shocking but fake stories.

Founded as Your News Wire in 2014, it was rebranded as NewsPunch in November 2018, before becoming The People’s Voice. A 2017 BuzzFeed report identified NewsPunch as the second-largest source of popular fake news on Facebook that year.

Its articles have been regularly debunked as fake news, so you should never share anything from NewsPunch / The People’s Voice.  Here are some of its fake stories that I fact checked earlier:

Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | CybersecurityTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

STR 2024 Scam Alert : Can You Get RM1,000 Per Month?!

Watch out for the STR (Sumbangan Tunai Rahmah) 2024 scam, and find out why you really cannot get RM1,000 per month!

 

STR 2024 Scam : Get RM1,000 Per Month For Free!

Many people are getting messages about getting RM1,000 in free cash through the STR (Sumbangan Tunai Rahmah) scheme on WhatsApp and Telegram, from their family members and friends:

TERKINI: Permohonan untuk bantuan MySTR 2024 RM1000 sebulan
.
📒 Borang Permohonan (Online dan Manual)
📒 Kemaskini Maklumat kerajaan
.
Memohon secara online👇👇
https://xxxx-xxxx-xx-xxx-tunai2024.com/39/kerajaan

Recommended : Bantuan Rakyat Malaysia Scam Alert!

 

STR 2024 Scam : Don’t Fall For The RM1,000 Offer!

This is yet another scam circulating on WhatsApp and Telegram, and here are reasons why…

Fact #1 : STR 2024 Is Only Given Quarterly

First, let me just point out that the 2024 STR (Sumbangan Tunai Rahmah) program is genuine. However, it is restricted to the hardcore poor, and is paid out quarterly.

STR 2024 Application Period Payment Date
Phase 1 1 to 30 Nov 2023 29 January 2024
Phase 2 1 Dec 2023 to 29 Feb 2024 April 2024
Phase 3 1 March to 30 June 2024 August 2024
Phase 4 1 July to 30 Sept. 2024 November 2024

In short – you won’t get the money on a monthly basis, as the scam websites are claiming.

Fact #2 : STR 2024 Scam Targets Your Data + Telegram Account

The real STR (Sumbangan Tunai Rahmah) website will only ask you for your MyKad or user ID to check your STR 2024 status.

The scam websites, on the other hand, will ask you to submit your full name, and your mobile number.

They will send an OTP to your Telegram account, and ask you to key in the OTP to their website. This will allow them to hijack and take over your Telegram account.

To protect your Telegram account from such hijacking, please make sure you turn on Two-Step Verification!

Even if you don’t have a Telegram account, the scammers now have access to your full name and mobile number, which they can use in future scam attacks.

Recommended : PDRM Warning : Watch Out For MyBayar Scam!

Fact #3 : List Of Successful Applicants Is Fake

To convince you that their offer is genuine, the scam websites often show a scrolling list of successful applicants – each one receiving RM1,000. That’s a fake list.

If you check the source code, you can see that the scammer merely created a manual list of fake names. Here is a small segment with the fake details highlighted in bold, to show you what I mean:

<!— record berjaya box —>
<div class=”_record-box”>
<div id=”list” class=”list-box”>
<div class=”list” style=”margin-top: -3.1345px;”>
</div>
<div class=”center”>
<div class=”h1″><span class=”name”>Kaamil bin Haarith</span></div>
<div class=”h2″>Berjaya RM 1.000,00</div>
</div>
</div>
<div class=”item”>
<div class=”record_logo”>
<img src=”assets/masterweb/avatar.png” alt=””>
</div>
<div class=”center”>
<div class=”h1″><span class=”name”>Fat’hi bin Jaasir</span></div>
<div class=”h2″>Berjaya RM 1.000,00</div>
</div>
</div>
<div class=”item”>
<div class=”record_logo”>
<img src=”assets/masterweb/avatar.png” alt=””>
</div>
<div class=”center”>
<div class=”h1″><span class=”name”>Ibrahim bin Khaalid</span></div>
<div class=”h2″>Berjaya RM 1.000,00</div>
</div>
</div>

Fact #4 : STR 2024 Does Not Give RM1,000 Per Month

To help the hardcore poor handle the high inflation in 2024, the Malaysia Ministry of Finance announced an increase in the amount of STR cash aid.

However, even with the increased STR 2024 cash aid, you won’t receive RM1,000 per month. That’s just insane. Here is what the government is giving for STR 2024, in quarterly payments:

Qualifying
Categories
STR 2024 Cash Aid
Household Income
≤ RM2,500
No Children : RM1,000
1-2 Children : RM1,500
3-4 Children : RM2,000
≥5 Children : RM2,500
Household Income
RM2,500 – RM5,000
No Children : RM500
1-2 Children : RM750
3-4 Children : RM1,000
≥5 Children : RM1,250
Senior (Single)
≤ RM5,000
RM600
Single
≤ RM2,500
RM350

Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | CybersecurityTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

How Antivaxxers Create Fake News Using VAERS!

Like the British Yellow Card system, VAERS has long been used by antivaxxers to create fake news about vaccines.

Find out why VAERS is so important to doctors, and yet so easily abused by antivaxxers!

Updated @ 2024-01-07 : Refreshed article for new slew of VAERS-based “reports”
Originally posted @ 2021-09-03

 

VAERS : What Is It?

VAERS is an acronym for the Vaccine Adverse Event Reporting System used by the US government.

Like the British Yellow Card system, it is a passive reporting system that relies on individuals to submit reports of their adverse reactions to vaccines.

This open design used by both VAERS and Yellow Card lets scientists catch very rare adverse effects that even large clinical trials may not catch.

For example, anaphylactic reactions to the Pfizer and Moderna vaccines are so rare, they didn’t show up in their large Phase 3 clinical trials at all. They were only identified through VAERS after mass vaccinations started.

Recommended : Did Hackers Release Pfizer + Moderna Vaccine Death Data?!

 

Here’s How Antivaxxers Create Fake News Using VAERS!

Both the American VAERS and the British Yellow Card system suffer from the same problem – their open catch-all design lets ANYONE file a report.

Not just parents and patients, but also any Tom, Dick or Harry with nothing better to do. And you don’t even have to ever been to the United States to file a report!

This allows antivaxxers to abuse both the VAERS and Yellow Card systems to create fake news about vaccines.

Back in 2004, James Laidler famously filed an adverse reaction report into VAERS, claiming that his annual influenza vaccine turned him into the Incredible Hulk!

Incredibly, the CDC had to ask for his permission to remove the fake report. Otherwise, it would remain in the database forever!

Recommended : Were COVID-19 Vaccines Recalled After 40K Deaths?!

More recently, anti-vaccination websites have been using VAERS and Yellow Card reports to fabricate fake news that vaccines are killing people.

The CDC is well-aware of this problem, which is why they explicitly pointed out to everyone that :

  • Reports may include incomplete, inaccurate, coincidental and unverified information.
  • The number of reports alone cannot be interpreted or used to reach conclusions about the existence, severity, frequency, or rates of problems associated with vaccines.

So the next time you read an article claiming that VAERS or the Yellow Card system are reporting injuries and deaths from this or that vaccine, take them with a BIG, BIG PINCH of salt. None of those reports are verified.

 

VAERS : Anyone Can File A Fake Report!

To demonstrate this point, here is a fake report I attempted to file into VAERS, with the following information :

First Name : Donkey
Last Name : Kong
Street Address : Rolling Barrel Avenue
City : Jungle
County : Donkey
Date Of Birth : 1 January 1908
Age : 113 Years Old
Race : 1% white, 2% black, 3% Asian, 4% Latin, 90% alien

Date of Vaccination : 31 May 2021, 1:00 AM
Date of Adverse Event : 31 May 2021, 1:01 AM
Facility / Clinic Name : Jungle Clinic
Facility / Clinic Address : Jungle Clearing, Jungle

Recommended : Did Bill Gates Call For COVID-19 Vaccine Withdrawal?!

Vaccine : COVID19 (Pfizer-BioNTech)
Lot Number : 1110654
Dose Number : 6 (it actually only has 2 doses)

Description of Adverse Event(s)

I asked to be jabbed in my left arm, the doctor insisted right arm is better because right is right, no?

After the jab, I went back and on the way back, two young punks pulled up in their fancy Mercedes at the traffic light.

I challenged them to a race in my Mustang, and midway, they clipped me and sent me flying through the walls of the Grand National Bank.

As a result, I suffered two broken legs and my right arm was ripped off.

I’m absolutely confident that my driving skills were impaired by the vaccine, and it also made my right arm easy to tear off.

Recommended : COVID vaccines have 1000X death rate than safe limit?!

Medical tests and lab results

The doctors at AdventHealth Orlando have all my medical reports and my right arm.

Days hospitalised : 300
Life threatening illness : Yes
Disability or permanent damage : Yes
Congenital anomaly or birth defect : Yes

Other Vaccine : Bullshit Vaccine
Manufacturer : Google
Adverse Event From That Vaccine : My penis fell off after getting the MMR vaccine

I did not hit Submit though, because I did not want to add another fake adverse event to the holster of anti-vaccination advocates.

But take a look at the screenshots, and see just how easy it is for anyone to make a fake VAERS report. There is no need to verify any personal details, and you can do this from anywhere in the world!

Recommended : Are Residual DNA In mRNA Vaccines Dangerous?!

But as you can now see – it is very easy to abuse VAERS. With enough time and persistence, you can file all kinds of fake reports on VAERS, and use those reports to push your narrative.

That’s why responsible people do not use unverified VAERS reports. You should always be wary of anyone who makes a claim based on VAERS reports.

Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!

Don’t forget to protect yourself, and your family, by vaccinating against COVID-19!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Health | Fact Check | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Can You Get Free Cash Via MyKasih App?!

Is the MyKasih Foundation giving out RM1000 or RM1200 cash aid via its mobile app?!

Take a look at the viral claim, and find out what the facts really are!

 

Claim : Get Free Cash Via MyKasih App!

Many people are getting messages about getting free cash through the MyKasih Foundation on WhatsApp and Telegram, from their family members and friends:

Terkini: Bantuan Percuma RM1000 Ke Dalam MyKad : Rujuk Cara Semakan & Syarat Kelayakan

Latest: Free RM1000 Assistance Into MyKad : How To Check & Eligibility Conditions

Jom claim RM1200

MyKasih Foundation : Cek MyKad Boleh Dapat Wang RM1000 Secara Percuma

MyKasih Foundation : Check MyKad To Get Free RM1000

Bantuan Tambahan STR 2023 MySARA RM800: Semakan Status & Tarikh Bayaran

Additional STR 2023 MySARA Assistance RM800: Check Status & Payment Date

Recommended : WhatsApp Block Button Scam : What You Need To Know!

 

Truth : MyKasih Free Cash App Is A Scam!

This is yet another example of SCAMS circulating on WhatsApp and Telegram, and here are reasons why…

Fact #1 : MyKasih Free Cash Initiative Is A Scam!

First, let me just point out that these messages on WhatsApp and Telegram, as well as the websites promoting the MyKasih free cash initiative is a scam!

The Malaysian government have already labelled these free cash offers as FAKE NEWS on Facebook and Twitter. Here is a non-exhaustive list of links that have been identified as scam links:

my.mykasihh.online

l.my-kasihapp.com

apps-mykasih.co/twe

There’s no need to memorise these links. These scammers will keep changing them.

Just know that the official MyKasih website is www.mykasih.com.my. Do NOT go to any other website when it comes to the MyKasih Foundation website.

Fact #2 : Those Accounts Were Hijacked

Those viral messages are actually coming from WhatsApp and Telegram accounts that have been hijacked by scammers. That’s why they are so convincing.

Those are really the actual WhatsApp and Telegram accounts of your family members or friends. But they have been taken over by scammers using tricks like the screenshot hack.

Take this opportunity to tighten the security of your own Telegram and WhatsApp accounts, by turning on two-step verification!

Recommended : Can StopNCII Remove All Nude / Deep Fake Photos?!

Fact #3 : SARA Cash Aid Is Only RM600

As part of its initiative to help the hardcore poor handle the high inflation this year, the Malaysia Ministry of Finance announced SARA (Sumbangan Asas Rahmah).

However, the SARA cash aid is only RM600, and limited to the hardcore poor. There is no way for anyone to get RM800, RM1000 or RM1,200 in SARA cash aid from the government.

RM100 x 6 months is credited directly into the MyKad of eligible hardcore poor, allowing them to purchase a limited list of essential goods from grocery stores and supermarkets across Malaysia, from July to December 2023.

In Sabah and Sarawak, the RM600 is credited directly into the bank account, or provided as cash through Bank Simpanan Nasional branches.

Fact #4 : SARA Recipients Are Automatically Selected

There is no need to apply for SARA cash aid. For one thing – it only applies to the hardcore poor. If you are reading this on a computer or a smartphone, you very likely do not qualify as “hardcore poor”.

SARA recipients are automatically determined using the existing eKasih Hardcore Poor data, and includes those who had earlier qualified for the STR 2023 cash aid.

Fact #5 : Real Website Asks Only For Your MyKad

Qualification for the SARA cash aid of RM600 is based entirely on your MyKad number.

On the official Sumbangan Asas Rahmah (SARA) website, you can check for your eligibility using your MyKad number only.

The fake websites look just like the real SARA website, but instead of asking for your MyKad number, they will ask you for your mobile number and ask you to submit a TAC number.

Needless to say – these are scam websites. You should NEVER submit your phone number or any TAC codes.

Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | CybersecurityTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Is It Dangerous To Exit WhatsApp Exit Scam Groups?!

Is it dangerous to exit WhatsApp scam groups? Or quitting such scam groups on WhatsApp cause your phone to be hacked?!

Take a look at the viral claim, and find out what the facts really are!

 

Claim : It Is Dangerous To Exit WhatsApp Scam Groups!

People are sharing this warning about quitting WhatsApp scam groups using the Exit Group link option! Take a look!

Here’s another Scam chat group. DO NOT CLICK ON ITS EXIT GROUP BUTTON to exit, instead go to your top right 3dots and click on exit group or report.

Clicking on the group’s exit button might have dire consequences..

Recommended : WhatsApp Block Button Scam : What You Need To Know!

 

Truth : It’s Not Dangerous To Exit WhatsApp Scam Groups!

This viral warning was likely created by well-meaning but clueless Internet “experts” who are apparently not tech-savvy enough to understand what’s going on.

Fact #1 : No Evidence Of WhatsApp Exit Group Hacking

First, let me just point out that there is no evidence that anyone was ever hacked after using the Exit Group link to get out of any WhatsApp group, whether they are scam groups or otherwise.

Even if an enterprising hacker / scammer was able to create a message with a fake Exit Group button that downloads an APK (Android Package Kit) file, it won’t automatically install that file. You will need to manually install the APK file from the Downloads folder.

Those who know how to do that would be tech-savvy enough to avoid installing APK files from unknown sources. Those who don’t know how to do that would not be able to install the downloaded APK file.

Fact #2 : WhatsApp Exit Group Option Is Genuine

The truth is – the Exit Group link that you may see in new messages from strangers is not a scam or a trick. It also does not download or install any APK file.

The Exit Group link is actually a safety feature in WhatsApp, that appears if you have been added to a WhatsApp group by someone who is not in your contact list – like a scammer, for example.

Once you open the new group you have been added to, WhatsApp warns you that you were added by someone who isn’t a contact. You are then given the option to exit the group, or click OK to continue.

There is really nothing malicious about this Exit group link in WhatsApp. Clicking on it to exit any WhatsApp group won’t harm you in any way, or cause your phone to be hacked.

Recommended : Can Israel Seismic Wave Card Hack Your Phone?!

Fact #3 : Older Exit Group Methods Still Work

The WhatsApp Exit group link offers an easy way to quickly remove yourself from a group you don’t want to be in. However, the older exit group methods still work, in case you prefer to use them:

Exit Group Only

  1. Go into the group chat you wish to leave.
  2. Tap on the kebab menu / vertical ellipsis (⋮) icon on the upper right corner.
  3. Select MoreExit group.

An even better option is to actually report the scam group, while quitting it and removing the chat at the same time.

Report + Exit Group Only

  1. Go into the group chat you wish to leave.
  2. Tap on the kebab menu / vertical ellipsis (⋮) icon on the upper right corner.
  3. Select More > Report
  4. Make sure the Exit group and delete chat option is checked.
  5. Tap Report to report and quit from the group, and delete the chat.

Fact #4 : WhatsApp + Telegram Scam Groups Are Real

Before I leave, I just want to remind all of you that there are many scam groups on WhatsApp and Telegram.

If you are added to any of these scam groups, just exit them without a thought. Do not read anything posted in these scam groups, lest you fall for the scam!

That’s why scammers often try to convince you to check out the group first, and “don’t rush to leave the group”:

Hello everyone! Please don’t rush to leave the group, thank you all for taking the time to read this message!

Ignore whatever they post in those scam groups. Hit the Exit group link, or better still – REPORT the group to WhatsApp / Telegram!

Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | CybersecurityTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

WithSecure Signs Partnership Agreement With LGMS!

Finland’s WithSecure Corporation just signed a partnership agreement with LGMS Berhad to develop cybersecurity solutions for the SME market in Malaysia!

 

WithSecure Signs Partnership Agreement With LGMS

On Wednesday, 1 November 2023, Finland’s WithSecure Corporation (formerly known as F-Secure Business) signed a partnership agreement with LGMS Berhad (LGMS) to develop cybersecurity solutions for the SME market in Malaysia!

The partnership agreement was signed by LGMS Executive Chairman Fong Choong Fook and WithSecure Corporation CEO Juhani Hintikka, who flew in from Finland to emphasise its importance while demonstrating support for the progress of Malaysia’s Digital Economy.

The signing was witnessed by Malaysia Deputy Communications and Digital Minister Teo Nie Ching, together with His Excellency Sami Leino, Ambassador of Finland to Malaysia and Brunei.

Recommended : WithSecure Takes Offensive Security Approach To Cloud Threats!

The Deputy Minister said that the partnership was ‘timely’, and represents a ‘significant leap’ towards a secured Digital Economy, and more so ahead of the National Cybersecurity Bill the Unity Government is set to unveil in early-2024.

This partnership is also aligned with the government’s ‘Ekonomi Madani’ vision of attracting significant foreign direct investments and generating avenues for technological advancements and innovations.

It serves to demonstrate how collaborative efforts can facilitate a robust, secure and prosperous digital ecosystem, thereby solidifying Malaysia’s position as a preferred destination for global tech investments.

The partnership agreement today between LGMS and WithSecure embodies a philosophy of attracting significant foreign direct investments and generating avenues for technological advancements and innovations.

It serves to demonstrate how collaborative efforts can facilitate a robust, secure and prosperous digital ecosystem, thereby solidifying Malaysia’s position as a preferred destination for global tech investments.

– Malaysia Deputy Communications and Digital Minister Teo Nie Ching

WithSecure CEO Juhani Hintikka expressed his ‘deepest appreciation’ to the Deputy Minister for endorsing this partnership, stating, “Your presence significantly amplifies the resonance of this initiative, showcasing a unified front in our endeavour to foster a secure and prosperous Digital Economy for Malaysia and also the region.

Recommended : How WithSecure Offensive Security Drives Business Resilience!

 

WithSecure – LGMS Partnership Agreement Details

WithSecure is today a leading international cybersecurity group which had also invested significantly in Malaysia and in nurturing local talent. Besides its headquarters in Helsinki, Finland, WithSecure houses its intelligence, customer support, business operations and shared services in Kuala Lumpur for its Asia-Pacific operations.

LGMS Berhad, meanwhile, has been recognised as Cybersecurity Malaysia’s ‘Company of the Year’ with Fong himself being acknowledged as ‘Cybersecurity Professional of the Year’.

Fong said that, within today’s Digital Economy, cyberthreats and ransomware attacks have become more sophisticated and rampant and potential damages to SMEs, who often lack the necessary IT expertise and resources, can be catastrophic.

Most SMEs today are just one cyber attack away from a devastating setback or even closure. Recognising that most SMEs might not possess advanced IT know-how, our collaboration with WithSecure aims to deliver cybersecurity solutions that are not only robust but also intuitive and user-friendly.

The purpose is to empower our SME community to navigate the digital landscape confidently and securely.

– LGMS Executive Chairman Fong Choong Fook

This localised cybersecurity approach underscores WithSecure’s understanding of the region’s unique digital ecosystem and our commitment to crafting solutions that align with local business needs. It embodies WithSecure’s ethos of merging global cybersecurity expertise with local insights to foster a safer digital realm.

– WithSecure Corporation CEO Juhani Hintikka

One product of this partnership is the ‘Made in Malaysia’ StarSentry solution – a plug-and-play model that is more than just a ‘shield’ for SMEs but offers a proactive approach to threat prevention.

This solution is also aligned with broader sustainability goal and embraces the ESG framework of safeguarding critical infrastructures, nurturing a secure digital community and reinforcing stringent governance standards, demonstrating an unwavering commitment to responsible, transparent business operations.

Pre-orders for the solution can already be made.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Business | CybersecurityTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Can Scammers Hack Your Phone If You Call Back?!

Can scammers hack your phone if you answer their calls, or call back?!

Take a look at the viral claim, and find out what the facts really are!

 

Claim : Scammers Can Hack Your Phone If You Call Back!

People are sharing this advice about scammers hacking your phone if you answer their calls, or call back!

Very Very Urgent …

Please pass this message to your family and friends NOW.

Recommended : WhatsApp Block Button Scam : What You Need To Know!

 

Truth : Scammers Cannot Hack Your Phone If You Call Back!

This is yet another example of FAKE NEWS circulating on WhatsApp and social media platforms, and here are reasons why…

Fact #1 : This Is Old Fake News

First, let me just point out that this fake message isn’t even new. It has been circulating on WhatsApp and social media platforms since April 2020, if not earlier.

Fact #2 : This Hoax Is Based On One Ring / Wangiri Scam

This hoax appears to be based on the 2019 FCC warning about the “One Ring” or “Wangiri” scam, where scammers use robocall devices to give victims a miss call, in hopes that they would call back and get charged for Pay-Per-Call services.

The Federal Communications Commission is alerting consumers to reported waves of “One Ring” or “Wangiri” scam robocalls targeting specific area codes in bursts, often calling multiple times in the middle of the night. These calls are likely trying to prompt consumers to call the number back, often resulting in per minute toll charges similar to a 900 number. Consumers should not call these numbers back.

Recent reports indicate these calls are using the “222” country code of the West African nation of Mauritania. News reports have indicated widespread overnight calling in New York State and Arizona.

Generally, the One Ring scam takes place when a robocaller calls a number and hangs up after a ring or two. They may call repeatedly, hoping the consumer calls back and runs up a toll that is largely paid to the scammer.

Consumer Tips: · Do not call back numbers you do not recognize, especially those appearing to originate overseas. · File a complaint with the FCC if you received these calls: www.fcc.gov/complaints · If you never make international calls, consider talking to your phone company about blocking outbound international calls to prevent accidental toll calls. · Check your phone bill for charges you don’t recognize.

This scam, however, does not involve hacking any phone. It only requires you to call back the number, which is a Pay-Per-Call service.

Once you call back, you will get charged a premium rate, as the scammers try to keep you on the line for as long as possible.

Recommended : Can Israel Seismic Wave Card Hack Your Phone?!

Fact #3 : Scammers Cannot Hack Phone Through Calls

It is simply not possible to hack your phone through a voice call, even if you’re using VOIP (Voice Over Internet Protocol), or apps like WhatsApp or Telegram.

What is possible though is voice phishing, also known as vishing. This is a form of social engineering, where scammers pose as a bank or police officer (or someone with authority) to obtain your bank account information, or trick you into transferring money into their bank accounts.

Fact #4 : 90# Telephone Scam Only Works With PBX / PABX

The #90 or 90# scam is a very old phone scam that only works on business landline phones that use a PBX (Private Branch Exchange) or PABX (Private Automatic Branch Exchange) system. Here is the official US FCC warning about this scam.

In this very old scam, the scammer pretends to be a telco employee looking into a technical problem with your phone lines, and asks you to help him by either mailing 90# or transferring the call to an outside line. If you do that, you will enable the scammer to place premium-rate calls that will billed to your phone number.

To be clear – these codes do NOT work on mobile phones or smartphones, because they do not run on PBX or PABX systems.

Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | CybersecurityTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

PayNow PDF Malware Scam : What You Need To Know!

Is there a new malware scam involving a PayNow PDF?!

Take a look at the viral claim, and find out what the facts really are!

 

Claim : WhatsApp Block Button Is A Scam!

People are sharing this warning about a new malware scam involving a PayNow PDF. Take a look!

I just received below the latest and new scams Modus Operandi from my Uncle. Forward to warn and share.
======================

The scammers have changed their modus operandi. They don’t ask you to download the app.
My neighbour told me yesterday that her sister (a cancer patient) wanted a part-time helper to clean her house. Hence, she went to Facebook. I called the number and made the request. The advertiser asked whether she had a Paynow, and she said that she had. He directed her to make the partial payment, and he will send the invoice to confirm. (Note: He did not ask her to download an app, as people are getting alerts). When she received the invoice in the PDF format, she did not suspect any foul play and clicked it. The invoice showed the amount paid and the balance to be paid. After that, she went to sleep. The next morning, her phone could not be switched on.
She used her laptop to check her DBS bank account. Her $20K was gone, and her two fixed deposits of $25K, which had not reached the maturity date, were also gone—the total loss was $ 70K.
When she went to the bank and asked why her fixed deposit was also gone, the receptionist told her that digital banking allows you to transfer the amount back to your account to facilitate withdrawals without going to the bank.
Police told her the malware was embedded in the PDF document.
So folks, beware that the scammers are always changing their modus operandi to con your money $$$! 😡😡😡

Recommended : WhatsApp Block Button Scam : What You Need To Know!

 

No Evidence There Is Any PayNow PDF Scam!

This is likely another example of FAKE NEWS circulating on WhatsApp and social media platforms, and here are reasons why…

Fact #1 : No Evidence Of PayNow PDF Scam

First, let me just point out that there is no evidence that anyone was ever scammed by a PayNow PDF invoice.

There has been no actual news report of such a case, never mind multiple cases involving malicious PayNow PDF documents.

Frankly, I don’t know of any PDF malware that can shut down a phone, and transfer money from a bank account, including liquidating fixed deposits!

Fact #2 : PDF Malware Generally Target Computers

PDF documents can contain malware, but malicious PDFs generally target Windows computers. In fact, many aren’t actual PDF documents, but are instead executable files masquerading as PDF files – invoice.pdf.exe, for example.

Malicious PDF documents or executables targeted at Windows computers won’t work on smartphones. The malicious PDF must not only be specifically designed to target smartphones, it must target the right operating system – iOS or Android. A malicious PDF targeting Android won’t work on an Apple iPhone, for instance.

On top of that, many PDF malware actually exploit vulnerabilities in a specific PDF reader – most commonly, the industry-standard Adobe Acrobat Reader. Most smartphones do not have Adobe Acrobat Reader installed, and instead rely on a variety of PDF readers like Samsung Note, OneDrive, Google Drive, Kindle, etc.

Embedded PDF malware that target vulnerabilities in the Adobe Acrobat Reader won’t work with other PDF readers. That’s probably why it’s rare to see PDF malware that target smartphones.

Recommended : Can StopNCII Remove All Nude / Deep Fake Photos?!

Fact #3 : PayNow Scams So Far Involve Phishing

Singapore reported 477 cases of PayNow scams in 2021, with 133 more cases in 2022. However, they were not due to PDF malware. Rather, their victims were deceived into giving scammers their digital banking credentials.

In other words, PayNow scams have so far involved phishing attacks, in which victims are tricked into logging into fake websites, or giving up their Internet banking login details by phone.

In one of these scams, victims received phone calls from people pretending to be bank employees. The callers would ask for the victims’ personal details, such as their Internet banking usernames and passwords, under the pretext that the bank needed them to verify transactions in their accounts.

Fact #4 : Singapore Police Warned About Android Malware

It seems likely that the viral warning is based on a misunderstanding of a Singapore Police Force warning about Android malware withdrawing money through PayNow.

Issued on 17 June 2023, the Singaporean police warned that scammers were tricking victims into installing an Android Package Kit (APK) file through WhatsApp and Facebook Messenger. Once installed, the malware allows the scammers to remotely access the victims’ devices, and steal their passwords.

The victims are then directed to fake websites that mimic banks like DBS to key in their banking credentials. The login information obtained through this phishing attack then allows the scammers to withdraw their victims’ money through PayNow.

To be clear – this PayNow scam does NOT involve any PDF. It requires the victim to install an APK file – to gain access of your 2FA (Two-Factor Authentication) device, and provide bank login information through a fake (phishing) website.

This allows the scammers to log into your bank account using the login info you provided, and authenticate all transfers using your mobile phone.

Recommended : Nurse Lost RM380K After Pressing Instagram ‘Like’ Button?!

Fact #5 : Here Are Some Common Cybersecurity Tips

Here are some simple cybersecurity tips to help you avoid getting scammed online:

  • Never install APK files (for Android) from unknown or untrustworthy sources.
  • Never sideload IPA files (for Apple iOS) from unknown or untrustworthy sources.
  • Always check the entire filename, including its file extension:
    – PDF documents should end with .pdf, and not .pdf.apk or .pdf.ipa or .pdf.exe.
    – Word documents should end with .doc or .docx, and not .doc.apk or .doc.ipa or .doc.exe.
  • Never click on any link to go to any bank website. Always type in the link yourself into a web browser, or better still – use the official app issued by the bank.
  • Never give your bank login details to any person, even if they claim to be a police officer, a bank officer, or even a cybersecurity expert!
  • Never give your 2FA authentication code / TAC or OTP number to any person, even if they claim to be a police officer, a bank officer, or even a cybersecurity expert!

Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | CybersecurityTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

WhatsApp Block Button Scam : What You Need To Know!

Will clicking on the WhatsApp block button install a malicious app that will hack your phone?!

Take a look at the viral claim, and find out what the facts really are!

 

Claim : WhatsApp Block Button Is A Scam!

People are sharing this advice on a new WhatsApp scam involving the Block button in messages. Take a look!

New Type of Scam in Whatsapp.

Don’t press the “Block” button within the message because when you press on it then, you are effectively downloading this Malicious App. Instead go to WhatsApp setting (3 dots on the right hand top) and block the message.

Do the same if you received this kind of message in your SMS. Someone already got scammed by this fake template.

Whatsapp 中的新型诈骗。
不要按消息中的“阻止”按钮,因为当您按下该按钮时,您实际上是在下载此恶意应用程序,而是转到 WhatsApp 设置(右上角的 3 个点)并阻止该消息。
如果您在短信中收到此类消息,请执行相同的操作。

New Type of Scam in Whatsapp. Don’t press the “Block” button within the message because when you press on it then, you are effectively downloading this Malicious App. Instead go to WhatsApp setting (3 dots on the right hand top) and block the message. Do the same if you received this kind of message in your SMS. Someone already got scammed by this fake template.

Recommended : Can Mexico Did It Photo Infect Your Phone With Virus?!

 

Truth : WhatsApp Block Button Is New Feature!

This is yet another example of FAKE NEWS circulating on WhatsApp and social media platforms, and here are reasons why…

Fact #1 : No Evidence Of WhatsApp Block Button Scam

First, let me just point out that there is no evidence that anyone was scammed by the WhatsApp block button in messages.

Even if an enterprising hacker / scammer was able to create a message with a fake block button that downloads an APK (Android Package Kit) file, it won’t automatically install that file. You will need to manually install the APK file from the Downloads folder.

Those who know how to do that would be tech-savvy enough to avoid installing APK files from unknown sources. Those who don’t know how to do that would not be able to install the downloaded APK file.

Fact #2 : WhatsApp Block Button Is Part Of New Safety Tools

The truth is – the Block button that you may see in new messages from strangers is not a scam. It also does not download or install any APK file.

The Block button is actually part of the new Safety Tools feature that WhatsApp started introducing in July 2023.

The Safety Tools feature will only appear when you receive a message from an unknown number. You will be given some details about the safety of this new contact – whether you are in common groups, and in some cases – the country of origin.

You are given the option of either blocking this new contact, or adding it to your Contact list. You can also click on the Safety tools link for more details.

Recommended : Can Israel Seismic Wave Card Hack Your Phone?!

Fact #3 : Older Blocking Method Still Exists

The new WhatsApp Safety Tools offer an easy way to quickly block and remove obvious spammers and scammers. However, it may not be readily apparent whether the new contact is genuine, or just a spammer / scammer.

If you start messaging with this new contact – to find out if their identity / purpose, the Safety Tools option will disappear. But don’t worry – you can still block this new contact if you realise that he/she is a spammer / scammer.

  1. Go to the messaging screen for the person you want to block.
  2. Tap on the kebab menu / vertical ellipsis (⋮) icon on the upper right corner.
  3. Select More > Block.
    You can also select More > Report (to report block the scammer)

Alternatively, you can block multiple contacts using this method:

  1. Open WhatsApp, and go to the Chats screen.
  2. Tap on the kebab menu / vertical ellipsis (⋮) icon on the upper right corner.
  3. Select Settings.
  4. Tap on the Privacy option.
  5. Scroll down and tap on Blocked contacts.
  6. Tap on the Add Contacts () icon at the upper right corner.
  7. Search for the contacts you want to remove, and select them.

Now, blocking people does not remove your contact details or profile photo from their phones and devices.

However, they will no longer be able to call you, or send you messages. They will also not be able to see changes to your status updates including when you’re online / last seen, or changes you make to your profile photo.

Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | CybersecurityTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Can StopNCII Remove All Nude / Deep Fake Photos?!

Can the StopNCII website remove all of your nude or deep fake or Photoshopped photos from the Internet?!

Take a look at the viral claim, and find out what the facts really are!

 

Claim : StopNCII Can Remove All Nude / Deep Fake Photos!

People are sharing this advice on WhatsApp and social media platforms like X (formerly Twitter) and Facebook, claiming that the StopNCI website can remove all of your nude or deep fake or Photoshopped photos from the Internet!

Attention girls! If someone edits your photo with Al or Photoshop to create a nude photo, then you go to stopncii.org and submit the original photo and the edited photo.

They’ll remove the edited photo from all the places on the Internet and your identity will be confidential. Please immediately inform the cyber cell and file a case to take immediate action.

Recommended : Can Mexico Did It Photo Infect Your Phone With Virus?!

 

Truth : StopNCII Cannot Remove All Nude / Deep Fake Photos!

This is yet another example of FAKE NEWS circulating on WhatsApp and social media platforms, and here are reasons why…

Fact #1 : StopNCII Does Not Remove Photos / Videos

First, let me just point out that the StopNCII website is a project by the Revenge Porn Helpline, which is itself a part of the UK-based charity, SWGfL.

StopNCII is not a government organisation, or even a multinational / international organisation that controls what gets posted on the Internet. It does not have any power or authority or even capability to remove a single photo or video.

To be clear – StopNCII cannot remove all of your photos or videos from the Internet. No organisation can.

Fact #2 : You Don’t Upload Photos / Videos To StopNCII

The advice to upload your nude or edited photos or videos to the StopNCII website is nonsensical. So is the claim that you must also upload your original photos or videos.

StopNCII does not require you to upload your nude / edited photo or video, or your original photo or video.

In fact, StopNCII does not even require you to upload a single photo or video. It merely scans the photos or videos that you are concerned about.

Those photos or videos do not leave your devices (computers, tablets, and smartphones).

Fact #3 : StopNCII Only Generates Digital Hashes

StopNCII only scans the photos or videos that you select on your device, and generate their digital fingerprints (hashes). It does not download or keep your nude photos or videos.

Select the image(s)/video(s) on your device that you would like to protect. Remember, your image(s)/video(s) do not leave your device, they will only be scanned so a unique “hash,” or digital fingerprint, can be generated.

Recommended : Can Israel Seismic Wave Card Hack Your Phone?!

Fact #4 : Photos / Videos Are Only Removed On Certain Platforms

StopNCII itself does not remove any photos or videos, whether they are nude or edited. Instead, they rely on a limited number of partner platforms to do that:

  • Facebook
  • TikTok
  • Reddit
  • Instagram
  • Bumble
  • OnlyFans
  • Threads
  • Pornhub

Only these platforms will receive cases and the digital hashes (fingerprints) from StopNCII.

Fact #5 : Not All Photos / Videos Will Be Removed

Even on those supported platforms, it’s not a guarantee that those photos / videos submitted to StopNCII will be removed.

Those platforms will scan their systems for those digital hashes, and remove them if they are found to have violated their intimate image abuse policy.

This is to avoid the StopNCII system from being abused to remove photos or videos that are not sexual, abusive, personal, or illegal in any way.

Once generated the ‘hash’ will be shared with the participating companies.

Participating companies will look for matches to the hash and remove any matches within their system(s) if it violates their intimate image abuse policy.

The Revenge Porn Helpline reported a 90% removal rate on those platforms since 2015. While that is impressive, that tells us that some 10% of all reported photos or videos were determined not to have contravened the policies of those partner platforms.

Recommended : Can SIM swap attack empty bank account without warning?!

Fact #6 : No One Can Remove All Photos / Videos From Internet

Even if StopNCII is able to partner with every single social media platform, large and small; or Internet service providers, it simply cannot help you remove all of your nude photos or videos from the Internet.

That’s because once released on the Internet, those photos or videos (whether nude or edited) can be transmitted through many means – messaging apps like WhatsApp or Telegram, or email and file-sharing services.

They can also be posted or stored on independent websites / servers on the Internet or the dark web, that no one can shut down. There are revenge porn websites and groups dedicated to this, and it is simply impossible to remove edited / nude photos and videos from those websites and groups.

Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | CybersecurityTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Nurse Lost RM380K After Pressing Instagram ‘Like’ Button?!

Did a Malaysian nurse lose RM380,000 after pressing the Instagram Like button?!

Take a look at the viral claim, and find out what the facts really are!

 

Claim : Nurse Lost RM380K After Pressing Instagram Like Button!

People are sharing an article which claims that a Malaysian nurse lost RM380,000 after pressing the Like button in Instagram for RM5 commissions! Here is an excerpt from the article:

M’sian Nurse Loses RM380K After Pressing Instagram ‘Like’ Button For RM5 Commission

Too late to unlike

Recommended : Scam Alert : How Fake Job Syndicates Operate!

 

Nurse Did Not Lose RM380K After Pressing Instagram Like Button!

First of all, I would like to applaud the website for writing about job scams, but that’s really a misleading title.

Unfortunately, many people don’t read beyond the headlines. People are even asking if they will get “hacked” like the nurse if they like Instagram posts!

The truth is – the Malaysian nurse did not lose RM380,000 because she pressed on the Like button in Instagram. In fact, Instagram and its Like button have nothing to do with the actual scam!

Social Media Jobs Are An Easy Lure

As I have earlier written on how fake job syndicates operate, the “job” and “platform” are not important. These scammers generally offer social media jobs, because that’s what most people already use, so it’s easy to hook victims.

These syndicates will offer quick and easy tasks to do on social media, for example – liking Instagram photos and Facebook posts. Other (non-social media) tasks include liking YouTube videos and/or subscribing to YouTube channels, or even making comments on businesses in Google Maps.

Whether the job is on Instagram / Facebook / YouTube / Google Maps, etc. is irrelevant. The first few “jobs” you are given are the bait. You will be paid for those simple tasks, like RM5 for liking an Instagram post, or RM10 for subscribing to a YouTube channel. Such an easy way to make money!

Paying For Jobs Is The Scam!

After you get the first payment, you will be asked to participate in a “prepaid job”. All you have to do is pay a “deposit” for the opportunity to make a lot of money in high-paying “jobs”.

At this point, you may feel that this is a genuine side job opportunity. After all, they paid you for the earlier jobs, didn’t they? Real scammers wouldn’t pay their victims, right? WRONG!

Once you make that first deposit, you are “hooked”. The scammers will not let you withdraw the money, but insist that you must continue with the next “prepaid job”, which would require another deposit. Then, you will be asked to pay again to participate in another “prepaid task”, and so on.

On paper, you appear to be earning a lot of money, but you won’t be able to withdraw any of that money. By the time you realise it’s a scam, you would have lost a LOT of money. That is the scam, not pressing on the Instagram Like button.

Recommended : How A University Student Lost RM22K In Online Job Scam!

Trying To Recover The Money Is The Scam!

In the nurse’s case, she fell for their trap to participate in the “prepaid assignment”. She ended up making 36 transactions worth RM387,000 to 21 different bank accounts over 13 days! She not only emptied her savings, she even loaned money from her friends and family members!

Why would any victim do that? Simple – the more money you invest in this fake job offer, the more desperate you will be to recover the money you “invested” and “earned”. To quit would mean losing everything, so you will feel that you have “no choice” but to continue.

To help you make that decision to “stick with the programme”, the syndicate have fake users in their Telegram group continuously posting bank deposit screenshots, while claiming that they just received their earnings.

The truth is – any money you send to their mule accounts will be quickly transferred to the scammers’ account. You will never see the money again.

As one student shared, he lost over RM22,000 in just two days, because he was so engrossed in trying to get back the money he “invested” earlier:

There’s one trick that this scammer is using. He let me start with a small investment, then proceed with stages.

They force me to continue because I want to rescue the money that I put in in the previous task. So it keeps getting bigger and bigger.

Just like that, two days, RM22300, gone.

Recommended : Must You Disable Facebook Auto-Fill To Block Scams?!

Again, I’m glad to see more publicity about fake job scams. But it is important that YOU understand that the scam does not involve the pressing of the Like button in Instagram, or Facebook, or YouTube, or any other online platform.

This is ultimately just another case of a fake job scam. In this nurse’s case, the scammers used the simple job of liking Instagram posts as the lure, but it will be different for other victims. These scammers will use any convenient platform to give you simple jobs to trick you into falling for their scam.

Just remember – there is no such thing as easy social media jobs. Even unscrupulous social media promoters do not need to pay anyone to like a post, or follow someone. They simply use bots (automated software)!

Don’t fall for such fake job scams. No matter how enticing the offer is – NEVER pay for any job.

Please SHARE this article out, and WARN your family and friends!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | Cybersecurity | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Can Israel Seismic Wave Card Hack Your Phone?!

Can the Seismic Wave Card containing photos of the recent Hamas attacks on Israel hack your phone?!

Take a look at the viral claim, and find out what the facts really are!

 

Claim : Israel Seismic Wave Card Can Hack Your Phone!

This warning about the Seismic Wave Card containing photos of the recent Hamas attacks on Israel has gone viral on WhatsApp:

URGENT

Some people are going to upload pictures of the fighting in Jewish settlements on WhatsApp. The file is called Seismic Waves CARD.

Do not open it, it will hack your phone in 10 seconds and cannot be stopped in any way.

They talked about it on TV. A cyber attack on us from all kinds of directions is also starting.

Pass the information on to family and friends.

Recommended : Did Fukushima Just Release Black Radioactive Water?!

 

Truth : There Is No Israel Earthquake Seismic Wave Card!

This is yet another example of FAKE NEWS circulating on WhatsApp, and here are reasons why…

Fact #1 : There Is No Seismic Wave Card!

First, let me just point out that there is no such thing as a Seismic Wave Card.

The Seismic Wave Card is an Internet hoax that keeps getting recycled for every disaster that comes along, like these examples show:

They are going to upload some photos of the Moroccan earthquake on WhatsApp. The file is called Seismic Waves CARD, don’t open it and see it, it will hack your phone in 10 seconds and it cannot be stopped in any way. Share the information with your family and friends.
DO NOT OPEN IT. They also said it on TV

They are going to upload some photos of the Cariaco earthquake on Whatsapp. The file is called Waves Seismic CARD, do not open or see it, it will hack your phone in 10 seconds and it cannot be stopped in any way. Pass the information on to your family and friends. DO NOT OPEN IT. They also said it on TV.

Recommended : Can Morocco Earthquake Seismic Wave Card Hack Your Phone?!

Fact #2 : Photos Are Shared Directly On WhatsApp

There is no need to open any file, or install any app, to view photos on WhatsApp. You simply click to view photos shared by other people on WhatsApp.

Of course, people may sometimes share high-resolution photos in ZIP or RAR files, because WhatsApp greatly reduces the resolution of photos shared on its platform.

Those ZIP or RAR files may be opened using apps like WinZip (Android | iOS) or RAR (Android) or Unarchiver (iOS). However, you should be wary if you are asked to download and install any app.

Unless you know what you are doing, it’s best to only view photos and videos directly inside WhatsApp, and not download any compressed files at all.

Fact #3 : Seismic Waves Card Is Not A Browser Hijacker

Seismic Waves Card appears to be falsely labelled as a browser hijacker by at least one “cybersecurity” website:

The scam message known as Seismic Waves Card is notorious for its disruptive behavior while surfing the web. Generally, scams like this, and other like Mintnav and Lookaside fbsbx, are crafted to meddle with your browser’s settings, replacing homepages and default search engines to promote affiliated sites and generate advertising revenue.

There is no evidence that a malware or browser hijacker called Seismic Waves Card exists. The article itself does not offer any evidence to prove its existence. In fact, the article and its guide on how to “remove” the malware appears to be generic, and may possibly be AI-generated.

Recommended : Can Greeting Photos + Videos Hack Your Phone?!

Fact #4 : Image-Based Malware Is Possible, But…

Digital steganography is a method by which secret messages and other data can be hidden in digital files, like a photo or a video, or even a music file.

It is also possible to embed malicious code within a photo, but it won’t be a full-fledged malware that can execute by itself.

At most, it can be used to hide the malware payload from antivirus scanners, which is pretty clever to be honest… but it cannot hack your smartphone by itself.

Recommended : Can Restaurant Menu QR Code Hack Your Phone?!

Fact #5 : Image-Based Malware Requires User Action

In January 2019, cybercriminals created an online advertisement with a script that appears innocuous and would pass any malware check.

However, the image itself has an “almost white” rectangle that is recognised by the script, triggering it to redirect the user to the cybercriminals’ website. Once there, the victim is tricked into installing a Trojan disguised as an Adobe Flash Player update.

This is an incredibly clever way to bypass malware checks, but even so, this image-based malware requires user action.

You cannot get infected by the Trojan if you practice good “Internet hygiene” by not downloading or installing anything from unknown websites.

Fact #6 : Malicious Code Executes Immediately

If you accidentally download and trigger malware, it will execute immediately. It won’t take 10 seconds, as the hoax message claims.

There is really no reason for malware to wait before it infects your devices. Waiting will only increase the risk of detection.

Whether the malware serves to take over your device, steal your information or encrypt it for ransom, it pays to do it at the first opportunity.

Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | CybersecurityTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Fact Check : New WhatsApp Cyber Crime Rules?!

Did WhatsApp just implement new cyber crime rules to help the government monitor and record your calls and messages?! Find out what the facts really are!

Updated @ 2023-10-08 : Updated after message went viral again.
Originally posted @ 2023-07-03

 

Claim : WhatsApp Has New Cyber Crime Rules!

People are sharing this warning about WhatsApp implementing new cyber crime rules, to help the government monitor and record all calls and messages!

Tʜᴇ ɴᴇᴡ ᴄᴏᴍᴍᴜɴɪᴄᴀᴛɪᴏɴ ʀᴜʟᴇs ғᴏʀ WʜᴀᴛsAᴘᴘ ᴀɴᴅ WʜᴀᴛsAᴘᴘ Cᴀʟʟs (Vᴏɪᴄᴇ ᴀɴᴅ Vɪᴅᴇᴏ Cᴀʟʟs) ᴡɪʟʟ ʙᴇ ɪᴍᴘʟᴇᴍᴇɴᴛᴇᴅ ғʀᴏᴍ ᴛᴏᴍᴏʀʀᴏᴡ: –

Recommended : How To Block Facebook Ads + Pay Scammers!

 

Truth : WhatsApp Does Not Have New Cyber Crime Rules!

And here is why this is nothing more than yet another Internet hoax :

Fact #1 : Only China Can Do This

The only country that has accomplished most of what was shared above is China, but it took them decades to erect the Great Firewall of China.

It’s not just the massive infrastructure that needs to be created, it also requires legislation to be enacted, and considerable manpower and resources to maintain such a system.

That’s why China is leaning heavily on AI and cloud computing capabilities to automatically and quickly censor information it deems “sensitive”.

However, no other country has come close to spending the money and resources on a similar scale, although Russia, Cuba, Vietnam, Zimbabwe and Belarus have imported some surveillance technology from China.

Fact #2 : WhatsApp, Instagram + Facebook Messenger Have End-to-End Encryption

All three Facebook-owned apps now run on the same common platform, which provides end-to-end encryption.

End-to-end encryption protects messages as they travel through the Internet, and specifically prevents anyone (bad guys or your friendly government censor) from snooping into your conversations.

That is also why all three apps are banned in China…

Recommended : Can SIM swap attack empty bank account without warning?!

Fact #3 : Governments Generally Have No Control Over Those Apps

Outside of authoritarian countries like China and Russia, governments generally have little to no control over social media and instant messaging apps. Even then, their control is generally limited to banning access if they don’t get their way.

The ability to keep conversations and messages safe and private is key to the success of instant messaging apps, in particular. So WhatsApp, Telegram and Signal would never allow governments access to user messages or voice calls, never mind record and monitor them for governments!

In fact, by implementing end-to-end encryption, these companies themselves do not have access to your messages and calls.

Fact #4 : WhatsApp Does Not Have Three Check Marks!

WhatsApp messages only have two ticks / check marks to notify users about the status of their messages:

: The message was successfully sent.
: The message was successfully delivered to the recipient’s phone or any of their linked devices.
: The recipient has read your message.

There is no third check mark, as claimed by the viral message.

Fact #5 : Governments Won’t Tip You About Investigations

It is illogical for WhatsApp to inform you when the government is checking your information, or when it has started proceedings against you.

In fact, it doesn’t make sense for any government to inform you by instant messaging check marks! If the government is charging you with a crime, it will send police officers, not check marks on WhatsApp!

Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > InternetFact Check | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Marshall Minor III Wireless Earphones Scam Alert!

Please watch out for the Marshall Minor III wireless earphones scam! Take a look at the scam, and find out what the facts really are!

 

Marshall Minor III Wireless Earphones Scam Alert!

Scammers are running Facebook ads that promote an awesome discount for the Marshall Minor III wireless earphones! Here is one recent example:

😣”Frustrating” 😣I had to queue for 5 hours at IOI City Mall to buy MARSHALL MINOR III wireless headphones for only RM179 (original price RM596), I was surprised because I thought they only sold directly I heard it’s open for sale online in 2 more days https://www.marshall-ash.asia/ms And also get the same discount as buying at the store. Free shipping nationwide.

But the 4 hours of queuing was worth it. As a Marshall fan, I was very excited when I heard the news that the Minor III series was coming out. And don’t waste your time waiting, the design is very beautiful, more stylish than the old version 💯 Great sound quality. Clear bus, fast Bluetooth connection, suitable for all types of devices, super battery life, 5 hours of continuous use and 25 hours with charging box, waterproof. The best thing about these headphones is the close-to-ear design. Comfortable, can play sports without worrying about falling. If you don’t buy it, you will be very disappointed.

I let my colleagues borrow it to play games because it sounded so realistic. There is no delay in movement.
Many people ask me if the store still has promotions? I just saw information that the store has a discount in the next 2 days. Order quickly. At the end of the promotion, the price will return to the original price of RM596. I leave the purchase link here for those who want to buy: https://www.marshall-ash.asia/ms

Recommended : Bantuan Rakyat Malaysia Scam Alert!

 

Marshall Minor III Offer : Why Is It A Scam?!

This is yet another example of SCAMS circulating on Facebook, and here are there reasons why…

Fact #1 : Marshall Minor III Price Absurdly Low

The first thing about scams involving electronics, is that they often promise ridiculous great deals. If it’s too good to be true, it often is just a scam.

In this particular scam, scammers are offering the Marshall Minor III wireless earphones for just RM179 (US$39). That’s absurd, as the Marshall Minor II wireless earphones has an official retail price of $159 (approximately RM699)!

Marshall is a high-end audiophile brand, and its electronics are never cheap. Even if they offer a discount, it wouldn’t be anything like 70% to 75%. That’s just ridiculous.

For your safety, here are legit purchase options online for the Marshall Minor III earbuds :

Fact #2 : Facebook Advertisement Is Fake

The Facebook advertisement appears to be created by a handsome influencer called 𝐀𝐥𝐯𝐢𝐧𝐧 𝐂𝐡𝐨𝐧𝐠 瑾.鍾.瑾. with 5.5 million followers.

But that’s what the scammers put in the intro. If you look carefully, this scam page only has 13 followers!

Recommended : Warning – PDRM Parking Fine Scam Alert!

Fact #3 : That Is “Push” Puttichai Kasetsin

The page is not owned by any influencer or digital creator called 𝐀𝐥𝐯𝐢𝐧𝐧 𝐂𝐡𝐨𝐧𝐠 瑾.鍾.瑾.

Those are actually photos of Puttichai Kasetsin – a Thai actor, model, DJ and TV host who is also known as “Push”.

Recommended : Media Prima / Nielsen Fake Job Scam Alert!

Fact #4 : IOI City Mall Does Not Have A Marshall Outlet

The claim by these scammers that Alvinn Chong queued up for 5 hours at the IOI City Mall to buy the Marshall Minor III wireless earphones is easily debunked.

If you check the IOI City Mall tenant listing, you will quickly discover that it does not have a Marshall outlet.

Fact #5 : Queue Photos Are From Vietnam

The two photos which claim to show long queues for the Marshall Minor III wireless earphones were not taken in Malaysia. They were actually taken in Vietnam.

This photo does not show people in IOI City Mall queueing up outside a Marshall outlet. It actually shows people queuing up for the opening of the 15th Pandora store at the Long Bien Aeon Mall, on 28 April 2022.

Incidentally, Pandora is a Danish jewellery brand, and does not sell Marshall audio products…

Recommended : PDRM Warning : Watch Out For MyBayar Scam!

The second queue photo is also from Vietnam, but taken many years ago on 11 November 2017. It does not show people queuing up to buy any Marshall products either.

They were actually queuing up at Royal City Shopping Center in Hanoi, for the opening ceremony of the second H&M store in Vietnam.

Recommended : Bantuan Tunai Rakyat Malaysia 2023 Scam Alert!

Fact #6 : Scam Website Not Affiliated With ASH Asia

ASH Asia is an authorised distributor of Marshall products in Malaysia, Thailand and Vietnam.

However, the scam page (https://www.marshall-ash.asia/ms) has nothing to do with ASH Asia, whose official Marshall Minor III page is https://ash-asia.com/ms.

On top of that, ASH Asia does not sell the Marshall Minor III directly (like the scam page). Instead, ASH Asia sells the wireless earphones through Shopee and Lazada.

Recommended : How A University Student Lost RM22K In Online Job Scam!

In fact, if you check the main domain itself, you will get an error message, stating:

Your domain name has been successfully pointed! Please publish a Landing Page with the above domain name to use the service. Thank you!

This not only gives it away as a scam website, it also suggests that the scammers are operating out of Vietnam.

Fact #7 : Scam Website Admits Selling Fake Marshall Minor III

Ironically, the scam website itself has a disclaimer, warning potential buyers that it is not selling genuine Marshall Minor III wireless earphones, but a replica instead…

Most people won’t notice it because if you click to order, the website is designed to skip past this warning.

Recommended : Scam Alert : How Fake Job Syndicates Operate!

Fact #8 : Package Apparently Contained “Trash”?

To assure you that this is safe, the scammers say that you only need to pay on delivery. Sounds good, doesn’t it? That guarantees that you will at least receive the item, doesn’t it?

Not quite, as one person who claimed to have purchased from this scam website explained…

I was attracted and clicked in, filling in my address and phone number. Three days later, I got a call saying that my package would arrive through DHL-COD, and asked me to make sure I was home.

I started looking forward to it, but when I thought about it, I became more suspicious. Since when does DHL provide Cash On Delivery service? I can’t believe they would dare to pay for first-class service without any payment from me. I figured it might be a scam!

What’s the scam? You may not have any doubts when you receive the package. When I open it immediately and take a look, then I realized it was full of garbage. [Unfortunately] I had already paid the delivery person, who ran away.

我被吸引点了进去,填了地址电话。跟着三天后有电话来说我的包裹会到,DHL-COD的,确定我在家等。我开始很期待。跟着想,越想越不对。DHL有COD的服务咩?我还没过账他们就这么敢与服务一流到我不敢相信。我猜可能是诈骗!骗什么?当你收到包裹时是不会怀疑,立刻打开来看的。然后才发现里面是垃圾。人跑了钱给了。。。

If true, the scam involves giving you an empty package filled with trash to receive your cash payment. After which, you have no recourse.

Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | MobileTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Can Morocco Earthquake Seismic Wave Card Hack Your Phone?!

Can the Seismic Wave Card containing photos of the recent earthquake at Morocco hack your phone?!

Take a look at the viral claim, and find out what the facts really are!

 

Claim : Morocco Earthquake Seismic Wave Card Can Hack Your Phone!

This warning about the Seismic Wave Card containing photos of the recent earthquake at Morocco has gone viral on WhatsApp:

They are going to upload some photos of the Moroccan earthquake on WhatsApp. The file is called Seismic Waves CARD, don’t open it and see it, it will hack your phone in 10 seconds and it cannot be stopped in any way. Share the information with your family and friends.
DO NOT OPEN IT. They also said it on TV

他们将在WhatsApp上上传一些摩洛哥地震的照片。该文件称为地震波CARD,不要打开或看到它,它会在10秒内破解您的手机,并且无法以任何方式停止。与您的家人和朋友分享信息。
不要打开它。他们还在电视上说过

Recommended : Did Fukushima Just Release Black Radioactive Water?!

 

Truth : There Is No Morocco Earthquake Seismic Wave Card!

This is yet another example of FAKE NEWS circulating on WhatsApp, and here are reasons why…

Fact #1 : There Is No Seismic Wave Card!

First, let me just point out that there is no such thing as a Seismic Wave Card.

The Seismic Wave Card is an Internet hoax that keeps getting recycled for every earthquake that comes along, like these examples show:

They are going to upload some photos of the Cariaco earthquake on Whatsapp. The file is called Waves Seismic CARD, do not open or see it, it will hack your phone in 10 seconds and it cannot be stopped in any way. Pass the information on to your family and friends. DO NOT OPEN IT. They also said it on TV.

They are going to upload some photos of the Calvario earthquake on WhatsApp. The file is called CARD Seismic Waves. Do not open them or see them, they hack your phone in 10 seconds and it cannot be stopped in any way. Pass the information on to your family and friends. Don’t open it. They also said it on TV.

Fact #2 : Photos Are Shared Directly On WhatsApp

There is no need to open any file, or install any app, to view photos on WhatsApp. You simply click to view photos shared by other people on WhatsApp.

Of course, people may sometimes share high-resolution photos in ZIP or RAR files, because WhatsApp greatly reduces the resolution of photos shared on its platform.

Those ZIP or RAR files may be opened using apps like WinZip (Android | iOS) or RAR (Android) or Unarchiver (iOS). However, you should be wary if you are asked to download and install any app.

Unless you know what you are doing, it’s best to only view photos and videos directly inside WhatsApp, and not download any compressed files at all.

Recommended : Can Greeting Photos + Videos Hack Your Phone?!

Fact #3 : Seismic Waves Card Is Not A Browser Hijacker

Seismic Waves Card appears to be falsely labelled as a browser hijacker by at least one “cybersecurity” website:

The scam message known as Seismic Waves Card is notorious for its disruptive behavior while surfing the web. Generally, scams like this, and other like Mintnav and Lookaside fbsbx, are crafted to meddle with your browser’s settings, replacing homepages and default search engines to promote affiliated sites and generate advertising revenue.

This transgression doesn’t end here; they siphon sensitive data and create vulnerabilities in your system’s security framework, providing a gateway for more perilous threats, such as malware and phishing schemes, to invade.

The protracted presence of Seismic Waves Card in your system exponentially escalates the risk of serious compromises, emphasizing the dire necessity for its immediate removal. Recognizing the malicious potential of such unwanted apps is essential in maintaining a secure and safe digital environment. Stay vigilant and prioritize your cybersecurity.

There is no evidence that a malware or browser hijacker called Seismic Waves Card exists. The article itself does not offer any evidence to prove its existence. In fact, the article and its guide on how to “remove” the malware appears to be generic, and may possibly be AI-generated.

Fact #4 : Image-Based Malware Is Possible, But…

Digital steganography is a method by which secret messages and other data can be hidden in digital files, like a photo or a video, or even a music file.

It is also possible to embed malicious code within a photo, but it won’t be a full-fledged malware that can execute by itself.

At most, it can be used to hide the malware payload from antivirus scanners, which is pretty clever to be honest… but it cannot hack your smartphone by itself.

Recommended : Can Restaurant Menu QR Code Hack Your Phone?!

Fact #5 : Image-Based Malware Requires User Action

In January 2019, cybercriminals created an online advertisement with a script that appears innocuous and would pass any malware check.

However, the image itself has an “almost white” rectangle that is recognised by the script, triggering it to redirect the user to the cybercriminals’ website. Once there, the victim is tricked into installing a Trojan disguised as an Adobe Flash Player update.

This is an incredibly clever way to bypass malware checks, but even so, this image-based malware requires user action.

You cannot get infected by the Trojan if you practice good “Internet hygiene” by not downloading or installing anything from unknown websites.

Fact #6 : Malicious Code Executes Immediately

If you accidentally download and trigger malware, it will execute immediately. It won’t take 10 seconds, as the hoax message claims.

There is really no reason for malware to wait before it infects your devices. Waiting will only increase the risk of detection.

Whether the malware serves to take over your device, steal your information or encrypt it for ransom, it pays to do it at the first opportunity.

Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | CybersecurityTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Bantuan Rakyat Malaysia Scam Alert!

Watch out for the Bantuan Rakyat Malaysia scam on WhatsApp, Telegram, Facebook and Twitter!

Find out how this scam works, and WARN your family and friends!

 

Bantuan Rakyat Malaysia 2023 Scam Alert!

These scam messages about Bantuan Tunai Rakyat (BTR) 2023, or Bantuan Percuma Kerajaan Malaysia 2023, is going viral on WhatsApp, Telegram, and social media platforms like Facebook and Twitter.

CARA SEMAKAN TARIKH BAGI PENERIMA BANTUAN RM600 DIKREDITKAN SETIAP BULAN

Untuk mereka yang layak, anda boleh lakukan semakan dengan mengikuti cara yang diterangkan.

Baca Cara Semakan Bantuan 👇
https://bntuanrakyatmalaysia.lynk.eu.org/

SHARE INFO ini kepada rakan-rakan dan saudara mara untuk manfaat semua

HOW TO CHECK THE DATE FOR RECIPIENTS OF ASSISTANCE RM600 CREDIT EVERY MONTH

For those who are eligible, you can check by following the described method.

Read How to Check Help 👇
https://bntuanrakyatmalaysia.lynk.eu.org/

SHARE this INFO to friends and relatives for the benefit of all

As one lady shared in the video below, she got tricked by the scammers, who took over her Telegram account to send the same scam message to all of her contacts!

While she claimed that she did not click any link, I will show you how she got scammed…

Recommended : Beware Of Telegram Screenshot Hack + Scam!

 

Bantuan Rakyat Malaysia Scam : How Does It Work?

Warning : To show you how the scammers work, I will share the links they use. I will highlight those dangerous links in red. Do NOT go to those links.

Super Long Link

To trick people into clicking on the scam links, the scammers intentionally use a misleading and very long URL, so you are less likely to notice the domain.

This is the scam link : https://bntuanrakyatmalaysia.lynk.eu.org/

Note how the scammer used a long list of descriptive keywords – “bantuan“, “rakyat“, “malaysia“, “lynk“, which helps to mislead people, and make it more difficult for them to notice that the domain is “eu.org“.

Obviously, eu.org is not a Malaysian government domain (which ends with .gov.my), and it has nothing to do with Malaysia or financial aid. This domain also has nothing to do with the European Union.

EU.org provides free subdomains, and so scammers use it to not only run their scams, but to give their scams a more “legitimate-looking domain”.

Pro Tip : Always check the domain of a link before you click on it. Avoid super-long links like this because they are often used to mask the domain name.

Recommended : Will Scanning RFID Bar Codes Hack Your Phone?!

Fake Telegram Invitation

After clicking to go to https://bntuanrakyatmalaysia.lynk.eu.org/, you will be taken to what looks like an invitation to join a Telegram group. But in reality, it is a fake Telegram invitation.

A real Telegram invitation will have a link like this – https://t.me/XXXXXXXX. But this scam page has the link – https://bntuanrakyatmalaysia.lynk.eu.org/my.php.

Also, a real Telegram invitation can detect if you are using Windows / Mac or Android / iOS, and suggest that  the right download for your device.

The invitation also has a glaring typo – the link says Massage Now, rather than Message Now. Hilarious!

In any case, a real Telegram invitation will not ask you to Message Now. Rather, it will allow you to either View In Telegram, or Preview channel in the web browser itself.

Recommended : Bantuan Tunai Rakyat Malaysia 2023 Scam Alert!

Fake Telegram Login Page

If you click on Join Group, you will be taken to this Telegram login page. Even though it offers you a list of countries to select from, the only option is Malaysia.

WARNING – THIS IS A SCAM PAGE. This is what is known in cybersecurity as a “phishing attack”.

First of all, Telegram invitations will never ask you to log into your Telegram account. It will simply launch the Telegram app and load the group for you.

Secondly, if you look at the link, it leads to the same scam domain, specifically https://bntuanrakyatmalaysia.lynk.eu.org/my.php.

Do NOT log into your Telegram account in this page.

Recommended : Scam Alert : How Fake Job Syndicates Operate!

If you log into your Telegram account using this phishing page, then the scammers will gain access to your Telegram account, and take it over for their own use.

They can then use your Telegram account to send the same scam message, or worse, cheat your family and friends of their money!

Recommended : Can Restaurant Menu QR Code Hack Your Phone?!

The lady in the viral video likely logged into this phishing page, thus giving the scammers control of her Telegram account. That was likely how they were able to message everyone on her contact list.

She also likely did not enable Two-Step Verification in Telegram, which would let her recover her account even after scammers have gained access.

That is why people who were hit by this scam had to call and inform their relatives and friends, or publicly post about it to warn all of their contacts.

Unfortunately, it is not always possible to warn all of their contacts, and inevitably, someone will get cheated of their hard-earned money. That’s why these scams are so popular – they really work, and scammers are making a ton of money!

Help us fight against these scammers. SHARE this article out, and WARN your family and friends!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Cybersecurity | Software | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

PDRM Warning : Watch Out For MyBayar Scam!

PDRM is warning motorists not to fall for the MyBayar scam! Here is what you need to know about the MyBayar PDRM scam!

 

PDRM Warning : Watch Out For MyBayar Scam

On 7 August 2023, the Cyber Crime division of the Royal Malaysia Police (PDRM) posted an alert warning motorists not to fall for the MyBayar scam.

The MyBayar PDRM scam starts with an official-looking email that warns motorists that they have been caught contravening the law, and offers a cheap RM50 fine if paid within 5 days:

Last notice of contravention before prosecution

Dear recipient,

We are writing to draw your attention to a recent traffic violation in Malaysian jurisdiction.

Our traffic enforcement staff have observed your vehicle parked in a no-parking zone. This contravenes section (no. 2016-691] of the Road Traffic Act.

As a result of this infringement, a fine of MYR 50 has been imposed. This fine must be paid within 5 days of the date of this notification to avoid further legal consequences.

Failure to pay the fine within the allotted time may result in legal proceedings being taken against you, which could lead to increased fines, penalties and the possible suspension of your driving license.

Recommended : Bantuan Tunai Rakyat Malaysia 2023 Scam Alert!

 

MyBayar PDRM Scam : How Does It Work?!

Many people who received the MyBayar PDRM email might be shocked to find out that they were caught committing a traffic violation, and then relieved that it was only RM50 if they paid quickly.

That’s how the scammers trap their victims – by offering a cheap RM50 fine, when we all know that fines for traffic offences are at least RM150, and can go all the way up to RM1,000!

Those who received this fake MyBayar PDRM email would be tempted to quickly pay the cheap RM50 fine, before it becomes a lot more expensive!

But if you take a closer look at the email, you will spot some problems with it:

  • Weird English : The email title of “Last notice of contravention before prosecution” is nonsensical.
  • Typo in the name : The fake email used My Bayar PDRM, instead of MyBayar PDRM.
  • Lack of name and personal details : The fake email refers generically to “Dear recipient“, without listing your full name and MyKad number.
  • Lack of vehicle details : The fake email doesn’t mention the vehicle make and plate number.
  • Lack of location details : The fake email does not mention where the offence occurred, or even when it occurred.
  • Fine is much too low : PDRM traffic fines are never as low as RM50. The cheapest fine is RM150 for Category 4 offences, but you can pay as low as RM70 within 15 days.
  • No such law : The fake email refers to the Road Traffic Act. There is no such act in Malaysia. The proper name is the Road Transport Act 1987 (Act 333).
  • No such section : If you look at the Malaysia Road Transport Act 1987 (PDF download), you will see that there is no such thing as Section 2016-691.

The email appears to be from My Bayar PDRM (typo in the name), but if you inspect the email address, you will see that it was sent by “in-to-no-reply@silverbackgames.xxx” or “hello@sooqr.com” or some other email address.

Obviously, this email did not originate from an official PDRM email address! This should immediately tell you that this is a fake or scam email!

Recommended : How A University Student Lost RM22K In Online Job Scam!

If you click on the Pay My Fine link in the scam email, you will be taken to a fake My Bayar PDRM website (with the same typo in the name).

You may notice that you now have 7 days to pay the RM 50 fine, instead of just 5 days in the email. Odd, isn’t it?

Also odd is the fact that the page does not mention your name, your MyKad number, your vehicle type and model, or even its plate number! The page also doesn’t mention where the offence took place, or the time you were caught committing said offence.

Do NOT proceed after this point… This is a scam website!

But if you have itchy fingers, and click on the Pay The Fine button, you will be asked to pay for the RM50 fine using your debit or credit card.

Needless to say, PLEASE DO NOT SUBMIT YOUR DEBIT / CREDIT CARD DETAILS!!!

If you provide these scammers with your debit / credit card details and TAC / OTP numbers, they will be able to charge ANY AMOUNT they want to your credit card, or withdraw ANY AMOUNT they want from your bank account!

Recommended : Wedding Invitation Scam : Don’t Install APK File!

It’s even worse if you are asked to log into your bank account to pay the fine. DO NOT DO THAT!

If you provide them with your bank login and password, as well as OTP/TAC number, these scammers will be able to transfer money out of your bank account!

Please note – this is a scam! This is a phishing attack to gain access to your credit card and/or bank account.

Regardless of how you get any notification from PDRM about any traffic offence you may have committed, you should always check the status through these official MyBayar PDRM options:

Please SHARE this warning with your family and friends!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Automotive | Cybersecurity | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Bantuan Tunai Rakyat Malaysia 2023 Scam Alert!

Watch out for the Bantuan Tunai Rakyat Malaysia 2023 scam on WhatsApp, Telegram, Facebook and Twitter!

Find out how this scam works, and WARN your family and friends!

 

Bantuan Tunai Rakyat Malaysia 2023 Scam Alert!

These scam messages about Bantuan Tunai Rakyat (BTR) 2023, or Bantuan Percuma Kerajaan Malaysia 2023, is going viral on WhatsApp, Telegram, and social media platforms like Facebook and Twitter.

Bantuan percuma kerajaan 2023 khas untuk yang mana bergelar usahawan,pendidik,suri rumah,kerani dan yang kerja sendiri di waktu sekarang, boleh dapatkan geran RM2500 😱 🧕👩‍🍳👩‍💻👷‍♂️👨‍🎓👨‍🌾
✅ Bantuan ni percuma
✅ Tak perlu bayar semula
✅ Maksimum sehingga RM2,500 / RM5,000
JOM CLAIM:

Free government assistance 2023 especially for those who are entrepreneurs, educators, housewives, clerks and self-employed at the moment, can get a grant of RM2500 😱 🧕👩‍🍳👩‍💻👷‍♂️👨‍🎓👨‍🌾
✅ This help is free
✅ No need to pay again
✅ Maximum up to RM2,500 / RM5,000
CLAIM HERE:

As one lady shared in the video below, she got tricked by the scammers, who took over her Telegram account to send the same scam message to all of her contacts!

While she claimed that she did not click any link, I will show you how she got scammed…

Recommended : Beware Of Telegram Screenshot Hack + Scam!

 

Bantuan Tunai Rakyat Malaysia Scam : How Does It Work?

Warning : To show you how the scammers work, I will share the links they use. I will highlight those dangerous links in red. Do NOT go to those links.

Super Long Link

To trick people into clicking on the scam links, the scammers intentionally use a misleading and very long URL, so you are less likely to notice the domain.

This is the scam link : http://bantuan-kerajaan-my-fase-3-trd.financialanchorllc.com

Note how the scammer used a long list of descriptive keywords – “bantuan“, “kerajaan“, “my“, “fase 3“, which helps to mislead people, and make it more difficult for them to notice that the domain is “financialanchorllc.com“.

Obviously, financialanchorllc.com is not a Malaysian government domain (which ends with .gov.my), and it has nothing to do with Malaysia or financial aid.

A quick WHOIS check reveals that the ownership of this domain is hidden by a paid service – which is not what a genuine government agency would do.

Pro Tip : Always check the domain of a link before you click on it. Avoid super-long links like this because they are often used to mask the domain name.

Recommended : Will Scanning RFID Bar Codes Hack Your Phone?!

Fake Telegram Invitation

After clicking to go to https://bantuan-kerajaan-my-fase-3-trd.financialanchorllc.com, you will be taken to what looks like an invitation to join a Telegram group. But in reality, it is a fake Telegram invitation.

A real Telegram invitation will have a link like this – https://t.me/XXXXXXXX. But this scam page has the link – https://bantuan-kerajaan-my-fase-3-trd.financialanchorllc.com.

Also, a real Telegram invitation can detect if you are using Windows / Mac or Android / iOS, and suggest that  the right download for your device.

A real Telegram invitation will not ask you to Join Group. Rather, it will allow you to either View In Telegram, or Preview channel in the web browser itself.

Recommended : Bursa Malaysia Stock Investment Scam Alert!

Fake Telegram Login Page

If you click on Join Group, you will be taken to this Telegram login page.

WARNING – THIS IS A SCAM PAGE. This is what is known in cybersecurity as a “phishing attack”.

First of all, Telegram invitations will never ask you to log into your Telegram account. It will simply launch the Telegram app and load the group for you.

Secondly, if you look at the link, it leads to the same scam domain, specifically https://bantuan-kerajaan-my-fase3-gcc.financialanchorllc.com/main/index.php.

Do NOT log into your Telegram account in this page.

Recommended : Scam Alert : How Fake Job Syndicates Operate!

If you log into your Telegram account using this phishing page, then the scammers will gain access to your Telegram account, and take it over for their own use.

They can then use your Telegram account to send the same scam message, or worse, cheat your family and friends of their money!

Recommended : Can Restaurant Menu QR Code Hack Your Phone?!

The lady in the viral video likely logged into this phishing page, thus giving the scammers control of her Telegram account. That was likely how they were able to message everyone on her contact list.

She also likely did not enable Two-Step Verification in Telegram, which would let her recover her account even after scammers have gained access.

That is why people who were hit by this scam had to call and inform their relatives and friends, or publicly post about it to warn all of their contacts.

Unfortunately, it is not always possible to warn all of their contacts, and inevitably, someone will get cheated of their hard-earned money. That’s why these scams are so popular – they really work, and scammers are making a ton of money!

Help us fight against these scammers. SHARE this article out, and WARN your family and friends!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Cybersecurity | Software | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

How WithSecure Offensive Security Drives Business Resilience!

Find out how WithSecure harnesses the power of offensive security to drive business resilience and enhance protection for its clients!

 

WithSecure Drives Business Resilience Through Offensive Security!

WithSecure (formerly known as ‘F-Secure Business’) is harnessing the power of offensive security in its co-security and co-monitoring products and services. This revolutionary approach is designed to anticipate and mitigate cyber threats by understanding them from an attacker’s perspective.

During the SPHERE security conference 2023, WithSecure’s Chief Product Officer, Antti Koskela, shed light on their game-changing offering called ‘attack surface management.’ This managed service offers a comprehensive view of vulnerabilities in a company’s cloud-based estate.

As a result, WithSecure’s focus on the digital perimeter empowers businesses to reduce their overall attack surface, enhancing their cybersecurity posture in the ever-evolving threat landscape.

Recommended : WithSecure Takes Offensive Security Approach To Cloud Threats!

 

How WithSecure Offensive Security Drives Business Resilience!

WithSecure also introduced three groundbreaking services that amplify their commitment to ‘outcome-based security’ and ‘co-security’. This groundbreaking development was revealed by WithSecure Executive Vice President (Solutions) Scott Reininga, also at the SPHERE security conference 2023.

Reininga underscored WithSecure’s unparalleled expertise in offensive security, revealing that they are the home of one of the world’s most proficient offensive security teams. This team, a fusion of penetration testers (pentesters), red, blue and purple teamers, has profound knowledge of adversary tactics, tradecraft, and techniques.

Penetration testing is a cybersecurity practice that aims to discover vulnerabilities in a system by simulating controlled attacks. Their goal is not to cause damage but to pinpoint weaknesses for rectification. This proactive method, which can involve exploiting software vulnerabilities or simulating social engineering tactics, is key in any comprehensive cybersecurity strategy, offering a practical evaluation of potential risks rather than a theoretical one.

Our relentless pursuit of research and system testing allows us to uncover system vulnerabilities proactively. This crucial data is the building block of our products that are proactive, minimally disruptive, and crafted from the perspective of an attacker.

– Scott Reininga, WithSecure Executive Vice President (Solutions)

These insights were unveiled by Reininga during his recent product launch event titled ‘Co-security and co-managed services for partners’. He was joined on stage by WithSecure Vice President (Offering and Customer Experience) Niko Isotalo.

Expanding on WithSecure’s strategic approach, Isotalo said that the company’s outcome-based security framework model “connects Chief Information Security Officers (CISOs) and board members, offering clarity about the interplay between security outcomes and business objectives.”

This alignment clarifies the indispensable role of security in the core business framework to board members.

– Niko Isotalo, WithSecure Vice President (Offering and Customer Experience)

Recommended : Avanade Launches New Generative AI Services!

Reininga and Isotalo unveiled the three new offerings during their joint session. The first, termed “co-monitoring,” is a partnership model. WithSecure validates the genuineness of security incidents before alerting the duty manager, effectively curbing false alarms.

WithSecure collaborates with clients to supervise their digital ecosystems, particularly during periods when they are stretched thin on resources. This service, providing support beyond standard working hours, can also deliver round-the-clock monitoring if necessary.

Isotalo further introduced the second service, incident readiness software, recognising that many organisations lack comprehensive incident readiness plans.

Our software simplifies the creation, testing, and updating of such plans, which serve as essential shields against cyber threats.

Recommended : 5 Strategies for Negotiating Airfare Discounts with SAP Concur!

Focusing on the urgency of immediate incident response, Reininga introduced the third service, an incident response retainer.

Our incident response retainer provides unlimited incident response within the critical initial 72 hours of an event. We eliminate the need for negotiation about budget and resource allocation.

We engage consultants rapidly, supported by our globally lauded 24/7 incident response team and top-tier threat intelligence unit, guaranteeing our customers industry-leading service level agreements (SLAs).

By integrating offensive security acumen, co-monitoring capabilities, incident readiness software, and swift incident response, WithSecure empowers organisations to effectively safeguard their digital assets and curtail the impact of potential breaches.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > BusinessCybersecurity | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

WithSecure Takes Offensive Security Approach To Cloud Threats!

WithSecure is harnessing the power of the offensive security approach in tackling evolving cloud threats!

 

WithSecure Takes Offensive Security Approach For Cloud Threats!

In a shifting cybersecurity landscape, WithSecure (formerly known as ‘F-Secure Business’) is harnessing the power of offensive security in its co-security and co-monitoring products and services. This revolutionary approach is designed to anticipate and mitigate cyber threats by understanding them from an attacker’s perspective.

During the recent SPHERE security conference 2023 in Helsinki, Finland, WithSecure’s Chief Product Officer, Antti Koskela, shed light on this approach.

We’ve done identity assessments for many cloud-based companies, unveiling weaknesses in their cloud platforms.

Our offensive security approach is about understanding the attack surface of a cloud-based estate. We focus on the digital perimeter, which is crucial to reducing the overall attack surface.

Koskela went on to explain that WithSecure has distilled this insight into an innovative managed service offering called ‘attack surface management’. This service provides a comprehensive view of a company’s vulnerabilities, including IP addresses, port vulnerabilities, exposed APIs and web services, identity matters, patching levels and more.

With more open architecture, control over your attack surface becomes paramount. ‘Zero trust’ alone isn’t the answer as human errors happen. Our holistic approach helps mitigate this.

Recommended : Avanade + Accenture: 2023 Microsoft Global SI Partner of the Year!

WithSecure’s product suite integrates various cloud-native solutions to deliver protection based on specific client requirements. This collaborative process, termed ‘co-security’, is driven by the security and business outcomes defined by the clients. Koskela emphasised the tripartite focus of their solution:

It’s about process, people, and technology. We collaborate to secure the outcomes, letting company directors steer the course of business.

Our WithSecure Elements platform is the cornerstone of our technology, built collaboratively with our clients.

Koskela acknowledged the evolution of the IT industry, from client-server in the ‘90s to hosted services in the 2000s, cloud computing in the 2010s and cloud-native in the 2020s. He underscored the need for a new security approach to match the evolving business environments:

The cloud offers agility, speed, cost-efficiency. But with new technologies come new security considerations.

WithSecure has been proactive, creating solutions for every technological shift – be it firewalling and endpoint protection during the hosted services era, or data security and VPNs for the cloud computing era.

And now, with the rise of cloud-native tech, we’re helping clients to understand and secure their digital perimeter through our offensive security approach.

Recommended : 5 Strategies for Negotiating Airfare Discounts with SAP Concur!

WithSecure Chief Product Officer, Antti Koskela (left), and APAC Regional Director Yong Meng Hong (right)

 

WithSecure Elements Picking Up In APAC

Since its mid-2021 debut, WithSecure’s Elements platform has gained considerable momentum here in Malaysia and the broader Asia-Pacific region. This comprehensive cybersecurity platform has made its mark by providing organisations with a unified solution to their security needs.

Elements equips enterprises with the insight, adaptability, and technology to tackle evolving threats and changing business environments.

Offering unified endpoint protection across devices, clouds and servers, Elements consolidates everything from vulnerability management and collaboration protection to detection and response into one easy-to-navigate security console.

– WithSecure Asia-Pacific Regional Director Yong Meng Hong

Yong further emphasised that the cloud-based Elements platform provides real-time visibility across an entire IT infrastructure, simplifying how enterprises manage their cybersecurity.

Flexible licensing options, including fixed-term subscriptions and usage-based billing, ensure that organizations can tailor their cybersecurity services according to their specific needs.

Elements offers centralised management capabilities, giving IT managers a comprehensive overview of their enterprise’s IT infrastructure, enhancing their reassurance and control.

Today, WithSecure is globally recognised, trusted by a myriad of enterprises to safeguard against cyber threats, while also protecting tens of millions of consumers through over two hundred service providers and telecommunications partners.

For organisations looking to navigate the cloud’s security challenges, WithSecure’s offensive security approach could be just the safeguard they need.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > BusinessCybersecurity | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Malaysia To Ban SMS With Personal Details!

Telcos in Malaysia will soon ban SMS messages with personal information, as part of the MCMC’s initiative to prevent scams! Here is what you need to know!

 

Malaysia To Ban SMS With Personal Details!

On Sunday, 2 July 2023, four Malaysian telcos – Maxis, Celcom, Digital and U Mobile will ban SMS messages containing personal information , as part of the MCMC’s initiative to prevent scams.

In addition to the May ban of SMS links, both local and international users will be prevented from sending any SMS message containing:

  • personal details
  • mobile or fixed line phone number
  • banking details like account number
  • MyKad number

All SMS messages containing these forbidden items will not be blocked, but their senders won’t be charged for those blocked messages.

Read more : Malaysian Telcos Ban SMS Links To Prevent Scams!

 

No Ban For SMS With Personal Details Via Short Codes

It should be noted that this ban on SMS messages with personal details do NOT apply to businesses using legitimate Enterprise short codes. They will still be allowed to issue SMS messages with URLs (links), phone numbers, and personal details.

Here are the current Enterprise short codes for Celcom and DIGI, from which you “may” continue to receive SMS messages with hyperlinks (URLs) and personal information.

Telco Enterprise Short Codes
Celcom CelcomDigi / EASYRELOAD
Celcom / CELCOM
2000 / 2901 / 20000 / 78888
28888 / 28882 / 22288 / 28282 / 22888
2001 / 22002 / 22009 / 21888 / 22022 /
22033 / 22162 / 22244 / 22262 / 22990 /
23000 / 23222 / 23777 / 25000 / 25555 /
26664 / 26668 / 26674 / 26680 / 26699 /
27100 / 27200 / 27999 / 28000 / 29888 /
29992 / 29999 / 39131 / 39140 / 39146 /
39170 / 39172 / 39230 / 39231 / 39240 /
39254 / 39258 / 39281 / 39291 / 39442 /
39466 / 39470 / 39471 / 39496 / 39504 /
39505 / 39506 / 39509 / 39513 / 39514 /
39515 / 39518 / 39881 / 39437 / 39132 /
39133 / 39144 / 39162 / 39177 / 39498 /
39502 / 39511 / 39512 / 39495
Digi CelcomDigi / Digi / DigiRewards
200 / 2901 / 2691 / 5001 / 27676
20000 / 21000 / 28879 / 28888 /
28882 / 22288 / 28282 / 22888

Maxis has 5-digit short codes like 1XXXX, 2XXXX, and 6XXXX, but has chosen to block SMS messages containing personal information from their Enterprise short codes:

In order to prevent individuals from becoming online scam scams, the Malaysia Communication and Multimedia Commission (MCMC) has issued a directive to all telcos on 14 February 2023 to block sending and receiving of short messaging service (SMS) from local, international mobile numbers and applications containing below contents:

  • URL link and any clickable link e.g. shorten URL; shorten URL;
  • Request for user’s personal information e.g name, IC number, account number and
  • Mobile and fixed line number

Blockings are being implemented in stages; started from 2 May 2023 for SMS between individuals; the next and last stage is the blocking of SMS containing the above 3 elements from mobile and applications such as Enterprise SMS service and Maxis IoT SIM from 2 July 2023.

Recommended : Scam Alert : Watch Out For Telegram Phishing Attack!

 

Risky SMS Ban Helpful, But Other Platforms Still A Risk

While this measure is really helpful in reducing scams, the ban is limited to SMS messages. It does not prevent scammers from sending similar scam messages through instant messaging platforms like WhatsApp, Telegram, Facebook Messenger, WeChat, etc.

I should also point out that links are not inherently bad. Links in messages, even SMS messages, are mostly safe.

Perfectly Fine

  • Clicking on a link to read an article / terms and conditions of a promotion
  • Clicking on a link to enrol in a promotion which does not require you to log into any website
  • Clicking on a link to check in for a flight, or get a travel update

However, they can be used to send you to a phishing website which is designed to look like a genuine bank / payment website. Hence, it is critical that you should NEVER log into any website through a link.

NEVER DO THIS

  • Clicking on a link to log into a bank website
  • Clicking on a link to make a purchase or payment
  • Clicking on a link to log into any account / email

Phishing attacks work by tricking you into going into a fake website that looks like the real website. But you still have to log into the fake website to give the scammers your login details.

If you click on a link, and you are asked to login – this is likely a phishing attack. But don’t worry – as long as you refuse to log into any website after clicking on a link, the phishing attack fails.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > CybersecurityMobile | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Wedding Invitation Scam : Don’t Install APK File!

Please watch out for the wedding invitation scam, and find out why you should NEVER install any APK file from strangers!

Find out what’s going on, and warn your family and friends!

 

Wedding Invitation Scam Gone Viral!

A new scam has gone viral on social media in Malaysia – the wedding invitation scam. In this scam, scammers contact their victims on WhatsApp, pretending to send them an APK file as a wedding invitation!

Here is the Malay version of the scam messages, and their English translations.

Dengan rasa kesyukuran, Menjemput Tuan ZAITON OTHMAN Ke Majlis Perkawinan Anak Kami
Sila Klik instal Apk untuk dapatkan kad kahwin digital kami ⬇️⬇️
Sila klik instal nampak kad kahwin digital kami 🙏, agar nak tau Siapa 😀

With gratitude, Inviting Mr. Zaiton Othman to our Son’s Wedding
Please click install Apk to get our digital wedding card ⬇️⬇️
Please click install to see our digital wedding card 🙏, to know who this is 😀

Recommended : How To Block Facebook Ads + Pay Scammers!

 

Wedding Invitation Scam : Don’t Install APK File!

This is yet another example of a Mobile Application Scam, and here are the reasons why…

Fact #1 : APK Is Android Installation File

First, it is important to know that APK files are not used to deliver wedding invitations, or photos and videos.

Short for Android Package Kit, an APK file is used to install software in Android devices. Think of it as the Android equivalent of an EXE installation file for Windows software.

Fact #2 : You Should Never Install APK File, Unless You’re An Expert

APK files, by definition, are merely installation files for Android devices. They can be used for legitimate purposes, as well as nefarious purposes.

However, legitimate Android apps are mostly delivered through proper mobile app platforms like Google Play Store and the HUAWEI App Gallery, where they are often scanned for malware before people are allowed to download and install.

Therefore, you should never download and install an APK file outside of legitimate mobile app platforms, unless you are an expert who needs to “sideload” an APK for a specific reason.

Now, this does not mean that only Android devices are vulnerable. Apple is slated to offer the ability to sideload apps too with iOS 17.

Fact #3 : Scammers Use APK Files To Install Malware

In most, if not all, cases where you receive an APK file from a stranger on WhatsApp, Telegram, through email or social media platforms, it is likely to contain malware.

Scammers use APK files containing malware to gain access to your phone. After you install these malware APK files, scammers can do anything – read your messages, steal your photos and videos, gain access to your TAC / OTP alerts, etc.

Recommended : Can SIM Swap empty bank accounts without warning?!

Fact #4 : APK File Scam Not Limited To Wedding Invitations

These mobile application scams are not just limited to wedding invitations, or offers to deliver illicit photos and videos. Scammers have also convinced their victims to install these APK malware files to :

  • book cheap temporary maid / cleaning services
  • book cheap air-conditioning services
  • book exclusive restaurants
  • receive special discounts
  • make investment transactions

Fact #5 : Scammers Use Social Engineering + Stolen Data

It is important to remember that scammers will use a combination of social engineering and stolen / purchased data to convince you to install their APK malware.

They may know your name, your MyKad number, your address and your telephone number. They may even know who is in your family, and even have your bank account or credit card details. All that information can be purchased from unscrupulous sources.

In some cases, scammers have taken over social media accounts and used them to trick the account holder’s family and friends into installing such APK malware files.

No matter who tells you to do it – even if they are your family member or friend, NEVER download and install an APK file.

Recommended : Scam Alert : How Fake Job Syndicates Operate!

Fact #6 : Bank Negara Malaysia Warned About Mobile App Scam

Bank Negara Malaysia has long warned consumers about such mobile application scams.

Be wary of clickable hyperlinks that redirects you to a site, or downloads an application to your phone. Banks will no longer send you any clickable hyperlinks via SMS!

Only download applications from your smartphone’s official application platforms (e.g. Google Play Store, [Apple] App Store, Huawei App Gallery).

Fact #7 : PDRM Confirmed This Is A Scam

On Monday, 19 June 2023, PDRM Commercial Crimes Investigation Department (CCID) Director Datuk Seri Ramli Mohamed Yoosuf warned the public about this wedding invitation scam:

This new tactic asks for an individual to open the link prepared to receive the wedding invitation. However, that’s the trick to steal information from the public and to make online transfer. The public are advised to avoid getting caught up in any message from questionable sources.

Please help us FIGHT SCAMMERS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | Money | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Jomo Kwame Sundaram Stock Advice Scam Alert!

WATCH OUT for scammers pretending to be Jomo Kwame Sundaram offering stock advice on Facebook!

Find out what’s going on, and warn your family and friends!

 

Jomo Kwame Sundaram Stock Advice Scam Alert!

Scammers are running Facebook advertisements that claim that famed Malaysian economist, Jomo Kwame Sundaram, is created a WhatsApp group offering free stock investment advice!

I am Jomo Kwame Sundaram
A prominent Malaysian economist.
On June 14th, I said in the stock exchange group:
There have been abnormal transactions in the Southeast Asian stock market in the past two days
Indonesian stock market soars on the 15th, with huge volatility
Now the local exchange has access to supervise the stock movement
Next, Malaysia’s stock market will also experience abnormal fluctuations
Please pay attention to: ADVCON, KPSCE, ICON, MBL these stocks
Related stock abnormal information, I will continue to send in the group
If you haven’t joined the stock exchange group
Please join in time, I will share the stock information I have for free
Master stock information and avoid losing money in the stock market

Recommended : How To Block Facebook Ads + Pay Scammers!

 

Jomo Kwame Sundaram Stock Advice Scam : What You Need To Know!

These Jomo Kwame Sundaram stock investment scams are being promoted heavily on Facebook in 2023, so please alert your family and friends!

Fact #1 : Jomo Kwame Sundaram Reported These Fake Ads

These fake Jomo Kwame Sundaram stock advice advertisements have been promoted on Facebook for several months now. On April 15, 2023, Jomo himself posted about this scam:

*Warning Letter from Jomo Kwame Sundaram*

I regret to inform you that someone is impersonating me. They have established an official website in my name, with many old photographs and other material to give this impression.

I am presented as an education and investment consultant, neither of which is true. There is even a contact telephone number for my supposed assistant.

I have reported the impersonation to Facebook and MCMC with no indication of any action so far. This happened several years ago as well when there was an earlier effort of this type.

I have never given investment advice, and have no intention whatsoever of doing so. It is highly irresponsible for anyone to claim they know the future. Whatever I do on economic and other matters is free for the public, and I urge you not to pay money to anyone who claims to be advising you in my name.

As I have been giving lectures in Tsinghua University in the past week, when this problem began, I did not realize how quickly the problem was growing and failed to act more promptly.

Please warn your friends and loved ones.

Thank you for your cooperation.

jomo

Unfortunately, as many people have discovered, Meta / Facebook does not appear to care about these fake ads. You can report them till kingdom come, but they will just keep running on Facebook as long as these scammers pay for them!

Recommended : Can SIM Swap empty bank accounts without warning?!

Fact #2 : Jomo Kwame Sundaram Is A Renown Economist

Jomo Kwame Sundaram is a world-renown economist, who writes extensively on economic policies. However, as he explained above, he is not an investment consultant!

He has better things to do than to offer you free stock investment advice! In May 7, he just published an article called “Inflation phobia, myths and dogma exacerbate policy responses” in the Review of Keynesian Economics.

Fact #3 : One Victim Lost RM480K To Investment Scam!

In November 2022, a 60 year-old housewife from Port Dickson fell for a similar investment scam, and lost almost RM480,000 (about US$104,000).

After being offered the free book on Facebook, she was asked to join a WhatsApp group called Family Discussion, where she was asked to convinced to “invest”.

The WhatsApp group administrator instructed her to download an application called Forza, and open a savings account. She was then asked to deposit money into certain bank accounts, and upload the slips using that Forza app as proof.

The lady withdrew her savings and borrowed from her children and friends to invest RM476,100. However, when she wanted to withdraw the interest paid by the company, her account was blocked. The group administrator told her that she would need to deposit an additional RM427,200 to withdraw the interest.

That was when the lady realised she had been scammed, and lodged a police report.

Please help us FIGHT SCAMMERS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | Money | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Watch Out For The Kinokuniya Free Books Scam!

Is Books Kinokuniya giving away free books on stock investing, to celebrate gaining 3 million fans?!

Find out what’s going on, and warn your family and friends!

 

Watch Out For The Kinokuniya Free Books Scam!

Scammers are running Facebook advertisements that claim Books Kinokuniya is giving away free books on stock investing, to celebrate its 50th anniversary!

Hello everyone, this is Books Kinokuniya, the largest bookstore in Malaysia.
🎉🎉🎉 Signups will soon exceed 3 million. In order to thank our fans for their continuous support, we will send a gift to our fans.
👋Books Kinokuniya store has prepared 1,000 sets of stock books. Free gift to all friends who support Books Kinokuniya.
Please add administrator WhatAPP. And send the mailing address, we will mail the book to you for free.

Hello everyone, this is Books Kinokuniya, the largest bookstore in Malaysia.
🎉🎉🎉 Signups will soon exceed 3 million. In order to thank our fans for their continuous support, we will send a gift to our fans.
Books Kinokuniya has prepared 1,000 sets of books in stock. Free gift for all friends who support Books Kinokuniya.
Please click on the conversation to add assistant Whats and register the mailing address, we will mail the book to the registered address for you free of charge.

Recommended : TNG RFID Bar Code Scanning Scam Debunked!

 

Kinokuniya Free Books Scam : What You Need To Know!

This Kinokuniya free book scam is being promoted heavily on Facebook in May 2023, so please alert your family and friends!

Fact #1 : Kenanga Reported These Pages / Ads As Fake

Books Kinokuniya is aware of these fake advertisements being run by scam Facebook pages, posting this scam alert on May 17, 2023:

⚠️⚠️⚠️
Dear customers,
We have been made aware of several Facebook accounts that are impersonating us about giving out free books. These accounts go by the name Books Kinokuniya Malaysia, but are NOT operated by us and we are not related to these accounts in any way. PLEASE DO NOT RESPOND TO ANY OF THESE, Books Kinokuniya Malaysia DOES NOT communicate with customers directly via Whatsapp or add our customers into Whatsapp group chat.
Follow our official social media accounts and website as follows :
Facebook : Books Kinokuniya Malaysia (https://www.facebook.com/KinokuniyaMalaysia/)
Instagram : Kinokuniyamalaysia (https://www.instagram.com/kinokuniyamalaysia/)
Corporate Site : www.kinokuniya.com.my
Webstore : https://malaysia.kinokuniya.com/
Kinokuniya Malaysia takes this matter seriously and has reported to the relevant authorities on this matter.
If you have any queries, you may email to our Customer Service at mys@kinokuniya.com or call us at 03-21648133

Fact #2 : Books Kinokuniya Is A Business, Not A Charity

Please do NOT be naive. Books Kinokuniya is an investment bank – a business, not a charity. It is not going to give away books just because it has many fans!

Even if it achieved some kind of milestone, it would make sense for Kinokuniya to offer discounts. After all, it’s a corporation whose purpose is to make money, not a charity to give you free books!

Recommended : Can SIM Swap empty bank accounts without warning?!

Fact #3 : Kinokuniya Does Not Use WhatsApp To Communicate

As mentioned in their warning above, Kinokuniya has a Facebook page, an Instagram page, a corporate website as well as a website. What it does not have is a WhatsApp account!

So when scammers message you to collect your “free books” by messaging a WhatsApp number, be warned!

Please add my WhatsApp message, send me your mailing information, and I will mail you stock books for you for free! My WhatsApp: https://xxxx.xx/60113906928

Fact #4 : Kinokuniya Will Not Ask You To Join WhatsApp Groups

Kinokuniya has stated that it will never ask anyone to join a WhatsApp group for any reason, whether it’s for free books.

Kinokuniya is also a bookstore, not a stock broker or an investment firm. It will never offer you free investment advice, stock tips, or help you buy and sell stocks, etc.

Recommended : How To Block Facebook Ads + Pay Scammers!

Fact #5 : One Victim Lost RM480K To A Free Book Scam!

In November 2022, a 60 year-old housewife from Port Dickson fell for a similar “free book” scam, and lost almost RM480,000.

After being offered the free book on Facebook, she was asked to join a WhatsApp group called Family Discussion, where she was asked to convinced to “invest”.

The WhatsApp group administrator instructed her to download an application called Forza, and open a savings account. She was then asked to deposit money into certain bank accounts, and upload the slips using that Forza app as proof.

The lady withdrew her savings and borrowed from her children and friends to invest RM476,100. However, when she wanted to withdraw the interest paid by the company, her account was blocked. The group administrator told her that she would need to deposit an additional RM427,200 to withdraw the interest.

That was when the lady realised she had been scammed, and lodged a police report.

Please help us FIGHT SCAMMERS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | Cybersecurity | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Bursa Malaysia Stock Investment Scam Alert!

Warning – both Datuk Muhamad Umar Swift and Bursa Malaysia are NOT giving out free stock investment advice or books!

Find out what’s going on, and warn your family and friends!

 

Bursa Malaysia Stock Investment Scam Alert!

Scammers are running Facebook advertisements that claim that Datuk Muhamad Umar Swift and/or Bursa Malaysia are giving free investment advice, or free books on stock investing!

Hi everyone, I am Datuk Muhamad Umar Swift
The Chief Executive Officer of Bursa Malaysia Bhd.
Since 2023, the Malaysian stock market has been relatively sluggish🤕🤕🤕
This may be because many stock market investors do not understand stock market trading
I have been blindly following the investment, resulting in a lot of losses
I have also received many letters from investors recently:
Ask if I have improved my trading skills?
Here I recommend a few stock books to everyone!
This can effectively improve your trading skills 💖💖💖
I also prepared 2,000 stock books for everyone📖📖📖
Free gift to Malaysian stock market investors, yes, it’s free!
Please add my assistant’s wapp, she will mail you books for free👇👇👇

Recommended : How To Block Facebook Ads + Pay Scammers!

 

Bursa Malaysia Investment Scam : What You Need To Know!

These Datuk Muhamad Umar Swift and/or Bursa Malaysia free book / investment group scams are being promoted heavily on Facebook in 2023, so please alert your family and friends!

Fact #1 : Bursa Malaysia Reported These Ads As Fake

Bursa Malaysia is aware of these fake advertisements on Facebook, posting this scam alert on May 17, 2023:

[SCAM ALERT] Don’t be fooled by Facebook ads or pages that offer stock advice. Scammers are known to impersonate Bursa Malaysia representatives to lure you into their fake investment schemes. If you have come across ads or pages like this, be sure to report it to Bursa2U along with a screenshot and source link at bursa2u@bursamalaysia.com or call Bursa Malaysia’s Help Centre at +603-2732 0067. Remember to check the Securities Commission Investor Alert List at http://sc.com.my/investor-alert before investing. Contact the National Scam Response Centre hotline 997 if you have been a victim of scam.

[AMARAN SCAM] Jangan terpedaya dengan iklan atau halaman Facebook yang menawarkan nasihat saham. “Scammer” seringkali menyamar sebagai wakil Bursa Malaysia untuk memujuk anda ke dalam skim pelaburan palsu mereka. Jika anda menjumpai iklan atau halaman seperti ini, pastikan anda melaporkannya kepada Bursa2U berserta tangkapan skrin dan sumber pautan ke bursa2u@bursamalaysia.com atau hubungi Pusat Khidmat Bursa Malaysia di talian +603-2732 0067 . Semak Senarai Amaran Pelabur Suruhanjaya Sekuriti di http://sc.com.my/investor-alert sebelum melabur. Hubungi talian hotline Pusat Respons Scam Kebangsaan 997 jika anda menjadi mangsa penipuan.

#StayAlert #ScamAlert #TakNakScam #JanganKenaScam

Fact #2 : Bursa Malaysia Is Not A Charity

Please do NOT be naive. Bursa Malaysia is not only the stock exchange of Malaysia, it is also a public listed company, whose focus is to make money, not a charity to give you free books or advice!

Datuk Muhamad Umar Swift is not only the CEO of Bursa Malaysia Berhad, he is also the director of its subsidiary companies. He certainly has more important (and profitable) things to do than to create a WhatsApp group to answer YOUR questions or advice YOU on what stocks to buy!

Recommended : Can SIM Swap empty bank accounts without warning?!

Fact #3 : Bursa Malaysia Does Not Use WhatsApp To Communicate

Bursa Malaysia offers a multitude of contact options by snail mail, online forms on their Bursa2U portal, email or telephone.

What it does not have is a WhatsApp account. So when scammers message you to collect your “free books” using WhatsApp, or ask you to join the Bursa Malaysia WhatsApp group, be warned!

Datuk Muhamad Umar Swift (fake) : I’m sorry because too many people have privately messaged me, please click to add administrator 👇whatsapp👇, send “PM” to join our company’s free communication group! https://wa.me/6019527xxxx

The real Datuk Muhamad Umar Swift, and Bursa Malaysia, will never ask you to join a WhatsApp group for any reason, whether it’s for investment advice, stock tips, or to buy and sell stocks, etc.

Fact #4 : One Victim Lost RM480K To Investment Scam!

In November 2022, a 60 year-old housewife from Port Dickson fell for a similar “free book” scam, and lost almost RM480,000.

After being offered the free book on Facebook, she was asked to join a WhatsApp group called Family Discussion, where she was asked to convinced to “invest”.

The WhatsApp group administrator instructed her to download an application called Forza, and open a savings account. She was then asked to deposit money into certain bank accounts, and upload the slips using that Forza app as proof.

The lady withdrew her savings and borrowed from her children and friends to invest RM476,100. However, when she wanted to withdraw the interest paid by the company, her account was blocked. The group administrator told her that she would need to deposit an additional RM427,200 to withdraw the interest.

That was when the lady realised she had been scammed, and lodged a police report.

Please help us FIGHT SCAMMERS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | Cybersecurity | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Scam Alert : How Fake Job Syndicates Operate!

Find out how fake job syndicates operate, and how they reel you into their scams, and cheat YOU of your hard-earned money!

Make sure you SHARE this article, to warn your family and friends to avoid the fake job scams!

 

Fake Job Scams : What Are They?

Fake job scams have been around for a long, long time. But fake job syndicates have become more active recently, probably because more people are getting laid off, and inflation is eating into our money.

Fake job scams come in a variety of ways, but most commonly, you get unsolicited messages through WhatsApp or iMessage, offering you the opportunity to make a lot of money through part-time work, in the comfort of your own home.

Good day YouTubers!! This is Alexa from Youtube Entertainment. We invite you to participate in our event by liking and subscribing to our channel and we will give you XXX. Please reply “YES” if you are interested. Thank you.

Hi, I’m the recruitment manager of XYZ company. XYZ invites you to do regular work at home.

You can easily earn [large amounts of money] with your mobile phone every day, and your salary will be settled on the same day.

Please add my WhatsApp to sign up. The number of places is limited, only for today.

Hey! You have been selected for a job. Daily salary XXXX to YYYYY. WhatsApp [number removed]. Reply YES to apply.

Recommended : How To Block Facebook Ads + Pay Scammers!

 

Scam Alert : How Fake Job Syndicates Operate!

I personally have received many of such fake job offers, and have always ignored them. But when I saw a sudden surge of fake job offers, I decided to look into it. I also wanted to find out how they worked.

So I took a dive into two different fake job scams last week, and here was what I found…

How They Reel Their Victims In

It all starts with scammers tasked with “fishing” for victims. They will try to contact you by email, Facebook Messenger, SMS, WhatsApp, Telegram, or iMessage. Regardless of the method, the hook is simple – we are offering you an EASY way to make A LOT of money!

Once you are suitably impressed, these “fishing” scammers will offer you a simple task to show you just how easy it is to make a lot of money. To entice me, the two scammers offered me a pretty good sum of money for a very simple task:

Syndicate A : Subscribe to this YouTube channel, and send me the screenshot to receive XXXX.

Syndicate B : Like this YouTube video, and send me the screenshot to receive YYYY.

Recommended : Watch Out For Telegram Phishing Attack!

The Fishing Scammer Hands You Over To The Syndicate

After you complete that task, the fishing scammer then hands you off to the actual fake job syndicate, ostensibly for payment. You are asked to contact the company secretary / account manager on Telegram, with a “payment code”.

From what I surmise, the “payment code” is actually the fishing scammer’s referral code – they get paid for every victim they send the syndicate.

This will be your last contact with these fishing scammers. They are off to reel in more victims!

Recommended : Must You Disable Facebook Auto-Fill To Block Scams?!

Syndicate Baits You With Payment

The syndicate secretary / account manager will ask you to register your details with them, but they are not too particular with any details, except for your phone number. If you give them the fake number, they will know because they will check with the fishing scammer using their referral code. But feel free to give them other fake details – they won’t care.

The fake job syndicate will then send you the payment for that “test” job, using a mule account. If you ask them why they are sending you the money through a different company account or even a random person’s account, they will tell you that they have many bank accounts because of daily transaction limits.

Syndicate Baits You With Simple Tasks

The syndicate will then add you to their Telegram channel offering multiple tasks per day. Instead of YouTube channels or videos, you are tasked to very simple tasks like:

  • open a link to a product page on an online shopping platform
  • take a screenshot of that product page
  • post that screenshot to the Telegram group
  • share that screenshot with your syndicate agent

You will breeze through the first three tasks easily, and the fake job syndicate will pay you promptly.

Fantastic, isn’t it? What could go wrong? After all, there are hundreds of other people participating in the same tasks, and getting paid!

Recommended : Can SIM Swap empty bank accounts without warning?!

Syndicate Tempts You With Pay To Earn Scam

At this point, you have done some calculations, and realise that you can easily make good money every day doing these simple tasks.

That’s when the fake job syndicate offers you the opportunity to make some serious cash. But there’s one catch – you need to PAY them to get access to jobs with serious money.

For every dollar you prepay, the fake job syndicate promises that you will get that back PLUS 10% to 30%, within minutes. Just in case you are worried about losing your money, hey, they are offering a refund. Honest!

And how can they offer you so much money for so little work? The syndicate throws in the magic word – cryptocurrency! Of course! That’s the only way anyone can make tons of money easily, with both eyes closed!

Recommended : BitiCodes Scam Alert : Fake Celebrity Endorsements!

Syndicate Pressurises You With Bots

To convince you that they are legit, you will see many people posting screenshots of their payments to the Telegram group. They will also publicly announce how much they are investing. In some cases, they also post excitedly about how much money they already made, and how much they plan to make today.

This is just a charade to make you believe that people are really making money through this scheme. Most of these “participants” appear to be bot accounts, with a few sock puppet accounts. If you monitor these accounts over time, you will see them change names. I even spotted one of these fake participants (mercado livre in the screenshot above) become the Telegram group admin!

The genuine victims are those asking questions in the group like “We have to prepay?” But oddly enough, no one else in the group (except the Telegram group admin) will respond. That’s not how real people behave.

And if you check their receipts, you will notice some discrepancies in their receipts, which suggest that they were edited:

  • transfers within the same bank were labelled as transfers “to other banks”.
  • account numbers are too short / long for that particular bank

The others are possibly genuine receipts (by people who were scammed earlier), with their dates and times changed.

Recommended : 2023 Turkey Earthquake : Fake Photos + Scam Alert!

Once You Pay, It’s Game Over

I managed to get in touch with two victims of this scam, who claimed that once they deposited the prepaid amount, they were ghosted and removed from the Telegram group.

So that appears to be the scam – they bait you with a bit of money, until you are convinced that they are real. Then once you prepay them for the “big job”, they dump you right away.

Your assigned syndicate agent will block you, and you will get kicked off the Telegram group, which often disappears after scamming a few victims. Often, you will find your Telegram conversations with them mysteriously deleted. By then, it’s much too late – you have already lost your money.

To ensure they don’t lose money, they will price the introductory offer low enough to entice victims, but high enough to cover their costs and then some. But they will inevitably score some big fish, which is why the fake job scam persists.

Now that you know how the fake job scam works, please DO NOT get trapped into it! NEVER pay to get a job. It is just a scam!

Please SHARE this article out, and WARN your family and friends!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | Cybersecurity | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Gigabyte motherboards shipped with firmware backdoor!

Millions of Gigabyte motherboards and laptops shipped with a built-in backdoor in its UEFI firmware!

Here is what you need to know about this cybersecurity danger, and what you can do about it!

 

Gigabyte Motherboards Shipped With Firmware Backdoor!

On 31 May 2023, researchers at the cybersecurity firm Eclypsium revealed that 271 Gigabyte motherboard models have been compromised with UEFI firmware with a built-in backdoor!

Eclypsium’s heuristic detection methods recently began flagging suspicious backdoor-like behaviour in Gigabyte motherboards. When its researchers looked into it, they found that Gigabyte motherboard firmware was executing a Windows native executable during the system start up process. This executable then insecurely downloads and executes additional payloads.

From their analysis, the executable appears to be a legitimate Gigabyte module called WpbtDxe.efi:

  • it checks to see if the “APP Center Download & Install” feature is enabled
  • it downloads executable payloads from Gigabyte servers
  • it has a Gigabyte cryptographic signature

They also found that the downloaded payloads have Gigabyte cryptographic signatures too, which suggest that this firmware backdoor was implemented by Gigabyte itself.

However, Eclypsium researchers discovered that the Gigabyte implementation had a number of problems, which would make it easy for threat actors to abuse the firmware backdoor:

  • one of its payload download locations lacks SSL (using plain HTTP, instead of the more secure HTTPS), allowing for Machine-in-the-middle (MITM) attacks
  • remote server certificate validation was not implemented correctly even when the other two HTTPS download locations were used, which allows for MITM attacks
  • one of its payload download locations is a local network-attacked storage device (NAS), which could allow a threat actor to spoof the location of the NAS to install their own malware
  • the Gigabyte firmware itself does not verify any cryptographic signatures, or validates the downloaded executables.

In short – millions of Gigabyte motherboards have a cybersecurity vulnerability, due to their firmware which includes an insecure / vulnerable OEM backdoor. As John Loucaides from Eclypsium put it:

If you have one of these machines, you have to worry about the fact that it’s basically grabbing something from the Internet and running it without you being involved, and hasn’t done any of this securely.

The concept of going underneath the end user and taking over their machine doesn’t sit well with most people.

Note : This vulnerability affects all computers using Gigabyte motherboards, including laptops.

 

Gigabyte Rolls Out New Firmware To Mitigate Backdoor!

After the news blew up inconveniently during Computex 2023, Gigabyte quickly rolled out new beta firmware upgrades for its AMD and Intel motherboards.

According to Gigabyte, the new beta firmware upgrades have “improved security mechanisms” that will “detect and prevent malicious activities during the boot process“. It also appeared to have implemented other changes:

  • enhanced the signature verification process for fils downloaded from its remote servers
  • conduct more thorough checks of file integrity to prevent the introduction of malicious code
  • enabled standard cryptographic verification of remote server certificates

The new firmware has just been released for AMD 600-series motherboards, as well as Intel 500- and 400-series motherboards, but will eventually be introduced for older motherboards. The new firmware will have the description, “Addresses Download Assistant Vulnerabilities Reported by Eclypsium Research“.

As Gigabyte does not intend to remove the backdoor feature, you might want to consider Eclypsium’s advice on how best to reduce the risk of malicious actors taking advantage:

  1. Scan and monitor systems and firmware updates in order to detect affected Gigabyte systems and the backdoor-like tools embedded in firmware. Update systems to the latest validated firmware and software in order to address security issues like this one.
  2. Inspect and disable the “APP Center Download & Install” feature in UEFI/BIOS Setup on Gigabyte systems and set a BIOS password to deter malicious changes.
  3. Administrators can also block the following URLs:
    – http://mb.download.gigabyte.com/FileList/Swhttp/LiveUpdate4
    – https://mb.download.gigabyte.com/FileList/Swhttp/LiveUpdate4
    – https://software-nas/Swhttp/LiveUpdate4

For starters, you should definitely download and update your Gigabyte motherboard or laptop with the improved firmware. Then disable APP Center Download & Install in the BIOS.

Let’s hope Gigabyte will be able to quickly issue new and improved firmware to mitigate, if not remove, the backdoor vulnerability for the affected 271 motherboard models, and its future motherboards and laptops. Even so, many users might not be aware of this vulnerability or these updates.

It seems likely that threat actors will have access to this backdoor vulnerability in many Gigabyte motherboards and laptops for years to come. Even Eclypsium’s Loucaides believes so:

I still think this will end up being a fairly pervasive problem on Gigabyte boards for years to come.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Computer | Cybersecurity | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Can Restaurant Menu QR Code Hack Your Phone?!

Did the FBI just warn people to avoid using the restaurant menu QR code, because it can hack your phone?!

Take a look at the viral claim, and find out what the facts really are!

 

Claim : FBI Says Restaurant QR Code Can Hack Your Phone!

People are sharing a Daily Mail article, or screenshots of it, which claims that the FBI just warned people not to use any restaurant menu QR code because it can allow hackers to steal your data!

Here is an excerpt from the Daily Mail article. Feel free to skip to the next section for the facts!

Why you should ALWAYS ask for a physical menu: FBI warns hackers are planting fake QR CODES in restaurants that steal your data when you click the link

  •  Scammers are making fake QR codes to place on top of real ones 
  • This is letting them access smartphones and steal personal data

QR codes have become the new default for accessing restaurant menus across the US post-Covid — but scammers are seizing upon the new practice.

The FBI warns thieves are creating fake QR codes and planting them at eateries, retail shops and even parking meters.

Instead of taking you to an online menu or checkout, the links instantly download malware onto your device, stealing your location and personal information

The FBI has urged consumers to look out for typos or misplaced letters in URLs accessed through QR codes and ask restaurants for a physical menu.

Recommended : MSI Users At Risk Of Rogue BIOS / Firmware Updates!

 

Truth : FBI Did Not Say Restaurant QR Code Can Hack Your Phone!

This appears to be a “misunderstanding” of an actual FBI warning about QR codes. Here is what you need to know about the risks of scanning a QR code for a restaurant menu.

Fact #1 : FBI Issued QR Code Warning In January 2022

I could find no reference to a recent QR code warning by the FBI, and oddly enough, The Daily Mail did not provide a source or link to the FBI warning its article was referring to.

The FBI only released one public service announcement (PSA) about QR codes, and that was Alert Number 1-011822-PSA which was released on January 18, 2022.

If that was the source for the Daily Mail article, then it’s more than a year old, and not recent as the article appears to suggest.

Fact #2 : FBI Warned About General QR Code Risk

The FBI advisory was a general warning about the risks of tampered QR codes. Specifically, it warned about cybercriminals tampering with both digital and physical QR codes.

The FBI is issuing this announcement to raise awareness of malicious Quick Response (QR) codes. Cybercriminals are tampering with QR codes to redirect victims to malicious sites that steal login and financial information.

Cybercriminals tamper with both digital and physical QR codes to replace legitimate codes with malicious codes. A victim scans what they think to be a legitimate code but the tampered code directs victims to a malicious site…

Fact #3 : FBI Advisory Did Not Mention Restaurant / Menu

Interestingly, the entire FBI advisory did not once mention restaurants or menus, and that makes a lot of sense.

It is odd to focus on the risk of using QR codes for online menus in restaurants, when they are used in so many other ways today – from making mobile payments, as mobile tickets, login tokens, etc.

Any security risk involving restaurant menu QR codes would also apply to QR codes used for other purposes. So it really doesn’t make sense for the FBI to “pick on” restaurant menu QR codes.

Recommended : Can Approve New Participant block WhatsApp hackers?!

Fact #4 : QR Code Is Not Malicious In Nature

QR code (which is short for Quick Response code) is not nefarious or malicious in nature. The FB advisory specifically pointed that out – “QR codes are not malicious in nature“.

The QR code is merely a type of two dimensional barcode that was invented in 1994 by the Japanese company, Denso Wave, to track automotive parts. It has since been adopted for other purposes because it is more efficient and can support more than just numbers. For example, Version 40 QR code can contain up to 7,089 numbers or 4,296 characters.

Ultimately, a QR code is nothing more than a series of numbers or characters – data which can be used for a variety of purposes, including providing a link to an online restaurant menu.

Fact #5 : QR Code Can Be Tampered With

It is true that QR codes can be tampered with. In fact, the FBI advisory was issued after Texas police departments discovered fraudulent QR code stickers on parking meters in San Antonio and Austin. Drivers who scanned those fake QR codes were taken to a scam website. instead of the real payment website.

Hence, the FBI issued that warning to remind people to check the URL link to make sure that it is the intended website, and not a phishing page with a similar link. For example, the fake website may use www.quikpay.com when the real website is www.quickpay.com.

To completely avoid this risk, avoid using QR code to access a payment website. Always go directly to the payment website on your smartphone’s web browser by keying in the link yourself. Genuine payment labels with a QR code will often include a direct URL link for you to use as a safer alternative.

Recommended : How To Block Facebook Ads + Pay Scammers!

Fact #6 : Restaurant Menu QR Code Is Low Risk

While scammers can place fraudulent QR codes over genuine ones at restaurants, bars, and other eateries, this is a very unlikely attack vector.

That’s because restaurants often use QR codes to redirect you to an online system to order food and drinks for your table. Imagine if you scan a fraudulent QR code and are asked to key in your credit card details. That would be absurd, and you would surely complain to the waiter since you haven’t even ordered your food!

In most cases, you are not expected to pay at the table using QR code. You either pay using cash / credit card / mobile payment using QR code at the payment counter. Even if that QR code is compromised, the cashier would notice it immediately as any payment made using that QR code would not reflect in the restaurant’s point-of-sale (POS) system.

And payment only occurs after dining – a fraudulent QR code that leads you to a fake website won’t allow you to actually order anything, since it’s not connected to the real restaurant and its ordering system. That’s why this attack vector is highly improbable.

In any case, many restaurants now generate temporary QR codes on disposable paper stubs to avoid this risk. The QR code is only valid for your dining session. The next person to dine at the same table will receive a different QR code.

Fact #7 : QR Code Can Potentially Inject Malware

It is possible for QR code to inject malware into the smartphone that you are using to scan. In fact, there are apps like QRGen that allow scammers / hackers to easily generate malicious QR codes. However, it isn’t quite as simple as the article makes it out to be.

For one thing – malware and exploits are limited to specific operating systems or phone models. For example, an Android exploit / malware won’t work on iPhones. Or an exploit / malware that makes use of an Android 11 vulnerability won’t work on newer / updated Android smartphones since they would have patched the exploit.

Second – any malware will require considerable amounts of code to load. The scammer / hacker will have to use an enormous QR code like the version 40 example below, or it will need to convince you to download and install the malware package itself.

Recommended : Must You Disable Facebook Auto-Fill To Block Scams?!

Genuine restaurant menu QR codes are simple – like the version 1 / version 10 examples above, because they only serve a link to their online menu / ordering system. If you see a large and complex QR code like the version 40 example, avoid scanning it, and ask the restaurant staff to verify its authenticity.

Restaurant menu QR codes would also never ask you to download or install anything. They only serve to load a link to an online menu / ordering system, so if you are asked to download or install anything, do NOT proceed, and notify the restaurant.

These tips also apply to other businesses that use QR codes to show you a menu, discounts, offers, information, etc.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Cybersecurity | MoneyTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Former exec: China has backdoor access to TikTok data!

A former top ByteDance executive is alleging that the China has backdoor access to all TikTok data!

 

Former Exec : China Has Backdoor Access To TikTok Data!

A former top executive at ByteDance – TikTok’s parent company, has just claimed that it built a “backdoor channel” in its code to allow the Chinese Communist Party (CCP) supreme access to user data in TikTok.

This revelation came as part of the lawsuit that Roger Yu Yintao, filed against ByteDance for wrongful termination from his job as head of engineering in the United States. He says he worked there from August 2017 till November 2018.

In his lawsuit filed on May 12 at the San Francisco Superior Court, Roger Yu alleges that he was fired from his job for his “observation and reporting of illegal conduct” at ByteDance to his supervisors.

He said he observed ByteDance being “responsive to the CCP’s requests” to share, elevate, or even remove content”, describing the company as “a useful propaganda tool for the Chinese Communist Party”, and is engaged in a “culture of lawlessness”.

More shockingly, he claimed that the CCP has a special office in ByteDance, sometimes referred to as the “Committee”. Its task was allegedly to monitor ByteDance, and advise it on how to advance “core Communist values”.

He also claimed that the CCP “Committee” can demote content it viewed as unfavourable to China’s interests, and even has a “death switch” to turn off Chinese versions of its apps.

Roger Yu also claimed that he “saw the backdoor channel in the code”. If true, such a backdoor would give China and the CCP government unfettered access to all data in TikTok, no matter where the data is located.

The Committee maintained supreme access to all the company data, even data stored in the United States.

Recommended : MSI Users At Risk Of Rogue BIOS / Firmware Updates!

Roger Yu Yintao (left) and ByteDance founder, Zhang Yiming, at ByteDance, 2015

Allegedly, ByteDance was “aware that if the Chinese government’s backdoor was removed from the international / US version of the app, the Chinese government would, it feared, ban the company’s valuable Chinese-version apps”.

Roger Yu also accused ByteDance of scraping data from its competitors – mainly Instagram and Snapchat, without users’ permission. He claimed that ByteDance used software to “systematically” collect videos from its competitors, and repost them to its own platform using fake accounts, without their creators’ permission.

 

ByteDance Denies Allegations Of Backdoor Access For China

A ByteDance spokesperson has denied the allegations laid out in Roger Yu Jintao’s lawsuit, claiming that he only worked for a short time on an unrelated app called Flipagram, which was discontinued for business reasons.

We plan to vigorously oppose what we believe are baseless claims and allegations in this complaint.

Mr. Yu worked for ByteDance Inc. for less than a year and his employment ended in July 2018.

According to earlier reporting of Roger Yu Yintao’s lawsuit, he realised that ByteDance had been engaged for years in a “worldwide scheme” to steal and profit from content created on other platforms soon after he began his job.

In response to those allegations, the ByteDance spokesperson said that the company is “committed to respecting the intellectual property of other companies, and we acquire data in accordance with industry practices and our global policy.”

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Cybersecurity | BusinessTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!