Tag Archives: Cybercriminal

Scam Warning : Public Bank Customers Hit By Fake SMS!

Scammers continue to target Public Bank customers, using many different kinds of fake SMS messages.

Do NOT click or call if you receive any of these fake SMS messages!

 

Public Bank : Fake SMS Scam Warning! Do NOT Click / Call!

Whether you are a Public Bank customer or not, you may receive one of these alarming SMS messages.

Please DO NOT click on the link, or call the number. JUST IGNORE THEM, or delete them.

The safest thing to do is NEVER CLICK ON A LINK in any SMS. If you need to log into your bank account, key in the website address manually.

RM0 PBB/PIBB: Your PBB account will TERMINATED on 02Dec20 01:30:00 AM. Please make verification via http://www.mypbebank.cc to avoid service interruption. Verify now keep on using PBB services.

RM0 Credit Cash out RM3,000 form card ending no 7102 successful on 01 DEC. Information system sending. Call PBB 1800-81-9566 for any query

Warning: Your account is marked as insecure, please click Return PAC immediately to confirm that it is safe to use. (https://pbevip.vip/)

PBe Your account is in a high-risk state PLS log in immediately and return the PAC to protect your account security https://www.pbebanks.top

PBe Warning: Phishing URLs are frequent recently, PLS log in immediately to strengthen account security. 2Mar21 13:14 https://se1.pbevip.top/

PB e Your account is in a high-risk by the system, PLS re-verify your account https://pbbanks.red/ <security reminder is normal>

RM0 PIBB: Thank you for using your card ending 1098@senQ MYR 2899, Pls call 03-56260232 now, if you didn’t use it

RM0 PBB/PIBB: Trx amt MYR2699.00  @LAZADA for card ending 5738. Call PB 1-800-81-2337 now if didn t perform.

PBB: Your account is judged as high risk by the system. PLS re-verify your account https://www.pbebanks.asia/ <security reminder is normal>

PB e Alarm Your banking Suit now is marked as insecure, PLS re-verify your account https://online-pbebank.com <security reminder is normal>

 

Public Bank Fake SMS Scam : What Happens If You Click?

Clicking on the links will often lead you to a phishing website, a fake website designed to look like a Public Bank website.

You will be asked to key in your personal information, including your Public Bank user name and password. DO NOT KEY IN YOUR INFORMATION!

But if you are free and want to help screw these scammers, key in fake information as many times as possible.

Note : These scams do not just affect Public Bank. In fact, all banks are affected :

 

Public Bank : How To Identify Fake SMS Messages

With a little help from Public Bank, let’s show you how to identify fake SMS messages.

If you spot any of these warning signs, BACK OFF and DO NOT PROCEED!

Warning Sign #1 : Grammatical Mistakes

Read the two SMS messages above, and you can easily spot numerous grammatical mistakes. A bank will never send such poorly worded messages to their customers.

Warning Sign #2 : Embedded Links

Banks will NEVER embed links (URLs) into the message. If you see embedded links, always think – SCAM SMS!

Warning Sign #3 : Wrong Links

And always check the link – www.mypbebank.cc is not the correct address for the Public Bank website (www.pbebank.com)

When you see any website with .cc links, be wary because the .CC domains are registered in the Cocos Islands – an Australian territory of only 14 km², with only about 600 inhabitants.

The same goes for generic, top level domains like .TOP, .VIP, .TOP, .RED.ASIA, etc.

Warning Sign #4 : No Personal Login Phrase / Picture

To avoid phishing attacks, banks now give you a secret response (like a picture or a phrase) to confirm that you are visiting their legitimate website.

If the website you are visiting gives you the wrong picture or secret phrase, you have been tricked into visiting a fake website designed to mimic the real bank website.

You should also remember that the bank website must show you secret picture or phrase right after you enter your login, but BEFORE you key in your password.

If you are asked to key in your password without the website displaying the secret phrase or picture, you have been tricked into visiting a fake website designed to mimic the real bank website.

 

Recommended Reading

Go Back To > Cybersecurity | BusinessHome

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

macOS, iOS, iPadOS, Safari CVE-2021-1844 Bug : Fix It Now!

Apple just rushed out macOS Big Sur 11.2.3, iOS 14.4.1, iPadOS 14.4.1 and Safari 14.0.3 to patch a critical security bug.

Find out what they fix, and why you need to update your MacBook, iPhone and iPad right away!

 

Apple Rushes Out macOS, iOS, iPadOS, Safari Critical Bug Fixes!

Released on 8 March 2021, macOS Big Sur 11.2.3 patches only one bug, which may mislead users into thinking that it’s not very important.

WebKit

Available for: macOS Big Sur

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: A memory corruption issue was addressed with improved validation.

CVE-2021-1844: Clément Lecigne of Google’s Threat Analysis Group, Alison Huffman of Microsoft Browser Vulnerability Research

On the same day, Apple also released iOS 14.4.1 and iPadOS 14.4.1 – both patching the same CVE-2021-1844 vulnerability.

WebKit

Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: A memory corruption issue was addressed with improved validation.

CVE-2021-1844: Clément Lecigne of Google’s Threat Analysis Group, Alison Huffman of Microsoft Browser Vulnerability Research

Apple also released Safari 14.0.3, which patches the same vulnerability for macOS Catalina and macOS Mojave :

WebKit

Available for: macOS Catalina and macOS Mojave

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: A memory corruption issue was addressed with improved validation.

CVE-2021-1844: Clément Lecigne of Google’s Threat Analysis Group, Alison Huffman of Microsoft Browser Vulnerability Research

 

Why Install These macOS, iOS, iPadOS, Safari Bug Fixes ASAP?

While they appear to only patch WebKit in macOS Big Sur, iOS, iPadOS and Safari, they are CRITICAL bug fixes that you need to install right away.

They patch the new CVE-2021-1844 vulnerability, which was discovered by Clément Lecigne of Google’s Threat Analysis Group and Alison Huffman of Microsoft Browser Vulnerability Research.

This vulnerability allows a remote attacker to trigger a buffer overflow when the victim opens a specially-crafted web page, allowing the attacker to execute arbitrary code on the target system.

It is not known if this vulnerability has been exploited yet, but it is critical to install the new updates to prevent that from happening.

 

Recommended Reading

Go Back To > Software | CybersecurityHome

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Flower of the Holy Spirit Transforms From Saint To Dove?

An orchid called the Flower of the Holy Spirit appears to change from a saint to a flying dove, when it blooms!

Learn more about this spectacular and divine miracle, and find out what the facts really are!

 

Flower of the Holy Spirit : From Saint To Dove!

People are sharing these photos of the Flower of the Holy Spirit, together with this helpful explanation :

This is one of the orchid species named Flower of the Holy Spirit. It starts blooming during Pentecostal period once a year.

Before bloom, it looks like praying saints, when the flower blooms, it looks like a flying dove. How amazing is God’s Creation!

 

Flower of the Holy Spirit : It Would Be A Miracle Indeed!

It would be a miracle if either of the two pictures above are the Flower of the Holy Spirit. The sad fact is that this is yet another divinely-inspired fake story.

The only factual thing about the whole post is that they are both orchids. Everything else was made up.

Fact #1 : Neither Are The Flower of the Holy Spirit

There is an orchid called The Flower of the Holy SpiritPeristeria elata.

Also known as the Holy Ghost orchid, dove orchid, or flor del Espiritu Santo in Spanish, this is what it looks like!

Fact #2 : The Orchid On The Left Is Green-Yellow Catasetum

The orchid that looks like praying saints? That’s Catasetum viridiflavum, commonly known as the Green-Yellow Catasetum.

We hate to burst your divine bubble again, but generally their “arms” do not fold inwards. It’s hard to find photos that show these “saints” praying…

Fact #3 : The Orchid On The Right Is White Egret Flower

The orchid that looks like a flying dove is Pecteilis radiata, commonly known as the White Egret Flower, the fringed orchid or sagisō.

Incidentally, this is the official flower of the Setagaya ward of Tokyo.

Fact #4 : They Do Not Bloom During Pentecost

As far as we can tell, orchids do not observe the Pentecost – which is generally around mid May to mid June.

  • Catasetum viridiflavum (the “praying saints”) blooms sometime between end June to end September.
  • Pecteilis radiata (the “flying dove”) blooms sometime between early December and February.

Neither of the orchids in the picture actually bloom during Pentecost…

Fact #5 : It Would Be A True Miracle If It Happens

It would be a textbook case of a true miracle if Catasetum viridiflavum blooms into Pecteilis radiata during the Pentecost.

We will be sure to update you if this miracle ever happens. But for now, this is just divine inspiration?

 

Recommended Reading

Go Back To > ScienceFact Check | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Seafood Scams On Facebook : How To Detect Them!

Seafood scams on Facebook have been proliferating recently, and Facebook just doesn’t care.

So it is up to all of us to spread the word and WARN EVERYONE about these seafood scams on Facebook.

Updated @ 2021-03-07 : Added another confirmed seafood scam page and two reported bank accounts.

Originally posted @ 2021-02-14

 

Seafood Scams On Facebook : What’s Going On?

We were first alerted to the world of Facebook seafood scams by people who were cheated by Ocean Sense and East Malaysia Seafood Agent.

These Facebook seafood scam pages have a simple modus operandi :

  • offer online seafood delivery at very attractive prices and even free delivery
  • advertise on Facebook to reach out to people, and avert Facebook’s ire
  • ghost you after you deposit money into their bank accounts
  • delete your negative comments on their Facebook page

Even though many people reported Ocean Sense and East Malaysia Seafood Agent as scam pages, Facebook declined to take action and they are STILL ACTIVE.

 

Seafood Scams On Facebook : How To Detect Them!

The problem with seafood scams on Facebook is how easily scammers create them. Even if they get banned by Facebook, they will simply create a new one.

Facebook also partly enables them to continue with their scam by ignoring reports, claiming that there is nothing on the scam pages that go against their Community Standards. Duh – as if the scammers will post on Facebook admitting that they are scammers.

So how do we detect these seafood scams on Facebook?

Step 1 : Check List Of Reported / Confirmed Seafood Scams

The first thing you should do is run a quick search online on the name of the seafood vendor. See if anyone has reported them to be a scam.

Confirmed Seafood Scams On Facebook

Multiple people have reported that these Facebook seafood vendors have cheated them :

Reported Seafood Scams On Facebook

These Facebook pages have been reported to be scam pages, but we haven’t been able to independently verify their reports :

Step 2 : Check With The Commercial Crimes Department

Next, use the Commercial Crimes Department’s website to check for bank accounts that have outstanding police reports.

For example, the CIMB 8604503834 has two outstanding police reports lodged against it.

DO NOT BANK ANY MONEY to any account flagged by the Commercial Crimes Department’s website.

Step 3 : Check List Of Reported Company + Bank Accounts

Just because a bank account has not been flagged by the Commercial Crimes Department’s website doesn’t mean it’s safe.

That’s because many people do not bother to lodge a police report, or it may be a recent scam.

Here is a list of reported company and bank accounts, which you should AVOID :

Name Bank Account
Yap Kok Keong CIMB 7635-3713-28
A&B Bintang Trading CIMB 8604-5038-34
Car Boutique Venture CIMB 8604-5267-74
GS 028 Seafood Trading CIMB 8604-5270-14
Lee Pea Ching CIMB 7075-3700-47

Step 4 : Look For An Address

Genuine seafood vendors on Facebook will share with you their address, so you can drop by and select your seafood if you wish.

But don’t just trust the address they post. Always check the address on Google Maps, and use Street View to check if the shop really exists.

Step 5 : Look For Angry Emojis

A genuine seafood vendor may have one or two angry emojis by dissatisfied customers, but scam pages will have A LOT of them.

Hover over the reaction emojis, and look at how many are positive (likes or wow), and how many are negative (angry).

Scam pages will have a lot of angry emojis because they often delete negative comments, so angry customers have only one option – show angry emojis to warn potential customers.

Step 6 : PM People With Angry Emojis

To find out for sure if this is a scam, just PM (private message) those who left an angry emoji react to the Facebook page.

That’s how we were able to confirm that Ocean Sense and East Malaysia Seafood Agent are seafood scam pages.

Step 7 : Pay Only By Credit Card / Cash On Delivery

If you are still enticed by the great offer and want to take a risk, insist on paying with a credit card, or cash on delivery.

NEVER PAY to a bank account directly, because there is simply NO PROTECTION, and NO WAY for you to get your money back.

Using a credit card protects you against fraud, because the payment is not instantly credited to the vendor.

If you did not receive the seafood you ordered, simply call up the bank and inform them. They will refund the money.

If the seafood vendor insists on a direct bank transfer and refuses even cash on delivery, it is highly likely that they are scammers.

 

Recommended Reading

Go Back To > Scam Alerts | BusinessHome

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

CD PROJEKT RED Hack : Source Codes + Docs Stolen!

CD PROJEKT RED just had their source codes and internal documents stolen in a MAJOR HACK, and they may all end up being leaked!

 

CD PROJEKT RED Hack : Source Codes Stolen, Servers Encrypted!

On 9 February 2021, CD PROJEKT RED announced that their data – including source codes and internal documents – were stolen in a hack, and could possibly be leaked.

Their servers were also encrypted in a secondary ransomware attack by the same hackers, but they had backups of the encrypted data.

CD PROJEKT RED publicly ruled out negotiating with the hackers, or giving in to their demands.

This would likely mean that their source codes and internal documents will eventually be released publicly by the hackers.

The only silver lining – CD PROJEKT RED noted that they do not have any evidence that the personal data of their employees were accessed or stolen.

 

CD PROJEKT RED Hack : The Hackers’ Threats

According to the ransom note left on their servers, the hackers stole :

  • FULL source codes for Cyberpunk 2077, Witcher 3, GWENT and the unreleased version of Witcher 3.
  • ALL of their internal documents on accounting, administration, legal, HR, investor relations and more

They also encrypted all of their CD PROJEKT RED’s servers, but acknowledged that they would most likely recover the data from their backups.

The hackers are giving the CD PROJEKT RED team 48 hours to contact them to negotiate.

If there is no agreement, they threaten to sell or leak the source codes, and release their internal documents to the media.

They claim that the internal documents will make CD PROJEKT RED look bad, causing their stock prices to fall and their investors will lose trust in them.

 

CD PROJEKT RED : Official Statement On Hack

This is the official statement by CD PROJEKT RED on the hack :

Yesterday we discovered that we have become a victim of a targeted cyber attack, due to which some of our internal systems have been compromised.

An unidentified actor gained unauthorized access to our internal network, collected certain data belonging to CD PROJEKT capital group, and left a ransom note the content of which we release to the public. Although some devices in our network have been encrypted, our backups remain intact. We have already secured our IT infrastructure and begun restoring the data.

We will not give in to the demands nor negotiate with the factor, being aware that this may eventually lead to the release of the compromised data. We are taking necessary steps to mitigate the consequences of such a release, in particular by approaching any parties that may be affected due to the breach.

We are still investigating the incident, however at this t time we can confirm that – to the best of our knowledge – the compromised systems did not contain any personal data of our players or users of our services.

We have already approached the relevant authorities, including law enforcement and the President of the Personal Data Protection Office, as well as IT forensic specialists, and we will closely cooperate with them in order to fully investigate the incident.

 

Recommended Reading

Go Back To > Cybersecurity | Games | SoftwareHome

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Fact Check : Dr Noor Hisham Tendered His Resignation?

A WhatsApp message has gone viral, claiming that Dr Noor Hisham has tendered his resignation!

Take a look at the WhatsApp message, and find out what the facts really are!

 

Viral Claim : Dr Noor Hisham Has Tendered His Resignation!

This is the WhatsApp message that has gone viral, claiming that Dr Noor Hisham has tendered his resignation!

FINALLY DR NOOR HAS PUT HIS FOOT DOWN.
THE DAILY FIGURES FOR COVID 19 ARE BACKLOG FROM LAST YEAR.\
THE REASON BEING THE PRIME MINISTER AND TWO MINISTERS ARE KEEN TO CONTINUE THE RISE TO JUSTIFY THE BLUNTED IN RUNNING THE NATION.
THEY WANT TO CONTINUE STAYING IN THEIR POSITION.
I AM NOT SURE WHY ALL THE SULTANS ARE KEEPING MUM ON THIS.

THE ACTUAL FIGURE IS LESS THAN 100 DAILY SINCE EARLY JANUARY 2021.

IT IS TIME LIKE THIS THAT EVERYONE USE THEIR COMMON SENSE WHY PASAR MALAM IS ALLOWED TO RUN FROM 4PM TO 10PM AND KINDERGARTEN HAS BEEN ON WHILE THE REST ARE ON MCO.

AFTER THE ANNOUNCEMENT EXTENSION TO 16TH FEBRUARY 2021, THE MINISTER WENT TO HIS PENTHOUSE TO HAVE A CELEBRATION. ALL 13 OF THEM DID NOT FOLLOW SOCIAL DISTANCING NOR WEAR A MASK.

WHILE A TRIP TO BUY ESSENTIALS GOODS WAS GIVEN SUMMONED.

Villagers fined for trip to Tenom to get essential supplies
TODAY ANYONE CAUGHT WILL BE FINE RM10,000 WHILE MINISTERS ARE ABOVE THE LAW.

IT IS TIME LIKE THIS THAT MALAYSIANS WISH SOMETHNG DRASTIC IS DONE TO STOP THE DOUBLE STANDARD.

It is actually a copy and paste of a MalaysiaFlipFlop blog post.

 

Dr Noor Hisham Tendered His Resignation? Nope!

The Malaysia Ministry of Health and Dr. Noor Hisham Abdullah himself has called the post fake news, denying that he tendered his resignation.

We should also point out that the MalaysiaFlipFlop post is factually wrong in a couple of instances :

Fact #1 : Only Some Cases Are From Last Year

While MalaysiaFlipFlop claims that COVID-19 daily figures are from last year, that is only true for a few cases.

On 31 January, 2021, the Director General of Health, Dr Noor Hisham Abdullah, said that the recent surge of over 5,000 daily cases was partly due to a backlog, and partly due to targeted screening at work places, and screening of high-risk groups.

Fact #2 : Over 2000 New Daily Cases Since January 2021

Since 1 January 2021, Malaysia has reported over 2,000 new cases every day, hitting a record 5728 cases on 30 January 2021.

Not once has it dropped anywhere close to “less than 100 daily” cases that MalaysiaFlipFlop suggested.

Fact #3 : MCO Was Extended To 18 February 2021

The MCO was extended to 18 February 2021, not 16 February as MalaysiaFlipFlop claimed.

Fact #4 : Fine For Breaking MCO Rules Only RM1,000

The fine for breaking MCO rules is only RM1,000 per offence, not RM10,000 as MalaysiaFlipFlop claimed.

 

Recommended Reading

Go Back To > Cybersecurity | SoftwareHome

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Ministry of Education Website Uses Plain Text CAPTCHA!

It is unbelievable, but the Malaysia Ministry of Education’s website uses plain text CAPTCHA that can be copied and pasted!

Take a look at this incredulous security lapse, and find out why it could put your data at risk!

 

Ministry of Education Website Uses Plain Text CAPTCHA!

The recent threat by Anonymous Malaysia to attack government websites over their lack of security appears to be well-justified.

Qusyaire Ezwan spotted an incredulous security lapse in the official Malaysia Ministry of Education website – plain text CAPTCHA!

On top of that, the code can actually be copied and pasted!

 

Ministry of Education Plain Text CAPTCHA : A Serious Cybersecurity Risk!

The CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) test is something most of us are familiar with.

It is a test that helps to identify real humans, and weed out bots, before they are allowed to access a service. This prevents bot fraud and hacking attempts.

In the Ministry of Education website, the plain text CAPTCHA was used to “secure” the retrieval of forgotten passwords for their Student Management Module.

A real CAPTCHA uses distorted images to prevent a bot from “reading” the numbers or letters, thereby ensuring that only a real human being would be able to key in the correct code.

As this screenshot shows, the CAPTCHA used in the Ministry of Education website just uses random sequences of letters and numbers in PLAIN TEXT!

This means a bot can easily copy and paste the plain text code, and bypass the CAPTCHA test.

Frankly, this doesn’t even qualify as a CAPTCHA test, because it cannot differentiate between humans and bots.

Now, the password is still sent to the registered email accounts, not to the hackers or bots. So your data is not in immediate danger.

However, this is still a SERIOUS cybersecurity risk, because a hacker can pair this design flaw with compromised email accounts.

It would allow their bots to easily and quickly make password retrieval requests for compromised email accounts, and then retrieve your Ministry of Education password.

Having access to the Student Management Module would give hackers access to a ton of information on children and their parents :

  • child : name, date of birth, telephone number, home address
  • school : location, class name, teacher’s name,
  • parent : name, occupation, workplace address, contact number, declared salary

On top of that, many people reuse their passwords, so hackers will use the password retrieved from the Ministry of Education website on other websites and online services you may use.

If you use the same password for your banking account, for example, that would expose your banking account to the hacker.

That is why CAPTCHA is important. It doesn’t prevent hacking attempts, but it greatly slows it down by blocking bots from making mass requests.

The use of plain text CAPTCHA in an official government website is a fiasco. A basic cybersecurity checklist would have prevented software vendors from using plain text CAPTCHA in government websites.

The Malaysian government needs to take the security of official websites seriously. This is a disgrace.

 

Recommended Reading

Go Back To > Cybersecurity | SoftwareHome

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Scam Alert : East Malaysia Seafood Agent On Facebook!

There is another seafood scam page on Facebook called East Malaysia Seafood Agent (海鲜海产代理 or 东马海产代理)!

Please SHARE this scam alert, and help bring down that scam page!

 

Scam Alert : East Malaysia Seafood Agent On Facebook!

Please be warned that there is another seafood scam page on Facebook called East Malaysia Seafood Agent (海鲜海产代理 or 东马海产代理)!

It is related to Ocean Sense, another seafood scam page on Facebook.

Like Ocean Sense, East Malaysia Seafood Agent offers fresh and frozen seafood at very attractive prices, with free delivery and discounts for large purchases :

Cannada lobster
加拿大波士顿龙
Sex : mix
Size : 1.5 – 6 kg per 1
Price : 78 per kg
Take over 10KG free shipping
10公斤以上包邮

Alaska King crab fresh and huge
阿拉斯加 帝王蟹
Sex : mix
Size : 2 – 5 kg per 1
Price : 88 per kg
Take over 10KG Free Shipping
10公斤以上免邮

PM and message us for more details
Contact : 016 868 6538 Ah Yap

However, one of our readers confirmed that he was cheated by this vendor, and he shared with us the details of what happened.

Noticeably, the vendor behaved very similarly to Ocean Sense, replying in PM and deleting negative comments. That’s why the page has many Angry reacts, by people who were blocked from commenting.

 

East Malaysia Seafood Agent Scam : What Happened?

This customer ordered a large quantity of lobsters and Alaska king crabs from East Malaysia Seafood Agent, and was told to bank the money to :

Yap Kok Keong
CIMB 7634-371-328

This is the EXACT SAME person and bank account for Ocean Sense!

We checked the CIMB account number with the Commercial Crimes Department’s website, which showed that no report has been lodged against it… yet.

However, it doesn’t mean it is a safe account. At least 61 people have looked up the same number.

Oddly enough, when he asked for the bank account for the company (whose SSM record he furnished above), he issued him an invoice at a different company, and told him to bank it into “his relative’s company” instead :

Car Boutique Venture
CIMB 8604-5267-74

We checked the CIMB account number with the Commercial Crimes Department’s website, which showed that no report has been lodged against it… yet.

However, it doesn’t mean it is a safe account. At least 19 people have looked up the same number.

By this time, he was very suspicious, and decided to take a small gamble.

He said that he would bank a deposit of RM 200 into that Yap Kok Keong personal account, and pay the remainder on delivery.

As expected, he never delivered the seafood and then ghosted this customer.

 

Help REPORT East Malaysia Seafood Agent On Facebook!

Even though he reported East Malaysia Seafood Agent page as a scam to Facebook, the page is still active, and the person running this page is actively deleting negative comments.

Here is how you can help prevent more people from being scammed.

Step 1 : Report To The Police!

If you are one of those who were scammed, please report to the police ASAP.

This would help get the bank accounts blacklisted, and listed in the Commercial Crimes Department’s database.

Step 2 : Publicise The Scam!

Share this article, or the news about East Malaysia Seafood Agent, with your family and friends.

Alert your community via social media – Facebook, Twitter, WhatsApp, Telegram, etc.

Step 3 : Report The Scam To Facebook!

Facebook is quite lax about scams. They need many people to report a page as a scam before they will even bother to take action.

So follow these steps to report the East Malaysia Seafood Agent Facebook page as a scam.

  1. Go to the East Malaysia Seafood Agent Facebook page.
  2. Tap on the … menu on the upper right corner.
  3. Select Find support or Report Page.

  1. Select Fraud or Scam and Other.
  2. Click Next.

  1. Select Report Page.

  1. Tick the I believe that this goes against Facebook’s Community Standards check box.
  2. Click on the Report button.

That’s it! You have done your part in reporting a scammer.

But for this to work, many more people must report the page as a scam. So please share this out, and get your family and friends to help report them.

Facebook is very lax, and will likely claim that the page doesn’t contravene their Community Standards. But without enough reports, they will take it more seriously.

 

Recommended Reading

Go Back To > Scam Alerts | BusinessHome

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Scam Alert : Ocean Sense Seafood On Facebook!

A new seafood scam page on Facebook called Ocean Sense have already scammed several people!

Please SHARE this scam alert, and help bring down that scam page!

Note : There is a similar scam, involving the same person and bank account. See this article for more details!

 

Scam Alert : Ocean Sense Seafood On Facebook!

Please be warned that several people have allegedly been scammed by Ocean Sense – a seafood vendor on Facebook.

Ocean Sense offers fresh and frozen seafood at very attractive prices, with free delivery and discounts for large purchases :

Shipping fee 25
Take over rm300 free shipping
Take over rm500 10% discount (Each item )

Alaska king crab frozen
MYR 80 size – S (800g-1.5kg)
MYR 90 size – M (2kg -3.5kg)
MYR 100 size – L (4kg-5.5kg)
___________________________

Alaska king crab live
MYR 100 size – S (800g-1.5kg)
MYR 135 size – M (2kg-3.5kg)
MYR 170 size – L (4kg -5.5kg)
___________________________

Canada lobster live
MYR 75 size – S (1kg-2.5 kg)
MYR 85 size – M (3kg -4.5kg)
MYR 95 size – L (5kg -6.5kg)
_____________________________

Snow crab live
MYR 89 per kg 1-3kg per pic

However, several customers reported that the vendor would block them after receiving payment, and delete any negative comments on their page.

SCAMMER ALERT

“OCEAN SENSE” – seafood supplier.

Do not purchase from this vendor. It is a scam. Blocks purchasers from FB/FB messenger and mobile number after monies for orders are banked into his account.

FB business name: Ocean Sense
Vendor / Acc name: Yap Kok Keong
Payment Account: CIMB 7634-3713-28

Be careful with online purchases during this depressed period of time!

We checked the CIMB account number with the Commercial Crimes Department’s website, which showed that no report has been lodged against it… yet.

However, it doesn’t mean it is a safe account. At least 61 people have looked up the same number.

In fact, a similar East Malaysia Seafood Agent page is also using the same CIMB bank account owned by Yap Kok Keong!

Another Ocean Sense customer just shared screenshots of his interaction with the same vendor, who used a different bank account :

A&B Bintang Trading
CIMB 8604-5038-34

After paying Ocean Sense RM500, he was told that seafood he purchased would arrive at 11 AM. But there was no sign of it at 12 PM, which was when the buyer realised he was cheated.

According to the Commercial Crimes Department’s website, this CIMB bank account had two police reports lodged against it.

You should AVOID dealing with A&B Bintang Trading, and definitely DO NOT send money to CIMB 8604503834.

If you have been cheated by this company, please LODGE A REPORT at the nearest police station!

We reached out to Ocean Sense, and after some digging, they claim that they are based in Tawau, and that their customers can purchase seafood from them at this address :

Ocean Sense
1st Block, Batu 13,
Jalan Airport
91000 Balung,
Tawau,
 Sabah

Contact : Tommy Tan
Tel. : 010-775-9395

However, there is no Jalan Airport in Tawau, and Jalan Airport Baru is just an empty road leading to the Tawau Airport.

 

Help REPORT Ocean Sense Seafood On Facebook!

Even though these customers have reported Ocean Sense as a scam to Facebook, the page is still active, and the person running this page is actively deleting negative comments.

Here is how you can help prevent more people from being scammed.

Step 1 : Report To The Police!

If you are one of those who were scammed, please report to the police ASAP.

This would help get the bank accounts blacklisted, and listed in the Commercial Crimes Department’s database.

Step 2 : Publicise The Scam!

Share this article, or the news about Ocean Sense, with your family and friends.

Alert your community via social media – Facebook, Twitter, WhatsApp, Telegram, etc.

Step 3 : Report The Scam To Facebook!

Facebook is quite lax about scams. They need many people to report a page as a scam before they will even bother to take action.

So follow these steps to report the Ocean Sense Facebook page as a scam.

  1. Go to the Ocean Sense Facebook page.
  2. Tap on the … menu on the upper right corner.
  3. Select Find support or Report Page.

  1. Select Fraud or Scam and Other.
  2. Click Next.

  1. Select Report Page.

  1. Tick the I believe that this goes against Facebook’s Community Standards check box.
  2. Click on the Report button.

That’s it! You have done your part in reporting a scammer.

But for this to work, many more people must report the page as a scam. So please share this out, and get your family and friends to help report them.

Facebook is very lax, and will likely claim that the page doesn’t contravene their Community Standards. But without enough reports, they will take it more seriously.

 

Recommended Reading

Go Back To > Scam Alerts | BusinessHome

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Beware Of AirAsia X Scam On WhatsApp!

AirAsia X is warning about a scam on WhatsApp that is trying to trick people into making payments.

Please watch out for this scam, and WARN your family and friends!

 

Beware Of AirAsia X Scam On WhatsApp!

There is a new scam on WhatsApp involving AirAsia A.

Scammers pretending to be AirAsia X are sending messages on WhatsApp, asking people to make a payment into an account allegedly belonging to a credit management company.

AirAsia X announced that neither they nor their employees are involved with that scam.

Just like banks, AirAsia X will NOT engage with customers, or solicit payments through any instant messaging apps like WhatsApp.

All official AirAsia X announcements are made through the mass media, or these official channels on social media :

Twitter: www.twitter.com/airasia
Instagram: www.instagram.com/airasia
Facebook: www.facebook.com/airasia

 

Other Scams To Watch Out For

Other than this new AirAsia X scam on WhatsApp, please watch out for these scams too :

Go Back To > Cybersecurity | TravelHome

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Why You Should NOT Move WhatsApp Chats To Telegram!

Telegram just highlighted the ability to migrate WhatsApp chats to their app, but you really should NOT do that.

Find out why this is a BIG security and privacy risk than just leaving your chats in WhatsApp!

 

Telegram : Moving Chat History From WhatsApp, Line + KakaoTalk

In a recent version 7.4 update for their iOS app, Telegram announced a new feature – the ability to move your chat messages from other apps like WhatsApp, Line and Kakaotalk to their app.

Curiously, that ability has actually been part of WhatsApp since 2018, when they introduced the ability to export chats to email and other apps.

And while this feature is purportedly available only with the iOS version of Telegram Messenger, you can already do that with existing versions of WhatsApp and Telegram.

 

Why You Should NOT Move WhatsApp Chats To Telegram!

You should note that the privacy risks with WhatsApp have been grossly exaggerated by the media and many Internet “experts”.

For one thing – WhatsApp users have been sharing metadata with Facebook since September 2016, a fact initially lost on many media outlets and “experts”.

But we understand the fear – Facebook is a real snoop. Even so, it would be a mistake to migrate from WhatsApp to Telegram.

Let us share with you why you should NOT migrate from WhatsApp to Telegram, and why it is a BIG mistake to migrate your WhatsApp data to Telegram.

Fact #1 : Telegram Is LESS Secure Than WhatsApp

WhatsApp fully implemented end-to-end encryption across all of their apps and network since 5 April 2016.

End-to-end encryption prevents WhatsApp or Facebook from reading your messages. Only the sender and receiver(s) can read them.

WhatsApp shares a considerable amount of data and metadata that Facebook can use to identify and track your movements and activities. But not the content of your messages.

Telegram, on the other hand, has STILL NOT implemented end-to-end encryption for all messages by default.

Instead, they still insist on offering end-to-end encryption only when you create a Secret Chat.

This leaves the bulk of your messages completely readable by Telegram and anyone who intercepts those messages as they travel from your device through the Internet to the recipient.

The very presence of Secret Chats between certain people is itself metadata that can help oppressive regimes identify their enemies or whistleblowers.

Fact #2 : Your Data Is Stored In Telegram Cloud Servers

All WhatsApp data is stored only in your registered device. WhatsApp also does not retain messages in their servers after they are delivered, and will only store files (like photos and videos) and undelivered messages for 30 days.

It’s the opposite with Telegram – all of your data – messages, photos, videos, documents – is stored in their cloud servers. Even though they are encrypted in storage, Telegram holds the encryption keys, NOT YOU.

This ability has its advantages like convenient access across multiple devices, but it also makes Telegram less secure.

Telegram has access to your encrypted files, including the ability to decrypt them for authorities that legally compels them to do so.

Fact #3 : Moving Your Messages + Media To Telegram Exposes Them

While your chats and media remain within your WhatsApp app, they are encrypted and not available to anyone but yourself (and the recipients).

Migrating your chat messages and media to Telegram would involve sending them unencrypted to Telegram’s servers.

This exposes your hitherto secure chats and media to a man-in-the-middle attack – allowing a third party to snoop or grab a copy of the data as it travels unencrypted to the Telegram servers.

Fact #4 : Facebook Already Has Your Metadata

As we pointed out earlier, WhatsApp has been sharing our metadata with Facebook since September 2016.

So moving your existing chats out of WhatsApp won’t limit or reduce your exposure. That horse has long bolted from the stable.

Moving your chat history and files to Telegram will just offer a new attack surface for cybercriminals and oppressive regimes.

Fact #5 : Facebook Will Still Have Your Data If You Still Use Facebook!

Here is the other thing that people don’t realise – migrating from WhatsApp to another messaging app is pointless if you do not also stop using Facebook.

As long as you still use Facebook, they will still have access to a consideration amount of metadata. Losing your WhatsApp metadata just gives them less metadata.

After all, Facebook can track your movements and activity even if you are NOT on Facebook! This is what they call Off-Facebook Activity.

 

Recommended Reading

Go Back To > Cybersecurity | SoftwareHome

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

HUAWEI New Year Gift Scam : Don’t Click Or Share!

Watch out for the HUAWEI New Year Gift scam that’s circulating on WhatsApp!

Do NOT click or share. Just delete it, and WARN YOUR FAMILY AND FRIENDS!

 

HUAWEI New Year Gift Scam : Do NOT Click Or Share!

Scammers are sending out this message on WhatsApp, claiming that HUAWEI is giving away New Year gifts.

Please do NOT click on the message, or share it. Just delete it and warn your family and friends!

 

Why This HUAWEI New Year Gift Offer Is A Scam

Let us show you why this HUAWEI New Year Gift offer (and similar offers) is just a scam.

If you spot any of these warning signs, BACK OFF and DO NOT PROCEED!

Warning Sign #1 : Not Using The Real HUAWEI Domain

A genuine HUAWEI campaign would use the real HUAWEI domain – www.huawei.com.

The use of a different domain (2021-whatsapp3w.bar) should warn you that this is not a legitimate HUAWEI website.

Warning Sign #2 : HUAWEI Does Not Give Away Free Gifts

HUAWEI is a for-profit corporation whose goal is to make money, not give it away.

They are not a charity, and will never give free gifts to celebrate a new year, or anniversary.

They only give free gifts to promote the purchase of their latest products.

Warning Sign #3 : Ridiculous Prizes

While brands may sometimes give away branded swag like a face mask, a t-shirt, or a cap; they will NEVER give away CASH as a prize.

And there is no way they would give away US$5,000 cash prizes. That’s just nuts! It should be cheaper to just give away one of their latest Mate 40 Pro smartphones.

 

Recommended Reading

Go Back To > Cybersecurity | BusinessHome

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Maybank B40 Subsidy Scam : Do NOT Click Or Call!

Watch out for the new Maybank B40 subsidy scam! It is a phishing attack to gain access to your Maybank account!

Do NOT click or call. Just delete it, and WARN YOUR FAMILY AND FRIENDS!

 

Maybank B40 Subsidy Scam : Do NOT Click Or Call!

Scammers are sending out this SMS claiming that Maybank (MBB) will issue the B40 subsidy after you fill in some information.

Please do NOT click on the message, or call the telephone number. Just delete it and warn your family and friends!

 

Why This Maybank B40 Subsidy Offer Is Just A Scam

Let us show you why this Maybank B40 subsidy offer (and similar offers) is just a scam.

If you spot any of these warning signs, BACK OFF and DO NOT PROCEED!

Warning Sign #1 : No Such B40 Subsidy Program

The Malaysian government has not announced any B40 subsidy program.

Neither would Maybank offer free money for the B40. It’s a bank, not a charity.

Warning Sign #2 : Bad Grammar

The bad English grammar should be a warning sign that this is not a legitimate offer.

Warning Sign #3 : Not Using The Real Maybank Domain

A genuine Maybank campaign would use the real Maybank domain – www.maybank.com.my.

The use of a different domain should warn you that this is not a legitimate Maybank website.

In fact, Google Chrome will warn you that this website is a phishing attack – to get your personal and banking information.

Warning Sign #4 : Asking You For Your Information

The banks – whether they are Maybank, Public Bank, CIMB, etc – will NEVER ask you to fill in your personal details.

Think about it – they already have your information because you have an account with them!

Even if there is a legitimate B40 subsidy programme, they only need you to log into your Maybank account. They do NOT need you to register your details again.

These scammers ask you for these details so they can use them in phishing calls, to convince you that they are really from Maybank.

Warning Sign #5 : Asking You For Your Bank Login!!!

This is a BIG warning sign. Banks will NEVER ask you for your user name and password.

If you key in this information, you are basically giving these scammers access to your Maybank account.

They will call or message you and try to get your TAC (Transaction Authorisation Code) number that is sent to your mobile number. DO NOT GIVE THAT TO THEM!

If you sent them your user name and password, please contact the bank immediately, and change your password!

 

Recommended Reading

Go Back To > Cybersecurity | BusinessHome

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Tesco New Year Scam Alert : Do NOT Click / Forward!

Now that the New Year is almost here, the Tesco New Year Scam is going viral on WhatsApp!

Do NOT click on the message if you receive it. Do NOT forward it either!

Just delete it, and WARN YOUR FAMILY AND FRIENDS!

 

Tesco New Year Scam Alert : Do NOT Click / Forward!

People are sharing this Tesco New Year promotion that claims to offer a gift card valued up to RM1000, but it is really nothing more than a SCAM!

Please do NOT click on the message, or forward it to anyone. Just delete it and warn your family and friends!

 

Why This Tesco New Year Offer Is Just A Scam

Let us show you why this Tesco New Year gift card offer (and similar offers) is just a scam.

If you spot any of these warning signs, BACK OFF and DO NOT PROCEED!

Warning Sign #1 : Bad Grammar

Most of these Tesco gift card scams have bad grammar (example #1, example #2), which is a big clue that this isn’t a genuine Tesco offer.

In this example, they capitalised TESCO and use the grammatically incorrect “win up to RM1000 Tesco Gift Card!

Warning Sign #2 : Offering You Free Money Or Gifts

Please do NOT be naive. Nothing is FREE in this world, much less a RM1000 gift card.

Tesco isn’t going to give you FREE money, just because it’s the new year, or their anniversary.

They are a corporation whose business is to make money, not a charity to give you free money.

Warning Sign #3 : Not Using The Real Tesco Domain

A genuine Tesco Malaysia campaign would use the real Tesco Malaysia domain – www.tesco.com.my.

Or they would run it off the official Tesco Malaysia page on Facebook – www.facebook.com/TescoMY.

This scam is using a BlogSpot.com domain – which is not something any genuine company would do.

Warning Sign #4 : Asking You To Forward The Offer

No brand will insist that you must share the offer with 5 groups or 20 friends on WhatsApp.

Do not click to forward their offer to your family and friends. They will not appreciate being scammed with your help!

Warning Sign #5 : Asking You To Download + Register An App

If you click through and joined the fake survey scam, you will eventually be asked to download and register for an app.

That is VERY DANGEROUS. Never agree to download and register for any unknown app from a website.

Always download your apps from an official App Store like Google Play Store (for Android smartphones) and Apple App Store (for iPhones).

 

Recommended Reading

Go Back To > Cybersecurity | BusinessHome

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Did Alabama Nurse, Tiffany Dover, Die From Pfizer Vaccine?

Antivaxxers are claiming that an Alabama nurse, Tiffany Dover, died on live TV after taking the Pfizer-BioNTech COVID-19 vaccine!

Find out what’s going on, and what the facts really are!

Updated @ 2020-12-25 : Added more fact checks, because antivaxxers continue to post fake claims about Tiffany. It’s Christmas, for crying out loud!

Originally posted @ 2020-12-23

 

Did Alabama Nurse, Tiffany Dover, Die From Pfizer Vaccine?

There are several versions of this story, but they basically boil down to two main storylines :

a) an unnamed Alabama nurse died on live TV after taking the Pfizer-BioNTech COVID-19 vaccine!

COVID 19 -TEST A nurse in Alabama dies directly on the air after taking the Pfizer vaccine for Corona This is clear evidence of the danger of the vaccine, including the toxins and animal genes .. LOOK AT VEDIO CLIP!

b) a Tennessee nurse, Tiffany Dover, died after fainting on live TV (after taking the Pfizer-BioNTech COVID-19 vaccine)

OMFG! FAINTING NURSE DIED
Tiffany Dover IS DEAD

I saw that fainting nurse died, so I checked it out!
This death record has to be her! Same town, age, and most importantly, the family listed all show up as her friends on fb!

So the nurse who took the COVID-19 vaccination on live television is now dead days after being vaccinated..

 

No, Tiffany Dover, Did NOT Die From Pfizer Vaccine!

The short and sweet summary is this – no nurse died after taking the Pfizer vaccine, whether on live TV or otherwise.

For the skeptics who are fond of asking, “How do you know? Were you there?”, here are the facts…

Fact #1 : No Nurse Died On Live TV In Alabama

Despite claims that an unnamed nurse died in Alabama after being injected with the Pfizer COVID-19 vaccine, that is not true.

The claim was shared with the video of Tiffany Dover, a nurse in Tennessee, fainting on live TV after receiving her Pfizer vaccination.

It is likely that antivaxxers intentionally switched the location from Tennessee to Alabama, to mislead those who already knew about Tiffany Dover.

Fact #2 : Tiffany Dover Is Alive And Well!

According to the NewsChannel 9 ABC crew who recorded the whole event on 17 December 2020, Tiffany Dover quickly recovered, and within minutes, was able to get up and speak with them again.

While antivaxxers are claiming that she subsequently died, those are complete lies. She did NOT die.

In fact, her hospital – CHI Memorial – posted this tweet, confirming that she is well, asking that people give her and her family privacy.

Fact #3 : Tiffany Dover Alive And Well On Video, 4 Days Later!

On 21 December 2020, CHI Memorial followed up with a short video showing that she is alive and well, surrounded by her colleagues.

To prove that it was not filmed before her vaccination and alleged “death”, they held up banners that said, “Nursing Leadership Vaccinated Together, #CHIMemorialStrong” and the date “12-21-20“.

Fact #3 : People Found The Wrong Death Record

Conspiracy theorists and antivaxxers are parading online search results showing her death record.

In fact, Kitty Lynn in this example searched for Tiffany Dover in the wrong state – Alabama. Is it any wonder she got the wrong death record?

Note : We intentionally added the HOAX overlay, to prevent it from being misleadingly shared

And this intrepid online investigator discovered that he/she was also listed on searchquarry.com.

Funnily enough, herdsheeple thought that SearchQuarry lists only dead people. It’s actually a search engine for public records in the United States.

With fantastic investigators like herdsheeple and Kitty Lynn, who needs the FBI?

Fact #4 : Tiffany Dover Is Not A Unique Name

As unique as Tiffany Dover surely is as a person, her name isn’t unique.

In the entire US, there are currently 47 Tiffany Dovers, with nine of them in Tennessee. And no, they are NOT CLONES, as some people are alleging.

And they do not include Tiffany Dovers who have actually passed away years or even decades ago.

Fact #5 : No Animal Genes In mRNA Vaccines

Some of these messages include the claim that the Pfizer COVID-19 vaccine contains animal genes, that’s completely false.

There are no genes of any sort in mRNA vaccines, whether they are from Pfizer or Moderna.

The mRNA in these COVID-19 vaccines are merely RNA instructions – coding for the SARS-CoV-2 spike proteins. That’s it.

Recommended : Pfizer + Moderna mRNA Vaccines : How Do They Work?

 

Recommended Reading

Go Back To > Fact Checks | ScienceHome

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Fake CIMB SMS Scam! Do NOT Click / Call!

Fake SMS scammers just switched from Public Bank to CIMB.

Do NOT click or call if you receive any of these fake SMS messages!

And please warn your family and friends!

 

Fake CIMB SMS Scam! Do NOT Click / Call!

Whether you are a CIMB Bank customer or not, you may receive one of these alarming SMS messages :

RM 0.00 CIMB: Confidential!

Dear CIMB users, your account will TERMINATED on 24/12/20. Verify via http://www.cimbclickikm.cc to keep on using CIMB Clicks services.

Please make verification within 24hours to avoid service interruption.

RM0 CIMB: Instant Transfer RM4998.78 to CHAY LEE FEN/HONG LEONG on 23-Dec-2020, 13:06:35. Call the no. at the back of your card for queries.

If you receive any of these SMS messages, please DO NOT click on the link, or call the number. JUST IGNORE THEM, or delete them.

Note : These scams do not just affect CIMB Bank. In fact, all banks are affected :

 

Why These CIMB SMS Messages Are Fake

Let us show you how to identify these fake CIMB SMS messages.

If you spot any of these warning signs, BACK OFF and DO NOT PROCEED!

Warning Sign #1 : Grammatical Mistakes

If you carefully read the first SMS message above, you can easily spot numerous grammatical mistakes. A bank will never send such poorly worded messages to their customers.

The second SMS message has proper grammar, and is likely a copy of the real SMS message to trick you into thinking that this is a real transaction.

Warning Sign #2 : Embedded Links

Banks will NEVER embed links (URLs) into the message. If you see embedded links, always think – SCAM SMS!

Unlike the Public Bank SMS scam, they used a copy of the real SMS message to trick you into clicking the URL in the first message.

Warning Sign #3 : Wrong Links

And always check the link – www.cimbclickikm.cc is not the correct address for the CIMB Bank websites (www.cimbclicks.com.my or www.cimb.com.my)

When you see any website with .cc links, be wary because the .CC domains are registered in the Cocos (Keeling) Islands – an Australian territory of only 14 km², with only about 600 inhabitants.

Warning Sign #4 : No Personal Login Phrase / Picture

To avoid phishing attacks, banks now give you a secret response (like a picture or a phrase) to confirm that you are visiting their legitimate website.

If the website you are visiting gives you the wrong picture or secret phrase, you have been tricked into visiting a fake website designed to mimic the real bank website.

You should also remember that the bank website must show you secret picture or phrase right after you enter your login, but BEFORE you key in your password.

If you are asked to key in your password without the website displaying the secret phrase or picture, you have been tricked into visiting a fake website designed to mimic the real bank website.

 

CIMB Advice To Protect Against Fake SMS / Email Scams

Here is a list of DOs and DON’Ts to protect yourself against fake SMS / email scams.

Please DO follow these good practices

  1. Pay attention to your transaction alerts and check your account activities regularly. In case of any unusual activity, please contact us immediately.
  2. If you wish to contact us, ONLY call the number on the back of your card or refer to CIMB website “Contact Us” page.
  3. Always check the URL of the website that you are making purchases from. Ensure  the “lock” icon or “https” appears on the website’s address bar.
  4. Always find a reputable seller on online marketplaces by searching for reviews from other customers to know their experience.
  5. To access CIMB Clicks, type the entire URL as follows: www.cimbclicks.com.my
  6. Always remember to log out once you have completed your banking transactions.

Please DO NOT follow these bad practices

  1. Don’t panic and give personal information to fraudsters impersonating representatives of government agencies etc. even if they deploy fear tactics. Immediately call the number on the back of your card to verify with CIMB.
  2. Never apply for personal financing through unverified links or individuals promising a lower rate. CIMB does not impose any application charges for personal financing applications.
  3. Never take instructions from anyone to change the mobile number in CIMB records to any number other than your own mobile number.
  4. When transacting online, never continue with a purchase if you have any doubts if the seller is not genuine.
  5. Never share details such as your card number / User ID / PIN / password / TAC  with anyone or key them in in any website other than CIMB Clicks.
    (Note: CIMB will never ask for  your ‘User ID’, ‘Password’ or ‘TAC’ under any circumstances outside of CIMB Clicks).
  6. Do not click on links or open email attachments from unknown / unreliable senders / sources.
    (Note: Emails from CIMB will always end with @cimb.com such as cimb.marketing@cimb.com

 

Recommended Reading

Go Back To > Cybersecurity | BusinessHome

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Are Hackers Using Good Morning Messages To Hack You?

Are hackers using Good Morning videos, pictures and messages to hack your devices, and steal your data?

Find out what is happening, and what the FACTS really are!

 

Claim : Hackers Are Using Good Morning Messages To Hack You!

This post about Chinese hackers using Good Morning videos, pictures and messages to hack your devices, has gone viral on social media and WhatsApp :

Dear friends, please delete all welcome photos and videos in Good Morning format and the like. Read below the article to the end, which will be clear why I ask about it. From now on I will only send personally prepared greetings.

Read it all !!! Send this message urgently to as many friends as you can to stop the invasion.

Olga Nikolaevna Lawyer: Caution:
ATTENTION

For those who like to send Good Morning pictures! Good day! Good evening!

Do not send these “good” messages.

Today, Shanghai China International News sent SOS to all subscribers (this is the third reminder) that experts recommend: please do not send good morning, good night, pictures and videos,.
Reports show that hackers in China designed the images, the video is so beautiful to hide the phishing codes inside them, when everyone sends these messages, the hackers use your devices to steal personal information, such as bank card information and data to crack the phone.

It has been reported that more than 500,000 victims of fraud have already been deceived.

If you want to greet others, write your own message to protect yourself and your family and friends.

Important! Delete all greeting messages and pictures that you have on your phone for your own safety. If someone sent you such a picture, immediately remove it from the device. Malicious code takes time to deploy, so if you act immediately, no harm will be done.

Tell all your friends about this to prevent hacking.

Greet others by writing your own words, and send only images you create. The material you create yourself is completely safe. Please understand me correctly! All have credit cards attached to their phone. Everyone has a lot of contacts in their phones. You will create a threat not only to yourself, but to all the contacts that you have on your phones, your friends and acquaintances.
Take this very carefully! This is a harsh reality

ATTENTION !!!
Urgent information !!!

Some people have already restricted..!

 

Hackers Using Good Morning Messages To Hack You : Just Another Hoax!

Many of get blasted with Good Morning or Good Night messages every day from well-meaning friends and family.

While they are literally spam that clog up Facebook, Telegram and WhatsApp groups, they really do NOT allow hackers to hack your devices.

While it would be nice to see people stop this irritating practice, here are the reasons why Good Morning messages are harmless…

Fact #1 : Shanghai China International News Does Not Exist

The news organisation, Shanghai China International News, that was stated in the hoax does not exist.

Fact #2 : No Reports On Hackers Designing Good Morning Pictures + Videos

There are no reports on hackers from China or anywhere else creating these Good Morning pictures and videos.

In fact, they are mostly created by websites and Facebook pages for people to share, and hopefully attract new followers.

Fact #3 : No Fraud Involving Good Morning Messages

There has been no fraud involving Good Morning or even Good Night messages, videos or pictures.

Certainly, half a million victims of such a scam would have made front page news. Yet there is not a single report on even one case.

Fact #4 : Image-Based Malware Is Possible, But…

Digital steganography is a method by which secret messages and other data can be hidden in digital files, like a photo or a video, or even a music file.

It is also possible to embed malicious code within a Good Morning photo, but it won’t be a full-fledged malware that can execute by itself. At most, it can be used to hide the malware payload from antivirus scanners.

In January 2019, cybercriminals created an online advertisement with a script. The script itself would appear innocuous and pass any check.

However, the image itself has an “almost white” rectangle that is recognised by the script, triggering it to redirect the user to the cybercriminals’ website.

Once there, the victim is tricked into installing a Trojan disguised as an Adobe Flash Player update.

Fact #5 : Malicious Code Executes Immediately

If you accidentally download and trigger malware, it will execute immediately. It won’t wait, as the hoax message claims.

Deleting Good Morning or Good Night photos or videos will free up storage space in your phone, but it won’t prevent any malware from executing.

Also, most malware require some sort of action to trigger their execution. Generally (but not always), just downloading a malware won’t trigger it.

 

Recommended Reading

Go Back To > Cybersecurity | SoftwareHome

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


How Honeywell Is Helping Industries Tackle COVID-19!

Find out how Honeywell has pivoted to deliver new services and products that help critical industries tackle the COVID-19 pandemic!

 

How Honeywell Is Helping Industries Tackle COVID-19

Honeywell have long been a solution partner for critical industries, with over 100 years of global experience in various industries.

In an exclusive roundtable session, Norm L. Gilsdorf, President of Honeywell ASEAN, detailed how the COVID-19 pandemic has created a crisis for critical industries.

On the other hand, it offered Honeywell the opportunity to showcase their expertise in creating new solutions and products to meet the new challenges.

 

Honeywell Products + Services That Help Industries Tackle COVID-19

Honeywell have quickly pivoted to develop these new solutions and products to help critical industries In ASEAN countries and around the world better handle the challenges of the COVID-19 pandemic.

Honeywell UV Treatment System

The Honeywell UV Treatment System is a deep ultraviolet (UVC) sanitising system for airlines that significant reduces certain viruses and bacteria on airplane cabin surfaces.

It is roughly the size of the typical airline beverage cart, with arms that extend over the top of seats, to sweep the cabin with UVC light.

The Honeywell UV Treatment System can service an aircraft cabin in less than 10 minutes for just a few dollars per flight for midsize to large airline fleets.

Currently, several major airlines in the ASEAN region are testing this system on their aircraft.

Honeywell Healthy Building Solutions

The Honeywell Healthy Building Solutions are not new, but they go a long way to help companies protect their workforce from COVID-19.

By integrated air quality, safety and security technologies, they help to improve the health of building environments, operate more cleanly and safely, and help enforce social distancing policies.

The same technologies can also be employed in other public and commercial facilities like hospitals, airports, factories, educational institutions, etc. to enhance safety and compliance.

Honeywell Remote Industrial Solutions

The Honeywell Remote Industrial Solutions are being used by customers to handle COVID-19 related constraints and maintain business continuity, while protecting employees.

This software suite, which includes Experion Remote Operations, allow for remote management as well as work-from-home abilities for employees.

Honeywell Forge Cybersecurity Suite helps customers ensure business continuity in the face of mounting cyber threats, uncertain business conditions and supply chain disruptions.

Warehouse and logistics solutions help drive the exceptional growth of e-commerce in the ASEAN region and beyond, during the pandemic. They also support cold chain services for delivering medical products, including vaccines.

Other Honeywell Solutions That Help Against COVID-19

Other Honeywell solutions that help people and industries handle COVID-19 include :

  • Gas and flow sensors for ventilators, oxygen concentrators and respiratory machines;
  • Thermorebellion, a new temperature monitoring solution that incorporates advanced, infrared imaging technology and artificial intelligence algorithms to conduct non-invasive, preliminary screening of personnel entering facilities such as airports, hospitals and plants;
  • Dual layer face masks, personal safety packs and N95 masks.

 

COVID-19 : How To Keep Safe!

Here are a few simple steps to stay safe :

Recommended : Soap vs Sanitiser : Which Works Better Against COVID-19?
Recommended : Surgical Mask : How To CORRECTLY Wear + Remove!
Recommended : COVID-19 Food Safety : Fruits, Vegetables, Takeouts

 

Recommended Reading

Go Back To > Business | Cybersecurity | Home

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Kaspersky on APAC Digital Reputation Threats!

Vitaly Kamluk, Kaspersky Director of Global Research and Analysis for APAC, explores the impact of social media activities on our digital reputation, as well as those of brands and companies!

 

Digital Reputation : What Is It?

Digital reputation is the online version of good old fashion reputation. The only difference is that it is defined by our online behaviour and what people are saying about us, or the brand.

In short, our digital reputation is a combination of our digital footprint, and the impact it has on how other people perceive us, or the brand.

As the world becomes more connected, digital reputation is becoming more than just important – it is now critical to the future and success of any individual or corporation.

This has led to a shift in how people and brands behave online these days…

As Jesmond Chang, Head of Corporate Communications for Kaspersky APAC, shared above :

  • 32% of social media users in APAC use anonymous accounts
  • 50% of social media users in APAC avoid companies that are involved in a scandal, or had received negative news coverage online
  • 40% also stopped using a company’s or brand’s products once they are embroiled in some kind of online crisis.

 

Kaspersky on APAC Digital Reputation Threats!

At the 6th Vitaly Kamluk, Kaspersky Director of Global Research and Analysis for APAC, shared the latest threats to digital reputation in the APAC region, which is precipitated by the COVID-19 pandemic.

“One of the most visible effect of this pandemic is how it forced everyone, from individuals to the biggest companies, to shift a lot of their activities online.

This dependence, triggered by our need to secure our physical health, also pushed us to increase our social media use, either to connect with our distant loved ones, to give support to our community, to entertain ourselves, or to get hold of products and services that we need.

Parallel to this trend is the opening of wider doors for cybercriminals to exploit”

With many employees working from home, cybercriminals have found new ways to exploit this situation :

  • brute force attacks on database servers increased 23% in April 2020
  • Malicious files planted on websites increase 8% in April 2020
  • Network attacks and phishing emails also rose

Kaspersky themselves reported an increase of unique malware samples from 350,000 per day pre-COVID, to 428,000 per day!

With the increased reliance on online services, including remote work and learning, e-commerce purchases and a greater adoption of e-wallets, the 2020 threat landscape appears to favour cybercriminals.

 

Recommended Reading

Go Back To > Cybersecurity | BusinessHome

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Fact Check : CMCO / PKPB Extended To 31 December 2020?

Was the CMCO / PKPB lockdown extended until 31 December 2020 by Malaysian Prime Minister Muhyiddin Yassin?

Find out what’s going on, and what the FACTS really are!

 

Claim : CMCO / PKPB Extended To 31 December 2020!

The viral claim consisted of a video of Malaysian Prime Minister Muhyiddin Yassin, with the message:

CMCO extended until 31/12

In the video, the Prime Minister appeared to announce that the CMCO / PKPB lockdown would be extended until 31 December 2020.

However, he was not talking about the CMCO / PKPB lockdown… so we placed the FALSE overlay to prevent further abuse.

 

No, CMCO / PKPB Was Not Extended To 31 December 2020

The video does indeed show Malaysian Prime Minister Muhyiddin Yassin announcing the extension of the lockdown to 31 December 2020.

However, this video was recorded much earlier, on 28 August 2020, when he announced the extension of the PKPP / RCMO to 31 December 2020, not PKPB / CMCO.

You can see RMCO (Recovery Movement Control Order) or PKPP (Perintah Kawalan Pergerakan Pemulihan) mentioned in the screenshot below.

The Malaysian Prime Minister is expected to announce an extension of the CMCO / PKPB lockdown later this week.

But the extension is expected to be for an additional 2 weeks – from 7 December until 20 December, not until 31 December 2020.

However, nothing is certain until the official announcement is made.

This is the second fake news about a lockdown extension today, after the PKPD / EMCO extension hoax.

 

RMCO / PKPP vs CMCO / PKPB : What’s The Difference?

Recovery MCO (RMCO or PKPP) is the most lenient form of lockdown during the COVID-19 pandemic, with greater liberalisation of the economy :

  1. Interstate travel is permitted, except to areas under Enhanced MCO (EMCO) or administrative restrictions.
  2. Barbers and hair salons are allowed to reopen, subject to SOP.
  3. Beauty parlours and nail salons are allowed to reopen, subject to SOP.
  4. Museums are allowed to reopen.
  5. Busking (indoor) and filming activities will be allowed.
  6. Meetings and workshops will be allowed.
  7. Morning / evening / night markets are allowed.
  8. Hawker stalls are allowed.
  9. Recreational fishing and commercial fisheries will be allowed.
  10. Gyms and snooker halls will be allowed.
  11. Non-contact sports like bowling, badminton, archery and shooting will be allowed.
  12. Outdoor group sports like kayaking and cycling will be allowed.
  13. Indoor sports like snooker, yoga, aerobics will be allowed.
  14. Malaysia’s borders remain closed, but local tourism will be allowed.
  15. Religious activities, like Hari Raya Aidiladha celebrations, will be allowed, subject to JAKIM’s SOP
  16. Schools will be reopened in stages throughout the RMCO, based on advice from the Ministry of Education.
  17. Places of worship will be allowed to reopen, subject to SOP
  18. Normal business operating hours to resume, with social distancing, hand washingface masks.

The current Conditional MCO (CMCO or PKPB) is less lenient, limiting interstate travel only for work and business purposes only, among other limitations :

  • Only two persons from each household are allowed to go out to purchase food supplies or daily necessities.
  • Only two persons from each household are allowed to dine-in at any restaurant / cafe.
  • No one is allowed to enter or leave the areas under CMCO lockdown.
  • Interstate travel is forbidden, except for work, economic or industrial purposes.
  • Supermarkets, shopping malls and retail stores are allowed, between 6 AM and 12 AM.
  • Restaurants, food stores, food trucks, hawkers, food courts, food stalls, food kiosks, groceries and convenience stores are allowed to open from 6 AM until 12 AM.
  • All public and private schools, institutions of higher learning, vocational training institutes, kindergartens, day care centres, tahfiz centres, public parks and recreation centres must close.
  • All seminars, workshops, courses, training, conferences, lectures and MICE (Meeting, Incentives, Conventions and Exhibitions) are forbidden.
  • All domestic tourism activities that cross into or out of the CMCO areas are forbidden.

For more details, please see Peninsular Malaysia : Official CMCO / PKPB SOP!

 

Recommended Reading

Go Back To > Fact Checks | BusinessHome

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Fact Check : Fat Bidin Claims On MySejahtera Snooping!

Wan Azlee, who goes by Fat Bidin, claims that MySejahtera is mining private information from our phones.

Find out what he discovered, and what the FACTS really are!

Updated @ 2020-12-03 : Added MySejahtera version history for more context.

Updated @ 2020-12-01 : Added more information, including how to disable permissions in Android and iOS for the paranoid.

Originally posted @ 2020-11-30

 

Fat Bidin : MySejahtera Is Mining Information From Our Phones!

In Episode 41 of Fat Bidin Knows Everything, Wan Azlee claimed (between mouthfuls of oats) that MySejahtera is mining a wealth of private information from our phones.

His evidence? A report by the Exodus Privacy website, stating that MySejahtera has 6 trackers and 24 permissions.

He went through the 24 permissions and made these concerning observations about MySejahtera :

  • it can take control of your phone and pair it with your Bluetooth devices
  • directly call phone numbers
  • find accounts on your phone
  • read your contacts in your phone
  • read the contents of your SD card
  • modify or delete the contents of your SD card
  • prevent your phone from sleeping
  • modify your contacts

Phwoarrrr…. shocking, isn’t it? Wan Azlee / Fat Bidin then asks the Malaysia Ministry of Health to be transparent and tell us what’s going on.

Well, let’s take a closer look at his claims…

 

Fat Bidin On MySejahtera Is Mining Our Information : A Fact Check

Wan Azlee is very articulate, but Fat Bidin honestly doesn’t quite know everything… and here’s why.

Fact #1 : That MySejahtera Version Was From April 2020

Fat Bidin posted his video on 24 November 2020, and we noticed that he was checking an old version of MySejahtera – version 1.0.10, that was posted way back in April 2020.

For the record, there has been FOURTEEN UPDATES since that version :

  • 1.0.11 : 23 April 2020
  • 1.0.12 : 28 April 2020
  • 1.0.13 : 3 May 2020
  • 1.0.15 : 4 May 2020
  • 1.0.16 : 13 May 2020
  • 1.0.17 : 23 May 2020
  • 1.0.18 : 30 May 2020
  • 1.0.19 : 3 June 2020
  • 1.0.20 : 28 June 2020
  • 1.0.21 : 30 June 2020
  • 1.0.22 : 21 July 2020
  • 1.0.23 : 29 July 2020
  • 1.0.24 : 11 August 2020
  • 1.0.25 : 5 November 2020

The latest version of MySejahtera – version 1.0.25 –  was released on 5 November 2020 – 19 days before Wan Azlee posted his video.

Why on Earth would he focus on a 6 month-old version of the app, when there is a much newer version?

Fact #2 : Exodus Posted Their Latest MySejahtera Report On 20 November 2020

Exodus posted their latest report on the latest version of MySejahtera (version 1.0.25) on 20 November 2020 at 10:47 am (as you can see in this screenshot).

That was 4 days before Wan Azlee posted his video, so why didn’t he use this new report instead?

Fact #3 : MySejahtera Has 1 Tracker + 14 Permissions According To Exodus

According to the November 20 Exodus report, MySejahtera has 1 tracker – Google Firebase Analytics, and 14 permissions, of which the highlighted ones were :

  • ACCESS_COARSE_LOCATION : access approximate location (network-based)
  • ACCESS_FINE_LOCATION : access precise location (GPS and network-based)
  • CALL_PHONE : directly call phone numbers
  • CAMERA : take pictures and videos
  • READ_EXTERNAL_STORAGE : read the contents of your SD card
  • WRITE_EXTERNAL_STORAGE : modify or delete the contents of your SD card

We immediately noticed that several controversial permissions are no longer in it :

  • GET_ACCOUNTS : find accounts on the device
  • READ_CONTACTS : read your contacts
  • WRITE_CONTACTS : modify your contacts

So if you are worried that MySejahtera is reading your contacts or modifying them, just UPDATE it to the latest version 1.0.25!

Fact #4 : Actual Permissions Are Fewer

When we checked MySejahtera 1.0.25 as installed in our phone, we found that it actually asked for and used only 11 permissions, instead of 14 as reported by Exodus.

The report also offered a bit more context about those permissions. For instance, location data is only made available when you are actively using the app.

That’s because the location data is used by MySejahtera for its Hotspot Tracker and Locate Health Screening Facility features.

In your phone, you can tap on them for more information on what they allow the app to do.

Fact #5 : Apps Need To Read, Modify + Delete Their Own Data

The permission to read, modify and delete content on our phone may seem ridiculous, but it is a necessity for most apps.

Unless the apps is merely a container for a website or web service, it needs to store data, and modify or delete it when necessary.

Fact #6 : Access To External / SD Card Is Necessary

Most developers will also ask for the permission to read, modify and delete content to the (micro) SD card, because of Adoptable Storage.

Adoptable Storage is a feature that lets smartphones use external storage (like a microSD card) as if it is part of their internal storage.

When a microSD card is used this way, apps like MySejahtera can be installed on it. Therefore, it would require permission to read, modify and delete its own data on the external storage card.

Fact #7 : Android Restricts Data Snooping

Apps that have access to read / modify / write external storage are allowed to access files from other apps. However, this is limited to only these three media collections :

  • MediaStore.Images
  • MediaStore.Video
  • MediaStore.Audio

MySejahtera, or any other app with similar permissions, cannot read / modify / delete data outside of those three media storage locations.

Fact #8 : MySejahtera Has A Privacy Policy

Like all other Android and iOS apps, MySejahtera has a privacy policy, where it is stated clearly that

MySejahtera is owned and operated by the Government of Malaysia. It is administrated by the Ministry of Health (MOH) and assisted by the National Security Council (NSC) and the Malaysian Administrative Modernisation and Management Planning Unit (MAMPU). The Government assures that the collection of your personal information is align with Personal Data Protection Act 2010 (Act 709).

The app will not record user’s Personal Data except with the permission and voluntarily provided by the user. Information collected are used for monitoring and enforcement purposes by Government authorities in dealing with the COVID-19 pandemic. This information is not shared with other organizations for other purposes unless specifically stated.

Fact #9 : You Are Protected By PDPA 2010 (Act 709)

We are all protected by the Personal Data Protection Act 2010 (Act 709).

Anyone who is caught sharing our personal data without permission is be liable to a fine not exceeding three hundred thousand ringgit or to imprisonment for a term not exceeding two years or to both.

Fact #10 : You Can Disable Permissions

You can view and disable any permission that worries you :

Android

  1. Go to Settings > Apps >  MySejahtera > Permissions.
  2. Tap on the permission you don’t want, and select Deny.

Apple iOS

  1. Go to Settings > MySejahtera.
  2. Disable the permissions you don’t want.

But note that doing this will likely break some features in MySejahtera.

Fact #11 : Many Other Apps Are Worse For Your Privacy

When it comes to privacy, we have bigger fishes to fry. Take a look at how many trackers and permissions these four popular apps require.

They make MySejahtera look absolutely privacy-conscious!

 

Recommended Reading

Go Back To > Cybersecurity | SoftwareHome

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Fact Check : Tsunami Waves Hit Second Penang Bridge?

Did giant tsunami waves hit the second Penang bridge – the Sultan Abdul Muadzam Shah Bridge? Find out what the facts really are!

 

Claim : Tsunami Waves Hit Second Penang Bridge At 6PM Yesterday!

A video claiming to show the Second Penang Bridge getting hit by giant tsunami waves, is going viral on social media.

Dramatically, a person appeared to be swept away by a giant wave, and a motorcyclist quickly fled another giant wave! Here is a video mash-up of two examples we found so far…

 

Did Tsunami Waves Hit Second Penang Bridge? Nope!

This is yet another example of fake news spreading like COVID-19 on social media.

The video is genuine, but it does NOT show giant tsunami waves hitting the Second Penang Bridge.

Fact #1 : This Bridge Is Too Small To Be Second Penang Bridge

In the main span, the Second Penang Bridge has a height clearance of 30 metres for ships to pass under. The bulk of the bridge has a much lower 6 metre clearance.

The Second Penang Bridge is also very wide – between 150 and 250 metres, with 4 car lanes and 2 motorcycle lanes.

The bridge in the video appears to be much shorter, with a 4 metre clearance; and much narrower with just 2 lanes.

Fact #2 : No Report Of Any Tsunami Affecting Penang

There has been no earthquakes nearby, or reports of any tsunami affecting Penang.

The waves appear to be approximately 12-15 metres high, and would have been big news. Yet there is no mention of it in the mainstream media? Very sus, no?

Fact #3 : This Is An Old Video

This video went viral earlier in July 2020, when it was posted as evidence of a tsunami hitting a bridge in Alaska after an earthquake there. However, that was false as well.

The earliest we could find was a December 2017 tweet by a CNBC-AWAAZ anchor, Deepali Rana, who claimed that it was a video of the Bandra-Worli Sea Link. That is also false!

Fact #4 : The Video Was Recorded On Minicoy Island

The video was recorded on 23 August 2017, showing giant waves hitting the Eastern Jetty at Minicoy Island (Maliku), in Lakshadweep, India.

Here is a picture of the Eastern Embarkation Jetty, with a surfer for size comparison.

 

Recommended Reading

Go Back To > Fact Checks | Home

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Nobel laureate Tasuku Honjo confident US created COVID-19?

Nobel laureate Professor Dr. Tasuku Honjo allegedly said that he is confident that the US created the COVID-19 coronavirus, which is not a natural virus based on his research.

Find out what he said, and if it’s true that the US created the COVID-19 coronavirus!

Updated @ 2020-11-28 : Added the Chinese variant of the story, including other updates.

Originally posted @ 2020-04-27

 

Claim : Tasuku Honjo Confident US Created COVID-19!

This is the article that has been going viral on social media since April 2020.

SHOCKING
令人震惊 日本的生理学和醫學教授本庶佑(Tasuku Honjo)博士証明新冠狀病毒來自美国

Japan’s professor of Physiology & Medicine, Professor Dr Tasuku Honjo, created a sensation in front of the media today by saying that the corona virus is not natural. If it is natural, it wouldn’t have adversely affected entire world like this, as per nature.
日本的生理学和醫學教授本庶佑(Tasuku Honjo)博士 (註一)今天在媒体面前製造了轟動,他说冠狀病毒不是天然的。如果這是自然的,根據性質, 它不會對整個世界造成這樣的負面影響。

Temperature is different in different countries. if it is natural, it would’ve adversely affected only those countries having same temperature as China. Instead, It is spreading in a country like Switzerland, in the same way it is spreading in the desert areas.
不同的國家有不同溫度。如果它是自然的,它只會對那些與中國溫度相同的國家產生不利影響。相反,它正在瑞士這樣的國家傳播,就像它在沙漠地區傳播一樣。

On 25 April 2020, Mir Monaz Haque, the Editor-In-Chief of Asia Today, posted this variant on his Facebook page (now deleted) without comment, lending further credence to the story :

SHOCKING

Japan’s professor of Physiology or Medicine, Professor Dr Tasuku Honjo, created a sensation in front of the media today by saying that the corona virus is not natural.

 

Tasuku Honjo confident US created COVID-19? Complete Bullshit

This story is such complete bullshit and appears to be a bastardised version of the original hoax which blamed China.

  • Professor Tasuku Honjo issued a statement refuting those claims.
  • Professor Tasuku Honjo does not work on viruses, and has never said that the virus is artificial.
  • Genomic analysis have proven that SARS-CoV-2 is a natural virus that is very closely-related to bat coronaviruses.
  • Multiple strains in the USA would prove that it is not the origin of COVID-19 virus.
  • The COVID-19 pandemic started in Wuhan, China… not Maryland, USA

 

Tasuku Honjo Confident USA Created COVID-19 : The Facts

For those who are thinking to themselves, “How do you know it’s fake? You were NOT there!“, here are the reasons why we know for sure…

Fact #1 : Viruses Can Spread In Cold + Warm Climates

While certain viruses spread easier in warmer climates, other viruses spread better in colder climates.

The susceptibility of a virus to humidity and temperature depends on whether it has a lipid bilayer envelope or not.

The COVID-19 coronavirus is enveloped, and is thus more likely to spread better in cold, dry climates. But that doesn’t mean it cannot spread well in warm, humid climates.

Fact #2 : SARS-CoV-2 Is Natural, And Related To Bat Coronaviruses

Genomic analysis have proven that the COVID-19 is natural, for these reasons :

  • an artificial virus would have to be created from existing viruses and their genetic data
  • the SARS-CoV-2 virus has components that have never been seen before
  • it is very similar to existing bat coronaviruses.

Fact #3 : Professor Honjo Does Not Work On Viruses

Tasuku Honjo is a professor of Immunology and Genomic Medicine. He has only worked on immunology, not virology.

His 2018 Nobel Prize, in particular, was for his work on stimulating the immune system to attack tumour cells in cancer.

Fact #4 : Tasuku Honjo Issued A Statement Refuting The Claim

Professor Honjo issued this statement through one of his PhD students :

Prof. Honjo never gave any such statement. Each and every sentence of this post is completely false and has no connection with truth.

Prof. Honjo never worked in Wuhan laboratory. He never called there. He did not work on virus origin and functions and other related issues.

All the contents are just concocted and nothing else.

Fact #5 : Tasuku Honjo Said COVID-19 Originated In China

In an interview with Nikkei Asian Review on 10 April 2020, Professor Tasuku Honjo said that COVID-19 originated in China, but also that it will be the first country to recover from it.

However, he never said that it was manufactured or created by China. Originating in a country, is quite different from creating it.

Fact #6 : Multiple Strains Denote A Later Time Line

Viruses mutate and create new strains over time. A novel virus like COVID-19 would start with a single strain and evolve into multiple strains as it spreads globally and mutate over time.

Hence, the very fact that there are five strains in the United States would actually refute it as the source of SARS-CoV-2 – the COVID-19 coronavirus.

In fact, by analysing the genomic changes of these strains, scientists have pretty much concluded that SARS-CoV-2 did indeed originate in China.

Fact #7 : Earliest COVID-19 Death In US Was In February 2020

The CDC did not wrongly diagnose COVID-19 deaths in the US from July to December 2019.

The earliest death from COVID-19 in the US was revised on 22 April 2020, with the diagnosis of three COVID-19 deaths in Santa Clara, California :

  • a 57 year-old woman on 6 February 2020
  • a 69 year-old man on 17 February 2020
  • a 70 year-old man on 6 March 2020

Fact #8 : Fort Detrick Was Closed Because Of Sterilisation Plant Failure

The CDC temporarily shut down the US Army lab at Fort Detrick on 2 August 2019, after finding “biosafety lapses” there.

Conspiracy theorists pounced on that as “evidence” that COVID-19 may have leaked from Fort Detrick, but a quick check would reveal that :

  • the shutdown was ordered because the lab was no longer able to decontaminate wastewater from its highest security labs.
  • the lab’s steam sterilisation plant was damaged in a flood in May 2018, and they had been using a chemical decontamination method instead.
  • no disease-causing materials were found outside authorised areas
  • if SARS-CoV-2 leaked from Fort Detrick, Maryland would have been the epicentre of the COVID-19 outbreak, not Wuhan.

Fact #9 : SARS-CoV-2 Is Just ONE Of Many Coronaviruses

Conspiracy theorists keep saying that coronavirus deaths were reported long before SARS-CoV-2 appeared in Wuhan.

But the fact of the matter is – SARS-CoV-2 is merely one of many coronaviruses in the world, including SARS and MERS!

The earliest cases of COVID-19 have so far been traced back to Wuhan, China.

 

Why Would Someone Create This Fake Story?

With China’s aggressive foreign policy moves in recent years, it is not uncommon to see fake pro-China, anti-America stories being created and shared.

Many believe it’s part of a concerted attempt to burnish China’s image overseas, and to drown out negative coverage of China’s controversial Belt and Road Initiative, and their aggressive moves in the South China Sea..

This COVID-19 was made in the US is also part of the narrative China has been trying to push, after US President Donald Trump blamed them for the COVID-19 pandemic.

Whatever the reasons may be, it is our duty as global citizens to stop the proliferation of such fake stories.

Please share this fact check with your friends, so they know the truth!

 

Recommended Reading

Go Back To > Fact Checks | ScienceHome

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Dell EMC PowerProtect Cyber Recovery for Sheltered Harbor!

Dell EMC PowerProtect Cyber Recovery just received a Sheltered Harbor endorsement!

Find out what this means for financial services organisations looking for a Sheltered Harbor-certified turnkey data vault!

 

Dell EMC PowerProtect Cyber Recovery : Endorsed by Sheltered Harbor!

On 10 November 2020, Dell EMC PowerProtect Cyber Recovery was officially endorsed by Sheltered Harbor – the non-profit initiative to improve the stability and resiliency of the financial sector.

This is the culmination of two years of work between Dell and Sheltered Harbor teams, to develop a solution designed for financial services organisations.

If your organisation is a Sheltered Harbor participant, or eligible to be one, you can now purchase and quickly deploy the Dell EMC PowerProtect Cyber Recovery – a turnkey data vault that meets all of the stringent Sheltered Harbor criteria.

The Dell EMC PowerProtect Cyber Recovery Solution for Sheltered Harbour helps participants achieve compliance with data vaulting standards and certification, and plan for operational resilience and recovery against any cyber attack.

If your organisation is not part of the Sheltered Harbor community, you can still deploy PowerProtect Cyber Recovery to protect your data with the same stringent Sheltered Harbor standards.

 

Dell EMC PowerProtect Cyber Recovery : What Is It?

Dell EMC PowerProtect Cyber Recovery is an on-premise turnkey data vaulting solution that protects customers from all kinds of cyber threats.

Its CyberSense analytics and machine learning capabilities allow customers to monitor data integrity, ensuring the continued quality of their data.

It also comes with forensic tools to let customers discover, diagnose and remediate ongoing attacks.

 

Recommended Reading

Go Back To > Enterprise IT | Cybersecurity | Home

Support Tech ARP!

If you like this review, please support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Fact Check : Is There Pork In OLDTOWN Curry Mee?

A video claiming that OLDTOWN White Coffee used pork in their curry mee has gone viral, leading to an official investigation by the authorities!

Find out what happened, and what the FACTS really are!

 

Viral Video : Pork In OLDTOWN Curry Mee?

In the video that went viral on Facebook and WhatsApp, a man accused OLDTOWN White Coffee of using pork in their curry mee.

He pokes at the red-coloured meat, and insists that they put in 5-6 slices of pork.

For our foreign readers who may not understand, pork is haram (forbidden) for Muslims.

 

KPDNHEP Investigates Claims Of Pork In OLDTOWN Curry Mee

The accusation is so serious in Malaysia, that the Ministry of Domestic Trade and Consumer Affairs (KPDNHEP) launched an investigation.

Five KPDNHEP Selangor officers inspected the OLDTOWN White Coffee restaurant in Subang Jaya on 13 November 2020, and took samples of the alleged pork used in their curry mee.

Note that this officer is holding a packet of BBQ Chicken, and pointing at its halal stamp.

 

The Truth : There Is NO Pork In OLDTOWN Curry Mee!

Here is the short verdict on the viral video. It’s a FALSE ACCUSATION, and there is NO PORK in OLDTOWN White Coffee’s curry mee.

This is yet another viral video that has been proven to be FALSE, and here are the reasons why…

Reason #1 : JAKIM + KPDNHEP Confirmed The Claim As FALSE

After investigating the claim, both JAKIM and KPDNHEP confirmed that the claim in the video is false.

The meat used was chicken, not pork, as alleged by the man in the video.

JAKIM also warned the public not to make baseless accusations, while OLDTOWN is consulting their lawyers to determine if they should take action against those who made the false accusation.

Reason #2 : Char Siu Is Not Always Pork

It is likely that the man in the video mistook the red-coloured meat as char siu – barbecued pork.

However, char siu versions of other meats like chicken, beef and venison are available for Muslims, and those who prefer not to eat pork.

After all, the char siu seasoning is made from honey, five-spice powder, red fermented bean curd, dark soy sauce, hoisin sauce and red food colouring, and can be applied to most meats.

In fact, OLDTOWN White Coffee uses chicken char siu in their curry mee, which is clearly visible in their product shot :

Reason #3 : OLDTOWN White Coffee Is Halal-Certified

OLDTOWN White Coffee is a chain of halal-certified restaurants. That means they have to abide by these rules :

  1. Equipment used shall be free from najs, does not contain any hazardous materials and results in side effects to the products produced;
  2. Appliances / brushes from animal hair are not allowed;
  3. The arrangement of equipments and goods in the factory shall be neat, tidy and safe;
  4. Workers are not allowed to live in the premise compound. If it is necessary, living quarters for the workers shall be:
    a. having separate entrance to the premise compound;
    b. no direct passage way from the worker’s living quarters to the premise compound; and
    c. there is a control mechanism on the movement in and out of workers.
  5. Non-halal food/ beverages are not allowed to be brought into the premise compound;
  6. The premise shall have an effective control system from premises that process/ prepare non-halal materials;
  7. All central kitchens and outlets for chain restaurants/ franchise/ food court shall apply for halal certification; and
  8. Liquor and materials sourced from liquor is strictly prohibited to be in the halal kitchen and hotel including the storage area.

While it is not necessary for Muslims to eat only from halal-certified restaurants, a valid Halal certificate means they undergo periodic inspections to ensure they follow the rules.

Reason #4 : Chicken Is Much CHEAPER Than Pork

One of our reader, Johari Jeffrey, points out that chicken is much cheaper than pork.

So it wouldn’t make sense for any business to substitute chicken for a more expensive meat like pork.

 

Recommended Reading

Go Back To > Fact Check | BusinessHome

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Lazada RedMart Data Breach : What You Need To Know!

Lazada just admitted that a data breach involving their RedMart customer database that could affect some 1.1 million customers!

Find out what happened, and what it could mean for Lazada and RedMart customers!

 

Lazada RedMart : What Is It?

RedMart is an online grocery platform in Singapore that was founded in August 2011.

Lazada acquired RedMart in November 2016, and started to integrate it into their platform in March 2019.

This March 2019 date is important, because that was when the RedMart database was last updated.

 

Lazada RedMart Data Breach : What Happened?

The Lazada RedMart database was spotted for same in an online forum, amongst many other databases stolen from other e-commerce websites.

In this screenshot, you can see that it claims to have details on 1.1 million Lazada RedMart customers :

  • Email address
  • Password
  • Mailing address
  • Name
  • Phone number
  • Partial credit card information

Picture Credit : CNA

In a statement posted on 30 October 2020, Lazada confirmed the data breach involving their RedMart database.

They assert that only the old RedMart database that was “18 months out of date” when it was last updated in March 2019.

Singapore, 30 October 2020 – Lazada places great importance on protecting your personal information, and we value the trust you have placed with us. On 29 October 2020, as part of our proactive monitoring, our cybersecurity team discovered a data security incident in Singapore, involving a RedMart-only database hosted on a third-party service provider. The customer data hosted on this database is more than 18 months out of date as it was last updated in March 2019.

The customer information that was illegally accessed include the names, phone numbers, emails, addresses, encrypted passwords and partial credit card numbers of RedMart customers. We have taken immediate action to block unauthorised access to the database. This data was used on the previous RedMart app and website, which are no longer in use. Lazada customer data in Southeast Asia is not affected by this incident.

Protecting the data and privacy of our users is of utmost importance to us. Apart from reviewing and fortifying our security infrastructure, we are working very closely with the relevant authorities on this incident and remain committed to providing all necessary support to our users.

We want to be transparent about this incident with all of our customers and reassure you that we are taking it seriously.

They also set their platform to log out all Lazada users, and require them to register a new password.

They are also warning their users to be on the alert for spam mails requesting personal information.

 

Lazada RedMart Data Breach : What’s The Implication?

A Data Breach Is A Data Breach Is A Data Breach

Lazada may claim that the data and privacy of their users are of the utmost importance, but the data breach says otherwise.

They left a database they no longer used since March 2019 on a third-party service provider, and accessible online all this time.

Any half-decent cybersecurity specialist would have told them to take the database offline, unless it was essential to the operation of the website.

Closing The Barn Door After The Horses Have Bolted

Lazada immediately blocked unauthorised access to their RedMart database, but that’s like closing the barn door after the horses have bolted.

Once the data was stolen, all it does is prevent other attackers from stealing the data for themselves.

Lazada Migrated RedMart Users In March 2016

It seems a little disingenuous for Lazada to announce that the data was used in “the previous RedMart app and website, which are no longer in use“.

They appear to have migrated RedMart users to Lazada on 15 March 2016 using the same data that was just stolen.

Unless RedMart users changed their passwords, addresses, phone numbers, email addresses or credit card details AFTER they were migrated to the Lazada platform, they remain exposed by the data breach.

The Data Isn’t Necessarily Outdated

Most of us don’t change our logins and passwords that often. And we often reuse the same login and password combination for different websites.

So it is scant assurance that their RedMart database was last updated in March 2019, even if we take their word that it was more than 18 months out of date.

This data breach exposes all affected RedMart users to the possibility of their other accounts being breached as well.

Only Ex-RedMart Users Affected

The only saving grace we can see here is that it looks like only former RedMart users are affected by this data breach.

That means Lazada users who never registered or used the RedMart app or website are not affected.

 

Lazada RedMart Data Breach : What Can You Do?

If you ever registered for, or used, RedMart before their migration to the Lazada platform in March 2016, we highly recommend that you :

  • change your Lazada password
  • change the password of accounts that use the same password as your Lazada / RedMart account
  • do NOT click on links in emails warning you about this data breach and asking you to change your password
  • do NOT respond to calls or messages warning you about this data breach
  • do NOT respond to requests for personal information

 

Recommended Reading

Go Back To > Cybersecurity | Business | Home

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Fact Check : COVID-19 Warning By Dr. Chong Yit Khang

The COVID-19 warning by Dr. Chong Yit Khang from the Kuala Lumpur Hospital has gone viral for the second time!

Find out if what he warned about the COVID-19 condition in Malaysia is true!

 

COVID-19 Warning By Dr. Chong Yit Khang

This viral warning (pun intended!) by Dr. Chong Yit Khang on the dire state of COVID-19 infections in Malaysia was originally posted in March.

It has gone viral for the second time, after COVID-19 cases started rising rapidly in Malaysia.

Dr. Chong Yit Khang Medical Officer
Kuala Lumpur General Hospital

Malaysia is finally forced into entering a stormy time. As the number of Covid-19 cases increases, all we can do now is to minimize the damage. Malaysia is entering the Delay Phase from the Containment Phase.

During the Containment Phase, medical staff will try to detect a confirmed case from a sea of suspected cases and isolate the patient to prevent the virus from spreading in the local population.

Our quarantine period has failed in a way. On the one hand, it is due to policy failure. On the other hand, the virus is highly contagious. Of course, the self-awareness and quality of the people play a great influence at this stage. Compliment or derogatory, let the history decides.

The government’s Movement Restriction Order falls in the Delay Phase. The government has led the masses to prevent the virus from spreading further. At this time, it is no longer meaningful to find cases and isolate them. The virus has spread to the masses and the existing government hospitals are not capable to provide enough isolation facilities.

We are currently in the blocking period. If everyone follows the instructions to reduce outdoor activities, or the virus will spread further, an increase in cases is inevitable. The virus needs a host to survive, and we pose as a delicious dish in the eyes of the virus.

If people insist on going out during the blocking period to let the virus spreads, then we will very soon enter the Mitigation Phase.

At any stage, the high infection rate of the virus has exceeded the load and expectations of all medical institutions. When the medical institutions cannot handle a sudden surge of patients, we can only leave it in the hands of the Almighty.

As a civil servant with the government’s Ministry of Health, I am honestly telling you that we are already struggling to deal with patients on a day-to-day basis .The economy is not good, more and more patients are being admitted in the government hospitals. Private hospitals do not accept patients with Covid-19.

If there is really an outbreak, we have no ability to rescue you.

It is not that we don’t want to, it is because we can’t.

You will face with the problem of no beds in the hospital, severe shortage of ventilators and insufficient medical resources. If you don’t wake up now and don’t take responsibility of your life seriously, then at least don’t spread it to other innocent people.

There are many ways to die. Please don’t bring others along with you. That’s a mean thing to do.

I would like to ask the people of Malaysia to listen to the medical staff’s request and our mission here is to ensure everyone stays safe and healthy. Let’s work together to solve this pandemic. How about let’s wait after it’s over, then only we come out to celebrate?

Dr. Chong Yit Khang
Medical Officer
Emergency Department, Kuala Lumpur General Hospital

Please copy and share

 

COVID-19 Warning By Dr. Chong Yit Khang : The Truth

After the warning by Dr. Chong Yit Khang went viral on social media, and particularly WhatsApp, the Kuala Lumpur Hospital launched an investigation.

After questioning Dr. Chong Yit Khang, they determined that he did not write the post, and whoever wrote it falsely used his name and position to lend it authority.

He subsequently made a police report about the viral message that was falsely attributed to him.

On 17 August 2020, the Director of the Kuala Lumpur Hospital, Datuk Dr. Heric Corray issued this statement (with  our English translation below) :

MEDIA STATEMENT REGARDING VIRAL ISSUE IN THE WHATSAPP APP REGARDING “PLEASE COPY AND SHARE REGARDING COVID-19

The Kuala Lumpur Hospital would like to refer to a viral news spreading through the WhatsApp application regarding the charges by a Medical Officer called Dr. Chong Yit Khang who issued a statement on the policy and operating issues of the Malaysia Ministry of Health in combating the COVID-19 pandemic.

For your information, the Kuala Lumpur Hospital would like to strongly deny the statement. The Medical Officer was identified and asked to give his feedback on this issue that went viral since March. The investigation found that his name and position was used without his knowledge and the issues in the viral message were false and not written by him. In addition, the Medical Officer made a police report about the message that associated him with the viral issue.

With regards to that, the Kuala Lumpur Hospital would like to request that the public be vigilant and do not spread unverified news or information that can cause panic and anxiety. For accurate and factual information about COVID-19 in Malaysia, please refer to the official source of the Malaysia Ministry of Health (www.moh.gov.my).

On 6 October 2020, the Malaysia Ministry of Health issued another statement about this post when it went viral for the second time.

They added the FAKE and PALSU overlays in red to make sure everyone understood that it’s fake.

 

 

COVID-19 : How To Keep Safe!

Here are a few simple steps to stay safe from COVID-19 :

Recommended : Soap vs Sanitiser : Which Works Better Against COVID-19?
Recommended : Surgical Mask : How To CORRECTLY Wear + Remove!
Recommended : COVID-19 Food Safety : Fruits, Vegetables, Takeouts

 

Recommended Reading

Go Back To > Fact Check | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

VMware vSphere 7 Now Supports AMD SEV-ES Encryption!

VMware just announced that vSphere 7 Update 1 will add support for AMD SEV-ES encryption!

Find out what this means for enterprise security, and the future of AMD EPYC processors!

 

AMD SEV-ES Encryption : What Is It?

SEV-ES, short for Secure Encrypted Virtualization-Encrypted State, is a hardware-accelerated encryption capability in AMD EPYC processors.

Leveraging both the AMD Secure Processor and the AES-128 encryption engine built into every AMD EPYC processor, SEV-ES encrypts all CPU register contents when a virtual machine stops running.

This prevents the leakage of information from the CPU registers to components like the hypervisor. It can even detect malicious modifications to a CPU register state.

 

VMware vSphere 7 Now Supports AMD SEV-ES Encryption!

VMware vSphere 7 Update 1 adds support for both AMD SEV-ES and AMD EPYC processors.

The AMD Secure Processor in the first-generation EPYC processors can handle up to 15 encryption keys.

That increases to more than 500 encryption keys with the second-generation EPYC processors.

ESXi has many layers of isolation within its virtualised infrastructure, but all of that is implemented in software. They still require a level of trust in the hardware, which is where AMD SEV-ES comes in.

A guest operating system that supports SEV can ask the AMD Secure Processor to issue it an encryption key, for full in-memory, in-hardware encryption.

SEV-ES extends that protection to CPU registers, so that the data inside the CPU itself is encrypted. This protects the data from being read or modified when the virtual machine stops running.

Even a compromised hypervisor that accesses the register data cannot make use of it, because it is now encrypted.

Needless to say, adding support for AMD SEV-ES in vSphere 7 will spur the uptake of AMD EPYC processors in the datacenter.

 

Recommended Reading

Go Back To > Enterprise IT | CybersecurityHome

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


How Hackers Attack Healthcare During COVID-19 Pandemic!

Even during the COVID-19 pandemic, hackers have been attacking the healthcare system already buckling under pressure.

Take a look at the first part of a newly-released documentary on how hackers are attacking the healthcare system, and what it means for us and the world!

 

How Hackers Attack Healthcare During COVID-19 Pandemic!

Cybercriminals and state-sponsored hackers do not care that almost a million people have died from COVID-19. In fact, they see the pandemic as an opportunity.

Over the last few months, the creators of this documentary spoke to hospitals, law enforcement agencies, health organisations and research centres across the world, to understand how they are coping with increased cyberattacks and malware.

This particular feature was directed by Didi Mae Hand, and produced by Max Peltz.

 

Hackers Increased Attacks On Healthcare During COVID-19 Pandemic

The documentary reveals a shocking surge in cyberattacks on healthcare systems during the COVID-19 pandemic. The World Health Organisation (WHO), for example, reported a 5X increase in cyberattacks on its systems since March 2020.

State-sponsored hackers are mainly looking for biodata, including research on COVID-19 vaccines. Meanwhile, cybercriminals are capitalising on the fact that hospitals may be more willing than usual to pay a ransom.

For example, the Brno University Hospital, which was responsible for running a big share of COVID-19 testing in the Czech Republic, was held to ransom and forced to shut down its IT network at a critical time.

Fortunately, the surge in cyberattacks was met with an incredible response by the cybersecurity community. Some 3000 cybersecurity volunteers created the CV19 group to provide hospitals and healthcare institutions with free support to protect their systems.

 

Recommended Reading

Go Back To > Cybersecurity | Business | Home

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Scam Alert : Bank Negara Malaysia Scam Email!

Bank Negara Malaysia is warning the public about an email scam using their board member to scam victims of their money!

Find out what this Bank Negara email scam involves, and make sure you WARN your family and friends!

 

Bank Negara Malaysia Email Scam : Watch Out For It!

You may have received this email purporting to be from Chin Suit Fang, a Bank Negara Malaysia board member, and Chairman of the Board Audit Committee.

It warns you that you have just 48 hours to address an outward payment from your bank account (not necessarily RHB), or Bank Negara Malaysia will freeze your account for investigations.

Bank Negara Malaysia confirmed that this is a fake scam email, even though Chin Suit Fang is really on the Board of Directors for BNM, and that’s really her photo.

 

Bank Negara Malaysia Email Scam : Why It’s Fake

For those who want to learn more how to spot such email scams, and specifically why this Bank Negara Malaysia email is a scam, here are the details :

Tip #1 : Check The Email Address

If you check the email address, you will see that it’s from BNM.gov.my@banknegaramalaysia.onmicrosoft.com.

That is not a valid Bank Negara Malaysia email account, which always ends with @bnm.gov.my.

Tip #2 : Do You Really Have That Much Money?

It is impossible for Bank Negara Malaysia to question you over such a large transfer when you don’t have that much money in the bank in the first place!

Tip #3 : Did You Really Transfer That Much Money?

If you really have that much money, did you really transfer so much out?

First thing to do is NOT to respond to the email, or click on any link.

No, the first thing you should do is check your bank account. If there has been no such transfer, the email is evidently false.

Tip #4 : Bank Transfers Are Generally Limited To RM50K A Day

Unless you performed the transfer over-the-counter at the bank, and submitted a Bank Negara Malaysia declaration form, it is simply impossible to transfer more than RM50,000 a day.

Online transfers are limited to just RM50,000 a day, and in some cases, to just RM20,000 a day.

Tip #5 : Bank Negara Malaysia Directors Will Not Email You 

Even if you are in the habit of transferring half a million ringgit to other people (call me please?), Bank Negara Malaysia will not email you to ask you about it.

If they require you to submit documents, you can be assured that it will be by an official letter.

Even if you are a famous personality or a politically significant person, no Bank Negera Malaysia director is going to write you an email.

Do you really think it is the job of a BNM director to write demand letters?

Tip #6 : Why Would They Include Their Personal Picture?

Why on Earth would any person include their personal picture in an official email?

Heck, do YOU even include a picture of yourself in your emails to your family and friends? Of course, not!

The only reason why scammers do this is to trick you into believing that this is really an email from a Bank Negara Malaysia director.

Tip #7 : Look At The Horrendous Grammar

The email isn’t even well-written, with bad grammar and odd capitalisation of various words.

Is this the kind of email a Bank Negara Malaysia director would pen? Seriously?

No, this is the kind of English that is written by someone with a poor command of the English language.

 

Recommended Reading

Go Back To > Fact Checks | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!