Tag Archives: cyberattacks

Scam Alert : CIMB Customers Hit By Fake SMS Messages!

Scammers continue to target CIMB customers, using many different kinds of fake SMS messages.

Do NOT click or call if you receive any of these fake SMS messages!

And please warn your family and friends!

 

Scam Alert : CIMB Customers Hit By Fake SMS Messages!

Whether you are a CIMB Bank customer or not, you may receive one of these alarming SMS messages :

RM 0.00 CIMB: Confidential!

Dear CIMB users, your account will TERMINATED on 24/12/20. Verify via http://www.cimbclickikm.cc to keep on using CIMB Clicks services.

Please make verification within 24hours to avoid service interruption.

RM0 CIMB: Instant Transfer RM4998.78 to CHAY LEE FEN/HONG LEONG on 23-Dec-2020, 13:06:35. Call the no. at the back of your card for queries.

If you receive any of these SMS messages, please DO NOT click on the link, or call the number. JUST IGNORE THEM, or delete them.

RM0.00 CIMB: MYR 2968.00 was charged on your card num 4204 at Shopee.MY. If this is not your txn, call 1800-9767 now.

Cimb Your account is judged as high risk by the system, PLS re-verify your account. cimbclicksecurity.com

Note : These scams do not just affect CIMB Bank. In fact, all banks are affected :

 

Why These CIMB SMS Messages Are Fake

Let us show you how to identify these fake CIMB SMS messages.

If you spot any of these warning signs, BACK OFF and DO NOT PROCEED!

Warning Sign #1 : Grammatical Mistakes

If you carefully read the first SMS messages above, you can easily spot numerous grammatical mistakes. A bank will never send such poorly worded messages to their customers.

However, they may copy the real SMS message from CIMB to trick you into thinking that this is a real transaction. Such fake SMS messages will have proper grammar.

Warning Sign #2 : Embedded Links

Banks will NEVER embed links (URLs) into the message. If you see embedded links, always think – SCAM SMS!

Unlike the Public Bank SMS scam, they used a copy of the real SMS message to trick you into clicking the URL in the first message.

Warning Sign #3 : Wrong Links

And always check the link – www.cimbclickikm.cc and cimbclicksecurity.com are not the correct addresses for the CIMB Bank websites (www.cimbclicks.com.my or www.cimb.com.my).

The best policy is to manually key in the bank website address. NEVER click on any link in an SMS, even if it looks legit.

When you see any website with .cc links, be wary because the .CC domains are registered in the Cocos (Keeling) Islands – an Australian territory of only 14 km², with only about 600 inhabitants.

Warning Sign #4 : No Personal Login Phrase / Picture

To avoid phishing attacks, banks now give you a secret response (like a picture or a phrase) to confirm that you are visiting their legitimate website.

If the website you are visiting gives you the wrong picture or secret phrase, you have been tricked into visiting a fake website designed to mimic the real bank website.

You should also remember that the bank website must show you secret picture or phrase right after you enter your login, but BEFORE you key in your password.

If you are asked to key in your password without the website displaying the secret phrase or picture, you have been tricked into visiting a fake website designed to mimic the real bank website.

 

CIMB Advice To Protect Against Fake SMS / Email Scams

Here is a list of DOs and DON’Ts to protect yourself against fake SMS / email scams.

Please DO follow these good practices

  1. Pay attention to your transaction alerts and check your account activities regularly. In case of any unusual activity, please contact us immediately.
  2. If you wish to contact us, ONLY call the number on the back of your card or refer to CIMB website “Contact Us” page.
  3. Always check the URL of the website that you are making purchases from. Ensure  the “lock” icon or “https” appears on the website’s address bar.
  4. Always find a reputable seller on online marketplaces by searching for reviews from other customers to know their experience.
  5. To access CIMB Clicks, type the entire URL as follows: www.cimbclicks.com.my
  6. Always remember to log out once you have completed your banking transactions.

Please DO NOT follow these bad practices

  1. Don’t panic and give personal information to fraudsters impersonating representatives of government agencies etc. even if they deploy fear tactics. Immediately call the number on the back of your card to verify with CIMB.
  2. Never apply for personal financing through unverified links or individuals promising a lower rate. CIMB does not impose any application charges for personal financing applications.
  3. Never take instructions from anyone to change the mobile number in CIMB records to any number other than your own mobile number.
  4. When transacting online, never continue with a purchase if you have any doubts if the seller is not genuine.
  5. Never share details such as your card number / User ID / PIN / password / TAC  with anyone or key them in in any website other than CIMB Clicks.
    (Note: CIMB will never ask for  your ‘User ID’, ‘Password’ or ‘TAC’ under any circumstances outside of CIMB Clicks).
  6. Do not click on links or open email attachments from unknown / unreliable senders / sources.
    (Note: Emails from CIMB will always end with @cimb.com such as cimb.marketing@cimb.com

 

Recommended Reading

Go Back To > Cybersecurity | BusinessHome

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Scam Warning : Public Bank Customers Hit By Fake SMS!

Scammers continue to target Public Bank customers, using many different kinds of fake SMS messages.

Do NOT click or call if you receive any of these fake SMS messages!

 

Public Bank : Fake SMS Scam Warning! Do NOT Click / Call!

Whether you are a Public Bank customer or not, you may receive one of these alarming SMS messages.

Please DO NOT click on the link, or call the number. JUST IGNORE THEM, or delete them.

The safest thing to do is NEVER CLICK ON A LINK in any SMS. If you need to log into your bank account, key in the website address manually.

RM0 PBB/PIBB: Your PBB account will TERMINATED on 02Dec20 01:30:00 AM. Please make verification via http://www.mypbebank.cc to avoid service interruption. Verify now keep on using PBB services.

RM0 Credit Cash out RM3,000 form card ending no 7102 successful on 01 DEC. Information system sending. Call PBB 1800-81-9566 for any query

Warning: Your account is marked as insecure, please click Return PAC immediately to confirm that it is safe to use. (https://pbevip.vip/)

PBe Your account is in a high-risk state PLS log in immediately and return the PAC to protect your account security https://www.pbebanks.top

PBe Warning: Phishing URLs are frequent recently, PLS log in immediately to strengthen account security. 2Mar21 13:14 https://se1.pbevip.top/

PB e Your account is in a high-risk by the system, PLS re-verify your account https://pbbanks.red/ <security reminder is normal>

RM0 PIBB: Thank you for using your card ending 1098@senQ MYR 2899, Pls call 03-56260232 now, if you didn’t use it

RM0 PBB/PIBB: Trx amt MYR2699.00  @LAZADA for card ending 5738. Call PB 1-800-81-2337 now if didn t perform.

PBB: Your account is judged as high risk by the system. PLS re-verify your account https://www.pbebanks.asia/ <security reminder is normal>

PB e Alarm Your banking Suit now is marked as insecure, PLS re-verify your account https://online-pbebank.com <security reminder is normal>

 

Public Bank Fake SMS Scam : What Happens If You Click?

Clicking on the links will often lead you to a phishing website, a fake website designed to look like a Public Bank website.

You will be asked to key in your personal information, including your Public Bank user name and password. DO NOT KEY IN YOUR INFORMATION!

But if you are free and want to help screw these scammers, key in fake information as many times as possible.

Note : These scams do not just affect Public Bank. In fact, all banks are affected :

 

Public Bank : How To Identify Fake SMS Messages

With a little help from Public Bank, let’s show you how to identify fake SMS messages.

If you spot any of these warning signs, BACK OFF and DO NOT PROCEED!

Warning Sign #1 : Grammatical Mistakes

Read the two SMS messages above, and you can easily spot numerous grammatical mistakes. A bank will never send such poorly worded messages to their customers.

Warning Sign #2 : Embedded Links

Banks will NEVER embed links (URLs) into the message. If you see embedded links, always think – SCAM SMS!

Warning Sign #3 : Wrong Links

And always check the link – www.mypbebank.cc is not the correct address for the Public Bank website (www.pbebank.com)

When you see any website with .cc links, be wary because the .CC domains are registered in the Cocos Islands – an Australian territory of only 14 km², with only about 600 inhabitants.

The same goes for generic, top level domains like .TOP, .VIP, .TOP, .RED.ASIA, etc.

Warning Sign #4 : No Personal Login Phrase / Picture

To avoid phishing attacks, banks now give you a secret response (like a picture or a phrase) to confirm that you are visiting their legitimate website.

If the website you are visiting gives you the wrong picture or secret phrase, you have been tricked into visiting a fake website designed to mimic the real bank website.

You should also remember that the bank website must show you secret picture or phrase right after you enter your login, but BEFORE you key in your password.

If you are asked to key in your password without the website displaying the secret phrase or picture, you have been tricked into visiting a fake website designed to mimic the real bank website.

 

Recommended Reading

Go Back To > Cybersecurity | BusinessHome

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

macOS, iOS, iPadOS, Safari CVE-2021-1844 Bug : Fix It Now!

Apple just rushed out macOS Big Sur 11.2.3, iOS 14.4.1, iPadOS 14.4.1 and Safari 14.0.3 to patch a critical security bug.

Find out what they fix, and why you need to update your MacBook, iPhone and iPad right away!

 

Apple Rushes Out macOS, iOS, iPadOS, Safari Critical Bug Fixes!

Released on 8 March 2021, macOS Big Sur 11.2.3 patches only one bug, which may mislead users into thinking that it’s not very important.

WebKit

Available for: macOS Big Sur

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: A memory corruption issue was addressed with improved validation.

CVE-2021-1844: Clément Lecigne of Google’s Threat Analysis Group, Alison Huffman of Microsoft Browser Vulnerability Research

On the same day, Apple also released iOS 14.4.1 and iPadOS 14.4.1 – both patching the same CVE-2021-1844 vulnerability.

WebKit

Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: A memory corruption issue was addressed with improved validation.

CVE-2021-1844: Clément Lecigne of Google’s Threat Analysis Group, Alison Huffman of Microsoft Browser Vulnerability Research

Apple also released Safari 14.0.3, which patches the same vulnerability for macOS Catalina and macOS Mojave :

WebKit

Available for: macOS Catalina and macOS Mojave

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: A memory corruption issue was addressed with improved validation.

CVE-2021-1844: Clément Lecigne of Google’s Threat Analysis Group, Alison Huffman of Microsoft Browser Vulnerability Research

 

Why Install These macOS, iOS, iPadOS, Safari Bug Fixes ASAP?

While they appear to only patch WebKit in macOS Big Sur, iOS, iPadOS and Safari, they are CRITICAL bug fixes that you need to install right away.

They patch the new CVE-2021-1844 vulnerability, which was discovered by Clément Lecigne of Google’s Threat Analysis Group and Alison Huffman of Microsoft Browser Vulnerability Research.

This vulnerability allows a remote attacker to trigger a buffer overflow when the victim opens a specially-crafted web page, allowing the attacker to execute arbitrary code on the target system.

It is not known if this vulnerability has been exploited yet, but it is critical to install the new updates to prevent that from happening.

 

Recommended Reading

Go Back To > Software | CybersecurityHome

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


HUAWEI New Year Gift Scam : Don’t Click Or Share!

Watch out for the HUAWEI New Year Gift scam that’s circulating on WhatsApp!

Do NOT click or share. Just delete it, and WARN YOUR FAMILY AND FRIENDS!

 

HUAWEI New Year Gift Scam : Do NOT Click Or Share!

Scammers are sending out this message on WhatsApp, claiming that HUAWEI is giving away New Year gifts.

Please do NOT click on the message, or share it. Just delete it and warn your family and friends!

 

Why This HUAWEI New Year Gift Offer Is A Scam

Let us show you why this HUAWEI New Year Gift offer (and similar offers) is just a scam.

If you spot any of these warning signs, BACK OFF and DO NOT PROCEED!

Warning Sign #1 : Not Using The Real HUAWEI Domain

A genuine HUAWEI campaign would use the real HUAWEI domain – www.huawei.com.

The use of a different domain (2021-whatsapp3w.bar) should warn you that this is not a legitimate HUAWEI website.

Warning Sign #2 : HUAWEI Does Not Give Away Free Gifts

HUAWEI is a for-profit corporation whose goal is to make money, not give it away.

They are not a charity, and will never give free gifts to celebrate a new year, or anniversary.

They only give free gifts to promote the purchase of their latest products.

Warning Sign #3 : Ridiculous Prizes

While brands may sometimes give away branded swag like a face mask, a t-shirt, or a cap; they will NEVER give away CASH as a prize.

And there is no way they would give away US$5,000 cash prizes. That’s just nuts! It should be cheaper to just give away one of their latest Mate 40 Pro smartphones.

 

Recommended Reading

Go Back To > Cybersecurity | BusinessHome

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Maybank B40 Subsidy Scam : Do NOT Click Or Call!

Watch out for the new Maybank B40 subsidy scam! It is a phishing attack to gain access to your Maybank account!

Do NOT click or call. Just delete it, and WARN YOUR FAMILY AND FRIENDS!

 

Maybank B40 Subsidy Scam : Do NOT Click Or Call!

Scammers are sending out this SMS claiming that Maybank (MBB) will issue the B40 subsidy after you fill in some information.

Please do NOT click on the message, or call the telephone number. Just delete it and warn your family and friends!

 

Why This Maybank B40 Subsidy Offer Is Just A Scam

Let us show you why this Maybank B40 subsidy offer (and similar offers) is just a scam.

If you spot any of these warning signs, BACK OFF and DO NOT PROCEED!

Warning Sign #1 : No Such B40 Subsidy Program

The Malaysian government has not announced any B40 subsidy program.

Neither would Maybank offer free money for the B40. It’s a bank, not a charity.

Warning Sign #2 : Bad Grammar

The bad English grammar should be a warning sign that this is not a legitimate offer.

Warning Sign #3 : Not Using The Real Maybank Domain

A genuine Maybank campaign would use the real Maybank domain – www.maybank.com.my.

The use of a different domain should warn you that this is not a legitimate Maybank website.

In fact, Google Chrome will warn you that this website is a phishing attack – to get your personal and banking information.

Warning Sign #4 : Asking You For Your Information

The banks – whether they are Maybank, Public Bank, CIMB, etc – will NEVER ask you to fill in your personal details.

Think about it – they already have your information because you have an account with them!

Even if there is a legitimate B40 subsidy programme, they only need you to log into your Maybank account. They do NOT need you to register your details again.

These scammers ask you for these details so they can use them in phishing calls, to convince you that they are really from Maybank.

Warning Sign #5 : Asking You For Your Bank Login!!!

This is a BIG warning sign. Banks will NEVER ask you for your user name and password.

If you key in this information, you are basically giving these scammers access to your Maybank account.

They will call or message you and try to get your TAC (Transaction Authorisation Code) number that is sent to your mobile number. DO NOT GIVE THAT TO THEM!

If you sent them your user name and password, please contact the bank immediately, and change your password!

 

Recommended Reading

Go Back To > Cybersecurity | BusinessHome

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Tesco New Year Scam Alert : Do NOT Click / Forward!

Now that the New Year is almost here, the Tesco New Year Scam is going viral on WhatsApp!

Do NOT click on the message if you receive it. Do NOT forward it either!

Just delete it, and WARN YOUR FAMILY AND FRIENDS!

 

Tesco New Year Scam Alert : Do NOT Click / Forward!

People are sharing this Tesco New Year promotion that claims to offer a gift card valued up to RM1000, but it is really nothing more than a SCAM!

Please do NOT click on the message, or forward it to anyone. Just delete it and warn your family and friends!

 

Why This Tesco New Year Offer Is Just A Scam

Let us show you why this Tesco New Year gift card offer (and similar offers) is just a scam.

If you spot any of these warning signs, BACK OFF and DO NOT PROCEED!

Warning Sign #1 : Bad Grammar

Most of these Tesco gift card scams have bad grammar (example #1, example #2), which is a big clue that this isn’t a genuine Tesco offer.

In this example, they capitalised TESCO and use the grammatically incorrect “win up to RM1000 Tesco Gift Card!

Warning Sign #2 : Offering You Free Money Or Gifts

Please do NOT be naive. Nothing is FREE in this world, much less a RM1000 gift card.

Tesco isn’t going to give you FREE money, just because it’s the new year, or their anniversary.

They are a corporation whose business is to make money, not a charity to give you free money.

Warning Sign #3 : Not Using The Real Tesco Domain

A genuine Tesco Malaysia campaign would use the real Tesco Malaysia domain – www.tesco.com.my.

Or they would run it off the official Tesco Malaysia page on Facebook – www.facebook.com/TescoMY.

This scam is using a BlogSpot.com domain – which is not something any genuine company would do.

Warning Sign #4 : Asking You To Forward The Offer

No brand will insist that you must share the offer with 5 groups or 20 friends on WhatsApp.

Do not click to forward their offer to your family and friends. They will not appreciate being scammed with your help!

Warning Sign #5 : Asking You To Download + Register An App

If you click through and joined the fake survey scam, you will eventually be asked to download and register for an app.

That is VERY DANGEROUS. Never agree to download and register for any unknown app from a website.

Always download your apps from an official App Store like Google Play Store (for Android smartphones) and Apple App Store (for iPhones).

 

Recommended Reading

Go Back To > Cybersecurity | BusinessHome

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Antivaxxers Keep Creating Fake Tiffany Dover Death Claims!

Antivaxxers are still creating and spreading fake death claims about Tiffany Dover, while hounding her family and her!

Find out what’s going on, and what YOU can do to help Tiffany Dover and her family!

 

Tiffany Dover : Who Is She? What’s Going On?

Here’s a quick primer for those who have not heard of Tiffany Dover, or what has energised anti-vaccination groups recently.

On 17 December 2020, Tiffany Dover fainted on live TV after getting her Pfizer-BioNTech COVID-19 vaccine, due to vasovagal syncope – a very common condition.

She recovered within minutes, and explained that it wasn’t a surprise because she often faints when she feels pain.

However, antivaxxers pounced on the incident as evidence that the Pfizer BNT162b2 vaccine is dangerous, sharing edited versions of the video to sow fear, doubt and uncertainty about the vaccine.

 

Antivaxxers Keep Creating Fake Tiffany Dover Death Claims!

After her fainting episode was explained and the full video was shared, antivaxxers had to switch gears.

They decided to claim that Tiffany Dover later DIED, after recovering from her fainting spell.

Here are three examples…

Joe Leonard

It looks like rumors of Tiffany Dover’s death are TRUE and it is being covered up.

No activity since her highly publicized public vaccination despite regular use of Instagram. No replies to dozens of questions. Family set their profiles to private.

RIP

Kitty Lynn

OMFG! FAINTING NURSE DIED
Tiffany Dover IS DEAD

I saw that fainting nurse died, so I checked it out!
This death record has to be her! Same town, age, and most importantly, the family listed all show up as her friends on fb!

Shannon Haas

BREAKING There is reports Tiffany Dover is dead. She is the nurse who collapsed on live television when being interviewed about the vaccine. We can’t confirm it, we are trying to collect as much intel as possible.
INTEL WE KNOW
– She is from Tennessee
– She collapsed 15+ minutes after taking the Pfizer vaccine on live television
– Her Instagram account is tiffany_dover_ and she hasn’t posted for 5 days, she generally posts every 2-3 days
– There is social media posts about her death from people who were allegedly connected to her or her family
– There is reports of death threats against her family for sharing the info
– There is reports of censorship
– The debunkers are saying it is all false but are providing very little evidence

Someone even created a fake Tiffany Dover memorial page on Instagram (now removed), saying :

She will always be remembered for her bravery. She was a wonderful nurse. #nurse #bravery #covid_19 #tiffanydover #inmemoryof #hospital #alwaysremember

It gained 1650 followers before Instagram finally shut it down. While it was up, antivaxxers used it to promote the claim that she truly did die after being vaccinated with the Pfizer-BioNTech COVID-19 vaccine.

 

How To Help Tiffany Dover With These Fake Death Claims

Creating and sharing fake death claims about Tiffany Dover isn’t about “having an open mind” or “just investigating the truth” or “exploring the possibilities“.

This is literally cyberbullying!

And it doesn’t even stop with fake death claims. People are also hounding her family and friends, calling them fake or crisis actors.

Help stop this cyberbullying of Tiffany Dover, her family and her friends, by :

  • sharing such fact check articles, including this and this.
  • telling the truth to those who shared with you those fake claims
  • sharing the fact check links as comments on those fake social media posts
  • DO NOT SHARE those fake social media posts

 

Why Tiffany Dover Death Claims Are ALL FAKE!

Fact #1 : Tiffany Dover Is Alive And Well!

According to the NewsChannel 9 ABC crew who recorded the whole event on 17 December 2020, Tiffany Dover quickly recovered, and within minutes, was able to get up and speak with them again.

While antivaxxers are claiming that she subsequently died, those are complete lies. She did NOT die.

Her hospital – CHI Memorial – posted this tweet two days later, confirming that she is well, asking that people give her and her family privacy.

Fact #2 : Tiffany Dover Alive And Well On Video, 4 Days Later!

On 21 December 2020, CHI Memorial followed up with a short video showing that she is alive and well, surrounded by her colleagues.

To prove that it was not filmed before her vaccination and alleged “death”, they held up banners that said, “Nursing Leadership Vaccinated Together, #CHIMemorialStrong” and the date “12-21-20“.

Fact #3 : People Found The Wrong Death Record

Conspiracy theorists and antivaxxers are parading online search results showing her death record.

Many searched Tiffany Dover in the wrong state, because they thought she was a nurse in Alabama. Is it any wonder she got the wrong death record?

Some even assumed that SearchQuarry lists only dead people. It’s actually a search engine for public records in the United States.

With such amazing keyboard investigators, who needs the FBI?

Fact #4 : Tiffany Dover Is Not A Unique Name

As unique as Tiffany Dover surely is as a person, her name isn’t unique.

In the entire US, there are currently 47 Tiffany Dovers, with nine of them in Tennessee. And no, they are NOT CLONES, as some people are alleging.

And they do not include Tiffany Dovers who have actually passed away years or even decades ago.

Fact #5 : People Are Not Obligated To Be Active On Social Media

Skeptics like Shannon Haas claim that she must be dead because “she hasn’t posted for 5 days” even though “she generally posts every 2-3 days“.

First of all, NO ONE is obligated to post anything on social media, much less maintain their activity level.

Secondly, a lack of updates does NOT mean she is dead. Some of us actually have lives, like a real social life outside of social media?

Let’s not forget that she’s a nurse manager in CHI Memorial, which is not only actively treating COVID-19 patients, they are also working to administer the Pfizer COVID-19 vaccine.

So is it really that surprising if she has been too busy to update your stalkers with her latest selfies?

But since you are so “concerned” about her well-being, here’s a photo of Tiffany Dover with her CHI Memorial colleagues on 21 December 2020 :

Fact #6 : Claims Of Reports Are Just Claims, Not Actual Evidence

People like Shannon Haas, Joe Leonard and Kitty Lynn are not true skeptics. They are just too damn lazy to go beyond making unverified claims on social media.

He claimed that there are “reports of death threats against her family for sharing the info” and “reports of censorship“.

But when a friend asked for links for those reports, he could only reply, “Not sure.” I kid you not.

Yet, he had no qualms claiming too that “debunkers are saying it is all false but are providing very little evidence“.

If you see claims like that, WITHOUT EVIDENCE, please treat it the same way you would if someone told you he/she can fly without wings.

With the utmost skepticism : Yeah, sure, bro… sure… preferably with a middle finger.

 

Recommended Reading

Go Back To > Fact Checks | ScienceHome

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Did Alabama Nurse, Tiffany Dover, Die From Pfizer Vaccine?

Antivaxxers are claiming that an Alabama nurse, Tiffany Dover, died on live TV after taking the Pfizer-BioNTech COVID-19 vaccine!

Find out what’s going on, and what the facts really are!

Updated @ 2020-12-25 : Added more fact checks, because antivaxxers continue to post fake claims about Tiffany. It’s Christmas, for crying out loud!

Originally posted @ 2020-12-23

 

Did Alabama Nurse, Tiffany Dover, Die From Pfizer Vaccine?

There are several versions of this story, but they basically boil down to two main storylines :

a) an unnamed Alabama nurse died on live TV after taking the Pfizer-BioNTech COVID-19 vaccine!

COVID 19 -TEST A nurse in Alabama dies directly on the air after taking the Pfizer vaccine for Corona This is clear evidence of the danger of the vaccine, including the toxins and animal genes .. LOOK AT VEDIO CLIP!

b) a Tennessee nurse, Tiffany Dover, died after fainting on live TV (after taking the Pfizer-BioNTech COVID-19 vaccine)

OMFG! FAINTING NURSE DIED
Tiffany Dover IS DEAD

I saw that fainting nurse died, so I checked it out!
This death record has to be her! Same town, age, and most importantly, the family listed all show up as her friends on fb!

So the nurse who took the COVID-19 vaccination on live television is now dead days after being vaccinated..

 

No, Tiffany Dover, Did NOT Die From Pfizer Vaccine!

The short and sweet summary is this – no nurse died after taking the Pfizer vaccine, whether on live TV or otherwise.

For the skeptics who are fond of asking, “How do you know? Were you there?”, here are the facts…

Fact #1 : No Nurse Died On Live TV In Alabama

Despite claims that an unnamed nurse died in Alabama after being injected with the Pfizer COVID-19 vaccine, that is not true.

The claim was shared with the video of Tiffany Dover, a nurse in Tennessee, fainting on live TV after receiving her Pfizer vaccination.

It is likely that antivaxxers intentionally switched the location from Tennessee to Alabama, to mislead those who already knew about Tiffany Dover.

Fact #2 : Tiffany Dover Is Alive And Well!

According to the NewsChannel 9 ABC crew who recorded the whole event on 17 December 2020, Tiffany Dover quickly recovered, and within minutes, was able to get up and speak with them again.

While antivaxxers are claiming that she subsequently died, those are complete lies. She did NOT die.

In fact, her hospital – CHI Memorial – posted this tweet, confirming that she is well, asking that people give her and her family privacy.

Fact #3 : Tiffany Dover Alive And Well On Video, 4 Days Later!

On 21 December 2020, CHI Memorial followed up with a short video showing that she is alive and well, surrounded by her colleagues.

To prove that it was not filmed before her vaccination and alleged “death”, they held up banners that said, “Nursing Leadership Vaccinated Together, #CHIMemorialStrong” and the date “12-21-20“.

Fact #3 : People Found The Wrong Death Record

Conspiracy theorists and antivaxxers are parading online search results showing her death record.

In fact, Kitty Lynn in this example searched for Tiffany Dover in the wrong state – Alabama. Is it any wonder she got the wrong death record?

Note : We intentionally added the HOAX overlay, to prevent it from being misleadingly shared

And this intrepid online investigator discovered that he/she was also listed on searchquarry.com.

Funnily enough, herdsheeple thought that SearchQuarry lists only dead people. It’s actually a search engine for public records in the United States.

With fantastic investigators like herdsheeple and Kitty Lynn, who needs the FBI?

Fact #4 : Tiffany Dover Is Not A Unique Name

As unique as Tiffany Dover surely is as a person, her name isn’t unique.

In the entire US, there are currently 47 Tiffany Dovers, with nine of them in Tennessee. And no, they are NOT CLONES, as some people are alleging.

And they do not include Tiffany Dovers who have actually passed away years or even decades ago.

Fact #5 : No Animal Genes In mRNA Vaccines

Some of these messages include the claim that the Pfizer COVID-19 vaccine contains animal genes, that’s completely false.

There are no genes of any sort in mRNA vaccines, whether they are from Pfizer or Moderna.

The mRNA in these COVID-19 vaccines are merely RNA instructions – coding for the SARS-CoV-2 spike proteins. That’s it.

Recommended : Pfizer + Moderna mRNA Vaccines : How Do They Work?

 

Recommended Reading

Go Back To > Fact Checks | ScienceHome

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Did China Create This Amazing Female Dancing Robot?

Did China create this amazing female dancing robot for a dance show in Shanghai?

Watch the viral video for yourself, and find out what the FACTS really are!

 

Did China Create This Amazing Dancing Robot?

Here is the video that countless people have been sharing on social media and even on YouTube. It is often paired with a short explanation in (broken) English.

Can u believe that this female dancer is robot ? The dance was held in Shanghai n it lasted only 5 minutes but the queue was 4hrs n cost 499 Yuan!

It has surpassed Japan in complexity, and saw its perfect facial expressions. Send this video to everyone to watch, let us enjoy together…

 

Amazing Female Dancing Robot : The Truth

The agility and grace of this female dancing robot, and its facial expressions, are incredible.

The less gullible would point out that it is something you would only expect from a real human being, and they would be right.

Fact #1 : That Is A Video Of A WDSF Competition

That is actually a video clip from the 2018 World Dance Sport Federation Championship in Lithuania.

The initials WDSF (World Dance Sport Federation) can be seen, together with the recording date at the upper left corner of the video.

Fact #2 : The Dance Only Lasted A Minute

The dance in the video only lasted just over a minute, even though the accompanying fake message claimed it lasted for 5 minutes.

Fact #3 : Those Are Lithuanian Dance Champions

Both dancers are very human. In fact, they are Lithuanian dance champions Ieva Zukauskaite (female), and Evaldas Sodeika (male).

Fact #4 : 499 Yuan Was The Entry Price To Shanghai Disneyland

The fake story claimed that the ticket to watch this performance costs 499 Yuan – about US$73 / £55 / RM303. That would be ridiculously exorbitant for a short dance.

In truth, that was “copied” from the two earlier hoaxes (here and here) about robot dancers at the Shanghai Disneyland.

Even that was not accurate, because 499 Yuan was the cost of an entry ticket to the Shanghai Disneyland when it first opened in February 2016.

Since 6 June 2018, it has been priced at 399 Yuan (off-peak), 575 Yuan (peak) and 665 Yuan (peak holiday).

 

Why Would Someone Create This Fake Story?

With China’s aggressive foreign stance in recent years, it is not uncommon to see such fake stories being created and shared.

Some believe it’s part of a concerted attempt to burnish China’s image overseas.

Others believe the many fake stories are being created to drown out the negative coverage of China’s controversial Belt and Road Initiative, and their aggressive moves in the South China Sea.

Whatever the reasons may be, it is our duty as global citizens to stop the proliferation of such fake stories.

Please share this fact check with your friends, so they know the truth!

 

Recommended Reading

Go Back To > Fact Checks | Home

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Are Hackers Using Good Morning Messages To Hack You?

Are hackers using Good Morning videos, pictures and messages to hack your devices, and steal your data?

Find out what is happening, and what the FACTS really are!

 

Claim : Hackers Are Using Good Morning Messages To Hack You!

This post about Chinese hackers using Good Morning videos, pictures and messages to hack your devices, has gone viral on social media and WhatsApp :

Dear friends, please delete all welcome photos and videos in Good Morning format and the like. Read below the article to the end, which will be clear why I ask about it. From now on I will only send personally prepared greetings.

Read it all !!! Send this message urgently to as many friends as you can to stop the invasion.

Olga Nikolaevna Lawyer: Caution:
ATTENTION

For those who like to send Good Morning pictures! Good day! Good evening!

Do not send these “good” messages.

Today, Shanghai China International News sent SOS to all subscribers (this is the third reminder) that experts recommend: please do not send good morning, good night, pictures and videos,.
Reports show that hackers in China designed the images, the video is so beautiful to hide the phishing codes inside them, when everyone sends these messages, the hackers use your devices to steal personal information, such as bank card information and data to crack the phone.

It has been reported that more than 500,000 victims of fraud have already been deceived.

If you want to greet others, write your own message to protect yourself and your family and friends.

Important! Delete all greeting messages and pictures that you have on your phone for your own safety. If someone sent you such a picture, immediately remove it from the device. Malicious code takes time to deploy, so if you act immediately, no harm will be done.

Tell all your friends about this to prevent hacking.

Greet others by writing your own words, and send only images you create. The material you create yourself is completely safe. Please understand me correctly! All have credit cards attached to their phone. Everyone has a lot of contacts in their phones. You will create a threat not only to yourself, but to all the contacts that you have on your phones, your friends and acquaintances.
Take this very carefully! This is a harsh reality

ATTENTION !!!
Urgent information !!!

Some people have already restricted..!

 

Hackers Using Good Morning Messages To Hack You : Just Another Hoax!

Many of get blasted with Good Morning or Good Night messages every day from well-meaning friends and family.

While they are literally spam that clog up Facebook, Telegram and WhatsApp groups, they really do NOT allow hackers to hack your devices.

While it would be nice to see people stop this irritating practice, here are the reasons why Good Morning messages are harmless…

Fact #1 : Shanghai China International News Does Not Exist

The news organisation, Shanghai China International News, that was stated in the hoax does not exist.

Fact #2 : No Reports On Hackers Designing Good Morning Pictures + Videos

There are no reports on hackers from China or anywhere else creating these Good Morning pictures and videos.

In fact, they are mostly created by websites and Facebook pages for people to share, and hopefully attract new followers.

Fact #3 : No Fraud Involving Good Morning Messages

There has been no fraud involving Good Morning or even Good Night messages, videos or pictures.

Certainly, half a million victims of such a scam would have made front page news. Yet there is not a single report on even one case.

Fact #4 : Image-Based Malware Is Possible, But…

Digital steganography is a method by which secret messages and other data can be hidden in digital files, like a photo or a video, or even a music file.

It is also possible to embed malicious code within a Good Morning photo, but it won’t be a full-fledged malware that can execute by itself. At most, it can be used to hide the malware payload from antivirus scanners.

In January 2019, cybercriminals created an online advertisement with a script. The script itself would appear innocuous and pass any check.

However, the image itself has an “almost white” rectangle that is recognised by the script, triggering it to redirect the user to the cybercriminals’ website.

Once there, the victim is tricked into installing a Trojan disguised as an Adobe Flash Player update.

Fact #5 : Malicious Code Executes Immediately

If you accidentally download and trigger malware, it will execute immediately. It won’t wait, as the hoax message claims.

Deleting Good Morning or Good Night photos or videos will free up storage space in your phone, but it won’t prevent any malware from executing.

Also, most malware require some sort of action to trigger their execution. Generally (but not always), just downloading a malware won’t trigger it.

 

Recommended Reading

Go Back To > Cybersecurity | SoftwareHome

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


How Honeywell Is Helping Industries Tackle COVID-19!

Find out how Honeywell has pivoted to deliver new services and products that help critical industries tackle the COVID-19 pandemic!

 

How Honeywell Is Helping Industries Tackle COVID-19

Honeywell have long been a solution partner for critical industries, with over 100 years of global experience in various industries.

In an exclusive roundtable session, Norm L. Gilsdorf, President of Honeywell ASEAN, detailed how the COVID-19 pandemic has created a crisis for critical industries.

On the other hand, it offered Honeywell the opportunity to showcase their expertise in creating new solutions and products to meet the new challenges.

 

Honeywell Products + Services That Help Industries Tackle COVID-19

Honeywell have quickly pivoted to develop these new solutions and products to help critical industries In ASEAN countries and around the world better handle the challenges of the COVID-19 pandemic.

Honeywell UV Treatment System

The Honeywell UV Treatment System is a deep ultraviolet (UVC) sanitising system for airlines that significant reduces certain viruses and bacteria on airplane cabin surfaces.

It is roughly the size of the typical airline beverage cart, with arms that extend over the top of seats, to sweep the cabin with UVC light.

The Honeywell UV Treatment System can service an aircraft cabin in less than 10 minutes for just a few dollars per flight for midsize to large airline fleets.

Currently, several major airlines in the ASEAN region are testing this system on their aircraft.

Honeywell Healthy Building Solutions

The Honeywell Healthy Building Solutions are not new, but they go a long way to help companies protect their workforce from COVID-19.

By integrated air quality, safety and security technologies, they help to improve the health of building environments, operate more cleanly and safely, and help enforce social distancing policies.

The same technologies can also be employed in other public and commercial facilities like hospitals, airports, factories, educational institutions, etc. to enhance safety and compliance.

Honeywell Remote Industrial Solutions

The Honeywell Remote Industrial Solutions are being used by customers to handle COVID-19 related constraints and maintain business continuity, while protecting employees.

This software suite, which includes Experion Remote Operations, allow for remote management as well as work-from-home abilities for employees.

Honeywell Forge Cybersecurity Suite helps customers ensure business continuity in the face of mounting cyber threats, uncertain business conditions and supply chain disruptions.

Warehouse and logistics solutions help drive the exceptional growth of e-commerce in the ASEAN region and beyond, during the pandemic. They also support cold chain services for delivering medical products, including vaccines.

Other Honeywell Solutions That Help Against COVID-19

Other Honeywell solutions that help people and industries handle COVID-19 include :

  • Gas and flow sensors for ventilators, oxygen concentrators and respiratory machines;
  • Thermorebellion, a new temperature monitoring solution that incorporates advanced, infrared imaging technology and artificial intelligence algorithms to conduct non-invasive, preliminary screening of personnel entering facilities such as airports, hospitals and plants;
  • Dual layer face masks, personal safety packs and N95 masks.

 

COVID-19 : How To Keep Safe!

Here are a few simple steps to stay safe :

Recommended : Soap vs Sanitiser : Which Works Better Against COVID-19?
Recommended : Surgical Mask : How To CORRECTLY Wear + Remove!
Recommended : COVID-19 Food Safety : Fruits, Vegetables, Takeouts

 

Recommended Reading

Go Back To > Business | Cybersecurity | Home

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Kaspersky on APAC Digital Reputation Threats!

Vitaly Kamluk, Kaspersky Director of Global Research and Analysis for APAC, explores the impact of social media activities on our digital reputation, as well as those of brands and companies!

 

Digital Reputation : What Is It?

Digital reputation is the online version of good old fashion reputation. The only difference is that it is defined by our online behaviour and what people are saying about us, or the brand.

In short, our digital reputation is a combination of our digital footprint, and the impact it has on how other people perceive us, or the brand.

As the world becomes more connected, digital reputation is becoming more than just important – it is now critical to the future and success of any individual or corporation.

This has led to a shift in how people and brands behave online these days…

As Jesmond Chang, Head of Corporate Communications for Kaspersky APAC, shared above :

  • 32% of social media users in APAC use anonymous accounts
  • 50% of social media users in APAC avoid companies that are involved in a scandal, or had received negative news coverage online
  • 40% also stopped using a company’s or brand’s products once they are embroiled in some kind of online crisis.

 

Kaspersky on APAC Digital Reputation Threats!

At the 6th Vitaly Kamluk, Kaspersky Director of Global Research and Analysis for APAC, shared the latest threats to digital reputation in the APAC region, which is precipitated by the COVID-19 pandemic.

“One of the most visible effect of this pandemic is how it forced everyone, from individuals to the biggest companies, to shift a lot of their activities online.

This dependence, triggered by our need to secure our physical health, also pushed us to increase our social media use, either to connect with our distant loved ones, to give support to our community, to entertain ourselves, or to get hold of products and services that we need.

Parallel to this trend is the opening of wider doors for cybercriminals to exploit”

With many employees working from home, cybercriminals have found new ways to exploit this situation :

  • brute force attacks on database servers increased 23% in April 2020
  • Malicious files planted on websites increase 8% in April 2020
  • Network attacks and phishing emails also rose

Kaspersky themselves reported an increase of unique malware samples from 350,000 per day pre-COVID, to 428,000 per day!

With the increased reliance on online services, including remote work and learning, e-commerce purchases and a greater adoption of e-wallets, the 2020 threat landscape appears to favour cybercriminals.

 

Recommended Reading

Go Back To > Cybersecurity | BusinessHome

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Fact Check : CMCO / PKPB Extended To 31 December 2020?

Was the CMCO / PKPB lockdown extended until 31 December 2020 by Malaysian Prime Minister Muhyiddin Yassin?

Find out what’s going on, and what the FACTS really are!

 

Claim : CMCO / PKPB Extended To 31 December 2020!

The viral claim consisted of a video of Malaysian Prime Minister Muhyiddin Yassin, with the message:

CMCO extended until 31/12

In the video, the Prime Minister appeared to announce that the CMCO / PKPB lockdown would be extended until 31 December 2020.

However, he was not talking about the CMCO / PKPB lockdown… so we placed the FALSE overlay to prevent further abuse.

 

No, CMCO / PKPB Was Not Extended To 31 December 2020

The video does indeed show Malaysian Prime Minister Muhyiddin Yassin announcing the extension of the lockdown to 31 December 2020.

However, this video was recorded much earlier, on 28 August 2020, when he announced the extension of the PKPP / RCMO to 31 December 2020, not PKPB / CMCO.

You can see RMCO (Recovery Movement Control Order) or PKPP (Perintah Kawalan Pergerakan Pemulihan) mentioned in the screenshot below.

The Malaysian Prime Minister is expected to announce an extension of the CMCO / PKPB lockdown later this week.

But the extension is expected to be for an additional 2 weeks – from 7 December until 20 December, not until 31 December 2020.

However, nothing is certain until the official announcement is made.

This is the second fake news about a lockdown extension today, after the PKPD / EMCO extension hoax.

 

RMCO / PKPP vs CMCO / PKPB : What’s The Difference?

Recovery MCO (RMCO or PKPP) is the most lenient form of lockdown during the COVID-19 pandemic, with greater liberalisation of the economy :

  1. Interstate travel is permitted, except to areas under Enhanced MCO (EMCO) or administrative restrictions.
  2. Barbers and hair salons are allowed to reopen, subject to SOP.
  3. Beauty parlours and nail salons are allowed to reopen, subject to SOP.
  4. Museums are allowed to reopen.
  5. Busking (indoor) and filming activities will be allowed.
  6. Meetings and workshops will be allowed.
  7. Morning / evening / night markets are allowed.
  8. Hawker stalls are allowed.
  9. Recreational fishing and commercial fisheries will be allowed.
  10. Gyms and snooker halls will be allowed.
  11. Non-contact sports like bowling, badminton, archery and shooting will be allowed.
  12. Outdoor group sports like kayaking and cycling will be allowed.
  13. Indoor sports like snooker, yoga, aerobics will be allowed.
  14. Malaysia’s borders remain closed, but local tourism will be allowed.
  15. Religious activities, like Hari Raya Aidiladha celebrations, will be allowed, subject to JAKIM’s SOP
  16. Schools will be reopened in stages throughout the RMCO, based on advice from the Ministry of Education.
  17. Places of worship will be allowed to reopen, subject to SOP
  18. Normal business operating hours to resume, with social distancing, hand washingface masks.

The current Conditional MCO (CMCO or PKPB) is less lenient, limiting interstate travel only for work and business purposes only, among other limitations :

  • Only two persons from each household are allowed to go out to purchase food supplies or daily necessities.
  • Only two persons from each household are allowed to dine-in at any restaurant / cafe.
  • No one is allowed to enter or leave the areas under CMCO lockdown.
  • Interstate travel is forbidden, except for work, economic or industrial purposes.
  • Supermarkets, shopping malls and retail stores are allowed, between 6 AM and 12 AM.
  • Restaurants, food stores, food trucks, hawkers, food courts, food stalls, food kiosks, groceries and convenience stores are allowed to open from 6 AM until 12 AM.
  • All public and private schools, institutions of higher learning, vocational training institutes, kindergartens, day care centres, tahfiz centres, public parks and recreation centres must close.
  • All seminars, workshops, courses, training, conferences, lectures and MICE (Meeting, Incentives, Conventions and Exhibitions) are forbidden.
  • All domestic tourism activities that cross into or out of the CMCO areas are forbidden.

For more details, please see Peninsular Malaysia : Official CMCO / PKPB SOP!

 

Recommended Reading

Go Back To > Fact Checks | BusinessHome

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Fact Check : PKPD In Malaysia Extended To 3 January 2021?

The viral infographic claiming that the PKPD for eight states and federal territories in Malaysia was just extended to 3 January 2021 is FALSE.

Take a look at what just went viral on social media, and why it is just fake news!

 

Claim : PKPD in Malaysia Extended To 3 January 2021?

This was the infographic that went viral on social media today, 3 December 2020. We added the FALSE overlay to prevent further abuse.

It claimed that the PKPD (Perintah Kawalan Pergerakan Diperketatkan) or EMCO (Enhanced Movement Control Order) for these eight states and federal territories in Malaysia was just extended to 3 January 2021.

  • Selangor
  • Sabah
  • Labuan
  • Kuala Lumpur
  • Putrajaya
  • Perak
  • Terengganu
  • Pulau Pinang

 

PKPD In Malaysia Extended To 3 January 2021 : FAKE NEWS!

That infographic is fake and was edited from previous infographics released by the Malaysia National Security Council (MKN).

For the Doubting Thomases of the world who always ask, “How you know?”, here are the facts why…

Fact #1 : There Is No PKPD / EMCO Of Any State In Malaysia

There is no PKPD or EMCO covering an entire state or federal territory in Malaysia.

Only PKPB (Perintah Kawalan Pergerakan Bersyarat) or CMCO (Conditional Movement Control Order) exists for these seven states or federal territories :

  • North : Penang, Perak
  • East : Terengganu, Kelantan
  • Central : Selangor, Kuala Lumpur
  • South : Negeri Sembilan

Fact #2 : Labuan Is A Federal Territory

Labuan is always listed as WP Labuan in government infographics, because it is a federal territory, like Kuala Lumpur and Putrajaya.

Fact #3 : The Government Has Debunked It As Fake

The Malaysia National Security Council (MKN) has just publicly debunked the infographic as fake (with our English translation).

INI ADALAH PALSU!! Tak pasti jangan kongsi.

THIS IS FALSE!! Don’t share if not sure.

 

Recommended Reading

Go Back To > Fact Checks | BusinessHome

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Fact Check : Tsunami Waves Hit Second Penang Bridge?

Did giant tsunami waves hit the second Penang bridge – the Sultan Abdul Muadzam Shah Bridge? Find out what the facts really are!

 

Claim : Tsunami Waves Hit Second Penang Bridge At 6PM Yesterday!

A video claiming to show the Second Penang Bridge getting hit by giant tsunami waves, is going viral on social media.

Dramatically, a person appeared to be swept away by a giant wave, and a motorcyclist quickly fled another giant wave! Here is a video mash-up of two examples we found so far…

 

Did Tsunami Waves Hit Second Penang Bridge? Nope!

This is yet another example of fake news spreading like COVID-19 on social media.

The video is genuine, but it does NOT show giant tsunami waves hitting the Second Penang Bridge.

Fact #1 : This Bridge Is Too Small To Be Second Penang Bridge

In the main span, the Second Penang Bridge has a height clearance of 30 metres for ships to pass under. The bulk of the bridge has a much lower 6 metre clearance.

The Second Penang Bridge is also very wide – between 150 and 250 metres, with 4 car lanes and 2 motorcycle lanes.

The bridge in the video appears to be much shorter, with a 4 metre clearance; and much narrower with just 2 lanes.

Fact #2 : No Report Of Any Tsunami Affecting Penang

There has been no earthquakes nearby, or reports of any tsunami affecting Penang.

The waves appear to be approximately 12-15 metres high, and would have been big news. Yet there is no mention of it in the mainstream media? Very sus, no?

Fact #3 : This Is An Old Video

This video went viral earlier in July 2020, when it was posted as evidence of a tsunami hitting a bridge in Alaska after an earthquake there. However, that was false as well.

The earliest we could find was a December 2017 tweet by a CNBC-AWAAZ anchor, Deepali Rana, who claimed that it was a video of the Bandra-Worli Sea Link. That is also false!

Fact #4 : The Video Was Recorded On Minicoy Island

The video was recorded on 23 August 2017, showing giant waves hitting the Eastern Jetty at Minicoy Island (Maliku), in Lakshadweep, India.

Here is a picture of the Eastern Embarkation Jetty, with a surfer for size comparison.

 

Recommended Reading

Go Back To > Fact Checks | Home

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Dell EMC PowerProtect Cyber Recovery for Sheltered Harbor!

Dell EMC PowerProtect Cyber Recovery just received a Sheltered Harbor endorsement!

Find out what this means for financial services organisations looking for a Sheltered Harbor-certified turnkey data vault!

 

Dell EMC PowerProtect Cyber Recovery : Endorsed by Sheltered Harbor!

On 10 November 2020, Dell EMC PowerProtect Cyber Recovery was officially endorsed by Sheltered Harbor – the non-profit initiative to improve the stability and resiliency of the financial sector.

This is the culmination of two years of work between Dell and Sheltered Harbor teams, to develop a solution designed for financial services organisations.

If your organisation is a Sheltered Harbor participant, or eligible to be one, you can now purchase and quickly deploy the Dell EMC PowerProtect Cyber Recovery – a turnkey data vault that meets all of the stringent Sheltered Harbor criteria.

The Dell EMC PowerProtect Cyber Recovery Solution for Sheltered Harbour helps participants achieve compliance with data vaulting standards and certification, and plan for operational resilience and recovery against any cyber attack.

If your organisation is not part of the Sheltered Harbor community, you can still deploy PowerProtect Cyber Recovery to protect your data with the same stringent Sheltered Harbor standards.

 

Dell EMC PowerProtect Cyber Recovery : What Is It?

Dell EMC PowerProtect Cyber Recovery is an on-premise turnkey data vaulting solution that protects customers from all kinds of cyber threats.

Its CyberSense analytics and machine learning capabilities allow customers to monitor data integrity, ensuring the continued quality of their data.

It also comes with forensic tools to let customers discover, diagnose and remediate ongoing attacks.

 

Recommended Reading

Go Back To > Enterprise IT | Cybersecurity | Home

Support Tech ARP!

If you like this review, please support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Lazada RedMart Data Breach : What You Need To Know!

Lazada just admitted that a data breach involving their RedMart customer database that could affect some 1.1 million customers!

Find out what happened, and what it could mean for Lazada and RedMart customers!

 

Lazada RedMart : What Is It?

RedMart is an online grocery platform in Singapore that was founded in August 2011.

Lazada acquired RedMart in November 2016, and started to integrate it into their platform in March 2019.

This March 2019 date is important, because that was when the RedMart database was last updated.

 

Lazada RedMart Data Breach : What Happened?

The Lazada RedMart database was spotted for same in an online forum, amongst many other databases stolen from other e-commerce websites.

In this screenshot, you can see that it claims to have details on 1.1 million Lazada RedMart customers :

  • Email address
  • Password
  • Mailing address
  • Name
  • Phone number
  • Partial credit card information

Picture Credit : CNA

In a statement posted on 30 October 2020, Lazada confirmed the data breach involving their RedMart database.

They assert that only the old RedMart database that was “18 months out of date” when it was last updated in March 2019.

Singapore, 30 October 2020 – Lazada places great importance on protecting your personal information, and we value the trust you have placed with us. On 29 October 2020, as part of our proactive monitoring, our cybersecurity team discovered a data security incident in Singapore, involving a RedMart-only database hosted on a third-party service provider. The customer data hosted on this database is more than 18 months out of date as it was last updated in March 2019.

The customer information that was illegally accessed include the names, phone numbers, emails, addresses, encrypted passwords and partial credit card numbers of RedMart customers. We have taken immediate action to block unauthorised access to the database. This data was used on the previous RedMart app and website, which are no longer in use. Lazada customer data in Southeast Asia is not affected by this incident.

Protecting the data and privacy of our users is of utmost importance to us. Apart from reviewing and fortifying our security infrastructure, we are working very closely with the relevant authorities on this incident and remain committed to providing all necessary support to our users.

We want to be transparent about this incident with all of our customers and reassure you that we are taking it seriously.

They also set their platform to log out all Lazada users, and require them to register a new password.

They are also warning their users to be on the alert for spam mails requesting personal information.

 

Lazada RedMart Data Breach : What’s The Implication?

A Data Breach Is A Data Breach Is A Data Breach

Lazada may claim that the data and privacy of their users are of the utmost importance, but the data breach says otherwise.

They left a database they no longer used since March 2019 on a third-party service provider, and accessible online all this time.

Any half-decent cybersecurity specialist would have told them to take the database offline, unless it was essential to the operation of the website.

Closing The Barn Door After The Horses Have Bolted

Lazada immediately blocked unauthorised access to their RedMart database, but that’s like closing the barn door after the horses have bolted.

Once the data was stolen, all it does is prevent other attackers from stealing the data for themselves.

Lazada Migrated RedMart Users In March 2016

It seems a little disingenuous for Lazada to announce that the data was used in “the previous RedMart app and website, which are no longer in use“.

They appear to have migrated RedMart users to Lazada on 15 March 2016 using the same data that was just stolen.

Unless RedMart users changed their passwords, addresses, phone numbers, email addresses or credit card details AFTER they were migrated to the Lazada platform, they remain exposed by the data breach.

The Data Isn’t Necessarily Outdated

Most of us don’t change our logins and passwords that often. And we often reuse the same login and password combination for different websites.

So it is scant assurance that their RedMart database was last updated in March 2019, even if we take their word that it was more than 18 months out of date.

This data breach exposes all affected RedMart users to the possibility of their other accounts being breached as well.

Only Ex-RedMart Users Affected

The only saving grace we can see here is that it looks like only former RedMart users are affected by this data breach.

That means Lazada users who never registered or used the RedMart app or website are not affected.

 

Lazada RedMart Data Breach : What Can You Do?

If you ever registered for, or used, RedMart before their migration to the Lazada platform in March 2016, we highly recommend that you :

  • change your Lazada password
  • change the password of accounts that use the same password as your Lazada / RedMart account
  • do NOT click on links in emails warning you about this data breach and asking you to change your password
  • do NOT respond to calls or messages warning you about this data breach
  • do NOT respond to requests for personal information

 

Recommended Reading

Go Back To > Cybersecurity | Business | Home

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Fact Check : COVID-19 Warning By Dr. Chong Yit Khang

The COVID-19 warning by Dr. Chong Yit Khang from the Kuala Lumpur Hospital has gone viral for the second time!

Find out if what he warned about the COVID-19 condition in Malaysia is true!

 

COVID-19 Warning By Dr. Chong Yit Khang

This viral warning (pun intended!) by Dr. Chong Yit Khang on the dire state of COVID-19 infections in Malaysia was originally posted in March.

It has gone viral for the second time, after COVID-19 cases started rising rapidly in Malaysia.

Dr. Chong Yit Khang Medical Officer
Kuala Lumpur General Hospital

Malaysia is finally forced into entering a stormy time. As the number of Covid-19 cases increases, all we can do now is to minimize the damage. Malaysia is entering the Delay Phase from the Containment Phase.

During the Containment Phase, medical staff will try to detect a confirmed case from a sea of suspected cases and isolate the patient to prevent the virus from spreading in the local population.

Our quarantine period has failed in a way. On the one hand, it is due to policy failure. On the other hand, the virus is highly contagious. Of course, the self-awareness and quality of the people play a great influence at this stage. Compliment or derogatory, let the history decides.

The government’s Movement Restriction Order falls in the Delay Phase. The government has led the masses to prevent the virus from spreading further. At this time, it is no longer meaningful to find cases and isolate them. The virus has spread to the masses and the existing government hospitals are not capable to provide enough isolation facilities.

We are currently in the blocking period. If everyone follows the instructions to reduce outdoor activities, or the virus will spread further, an increase in cases is inevitable. The virus needs a host to survive, and we pose as a delicious dish in the eyes of the virus.

If people insist on going out during the blocking period to let the virus spreads, then we will very soon enter the Mitigation Phase.

At any stage, the high infection rate of the virus has exceeded the load and expectations of all medical institutions. When the medical institutions cannot handle a sudden surge of patients, we can only leave it in the hands of the Almighty.

As a civil servant with the government’s Ministry of Health, I am honestly telling you that we are already struggling to deal with patients on a day-to-day basis .The economy is not good, more and more patients are being admitted in the government hospitals. Private hospitals do not accept patients with Covid-19.

If there is really an outbreak, we have no ability to rescue you.

It is not that we don’t want to, it is because we can’t.

You will face with the problem of no beds in the hospital, severe shortage of ventilators and insufficient medical resources. If you don’t wake up now and don’t take responsibility of your life seriously, then at least don’t spread it to other innocent people.

There are many ways to die. Please don’t bring others along with you. That’s a mean thing to do.

I would like to ask the people of Malaysia to listen to the medical staff’s request and our mission here is to ensure everyone stays safe and healthy. Let’s work together to solve this pandemic. How about let’s wait after it’s over, then only we come out to celebrate?

Dr. Chong Yit Khang
Medical Officer
Emergency Department, Kuala Lumpur General Hospital

Please copy and share

 

COVID-19 Warning By Dr. Chong Yit Khang : The Truth

After the warning by Dr. Chong Yit Khang went viral on social media, and particularly WhatsApp, the Kuala Lumpur Hospital launched an investigation.

After questioning Dr. Chong Yit Khang, they determined that he did not write the post, and whoever wrote it falsely used his name and position to lend it authority.

He subsequently made a police report about the viral message that was falsely attributed to him.

On 17 August 2020, the Director of the Kuala Lumpur Hospital, Datuk Dr. Heric Corray issued this statement (with  our English translation below) :

MEDIA STATEMENT REGARDING VIRAL ISSUE IN THE WHATSAPP APP REGARDING “PLEASE COPY AND SHARE REGARDING COVID-19

The Kuala Lumpur Hospital would like to refer to a viral news spreading through the WhatsApp application regarding the charges by a Medical Officer called Dr. Chong Yit Khang who issued a statement on the policy and operating issues of the Malaysia Ministry of Health in combating the COVID-19 pandemic.

For your information, the Kuala Lumpur Hospital would like to strongly deny the statement. The Medical Officer was identified and asked to give his feedback on this issue that went viral since March. The investigation found that his name and position was used without his knowledge and the issues in the viral message were false and not written by him. In addition, the Medical Officer made a police report about the message that associated him with the viral issue.

With regards to that, the Kuala Lumpur Hospital would like to request that the public be vigilant and do not spread unverified news or information that can cause panic and anxiety. For accurate and factual information about COVID-19 in Malaysia, please refer to the official source of the Malaysia Ministry of Health (www.moh.gov.my).

On 6 October 2020, the Malaysia Ministry of Health issued another statement about this post when it went viral for the second time.

They added the FAKE and PALSU overlays in red to make sure everyone understood that it’s fake.

 

 

COVID-19 : How To Keep Safe!

Here are a few simple steps to stay safe from COVID-19 :

Recommended : Soap vs Sanitiser : Which Works Better Against COVID-19?
Recommended : Surgical Mask : How To CORRECTLY Wear + Remove!
Recommended : COVID-19 Food Safety : Fruits, Vegetables, Takeouts

 

Recommended Reading

Go Back To > Fact Check | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

VMware vSphere 7 Now Supports AMD SEV-ES Encryption!

VMware just announced that vSphere 7 Update 1 will add support for AMD SEV-ES encryption!

Find out what this means for enterprise security, and the future of AMD EPYC processors!

 

AMD SEV-ES Encryption : What Is It?

SEV-ES, short for Secure Encrypted Virtualization-Encrypted State, is a hardware-accelerated encryption capability in AMD EPYC processors.

Leveraging both the AMD Secure Processor and the AES-128 encryption engine built into every AMD EPYC processor, SEV-ES encrypts all CPU register contents when a virtual machine stops running.

This prevents the leakage of information from the CPU registers to components like the hypervisor. It can even detect malicious modifications to a CPU register state.

 

VMware vSphere 7 Now Supports AMD SEV-ES Encryption!

VMware vSphere 7 Update 1 adds support for both AMD SEV-ES and AMD EPYC processors.

The AMD Secure Processor in the first-generation EPYC processors can handle up to 15 encryption keys.

That increases to more than 500 encryption keys with the second-generation EPYC processors.

ESXi has many layers of isolation within its virtualised infrastructure, but all of that is implemented in software. They still require a level of trust in the hardware, which is where AMD SEV-ES comes in.

A guest operating system that supports SEV can ask the AMD Secure Processor to issue it an encryption key, for full in-memory, in-hardware encryption.

SEV-ES extends that protection to CPU registers, so that the data inside the CPU itself is encrypted. This protects the data from being read or modified when the virtual machine stops running.

Even a compromised hypervisor that accesses the register data cannot make use of it, because it is now encrypted.

Needless to say, adding support for AMD SEV-ES in vSphere 7 will spur the uptake of AMD EPYC processors in the datacenter.

 

Recommended Reading

Go Back To > Enterprise IT | CybersecurityHome

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


How Hackers Attack Healthcare During COVID-19 Pandemic!

Even during the COVID-19 pandemic, hackers have been attacking the healthcare system already buckling under pressure.

Take a look at the first part of a newly-released documentary on how hackers are attacking the healthcare system, and what it means for us and the world!

 

How Hackers Attack Healthcare During COVID-19 Pandemic!

Cybercriminals and state-sponsored hackers do not care that almost a million people have died from COVID-19. In fact, they see the pandemic as an opportunity.

Over the last few months, the creators of this documentary spoke to hospitals, law enforcement agencies, health organisations and research centres across the world, to understand how they are coping with increased cyberattacks and malware.

This particular feature was directed by Didi Mae Hand, and produced by Max Peltz.

 

Hackers Increased Attacks On Healthcare During COVID-19 Pandemic

The documentary reveals a shocking surge in cyberattacks on healthcare systems during the COVID-19 pandemic. The World Health Organisation (WHO), for example, reported a 5X increase in cyberattacks on its systems since March 2020.

State-sponsored hackers are mainly looking for biodata, including research on COVID-19 vaccines. Meanwhile, cybercriminals are capitalising on the fact that hospitals may be more willing than usual to pay a ransom.

For example, the Brno University Hospital, which was responsible for running a big share of COVID-19 testing in the Czech Republic, was held to ransom and forced to shut down its IT network at a critical time.

Fortunately, the surge in cyberattacks was met with an incredible response by the cybersecurity community. Some 3000 cybersecurity volunteers created the CV19 group to provide hospitals and healthcare institutions with free support to protect their systems.

 

Recommended Reading

Go Back To > Cybersecurity | Business | Home

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Scam Alert : Bank Negara Malaysia Scam Email!

Bank Negara Malaysia is warning the public about an email scam using their board member to scam victims of their money!

Find out what this Bank Negara email scam involves, and make sure you WARN your family and friends!

 

Bank Negara Malaysia Email Scam : Watch Out For It!

You may have received this email purporting to be from Chin Suit Fang, a Bank Negara Malaysia board member, and Chairman of the Board Audit Committee.

It warns you that you have just 48 hours to address an outward payment from your bank account (not necessarily RHB), or Bank Negara Malaysia will freeze your account for investigations.

Bank Negara Malaysia confirmed that this is a fake scam email, even though Chin Suit Fang is really on the Board of Directors for BNM, and that’s really her photo.

 

Bank Negara Malaysia Email Scam : Why It’s Fake

For those who want to learn more how to spot such email scams, and specifically why this Bank Negara Malaysia email is a scam, here are the details :

Tip #1 : Check The Email Address

If you check the email address, you will see that it’s from BNM.gov.my@banknegaramalaysia.onmicrosoft.com.

That is not a valid Bank Negara Malaysia email account, which always ends with @bnm.gov.my.

Tip #2 : Do You Really Have That Much Money?

It is impossible for Bank Negara Malaysia to question you over such a large transfer when you don’t have that much money in the bank in the first place!

Tip #3 : Did You Really Transfer That Much Money?

If you really have that much money, did you really transfer so much out?

First thing to do is NOT to respond to the email, or click on any link.

No, the first thing you should do is check your bank account. If there has been no such transfer, the email is evidently false.

Tip #4 : Bank Transfers Are Generally Limited To RM50K A Day

Unless you performed the transfer over-the-counter at the bank, and submitted a Bank Negara Malaysia declaration form, it is simply impossible to transfer more than RM50,000 a day.

Online transfers are limited to just RM50,000 a day, and in some cases, to just RM20,000 a day.

Tip #5 : Bank Negara Malaysia Directors Will Not Email You 

Even if you are in the habit of transferring half a million ringgit to other people (call me please?), Bank Negara Malaysia will not email you to ask you about it.

If they require you to submit documents, you can be assured that it will be by an official letter.

Even if you are a famous personality or a politically significant person, no Bank Negera Malaysia director is going to write you an email.

Do you really think it is the job of a BNM director to write demand letters?

Tip #6 : Why Would They Include Their Personal Picture?

Why on Earth would any person include their personal picture in an official email?

Heck, do YOU even include a picture of yourself in your emails to your family and friends? Of course, not!

The only reason why scammers do this is to trick you into believing that this is really an email from a Bank Negara Malaysia director.

Tip #7 : Look At The Horrendous Grammar

The email isn’t even well-written, with bad grammar and odd capitalisation of various words.

Is this the kind of email a Bank Negara Malaysia director would pen? Seriously?

No, this is the kind of English that is written by someone with a poor command of the English language.

 

Recommended Reading

Go Back To > Fact Checks | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Fact Check : Chinese Robot Dancer @ Shanghai Disneyland!

Does Shanghai Disneyland have an amazing Chinese robot dancer whose technical ability surpasses even the Japanese?

Watch the viral video clip for yourself, and find out what the FACTS really are!

 

Claim : Chinese Robot Dancer @ Shanghai Disneyland!

Here is the video that countless people have been sharing on social media and their microblogs. It is paired with a short explanation in both English and Chinese.

The Classical dancer in this video is not a real living person but a newly constructed robot!

The video, a product of Shanghai Disney, is only a five minutes show but it would take more than four hours queuing up to purchase a ticket which costs 499 yuan per person .

The robot is entirely Chinese made and its technical level has surpassed those of Japan. This video is indeed worthy of watching.

观看上面视频时请留意,古典舞蹈表演者不是你固定思维的女演员,而是一位刚问世的机器人!

这段视频来自上海迪士尼4D影视,观看只有5分钟,但排队却要4小时以上,票价:499元。这是我国自行研制的机器人,

其技术水平已超越日本。现转发微信朋友,先睹为快,与大家一起分享!

Chinese Robot Dancer @ Shanghai Disneyland : The Truth

The agility of the “Shanghai Disneyland robot dancer” in the video which lasts over 4 minutes is amazing.

The less gullible would point out that it is something one would only expect from a professional human dancer, and they would be right.

Fact #1 : That Is A Video Of The 4th CCTV Dance Competition

That is actually a video clip from the 4th CCTV dance competition in 2007.

The so-called robot dancer is actually a professional dancer called Qin Xi, who performed the “Dream of a Spring Girl” dance for that segment of the dance competition.

That’s why her dance is so amazing – no robot made today can match her grace.

Fact #2 : 499 Yuan Was The Entry Price To Shanghai Disneyland

The fake story claimed that the ticket to watch this performance costs 499 Yuan – about US$73 / £55 / RM303. That would be ridiculously exorbitant for a single show.

In truth, that was the cost of an entry ticket to the Shanghai Disneyland when it first opened in February 2016.

Since 6 June 2018, it has been priced at 399 Yuan (off-peak), 575 Yuan (peak) and 665 Yuan (peak holiday).

Fact #3 : Disneyland Does Not Charge Extra To Watch Certain Shows

Anyone who has been to Disneyland knows that the entry fee is pricey. That’s because it covers all rides and shows inside Disneyland.

You only need to pay for food and drinks, and arcade games, like The Frontierland Shootin’ Arcade.

Or if you opt to purchase Disney Fastpasses (Fastpass, FastPass+, MaxPass) to bypass long queues at popular rides or shows.

Otherwise, all rides and shows are free to enjoy once you enter Disneyland.

 

Why Would Someone Create This Fake Story?

With China’s aggressive foreign stance in recent years, it is not uncommon to see such fake stories being created and shared.

Some believe it’s part of a concerted attempt to burnish China’s image overseas.

Others believe the many fake stories are being created to drown out the negative coverage of China’s controversial Belt and Road Initiative, and their aggressive moves in the South China Sea.

Whatever the reasons may be, it is our duty as global citizens to stop the proliferation of such fake stories.

Please share this debunking with your friends, so they know the truth!

 

Recommended Reading

Go Back To > Fact Checks | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Kashi Mining Company : Fake Procurement Scam Alert!

The Kashi Mining Company has come under scrutiny for falsely using the photos of Malaysia’s Director-General of Health, as well as other notable Malaysians.

Find out what they did, and why it is a fake company website being used to scam people of their money!

 

Kashi Mining Company : Fake Company

Malaysia’s Director-General of Health, Tan Sri Dr Noor Hisham Abdullah, publicly announced that Kashi Mining Company has falsely used his picture, listing him as their COO.

It cast a spotlight on Kashi Mining Company, that claims to be an award-winning company based in Labuan, and yet owns 5 gem mines around the world.

Their management team appears to be comprised of respectable-looking Malaysians. However, a closer look will reveal that Kashi Mining Company misappropriated photos of notable Malaysians :

  • Mohamed Lew (CEO) : That is really Mohamad Abdullah, the Senior Deputy Registrar of Universiti Sains Malaysia’s Student Affairs and Alumni Department.
  • Aidan Razif (COO) : That is really Tan Sri Dr Noor Hisham Abdullah, the Malaysia Director-General of Health.
  • Imran Sin (Managing Director) : That is really Alex Ng, Goodyear Malaysia’s Managing Director.
  • Umar Yow (Company Secretary) : That is really KM Liew, Director and Head of IT & Mobile, Samsung Malaysia.

A quick check of their company address and Google location – both slightly different locations in Labuan, showed that the company does not exist, at least at those locations.

 

Kashi Mining Company : Fake Website

The Kashi Mining Company website is not only full of bad grammar and spelling mistakes, the pictures used have also been misappropriated.

The pictures of the mining vehicles and mining operations have all been taken from companies like MEDATECH Engineering Services, MacLean Engineering, and Epiroc.

We added the scam alert overlay to avoid that screenshot from being abused. Needless to say, Kashi Mining Company does not have 250 staff manning 5 gem mines across the world.

A quick WHOIS check of their domain also reveals that this is a relatively new website, with the domain registered only in October 2019 :

Registrar : NAMECHEAP INC
Whois Server: whois.namecheap.com
Status : clientTransferProhibited https://icann.org/epp#clientTransferProhibited

Registered On : 2019-10-18
Expires On : 2020-10-18

Registrant Name : WhoisGuard Protected

IP Address : 104.194.10.93
Hosting Company : HostNowNow.com

Obviously, a genuine award-winning gem mining company would not have such a new website and domain.

In addition, they would not hide their contact details using a protection service like WhoisGuard.

 

Kashi Mining Company : Fake Procurement Scam!

The truth is the Kashi Mining Company does not exist, and their website is part of a fake procurement scam.

Popular in West African countries like Benin, Cameroon, and Nigeria, these scammers offer you a chance to bid on a contract for a large quantity of their products. Gems in this case.

They will offer you extremely good prices on their products, and use fake companies with websites like Kashi Mining Company to trick you into believing that they are genuine.

A different version of the scam flips the narrative – the scammers will offer to purchase large quantities of your products, like machinery.

Whether they offer to sell or purchase, you will be asked to pay some kind of processing fee or legal fees, by government authorities or their lawyers or even transportation companies.

All you need to know is that these are SCAMMERS out to cheat you of your money.

Don’t fall for their tricks. Make sure you WARN your family and friends!

 

Recommended Reading

Go Back To > Internet Fact Checks | BusinessHome

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


HUAWEI 5G Aces GSMA NESAS Security Audit : The Impact?

In a bit of good news after months of bad news, HUAWEI announced that their 5G wireless and core network equipment passed the GSMA NESAS cybersecurity audit!

While that is great news for them, what exactly is the impact on the deployment of HUAWEI 5G equipment globally?

 

HUAWEI 5G Passes GSMA Network Security Assurance Audit!

In a bit of good news after months of bad news, HUAWEI announced that their 5G wireless and core network equipment passed the GSMA Network Equipment Security Assurance Scheme (NESAS) audit!

  • 5G RAN gNodeB
  • 5G Core UDG, UDM, UNC, UPCF
  • LTE eNodeB

Here is a summary of the twenty NESAS assessment categories and the compliance levels of the HUAWEI 5G equipment that were tested :

Prior to passing the GSMA NESAS audit, these HUAWEI 5G equipment also passed the 5G cybersecurity test by China’s IMT-2020 (5G) Promotion Group, using test specifications based on 3GPP International standards for 5G security assurance.

 

HUAWEI 5G Faces Political, Not Technical, Pressures

Passing the GSMA NESAS audit will help assuage the cybersecurity concerns of nations planning, or already implementing HUAWEI 5G network equipment.

However, HUAWEI faces political, not technical, pressures with their 5G network equipment.

The 100% compliance score in the NESAS audit will not change minds in the US, and their Five Eyes partners are unlikely to consider HUAWEI 5G equipment.

That said, passing this audit will nevertheless strengthen HUAWEI’s shield against claims that their 5G equipment pose much greater cybersecurity risks than competing platforms.

It will help them win additional contracts in smaller countries whose concerns are far less about cybersecurity and privacy, and more with costs.

 

GSMA Network Security Assurance Scheme (NESAS)

The GSMA Network Equipment Security Assurance Scheme (NESAS) audit is a standardised cybersecurity assessment mechanism, jointly defined by GSMA (GSM Association) and 3GPP, together with regulators, industry partners, major global operators, and vendors.

This is a voluntary program which network equipment vendors can subject their product development and lifecycle processes to a comprehensive and independent security audit.

The GSMA NESAS covers 20 assessment categories, defining security requirements with an assessment framework for 5G product development and product lifecycle processes. It also uses security test cases by 3GPP to assess the security of network equipment.

 

Recommended Reading

Go Back To > Business | Cybersecurity | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Mac Camera Cover Guide : Why Apple Is Wrong!

Apple recently advised everyone not to cover the camera of their Mac laptops, and rely instead on the camera indicator light.

Find out why Apple is WRONG, and why you need to physically cover your Mac computer’s camera!

 

Mac Camera Cover : What Is It For?

Cybersecurity specialists have long advocated covering the built-in camera of your computers, not just MacBook laptops or Mac desktops, with a camera cover of some sort.

This prevents hackers from taking over that camera, and secretly recording you. This has implications beyond just recording your embarrassing moments for blackmail.

With access to your laptop camera, hackers can determine when you are away from home, who lives at your home, who you are working with, and even where you currently are.

 

Apple : Don’t Use A Camera Cover For Your Mac

In their recent HT211148 tech advisory, they asked Mac laptop (MacBook, MacBook Air, MacBook Pro) users not to use any camera cover.

Recommended : Warning : Using A Camera Cover Can Damage Your MacBook!

Instead, they recommended that you use these two built-in features for your privacy :

A. The Green Camera Indicator Light

Apple points out that your Mac computer has a camera indicator light that glows green whenever the camera is active.

They also claimed that the camera is designed not to activate unless its indicator light is also turned on.

B. The Camera Access Control

As an additional measure built into macOS Mojave or later, you must give an app permission before it can use your Mac computer’s camera.

To view which apps has access to your Mac computer’s camera, and to revoke any app’s access :

  1. On your Mac, choose Apple menu  > System Preferences, click Security & Privacy, then click Privacy.
  2. Select Camera.
  3. Select the tickbox next to an app to allow it to access your camera.Deselect the tickbox to turn off access for that app.If you turn off access for an app, you’re asked to turn it on again the next time that app tries to use your camera.

 

Why Apple Is Wrong, And You Need To Cover Your Mac Camera!

Apple fans may hate us for this, but they are wrong. You must physically cover your Mac computer’s camera to protect yourself.

Hackers Always Disable The Indicator Light

Mac computers are not the only ones to feature an indicator light for their built-in cameras. Most computers with a built-in webcam have such an indicator light.

It is, therefore, SOP for hackers to disable the indicator light after gaining control of the camera. Camfecting attacks won’t work if you are aware that the camera is turned on…

Apple asserts that the camera and its indicator light on Mac computers are wired in series, so the camera won’t work if the indicator light is turned off.

However, a 2013 Johns Hopkins University paper showed how it was possible to disable the indicator light of a Mac computer’s webcam, even though the camera module had a “hardware interlock”.

This isn’t just an obscure research subject. The FBI has the capability to covertly activate a computer’s camera without triggering the indicator light, according to Marcus Thomas, the former assistant director of FBI’s Operational Technology Division.

The only ways to prevent such attacks would be to either turn off your computer, or physically cover the camera.

Hackers Won’t Ask You For Permission

Security researcher Ryan Pickren showed in April 2020 how seven flaws in Apple Safari can let malicious websites hijack your camera and microphone to spy on you.

All you have to do is click on a link, and it lets the malicious website gain access to your webcam without asking for permission.

So much for the Mac Camera Access Control feature…

You May Not Notice The Light

Even if the camera indicator light is not disabled, it doesn’t mean you will immediately realise when the light turns on.

By the time you realise the green light is actually glowing, it may already be too late.

This is partly because it emits a steady glow, and doesn’t blink. Of course, a blinking light is bloody irritating, but we are more likely to notice it than a static green glow.

The only way to prevent that is to physically cover the camera.

Hackers Can Turn On Sleeping Or Hibernating Computers

Don’t assume that just because your Mac computer is sleeping or hibernating, hackers cannot access its camera.

They can potentially wake your computer, turn on the camera and record from it, with the indicator light turned off.

Security researcher Pedro Vilaça showed in 2015 how it was possible to remotely “root” and take over a Mac computer after it wakes up from sleep mode of 30 seconds or longer.

Irrespective of the method used, once hackers gain control of your computer, they can turn on its Wake On LAN (WOL) feature to remotely wake up your computer, like what the Ryuk ransomware does.

The only way to prevent that is to turn off your computer, or physically cover the camera.

Cybercriminals Can Trick You With A Fake Blackmail

Even if cybercriminals are unable to access your camera, they can still trick you into believing they somehow took compromising photos or videos from it.

They send out thousands of spam emails every day to trick people into believing they have been caught on camera.

People who don’t use a camera cover can be convinced into believing that their webcams were somehow compromised, and tricked into paying up to avoid exposure.

The only way to prevent that is to physically cover the camera.

 

The Best Way To Cover Your Mac Computer Camera

While we strongly advise you to cover your Mac computer camera, that does not mean you should risk damaging your display.

Laptop Computers (MacBook, MacBook Air, MacBook Pro)

According to Apple, we should not use any camera cover that is more than 0.1 mm thick. That basically rules out any camera cover, because it is impossible to make one that thin.

They also advise again using anything that leaves an adhesive residue. So that means cellophane tape (Scotch tape) and packaging tape should be avoided.

So here are the best options for you to consider, based on your requirements :

  1. If you don’t intend to use the camera at all
    a) Use your laptop in clamshell mode, with a separate monitor, keyboard and mouse
    b) Cover the camera with masking tape, which is gentle and leaves no residue
  2. If you plan to use the camera
    – Cut a small piece of sticky note, so that there is an adhesive part and a non-adhesive part.
    – Alternatively, cut a piece of masking tape, and fold part of it to create a non-adhesive portion.
    – Cover the camera with the adhesive part
    – You can then use the non-adhesive portion to pull it off whenever you need to use the camera

Desktop Computers (iMac, iMac Pro)

Desktop computers like the iMac or iMac Pro don’t have to worry about damaging their displays with camera covers of any thickness.

We therefore recommend using a proper camera cover that slides to let you use the camera whenever you want to, and physically cover it whenever you don’t.

Just make sure the camera cover does not use excessively strong adhesive, or leaves a residue that will require using solvent to remove, which could damage the display coating!

 

Recommended Reading

Go Back To > Computer | Cybersecurity | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


INTERPOL : Alarming Rate Of COVID-19 Cyberattacks!

According to INTERPOL, cybercriminals are taking advantage of the COVID-19 pandemic, boosting cyberattacks at an alarming pace.

Learn more about their key findings, and what they are projecting will happen in the near future!

 

COVID-19 Pandemic : New Opportunities For Cyberattacks!

The COVID-19 pandemic has forced organisations and businesses to rapidly deploy remote work systems and networks to support staff working from home

Cybercriminals are taking advantage of these new COVID-19 work-from-home normals, targeting staff of major corporations, governments and critical infrastructure to steal data and generate profits.

Online Scams + Phishing

 Threat actors have revised their usual online scams and phishing schemes. By deploying COVID-19 themed phishing emails, often impersonating government and health authorities, cybercriminals entice victims into providing their personal data and downloading malicious content.

Around two-thirds of member countries which responded to the global cybercrime survey reported a significant use of COVID-19 themes for phishing and online fraud since the outbreak.

Ransomware + DDoS

Cybercriminals are increasingly using disruptive malware against critical infrastructure and healthcare institutions, due to the potential for high impact and financial benefit.

In the first two weeks of April 2020, there was a spike in ransomware attacks by multiple threat groups which had been relatively dormant for the past few months.

Law enforcement investigations show the majority of attackers estimated quite accurately the maximum amount of ransom they could demand from targeted organisations.

Data Harvesting Malware

Taking advantage of the increased demand for medical supplies and information on COVID-19, there has been a significant increase of cybercriminals registering domain names containing keywords, such as “coronavirus” or “COVID”. These fraudulent websites underpin a wide variety of malicious activities including C2 servers, malware deployment and phishing.

From February to March 2020, a 569 per cent growth in malicious registrations, including malware and phishing and a 788 per cent growth in high-risk registrations were detected and reported to INTERPOL by a private sector partner.

Misinformation

An increasing amount of misinformation and fake news is spreading rapidly among the public. Unverified information, inadequately understood threats, and conspiracy theories have contributed to anxiety in communities and in some cases facilitated the execution of cyberattacks.

Nearly 30 per cent of countries which responded to the global cybercrime survey confirmed the circulation of false information related to COVID-19. Within a one-month period, one country reported 290 postings with the majority containing concealed malware. There are also reports of misinformation being linked to the illegal trade of fraudulent medical commodities.

Other cases of misinformation involved scams via mobile text-messages containing ‘too good to be true’ offers such as free food, special benefits, or large discounts in supermarkets. 

 

INTERPOL : Projection Of Future COVID-19 Cyberattacks

Here are INTERPOL’s projection of future COVID-19 cyberattacks :

  • A further increase in cybercrime is highly likely in the near future. Vulnerabilities related to working from home and the potential for increased financial benefit will see cybercriminals continue to ramp up their activities and develop more advanced and sophisticated modi operandi.
  • Threat actors are likely to continue proliferating coronavirus-themed online scams and phishing campaigns to leverage public concern about the pandemic.
  • Business Email Compromise schemes will also likely surge due to the economic downturn and shift in the business landscape, generating new opportunities for criminal activities.
  • When a COVID-19 vaccination is available, it is highly probable that there will be another spike in phishing related to these medical products as well as network intrusion and cyberattacks to steal data.

 

Recommended Reading

Go Back To > CybersecurityEnterprise + Business | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Fact Check : Morgue Employee Cremated By Mistake?

Did a morgue in Michigan accidentally cremate their worker who feel asleep?

Find out what has just gone viral, and what the FACTS really are!

 

Claim : Napping Morgue Employee Cremated By Mistake!

People are sharing this shocking bit of news about an unfortunate morgue employee who got accidentally cremated after falling asleep on the job!

An employee of a Roseville, Michigan Funeral Home & Cremation Service died this morning, after being accidentally cremated by one of his coworkers.

According to the Police, 48-year old Paul Houston decided to take a nap one a stretcher after working for sixteen hours straight.

While he was sleeping, another employee mistook him for the corpse of a 52-year old car accident victim and carried him to the crematory.

Before anyone could notice the mistake, he had already been exposed to temperatures ranging between 1400 to 1800 degrees Fahrenheit and reduced to ashes.

Jenna Anderson, one of Mr Houston’s coworkers, says she heard him scream for about 15 seconds after the crematory was activated.

“At first, we didn’t understand where the sound was coming from. When we realized what was happening, it was too late. We shut down the heating system, but he was already dead.”

Ms. Anderson claims that the young coworker who caused the accident was a new employee, and had forgotten to check for the toe tag to make sure he had the right body.

Jenna Anderson says she heard the victim scream in agony as the crematory was reducing him to ashes.
The police has opened an investigation to determine the exact circumstances surrounding Mr Houston’s death.

Investigators have not ruled out the possibility of filing criminal charges against the employee who caused his death.

The young man could possibly be accused of criminal negligence causing death.

This one, which was apparently posted by ABC News, seems to validate the other stories about the unfortunate morgue employee…

 

Our Verdict : Fake Story By Satire Websites

For those who just want a simple Yes or No answer, this is yet another FAKE STORY by satire (fake story) websites.

Help stop the creation of such fake stories by BOYCOTTING fake story websites like Weekly Inquirer, news24, The Daily Star, Trendolizer, etc. DO NOT SHARE THEIR STORIES!

For the details why this is fake, please continue below….

 

Morgue Employee Cremated By Mistake : Hoax Debunked!

Okay, let’s start with why this is fake news, and move on to what the facts are…

Fact #1 : They Are Posted By Satire Websites

Websites like Weekly Inquirer, Trendolizer and news24 (The Daily Star) call themselves satire websites, but they are really nothing more than websites that copy and paste FAKE STORIES for the clicks.

They try their best to post shocking stories as if they are true, and doing their very best to conceal that the stories are not true. Most of them have only a tiny disclaimer at the bottom of every page, which we have to blow up to show you :

They also buried the nature of their websites in their privacy policy, hiding in the mess of disclaimers that :

Information contained in this website is for information and entertainment purposes only.

Fact #2 : That’s Not The Real ABC Website

What’s truly egregious is ABCNews-US.com, which is nothing more than a fake news website that tries to pass itself off as the real ABC News website – ABC.com.

The only reason they do this? To trick you into sharing their fake news, so that they get more page views.

Fact #3 : That’s The Hickory Hill Funeral Home

The picture they used is of the Hickory Hill Funeral Home in Fox Meadows, Tennessee.

That morgue gained notoriety in May 2016 after WREG exposed how the owner did not have an embalmer’s licence and abandoned two bodies inside after he closed down the business.

Fact #4 : The Story Isn’t Even Logical

Never mind the bad grammar and bad spelling peppering the story, the story has more holes than Swiss cheese.

  1. Even the most tired person would wake up if someone wheels the stretcher, and definitely when he’s being lifted and placed into a casket.
  2. Even the stupidest of morgue employees can see that their sleeping coworker is dressed differently, possibly even in a uniform?
  3. No one gets cremated on a stretcher. The dead body is first placed in a casket before being cremated.
  4. The cremation process takes a long time – about 1-2 hours – to reduce a body into ashes. Yet the story claimed that he was reduced to ashes even though they turned it off, after they heard him scream?

Fact #5 : It’s The Michigan Version Of The New York Cremation Hoax!

This story is nothing more than the Michigan version of the New York cremation hoax, which was posted to coincide with the height of the COVID-19 pandemic in New York City.

That fake story naturally went viral, and probably made satire websites a lot of money…

 

Recommended Reading

Go Back To > Cybersecurity + Fact Checks | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Phone Hack Fact Check : Argentina Is Doing It?

Warnings about a new phone hack called Argentina Is Doing It are circulating on social media.

Find out what the Argentina Is Doing It phone hack is all about, and if it’s really true!

 

Argentina Is Doing It : A Video Phone Hack?

Messages about this new phone hack, called Argentina Is Doing It, started circulating today on WhatsApp and Twitter :

Just a heads up….They are going to start circulating a video on WhatsApp that shows how the Covid19 curve is flattening in Argentina. The file is called “Argentina is doing it”, do not open it or see it, it hacks your phone in 10 seconds and it cannot be stopped in any way. Pass the information on to your family and friends.

Now they also said it on CNN

Hackers are going to start circulating a video on WhatsApp that shows how the Covid19 curve is flattening in Argentina. The file is called “Argentina is doing it”, do not open it or see it, it hacks your phone in 10 seconds and it cannot be stopped in any way. Pass the information on to your family and friends.

Now they also said it on CNN

There is a video circulating WhatsApp that shows how the Covid19 curve is flattening in Argentina. The file is called “Argentina is doing it”, do NOT open it or see it, it hacks your phone in 10 seconds and it cannot be stopped in any way. RT!!

 

Argentina Is Doing It Phone Hack : Complete Bullshit

As you may surmise from the HOAX overlay we placed on the screenshots, there is no such phone hack that uses a COVID-19 video called Argentina Is Doing It. Here are the reasons why…

Reason #1 : There Is No Such Video

There is no COVID-19 video called Argentina Is Doing It. It simply does not exist.

Reason #2 : Argentina Is Far From Flattening The Curve

And such a video on Argentina flattening the curve is unlikely to be created for some time to come, because Argentina is FAR from flattening the curve.

As this graph shows, the number of new cases are increasing weekly. On 16 July, over 3600 new cases were detected, bringing the total of COVID-19 cases to just under 115,000.

Reason #3 : The Story Is Illogical

Consider this for a second – how would anyone know what hackers are planning to do? Or what they are calling it?

If hackers actually created such a malware, they would have released it. Why wait?

Reason #4 : A Video Cannot Hack Your Phone Just Like That

While not completely impossible, it would be impossible for a video to hack phones that easily.

It is plausible for a video to be created to exploit a bug in a specific video player or operating system, just like how the Android wallpaper malware worked.

Such a malware would only be able to attack specific operating systems (Android or iOS), or a specific media player. It cannot just work on every phone – that only happens in movies.

Reason #5 : CNN Never Reported On Such A Video

While the hoax claims that CNN reported on this video, they did no such thing. There is no CNN report on a phone hack using a video called Argentina Is Doing It.

The most recent post on CNN about Argentina’s COVID-19 situation was a report on 26 June 2020, about the reimposition of the Buenos Aires lockdown, due to accelerated COVID-19 spread.

 

Recommended Reading

Go Back To > CybersecurityMobile | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Google Cloud Confidential VM With 2nd Gen AMD EPYC!

Google recently introduced Confidential Computing, with Confidential VM as the first product, and it’s powered by 2nd Gen AMD EPYC!

Here’s an overview of Confidential Computing and Confidential VM, and how they leverage the 2nd Gen AMD EPYC processor!

 

Google Cloud Confidential Computing : What Is It?

Google Cloud encrypts customer data while it’s “at-rest” and “in-transit“. But that data must be decrypted because it can be processed.

Confidential Computing addresses that problem by encrypting data in-use – while it’s being processed. This ensures that data is kept encrypted while in memory and outside the CPU.

 

Google Cloud Confidential VM, Powered By 2nd Gen AMD EPYC

The first product that Google is unveiling under its Confidential Computing portfolio is Confidential VM, now in beta.

Confidential VM basically adds memory encryption to the existing suite of isolation and sandboxing techniques Google Cloud uses to keep their virtual machines secure and isolated.

This will help customers, especially those in regulated industries, to better protect sensitive data by further isolating their workloads in the cloud.

Google Cloud Confidential VM : Key Features

Powered By 2nd Gen AMD EPYC

Google Cloud Confidential VM runs on N2D series virtual machines powered by the 2nd Gen AMD EPYC processors.

It leverages the Secure Encrypted Virtualisation (SEV) feature in 2nd Gen AMD EPYC processors to keep VM memory encrypted with a dedicated per-VM instance key.

These keys are generated and managed by the AMD Secure Processor inside the EPYC processor, during VM creation and reside only inside the VM – making them inaccessible to Google, or any other virtual machines running on the host.

Your data will stay encrypted while it’s being used, indexed, queried, or trained on. Encryption keys are generated in hardware, per virtual machine and are not exportable.

Confidential VM Performance

Google Cloud worked together with the AMD Cloud Solution team to minimise the performance impact of memory encryption on workloads.

They added support for new OSS drivers (name and gvnic) to handle storage traffic and network traffic with higher throughput than older protocols, thus ensuring that Confidential VM will perform almost as fast as non-confidential VM.

Easy Transition

According to Google, transitioning to Confidential VM is easy – all Google Cloud Platform (GCP) workloads can readily run as a Confidential VM whenever you want to.

Available OS Images

In addition to the hardware-based inline memory encryption, Google built Confidential VM on top of Shielded VM, to harden your OS image and verify the integrity of your firmware, kernel binaries and drivers.

Google currently offers images of Ubuntu v18.094, Ubuntu 20.04, Container Optimized OS (COS v81), and RHEL 8.2.

They are currently working with CentOS, Debian and other distributors to offer additional OS images for Confidential VM.

 

Recommended Reading

Go Back To > Computer | BusinessHome

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Scam Alert : Fake SPRM Call About Company Taxes!

Please watch out for scammers who are pretending to be from SPRM calling you about company taxes!

Find out how they are trying to scam people, and WARN YOUR FAMILY + FRIENDS!

 

Scam Alert : Fake SPRM Call About Company Taxes!

Alvin was almost scammed when he received a call from a scammer pretending to be a SPRM officer :

I receive the call from this number. There was an automated message with a female voice stating that the call was from SPRM. It repeated twice, and then the call was directed to a male.

The male spoke professionally in Malay. And he claims that he is calling from SPRM. Then he didn’t mention about my name and ask is this number – 017-xxxx-xxxx my current mobile number?

When I answered yes, he said my number was registered under a company name called xxxx (PP trading Sdn Bhd I think) then he said he received a complaint.

But before he went deeper into the details he asked me to verify myself. I said why should I? I told him that if he is from government, he should have my IC number.

But out of curiosity, I gave my IC number to find out what he’s planning. He mentioned my name, “Alvin”, and he said that my company registered in Kelantan had some issues with income tax. I knew it was a scam call, and cut the call and blocked the number.

Fortunately, Alvin does not own any company, which helped him realise it was just a scam call.

But many people do, and have been, scammed by such calls, especially from government authorities like the police, SPRM or the courts.

Pretending to be someone working for the authorities makes it easier for scammers to cheat you, if you believe you might be in trouble.

Recommended : Magistrate Court SCAM ALERT! Ignore These Calls!

 

Why This SPRM Call Is Fake : The Facts

Now, there will always be people who will question us – how do you know it’s fake? Are you working for SPRM?

To these geniuses, you don’t have to work for SPRM to know that this is a scam call. And here’s why…

Fact #1 : SPRM Don’t Deal With Tax Issues

First of all, the SPRM (Suruhanjaya Pencegahan Rasuah Malaysia) is the Malaysian anti-corruption agency. They will NOT call you up about tax matters involving your company.

If you or your company has tax issues, they will be handled by LHDN (Lembaga Hasil Dalam Negeri) – the Malaysian internal revenue board.

Fact #2 : SPRM Won’t Call You

If the SPRM has a need to obtain your company information, they will issue you an official letter detailing the documents they need.

They won’t call you on the telephone, and definitely not on your mobile number.

Fact #3 : SPRM Warned About These Scam Calls

SPRM itself issued this warning about such scam calls back on 4 June 2018 :

SURUHANJAYA Pencegahan Rasuah Malaysia (SPRM) menasihatkan orang ramai agar berhati-hati dan tidak terpedaya sekiranya menerima panggilan telefon meragukan mendakwa daripada SPRM yang meminta beberapa maklumat peribadi termasuk butiran-butiran sulit kerana dikhuatiri ia panggilan palsu.

Ini susulan banyak aduan diterima SPRM daripada mangsa yang terpedaya dengan panggilan palsu berkenaan kebelakangan ini.

Sehubungan itu, orang ramai yang menerima panggilan meragukan ini, dinasihatkan agar terlebih dahulu mendapatkan pengesahan daripada mana-mana pejabat SPRM terdekat menerusi talian dan alamat yang dipaparkan di portal rasmi www.sprm.gov.my.

SPRM juga akan membuat laporan polis serta berharap Suruhanjaya Komunikasi dan Multimedia Malaysia (SKMM) akan menyiasat panggilan palsu ini yang telah menjejaskan nama dan reputasi SPRM.

SURUHANJAYA PENCEGAHAN RASUAH MALAYSIA
PUTRAJAYA
4 JUN 2018

 

Fake SPRM Call About Company Taxes : What Should You Do?

If you receive such scam calls, whether they are from SPRM or the courts, here is what you can do :

  • hang up
  • give the scammer a piece of your mind
  • record the call and post it online to expose them
  • lodge a complaint with SPRM and the police
  • if you have free time, play along to waste their time and prevent them from scamming others

Under NO CIRCUMSTANCES should you ever fall for this scam. Whatever you choose to do, do NOT believe for a second that you are in any trouble.

Do not give them any information about your company, bank account, etc. Certainly do not entertain any requests to transfer your money, or pay them a bribe to “solve the problem”.

And yes, please SHARE this article with your family and friends, to make sure they don’t get scammed!

 

Recommended Reading

Go Back To > CybersecurityMobile | Business | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!