Tag Archives: Internet security

Biden hired Bill Gates to flood Internet with AI censorship bots?!

Did Joe Biden hire Bill Gates and other billionaire technocrats to flood the Internet with AI censorship bots, ahead of the 2024 election?!

Take a look at the viral claim, and find out what the facts really are!

 

Claim : Biden Hires Bill Gates To Flood Internet With AI Censorship Bots!

People are sharing an article (archive) by The People’s Voice (formerly NewsPunch), which claims US President Joe Biden hired Bill Gates and other billionaire technocrats to flood the Internet with AI censorship bots ahead of the 2024 election!

Here is an excerpt from the long, and (intentionally?) rambling article. Feel free to skip to the next section for the facts!

Biden Hires Bill Gates To Flood the Internet With ‘AI-Censorship Bots’

Recommended : Is Interpol Investigating Bill Gates For Murder?!

 

Biden Did Not Hire Bill Gates To Flood Internet With AI Censorship Bots!

This is yet another example of fake news created / promoted by The People’s Voice, and here are the reasons why…

Fact #1 : Bill Gates Doesn’t Even Have An AI Program!

Let me start by simply pointing out that it is impossible for Joe Biden to hire Bill Gates to floor the Internet with AI censorship bots, because Bill Gates doesn’t even have an AI program!

Bill Gates is a big proponent of artificial intelligence, and has made a number of investments in AI companies like Inflection AI and LikeWise. However, he does not actually own or run those AI companies.

As far as anyone can tell – Bill Gates does not have the power or resources to “flood the Internet with AI censorship bots”.

The People’s Voice certainly offered no evidence that Joe Biden hired Bill Gates, or any other billionaire, to flood the Internet with AI censorship bots.

Fact #2 : Report Doesn’t Even Mention Bill Gates!

The People’s Voice article is based on an “Interim Staff Report” (PDF) by the GOP Representative Jim Jordan’s Subcommittee on the Weaponization of Government under the House Judiciary Committee.

While the report mentions a number of tech luminaries like Elon Musk and Marc Andreesen, it does not even mention Bill Gates once as a person of interest in the issue!

So why on Earth would anyone claim that US President Joe Biden hired Bill Gates, when he was not even mentioned in the report as a person of interest?!

Bill Gates’ name only appeared in the notes on Page 10 as part of a title of an article written by Jonathan Turley.

Recommended : Was Oprah Just Exposed In Jeffrey Epstein Client List?!

Fact #3 : Report Doesn’t Claim AI Tools Were Deployed

Even though the Jim Jordan report claims or suggests that the National Science Foundation (NSF) is funding the development of AI tools, it doesn’t even claim that they were deployed, or ready to deploy, for the 2024 US presidential election.

So why would anyone claim that Bill Gates or any tech billionaire was hired by Joe Biden to use these AI tools, which are still under development, to censor people during the 2024 Presidential election???

Fact #4 : Report Doesn’t Claim Joe Biden Was Involved

Notably, the Jim Jordan report also does not directly claim that the Biden White House is involved in the NSF funding of those AI censorship tools.

It only said that senior White House officials berated social media companies into changing their content moderation policies.

Fact #5 : NSF Convergence Accelerator Was Launched Under Trump!

It would be quite impossible for anyone to blame Joe Biden for the development of these AI tools, because NSF Convergence Accelerator was established in 2019 – during the Trump Administration!

While the report focused on Track F, which launched in March 2021, the earlier Track B and Track D on AI technologies were initiated in 2019 and 2020 during the Trump Administration.

Recommended : E. Jean Caroll Admits Lying To Help Biden Destroy Trump?!

Fact #6 : The People’s Voice Is Known For Publishing Fake News

The People’s Voice is the current name for NewsPunch, which possibly changed its name because its brand has been so thoroughly discredited after posting numerous shocking but fake stories.

Founded as Your News Wire in 2014, it was rebranded as NewsPunch in November 2018, before becoming The People’s Voice. A 2017 BuzzFeed report identified NewsPunch as the second-largest source of popular fake news on Facebook that year.

Its articles have been regularly debunked as fake news, so you should never share anything from NewsPunch / The People’s Voice.  Here are some of its fake stories that I fact checked earlier:

Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | PoliticsTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

How To Register For Your PADU Account!

Find out how to register for your PADU Central Database Hub account, so you can check and update your information!

 

PADU Central Database Hub : What Is It?

Malaysia introduced the PADU Central Database Hub – on Tuesday, 2 January 2024. Developed in just 7 months, PADU is designed to give the government a better way to distribute subsidies, and make other policy decisions going forward.

PADU accomplishes this by combining data from over 400 government agencies, and related organisations, into one central database, hence its name – Pangkalan Data Utama (PADU), or Central Database Hub in English.

The Malaysian government has currently made PADU open to Malaysian citizens and permanent residents, who are 18 years and older. However, it is not mandatory for anyone to register for a PADU account.

Registering for a PADU account will allow you to check and update your information in the system. But even if you do not register for an account – PADU will automatically consolidate your data from multiple government agencies.

Recommended : PADU Central Database Hub : What You Need To Know!
Recommended : Is PADU Being Used To Monitor All Your Personal Data?!

 

How To Register For Your PADU Account!

It is pretty easy to register for your PADU account, but you will need to at least have a smartphone. Here is the step-by-step process.

Step 1 : Register for a new account at the official PADU website at https://www.padu.gov.my/auth/daftar.

Step 2 : Key in your basic information in the registration form:

  • Nama Penuh / Full Name
  • No. Kad Pengenalan / Identity Card Number
  • Poskod / Postcode
  • No. Telefon Bimbit / Mobile Telephone Number
  • E-mel / Email address

Then click on the Seterusnya / Next button.

Step 3 : The PADU system will send your mobile number a One-Time Password (OTP). Key in the OTP number, and click on the Seterusnya / Next button.

Step 4 : You will now be asked to create a password for your PADU account. Make sure your password meets these minimum requirements:

  • it must have at least 8 characters
  • there must be a combination of capital and small letters
  • you must include at least one special character like @$!%*$?&

Step 5 : Key in the same password to make sure it’s correct. You can click on the eye button to view the password. Then click on the Seterusnya / Next button.

Step 6 : The PADU system will generate a QR code, which changes over time. Open your smartphone camera app, and aim it at the QR code.

Alternatively, you can use a QR code reader on your smartphone to read the generated QR code.

Step 7 : When the link pops-up in your smartphone’s camera app or QR code reader, click on it to launch the e-KYC (electronic Know Your Customer) process.

Step 8 : You will now be asked to take and upload photos of both the front and back of your MyKad identity card.

  • Please make sure you do this in a bright area, as you should not use a flash.
  • You need to avoid glare – light reflecting off the plastic MyKad.
  • You need to make sure the MyKad is within the dotted-line frame, when you take the photos.
  • You also need to make sure the MyKad is in focus when you take the photos.

Note that there is a magnification feature at the upper right corner, that allows you to zoom in at up to 2.5X. This is actually a very useful feature.

After trying it out, I found that the best way to avoid shadows is to use the maximum 2.5X magnification feature to take the photo of the MyKad from a distance.

Reflections on the plastic MyKad is a problem. But you can avoid the glare by taking the photos at a slight angle.

Step 9 : Next, you will be asked to take a selfie using your smartphone, and upload it.

Even though there is the same option to zoom in with a magnification of up to 2.5X, don’t use it. Keep it at 1X.

There is no requirement to take the photo with a white background. You just need to make sure you take the selfie in a bright area, so there is no need to use a flash (to avoid glare).

You will need to make sure your face is within the dotted line frame, before you take the photo. Make sure you are looking forward, with your eyes opened. If you are wearing glasses, please take them off to avoid glare.

Note : Samsung smartphone users may notice that the system hangs with the “Trying to access lens” message. You can either wait a few minutes, or click on the Tukar Lens (Change Lens) option at the top left corner of the screen.

That’s it! After you upload photos of your identity card, and your selfie, you will receive a message stating that PADU will need up to 3 days to verify your identity, and will inform you when your account has been successfully created.

All you need to do is wait for the email or SMS notification. Once you receive the notification, you can proceed to log into your PADU account using the password you registered at https://www.padu.gov.my/.

We hope you found this guide useful. Please SHARE this article with your family and friends!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Business | Money | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

WithSecure Signs Partnership Agreement With LGMS!

Finland’s WithSecure Corporation just signed a partnership agreement with LGMS Berhad to develop cybersecurity solutions for the SME market in Malaysia!

 

WithSecure Signs Partnership Agreement With LGMS

On Wednesday, 1 November 2023, Finland’s WithSecure Corporation (formerly known as F-Secure Business) signed a partnership agreement with LGMS Berhad (LGMS) to develop cybersecurity solutions for the SME market in Malaysia!

The partnership agreement was signed by LGMS Executive Chairman Fong Choong Fook and WithSecure Corporation CEO Juhani Hintikka, who flew in from Finland to emphasise its importance while demonstrating support for the progress of Malaysia’s Digital Economy.

The signing was witnessed by Malaysia Deputy Communications and Digital Minister Teo Nie Ching, together with His Excellency Sami Leino, Ambassador of Finland to Malaysia and Brunei.

Recommended : WithSecure Takes Offensive Security Approach To Cloud Threats!

The Deputy Minister said that the partnership was ‘timely’, and represents a ‘significant leap’ towards a secured Digital Economy, and more so ahead of the National Cybersecurity Bill the Unity Government is set to unveil in early-2024.

This partnership is also aligned with the government’s ‘Ekonomi Madani’ vision of attracting significant foreign direct investments and generating avenues for technological advancements and innovations.

It serves to demonstrate how collaborative efforts can facilitate a robust, secure and prosperous digital ecosystem, thereby solidifying Malaysia’s position as a preferred destination for global tech investments.

The partnership agreement today between LGMS and WithSecure embodies a philosophy of attracting significant foreign direct investments and generating avenues for technological advancements and innovations.

It serves to demonstrate how collaborative efforts can facilitate a robust, secure and prosperous digital ecosystem, thereby solidifying Malaysia’s position as a preferred destination for global tech investments.

– Malaysia Deputy Communications and Digital Minister Teo Nie Ching

WithSecure CEO Juhani Hintikka expressed his ‘deepest appreciation’ to the Deputy Minister for endorsing this partnership, stating, “Your presence significantly amplifies the resonance of this initiative, showcasing a unified front in our endeavour to foster a secure and prosperous Digital Economy for Malaysia and also the region.

Recommended : How WithSecure Offensive Security Drives Business Resilience!

 

WithSecure – LGMS Partnership Agreement Details

WithSecure is today a leading international cybersecurity group which had also invested significantly in Malaysia and in nurturing local talent. Besides its headquarters in Helsinki, Finland, WithSecure houses its intelligence, customer support, business operations and shared services in Kuala Lumpur for its Asia-Pacific operations.

LGMS Berhad, meanwhile, has been recognised as Cybersecurity Malaysia’s ‘Company of the Year’ with Fong himself being acknowledged as ‘Cybersecurity Professional of the Year’.

Fong said that, within today’s Digital Economy, cyberthreats and ransomware attacks have become more sophisticated and rampant and potential damages to SMEs, who often lack the necessary IT expertise and resources, can be catastrophic.

Most SMEs today are just one cyber attack away from a devastating setback or even closure. Recognising that most SMEs might not possess advanced IT know-how, our collaboration with WithSecure aims to deliver cybersecurity solutions that are not only robust but also intuitive and user-friendly.

The purpose is to empower our SME community to navigate the digital landscape confidently and securely.

– LGMS Executive Chairman Fong Choong Fook

This localised cybersecurity approach underscores WithSecure’s understanding of the region’s unique digital ecosystem and our commitment to crafting solutions that align with local business needs. It embodies WithSecure’s ethos of merging global cybersecurity expertise with local insights to foster a safer digital realm.

– WithSecure Corporation CEO Juhani Hintikka

One product of this partnership is the ‘Made in Malaysia’ StarSentry solution – a plug-and-play model that is more than just a ‘shield’ for SMEs but offers a proactive approach to threat prevention.

This solution is also aligned with broader sustainability goal and embraces the ESG framework of safeguarding critical infrastructures, nurturing a secure digital community and reinforcing stringent governance standards, demonstrating an unwavering commitment to responsible, transparent business operations.

Pre-orders for the solution can already be made.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Business | CybersecurityTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

MPH Free Books : Don’t Fall For This Scam!

Is MPH giving away free books on financial planning and stocks?! Find out what’s going on, and warn your family and friends!

Updated @ 2023-09-26 : Added a new version of this scam
Updated @ 2023-08-14 : Added new versions of this scam

Originally posted @ 2023-05-20

 

Watch Out For MPH Free Books Scam!

Scammers are running Facebook advertisements that claim MPH is giving away free books because it has either achieved 500,000 fans, or is shutting down its bookstores!

🎉To celebrate MPH Books breaking 500,000 fans in Malaysia, thank you for your support
👋MPH Books specially prepares best-selling books on financial planning and stocks to give to everyone for free. I hope everyone has to help!
limited quantity available. (Free shipping)

📢📢 Sorry everyone, I have to say goodbye to everyone
Due to the continuous decline in store performance, the store cannot continue to operate normally
👋👋So the head office decided to close the store and give away the remaining financial and stock books in the store to everyone for free. I hope everyone has to help!
📣📣Finally, thank you again for your long-term support and trust. The book donation activity is the only feedback activity we can do at present!
limited quantity available. (free shipping available)

Recommended : PDRM Warning : Watch Out For MyBayar Scam!

 

MPH Free Books Scam : What You Need To Know!

This MPH free book scam is being promoted heavily on Facebook in May 2023, so please alert your family and friend!

Fact #1 : MPH Did Not Close Bookstores In 2023

MPH closed many of its physical stores since June 2020, as it shifted during the COVID-19 pandemic lockdowns to an online store with a “digitally-driven omnichannel business model”.

MPH has not announced closing down any further bookstores in 2023.

Fact #2 : MPH Reported These Pages / Ads As Fake

MPH is aware of these fake advertisements being run by scam Facebook pages, posting this scam alert on May 9, 2023:

⚠️𝐅𝐀𝐊𝐄 𝐏𝐀𝐆𝐄𝐒 𝐀𝐋𝐄𝐑𝐓!⁣⚠️⁣⁣

Hey readers, we noticed that irresponsible parties have been impersonating the MPH brand by creating fake pages and ads to confuse and lure our customers to share their data.⁣⁣⁣

Please note that MPH is not associated in any way with these pages and we DO NOT run any free book giveaways nor do we request customers to PM us your personal details.

We would also like to take this opportunity to thank our followers and customers for updating us about these pages. We sincerely thank YOU for your continuous support!⁣

Stay vigilant & protect yourself from scams!⁣⁣

#fakepagesalert #scammeralert

Recommended : Bantuan Tunai Rakyat Malaysia 2023 Scam Alert!

Fact #3 : MPH Is A Business, Not A Charity

Please do NOT be naive. MPH is a business, not a charity. Just because it hits 500,000 fans in Malaysia, it’s not going to give away its books.

Heck, why should it give away books even if it’s closing down its bookstores? It would be more logical for MPH to offer discounts to clear its books, so it won’t lose so much money.

In fact, MPH itself pointed out in its scam warning – “we DO NOT run any free book giveaways“. Why should they? They are a corporation whose business is not make money, not a charity to give you free books!

Fact #4 : Giveaways Were Not Posted In Official Website / FB Page

If MPH was really giving away free books, it would have posted the offer on:

These scams are being run off fake Facebook pages that are brand new, and have nothing to do with the real MPH:

  • MPH Group Publishing
  • MPH Book
  • MPH English Bookstore

Fact #5 : MPH Does Not Use WhatsApp To Communicate

MPH offers a multitude of contact options by email or telephone number. What it does not have is a WhatsApp account. So when scammers message you to collect your “free books” by messaging a WhatsApp number, be warned!

Please add librarian Gek Tiang’s Whatsapp message ”Pm“ to get free stock books (free shipping) Whatsapp: https://xxxx.xx/601170131707

Recommended : How A University Student Lost RM22K In Online Job Scam!

Fact #6 : Scammers Will Try To Scare You

Scammers will try to scare you into contacting them, by telling you that stock is running out. Just ignore them!

There are only 3 free places left, which have been reserved for you, please add and leave a message as soon as possible Whatsapp : https://xxxx.xx/601170131707

There are many friends who have claimed it, please tell us whether you have added it successfully! If you do not add or reply, it means that you will give up the quota by default and automatically transfer it to the next friend. Thank you for your understanding!

Fact #7 : One Victim Lost RM480K To Investment Scam!

In November 2022, a 60 year-old housewife from Port Dickson fell for a similar “free book” scam, and lost almost RM480,000.

After being offered the free book on Facebook, she was asked to join a WhatsApp group called Family Discussion, where she was asked to convinced to “invest”.

The WhatsApp group administrator instructed her to download an application called Forza, and open a savings account. She was then asked to deposit money into certain bank accounts, and upload the slips using that Forza app as proof.

The lady withdrew her savings and borrowed from her children and friends to invest RM476,100. However, when she wanted to withdraw the interest paid by the company, her account was blocked. The group administrator told her that she would need to deposit an additional RM427,200 to withdraw the interest.

That was when the lady realised she had been scammed, and lodged a police report. By then, it was too late – she had already lost every sen she “invested”.

Please help us FIGHT SCAMMERS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | Cybersecurity | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Warning – PDRM Parking Fine Scam Alert!

Scammers are targeting motorists with the PDRM parking fine scam! Make sure you warn your family and friends!

Here is what you need to know about the PDRM parking fine scam!

 

PDRM Parking Fine Scam Email

People are getting emails warning them that they just committed a parking violation, while offering them a cheap fine if they pay quickly.

Fines Inquiry and Payment

Dear recipient,

We are writing to draw your attention to a recent traffic violation in Malaysian jurisdiction.

Our traffic enforcement staff have observed your vehicle parked in a no-parking zone. This contravenes section (no. 2016-691] of the Road Traffic Act.

The fine is set at MYR 50. Payment of the fine is required within 7 days of the date of notification, to avoid further legal consequences.

If the fine is not paid within the time limit, you may be subject to legal action, resulting in an increase in the original fine.

Payment deadline: [08/26/2023]

Methods of payment accepted:

Cordially,

Malaysian Police Department

Recommended : Bantuan Tunai Rakyat Malaysia 2023 Scam Alert!

 

PDRM Parking Fine Email Is A Scam!

These PDRM parking fine emails are scam emails. This was confirmed by PDRM itself.

On 7 August 2023, the Cyber Crime division of the Royal Malaysia Police (PDRM) posted an alert warning motorists not to fall for the MyBayar scam.

These emails are designed to scare its victims into action. Hence, it offers a very cheap way to quickly “settle the problem”. However, if you take a breath, and analyse the email CAREFULLY, you will see many problems with it.

  • Letter is from PDRM : The Royal Malaysia Police (PDRM) will never write to you by email.
  • Letter is in English : The Royal Malaysia Police (PDRM) will never write to you in English.
  • Typo in the name : The fake email used My Bayar PDRM, instead of MyBayar PDRM.
  • Lack of name and personal details : The fake email refers generically to “Dear recipient“, without listing your full name and MyKad number.
  • Lack of vehicle details : The fake email doesn’t mention the vehicle make and plate number.
  • Lack of location details : The fake email does not mention where the offence occurred, or even when it occurred.
  • Fine is much too low : PDRM traffic fines are never as low as RM50. The cheapest fine is RM150 for Category 4 offences, but you can pay as low as RM70 within 15 days.
  • No such law : The fake email refers to the Road Traffic Act. There is no such act in Malaysia. The proper name is the Road Transport Act 1987 (Act 333).
  • No such section : If you look at the Malaysia Road Transport Act 1987 (PDF download), you will see that there is no such thing as Section 2016-691.

The email appears to be from My Bayar PDRM (typo in the name), but if you inspect the email address, you will see that it was sent by “in-to-no-reply@silverbackgames.xxx” or “hello@sooqr.com” or some other email address.

Obviously, this email did not originate from an official PDRM email address! This should immediately tell you that this is a fake or scam email!

Recommended : How A University Student Lost RM22K In Online Job Scam!

If you click on the Pay My Fine link in the scam email, you will be taken to a fake My Bayar PDRM website (with the same typo in the name).

You may notice that you now have 7 days to pay the RM 50 fine, instead of just 5 days in the email. Odd, isn’t it?

Also odd is the fact that the page does not mention your name, your MyKad number, your vehicle type and model, or even its plate number! The page also doesn’t mention where the offence took place, or the time you were caught committing said offence.

Do NOT proceed after this point… This is a scam website!

But if you have itchy fingers, and click on the Pay The Fine button, you will be asked to pay for the RM50 fine using your debit or credit card.

Needless to say, PLEASE DO NOT SUBMIT YOUR DEBIT / CREDIT CARD DETAILS!!!

If you provide these scammers with your debit / credit card details and TAC / OTP numbers, they will be able to charge ANY AMOUNT they want to your credit card, or withdraw ANY AMOUNT they want from your bank account!

Recommended : Wedding Invitation Scam : Don’t Install APK File!

It’s even worse if you are asked to log into your bank account to pay the fine. DO NOT DO THAT!

If you provide them with your bank login and password, as well as OTP/TAC number, these scammers will be able to transfer money out of your bank account!

Please note – this is a scam! This is a phishing attack to gain access to your credit card and/or bank account.

Regardless of how you get any notification from PDRM about any traffic offence you may have committed, you should always check the status through these official MyBayar PDRM options:

Please SHARE this warning with your family and friends!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Automotive | Cybersecurity | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

PDRM Warning : Watch Out For MyBayar Scam!

PDRM is warning motorists not to fall for the MyBayar scam! Here is what you need to know about the MyBayar PDRM scam!

 

PDRM Warning : Watch Out For MyBayar Scam

On 7 August 2023, the Cyber Crime division of the Royal Malaysia Police (PDRM) posted an alert warning motorists not to fall for the MyBayar scam.

The MyBayar PDRM scam starts with an official-looking email that warns motorists that they have been caught contravening the law, and offers a cheap RM50 fine if paid within 5 days:

Last notice of contravention before prosecution

Dear recipient,

We are writing to draw your attention to a recent traffic violation in Malaysian jurisdiction.

Our traffic enforcement staff have observed your vehicle parked in a no-parking zone. This contravenes section (no. 2016-691] of the Road Traffic Act.

As a result of this infringement, a fine of MYR 50 has been imposed. This fine must be paid within 5 days of the date of this notification to avoid further legal consequences.

Failure to pay the fine within the allotted time may result in legal proceedings being taken against you, which could lead to increased fines, penalties and the possible suspension of your driving license.

Recommended : Bantuan Tunai Rakyat Malaysia 2023 Scam Alert!

 

MyBayar PDRM Scam : How Does It Work?!

Many people who received the MyBayar PDRM email might be shocked to find out that they were caught committing a traffic violation, and then relieved that it was only RM50 if they paid quickly.

That’s how the scammers trap their victims – by offering a cheap RM50 fine, when we all know that fines for traffic offences are at least RM150, and can go all the way up to RM1,000!

Those who received this fake MyBayar PDRM email would be tempted to quickly pay the cheap RM50 fine, before it becomes a lot more expensive!

But if you take a closer look at the email, you will spot some problems with it:

  • Weird English : The email title of “Last notice of contravention before prosecution” is nonsensical.
  • Typo in the name : The fake email used My Bayar PDRM, instead of MyBayar PDRM.
  • Lack of name and personal details : The fake email refers generically to “Dear recipient“, without listing your full name and MyKad number.
  • Lack of vehicle details : The fake email doesn’t mention the vehicle make and plate number.
  • Lack of location details : The fake email does not mention where the offence occurred, or even when it occurred.
  • Fine is much too low : PDRM traffic fines are never as low as RM50. The cheapest fine is RM150 for Category 4 offences, but you can pay as low as RM70 within 15 days.
  • No such law : The fake email refers to the Road Traffic Act. There is no such act in Malaysia. The proper name is the Road Transport Act 1987 (Act 333).
  • No such section : If you look at the Malaysia Road Transport Act 1987 (PDF download), you will see that there is no such thing as Section 2016-691.

The email appears to be from My Bayar PDRM (typo in the name), but if you inspect the email address, you will see that it was sent by “in-to-no-reply@silverbackgames.xxx” or “hello@sooqr.com” or some other email address.

Obviously, this email did not originate from an official PDRM email address! This should immediately tell you that this is a fake or scam email!

Recommended : How A University Student Lost RM22K In Online Job Scam!

If you click on the Pay My Fine link in the scam email, you will be taken to a fake My Bayar PDRM website (with the same typo in the name).

You may notice that you now have 7 days to pay the RM 50 fine, instead of just 5 days in the email. Odd, isn’t it?

Also odd is the fact that the page does not mention your name, your MyKad number, your vehicle type and model, or even its plate number! The page also doesn’t mention where the offence took place, or the time you were caught committing said offence.

Do NOT proceed after this point… This is a scam website!

But if you have itchy fingers, and click on the Pay The Fine button, you will be asked to pay for the RM50 fine using your debit or credit card.

Needless to say, PLEASE DO NOT SUBMIT YOUR DEBIT / CREDIT CARD DETAILS!!!

If you provide these scammers with your debit / credit card details and TAC / OTP numbers, they will be able to charge ANY AMOUNT they want to your credit card, or withdraw ANY AMOUNT they want from your bank account!

Recommended : Wedding Invitation Scam : Don’t Install APK File!

It’s even worse if you are asked to log into your bank account to pay the fine. DO NOT DO THAT!

If you provide them with your bank login and password, as well as OTP/TAC number, these scammers will be able to transfer money out of your bank account!

Please note – this is a scam! This is a phishing attack to gain access to your credit card and/or bank account.

Regardless of how you get any notification from PDRM about any traffic offence you may have committed, you should always check the status through these official MyBayar PDRM options:

Please SHARE this warning with your family and friends!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Automotive | Cybersecurity | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

WithSecure Takes Offensive Security Approach To Cloud Threats!

WithSecure is harnessing the power of the offensive security approach in tackling evolving cloud threats!

 

WithSecure Takes Offensive Security Approach For Cloud Threats!

In a shifting cybersecurity landscape, WithSecure (formerly known as ‘F-Secure Business’) is harnessing the power of offensive security in its co-security and co-monitoring products and services. This revolutionary approach is designed to anticipate and mitigate cyber threats by understanding them from an attacker’s perspective.

During the recent SPHERE security conference 2023 in Helsinki, Finland, WithSecure’s Chief Product Officer, Antti Koskela, shed light on this approach.

We’ve done identity assessments for many cloud-based companies, unveiling weaknesses in their cloud platforms.

Our offensive security approach is about understanding the attack surface of a cloud-based estate. We focus on the digital perimeter, which is crucial to reducing the overall attack surface.

Koskela went on to explain that WithSecure has distilled this insight into an innovative managed service offering called ‘attack surface management’. This service provides a comprehensive view of a company’s vulnerabilities, including IP addresses, port vulnerabilities, exposed APIs and web services, identity matters, patching levels and more.

With more open architecture, control over your attack surface becomes paramount. ‘Zero trust’ alone isn’t the answer as human errors happen. Our holistic approach helps mitigate this.

Recommended : Avanade + Accenture: 2023 Microsoft Global SI Partner of the Year!

WithSecure’s product suite integrates various cloud-native solutions to deliver protection based on specific client requirements. This collaborative process, termed ‘co-security’, is driven by the security and business outcomes defined by the clients. Koskela emphasised the tripartite focus of their solution:

It’s about process, people, and technology. We collaborate to secure the outcomes, letting company directors steer the course of business.

Our WithSecure Elements platform is the cornerstone of our technology, built collaboratively with our clients.

Koskela acknowledged the evolution of the IT industry, from client-server in the ‘90s to hosted services in the 2000s, cloud computing in the 2010s and cloud-native in the 2020s. He underscored the need for a new security approach to match the evolving business environments:

The cloud offers agility, speed, cost-efficiency. But with new technologies come new security considerations.

WithSecure has been proactive, creating solutions for every technological shift – be it firewalling and endpoint protection during the hosted services era, or data security and VPNs for the cloud computing era.

And now, with the rise of cloud-native tech, we’re helping clients to understand and secure their digital perimeter through our offensive security approach.

Recommended : 5 Strategies for Negotiating Airfare Discounts with SAP Concur!

WithSecure Chief Product Officer, Antti Koskela (left), and APAC Regional Director Yong Meng Hong (right)

 

WithSecure Elements Picking Up In APAC

Since its mid-2021 debut, WithSecure’s Elements platform has gained considerable momentum here in Malaysia and the broader Asia-Pacific region. This comprehensive cybersecurity platform has made its mark by providing organisations with a unified solution to their security needs.

Elements equips enterprises with the insight, adaptability, and technology to tackle evolving threats and changing business environments.

Offering unified endpoint protection across devices, clouds and servers, Elements consolidates everything from vulnerability management and collaboration protection to detection and response into one easy-to-navigate security console.

– WithSecure Asia-Pacific Regional Director Yong Meng Hong

Yong further emphasised that the cloud-based Elements platform provides real-time visibility across an entire IT infrastructure, simplifying how enterprises manage their cybersecurity.

Flexible licensing options, including fixed-term subscriptions and usage-based billing, ensure that organizations can tailor their cybersecurity services according to their specific needs.

Elements offers centralised management capabilities, giving IT managers a comprehensive overview of their enterprise’s IT infrastructure, enhancing their reassurance and control.

Today, WithSecure is globally recognised, trusted by a myriad of enterprises to safeguard against cyber threats, while also protecting tens of millions of consumers through over two hundred service providers and telecommunications partners.

For organisations looking to navigate the cloud’s security challenges, WithSecure’s offensive security approach could be just the safeguard they need.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > BusinessCybersecurity | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Watch Out For The Kinokuniya Free Books Scam!

Is Books Kinokuniya giving away free books on stock investing, to celebrate gaining 3 million fans?!

Find out what’s going on, and warn your family and friends!

 

Watch Out For The Kinokuniya Free Books Scam!

Scammers are running Facebook advertisements that claim Books Kinokuniya is giving away free books on stock investing, to celebrate its 50th anniversary!

Hello everyone, this is Books Kinokuniya, the largest bookstore in Malaysia.
🎉🎉🎉 Signups will soon exceed 3 million. In order to thank our fans for their continuous support, we will send a gift to our fans.
👋Books Kinokuniya store has prepared 1,000 sets of stock books. Free gift to all friends who support Books Kinokuniya.
Please add administrator WhatAPP. And send the mailing address, we will mail the book to you for free.

Hello everyone, this is Books Kinokuniya, the largest bookstore in Malaysia.
🎉🎉🎉 Signups will soon exceed 3 million. In order to thank our fans for their continuous support, we will send a gift to our fans.
Books Kinokuniya has prepared 1,000 sets of books in stock. Free gift for all friends who support Books Kinokuniya.
Please click on the conversation to add assistant Whats and register the mailing address, we will mail the book to the registered address for you free of charge.

Recommended : TNG RFID Bar Code Scanning Scam Debunked!

 

Kinokuniya Free Books Scam : What You Need To Know!

This Kinokuniya free book scam is being promoted heavily on Facebook in May 2023, so please alert your family and friends!

Fact #1 : Kenanga Reported These Pages / Ads As Fake

Books Kinokuniya is aware of these fake advertisements being run by scam Facebook pages, posting this scam alert on May 17, 2023:

⚠️⚠️⚠️
Dear customers,
We have been made aware of several Facebook accounts that are impersonating us about giving out free books. These accounts go by the name Books Kinokuniya Malaysia, but are NOT operated by us and we are not related to these accounts in any way. PLEASE DO NOT RESPOND TO ANY OF THESE, Books Kinokuniya Malaysia DOES NOT communicate with customers directly via Whatsapp or add our customers into Whatsapp group chat.
Follow our official social media accounts and website as follows :
Facebook : Books Kinokuniya Malaysia (https://www.facebook.com/KinokuniyaMalaysia/)
Instagram : Kinokuniyamalaysia (https://www.instagram.com/kinokuniyamalaysia/)
Corporate Site : www.kinokuniya.com.my
Webstore : https://malaysia.kinokuniya.com/
Kinokuniya Malaysia takes this matter seriously and has reported to the relevant authorities on this matter.
If you have any queries, you may email to our Customer Service at mys@kinokuniya.com or call us at 03-21648133

Fact #2 : Books Kinokuniya Is A Business, Not A Charity

Please do NOT be naive. Books Kinokuniya is an investment bank – a business, not a charity. It is not going to give away books just because it has many fans!

Even if it achieved some kind of milestone, it would make sense for Kinokuniya to offer discounts. After all, it’s a corporation whose purpose is to make money, not a charity to give you free books!

Recommended : Can SIM Swap empty bank accounts without warning?!

Fact #3 : Kinokuniya Does Not Use WhatsApp To Communicate

As mentioned in their warning above, Kinokuniya has a Facebook page, an Instagram page, a corporate website as well as a website. What it does not have is a WhatsApp account!

So when scammers message you to collect your “free books” by messaging a WhatsApp number, be warned!

Please add my WhatsApp message, send me your mailing information, and I will mail you stock books for you for free! My WhatsApp: https://xxxx.xx/60113906928

Fact #4 : Kinokuniya Will Not Ask You To Join WhatsApp Groups

Kinokuniya has stated that it will never ask anyone to join a WhatsApp group for any reason, whether it’s for free books.

Kinokuniya is also a bookstore, not a stock broker or an investment firm. It will never offer you free investment advice, stock tips, or help you buy and sell stocks, etc.

Recommended : How To Block Facebook Ads + Pay Scammers!

Fact #5 : One Victim Lost RM480K To A Free Book Scam!

In November 2022, a 60 year-old housewife from Port Dickson fell for a similar “free book” scam, and lost almost RM480,000.

After being offered the free book on Facebook, she was asked to join a WhatsApp group called Family Discussion, where she was asked to convinced to “invest”.

The WhatsApp group administrator instructed her to download an application called Forza, and open a savings account. She was then asked to deposit money into certain bank accounts, and upload the slips using that Forza app as proof.

The lady withdrew her savings and borrowed from her children and friends to invest RM476,100. However, when she wanted to withdraw the interest paid by the company, her account was blocked. The group administrator told her that she would need to deposit an additional RM427,200 to withdraw the interest.

That was when the lady realised she had been scammed, and lodged a police report.

Please help us FIGHT SCAMMERS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | Cybersecurity | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

MSI Hit By $4 Million Ransomware Attack + Data Theft!

MSI just got hit by a massive ransomware attack, but even worse – it lost a ton of critical data to the hackers!

 

MSI Hit By Ransomware Attack + Data Theft!

On 7 April 2023, MSI (Micro-Star International) was hit by a ransomware attack, in which the hackers allegedly exfiltrated 1.5 terabytes of source codes, BIOS firmware, private keys and other data from its servers.

In its terse regulatory filing with the Taiwan Stock Exchange (TWSE), MSI admitted that it was hacked, but did not detail the circumstances or nature of the attack.

After detecting some information systems being attacked by hackers,MSI’s IT department has initiated information security defense mechanism and recovery procedures. The Company also has been reported the anomaly to the relevant government authorities.

MSI claimed that the attack had “[no] significant impact our business in terms of financial and operational currently“, but said that it was “enhancing the information security control measures of its network and infrastructure to ensure data security.

In a public statement, MSI also urged users to only obtain firmware / BIOS updates from its official website, and refrain from using other sources.

Read more : MSI Users At Risk Of Rogue BIOS / Firmware Updates!

 

Hackers Demand $4 Million From MSI To Not Release Stolen Data

The MSI ransomware attack and data theft appear to be committed by the Money Message ransomware gang.

While MSI has apparently restored files encrypted by Money Message’s ransomware, the gang now has access to about 1.5 terabytes of critical MSI data.

According to BleepingComputer, chats between Money Message and an MSI representative show the gang demanding a ransom payment of $4 million. Otherwise, Money Message will release the stolen files.

To show that they did indeed steal those MSI files, Money Message posted screenshots of what they describe was MSI’s Enterprise Resource Planning (ERP) databases and files containing software source code, private keys, and BIOS firmware.

Recommended : Can Approve New Participant block WhatsApp hackers?!

If Money Message releases MSI confidential data, it may not just be embarrassing for the Taiwanese company, it could allow other threat actors to use the source code and private keys to create malware targeting their customers.

In light of that, MSI users should only download and install software or BIOS firmware from the official MSI website.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Business | SoftwareTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Can Approve New Participant block WhatsApp hackers?!

Can the new Approve New Participant feature in WhatsApp block hackers?!

Take a look at the viral claim, and find out what the facts really are!

 

Claim : Turn On WhatsApp Approve New Participant To Block Hackers!

WhatsApp started introducing a new feature called Approve New Participant, on 11 March 2023.

This new feature was only available to WhatsApp Group administrators, and went pretty much unnoticed by most WhatsApp users, until this claim went viral on WhatsApp and social media platforms:

CYBER SECURITY ALERT
Announcement

Let’s look sharp all admins*
WhatsApp has added a new security feature to prevent hackers from joining Groups.
I Hope Admins will take advantage of this feature.

*Admins* should go to group settings and
‘TURN ON’ Approve New Participant.

This will prevent unauthorized access for hackers.

WHATSAPP ADMINS ALERT!!!

That WhatsApp cybersecurity alert was unsigned, so we have no idea who created it. But once it went viral, WhatsApp users started asking their group administrator to turn it on to block hackers.

But does the new Approve New Participant feature really block hackers from attacking WhatsApp groups?

Recommended : Scam Alert : Watch Out For Telegram Phishing Attack!

 

Truth : WhatsApp Approve New Participant Does Not Block Hackers!

This is yet another example of FAKE NEWS circulating on WhatsApp, and social media platforms like Facebook and Twitter, and here are the reasons why…

Fact #1 : Approve New Participant Is Not A Cybersecurity Feature

First, let me just point out that Approve New Participant is not a cybersecurity feature. WhatsApp introduced the this feature to help group administrators “grow, moderate, and protect their groups“.

The Approve New Participants setting empowers admins to help grow, moderate, and protect their groups. Turning on the setting in Group Settings requires the admin to review every request to join the group before a participant is allowed to join. This feature enhances privacy and security for all participants in the group.

This feature is designed to protect private groups by preventing people from simply joining them using an invite link.

This is a major security concern for private groups, as it exposes the group chats to people who may not be authorised to view them. However, this is not a concern for open groups, as they are open to one and all.

Fact #2 : Approve New Participant Cannot Block Hackers

When a group turns on Approve New Participant, admin approval is required to join a group. People who attempt to join the group will see a Request to join button, with the message “An admin must approve your request”.

After clicking on Request to join, those who wish to join the group are allowed to share their Reason for the request, or Cancel Request.

Once the group administrators get the request, they can either approve or reject the request. Group administrators can also start a chat with the person to request more information.

All that is great for vetting people who want to join an exclusive WhatsApp group, but this new feature does not block hackers, as the group administrator will not know who is, or is not a hacker. It’s not like those WhatsApp accounts have a “hacker” or “not a hacker” label!

Hackers can use social engineering techniques to trick the group administrators into approving their requests, or they can simply use phishing attacks to take over the WhatsApp accounts of existing group participants!

Recommended : Must You Disable Facebook Auto-Fill To Block Scams?!

Fact #3 : Approve New Participant Is Disabled By Default

Cybersecurity features that are designed to block hackers will always be enabled by default – why would they be optional?

Yet, the new Approve New Participant feature is OPTIONAL in WhatsApp, and is DISABLED by default. That is because this is not a cybersecurity feature designed to block hackers.

Many WhatsApp groups are open for anyone to join, and turning on Approve New Participant would be pointless as group administrators would not know the identity of the people joining their groups.

This is why it is up to the WhatsApp group administrators to determine if it is suitable for them to use the new Approve New Participant feature, or not.

Private groups will want to turn this on, to vet people who request to join. But open groups will want this feature disabled, or their administrators will be overwhelmed with joining requests.

Fact #4 : Group Participants Can Always Be Removed

Here’s another reason why blocking new participants joining automatically does not block hackers – group participants can always be removed.

Let’s say a hacker, or an unauthorised person, gains access to your WhatsApp group. It doesn’t mean he/she can stay in your group forever. Any group administrator can remove that person.

This new feature only helps group administrators pre-vet people who want to join their group, instead of kicking them out after they have already joined.

Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Cybersecurity | SoftwareTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Scam Alert : Watch Out For Telegram Phishing Attack!

Watch out for the phishing attack that will allow scammers to take over your Telegram account!

 

Scam Alert : Watch Out For Telegram Phishing Attack!

Scammers are now targeting Telegram users with a phishing attack that is designed to trick them into giving up their accounts! The Telegram phishing attack works like this:

Step 1 : The scammer gains control of your friend’s Telegram account, and sends this message to you:

Dear Telegram users. The system detects that this account is abnormal and has potential security risks.

To ensure that you can log in to your account normally, you need to invite friends for auxiliary verification  

The risk control account has not been verified. The system will cancel the account after 24 hours! 

Personal Information Authentication:[link removed]

Step 2 : The scammer, masquerading as your friend, asks you to help him/her verify his/her Telegram account by clicking on the link.

There are security risks in my account, and I need friends to help me verify it. Please click on the official link to help me verify it and follow the prompts. thank you

Step 3 : If you click on the [removed] link to help your friend, you will be taken to a website that looks like an official Telegram website. DO NOT DO THIS.

Step 4 : You will be asked to log into your Telegram account on the fake website. DO NOT DO THIS.

Step 5 : The fake Telegram website will ask you to key in your Login code, or take and upload a screenshot of your Telegram. DO NOT DO THIS.

Step 6 : If you continue, the scammer will be able to take over your Telegram account, and use it to scam your friends by asking them for money, etc.

The scammer will also have access to your Telegram chats, and all associated media including photos and videos, which could potentially be leaked or used to extort you or other people.

Recommended : Beware Of Telegram Screenshot Hack + Scam!

 

How To Protect Against Telegram Phishing Attack

A phishing (pronounced as fishing) attack is a social engineering attack, that uses your trust for an institution (like a bank), authority (Telegram), or someone you know, to give up your login details.

Here are some ways you can protect yourself against any phishing attack on Telegram, or other platforms.

Verify Identity Before Trusting

Many people fall for phishing attacks because it is human nature to trust your friends and to help them. However, on instant messaging apps, you don’t actually know if it’s really your friend on the other end!

So if a friend messages you on Telegram, WhatsApp, Facebook, Twitter, Instagram, etc to ask for help, ALWAYS verify their identity before proceeding.

If possible, call or message your friend on the phone, or via a different platform (use WhatsApp if the request came on Telegram, for example).

But if you are unable to call your friend, try asking the other person something that only your real friend would know:

  • Do NOT ask questions like “Are you really Sarah??
  • Do NOT ask questions that can be answered by reading previous chat messages.
  • Ask something that only you and your friend would know, like “Hey Sarah, what was that restaurant we went to last week?
  • Ask a fake question that your friend would readily know is not true, like “Hey Sarah, are you coming over tonight?

If the other person cannot answer or gives you the wrong answer, he/she is not your friend, and that account has likely been taken over by a scammer.

Recommended : How To Block Facebook Ads + Pay Scammers!

Look At The Link

Whenever you see a link being shared, always check if it leads to a legitimate website, or attempts to masquerade as a real website, by substituting characters in the link.

This Telegram phishing attack, for example, uses a link to telegram.0rg.ee. The real Telegram domain name is telegram.org. This is called domain spoofing.

If you see an attempt to impersonate a legitimate website by using a similar-looking domain name, do NOT click on it.

Never Login Via A Link

It is common for people to share links on Telegram, and in Telegram groups. Heck, we share links to our article in the Tech ARP Telegram group!

Clicking on links in Telegram, WhatsApp, emails, etc. is not dangerous, because most lead to legitimate websites that do NOT require you to log in.

What is dangerous is logging into any website through a link. I cannot hammer this enough – NEVER LOG INTO ANY WEBSITE through a link!

Phishing attacks work by tricking you into going into a fake website that looks like the real website. But you still have to log into the fake website to give the scammers your login details.

If you click on a link, and you are asked to login – this is likely a phishing attack. But don’t worry – as long as you refuse to log into any website after clicking on a link, the phishing attack fails.

Turn On Two-Step Verification

All banking platforms, and many mobile apps now offer two-step verification to prevent scammers from taking over user accounts. However, this is often an optional feature that you must manually enable.

Telegram has a two-step verification feature, which prevents scammers and hackers from hijacking your account by requiring a secret password that only you will know.

Please follow our guide on how to turn on Two-Step Verification in Telegram.

Just make sure you do NOT give that password out to anyone, or key it into any website!

Read more : How To Turn On Two-Step Verification In Telegram!

Warn Your Family + Friends!

It is important to publicise phishing attacks, whenever they happen. If people are alerted, they are less likely to fall for such attacks.

However, scammers and hackers can quickly change the way their phishing attack works, so it is important that people understand how phishing attacks work in general.

You can help prevent phishing attacks by sharing this articles, and other cybersecurity warnings, with your family and friends.

Please help us FIGHT SCAMMERS by sharing this cybersecurity article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Business | SoftwareTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Pinduoduo App Contains Persistent Spy Malware!

One of China’s most popular apps – Pinduoduo apparently contains a malware that monitors user activities and is difficult to remove!

Take a look at what CNN and multiple cybersecurity researchers have discovered about Pinduoduo!

 

Pinduoduo : What Is It?

Pinduoduo is actually a Chinese online retailer. Think of it as China’s Amazon. While Amazon started as an online bookstore, Pinduoduo started as an online agricultural retailer.

Since then, Pinduoduo has become one of China’s most popular online shopping platform, with its app offering its 750 million users access to cheap products in China, by offering steep discounts on group buying orders.

Despite its meteoric rise, Pinduoduo has not been without its controversies. In 2018, the company was criticised for hosting inferior and imitation products, to which it responded by taking down more than 4 million listing and shutting down 1,128 stores.

In 2019, Pinduoduo was hit by hackers who stole discount coupons worth tens of millions of Yuan. And just last month, Google suspended the Pinduoduo app after discovering that versions offered outside its Play Store contained malware.

The Off-Play versions of the e-commerce app that have been found to contain malware have been enforced on via Google Play Protect.

Read more : How To Block Facebook Ads + Pay Scammers!

 

Pinduoduo App Contains Persistent Spy Malware!

Western interest may have been initiated by Google suspending the Pinduoduo app, but cybersecurity experts had already started looking into the app, and what they discovered was very troubling.

Alert First Raised By Chinese Cybersecurity Company

I think we should start by noting that it was a Chinese cybersecurity company called Dark Navy that first raised concerns about malware in the Pinduoduo app in February 2023.

Although Dark Navy did not name Pinduoduo in its report, cybersecurity researchers knew who it was referring to and soon followed up with their own investigations and reports, confirming Dark Navy’s report.

Sophisticated Malware

Half a dozen cybersecurity teams from Asia, Europe and the United States identified sophisticated malware in the Pinduoduo app that were designed to exploit vulnerabilities in the Android operating system used by many smartphones.

The malware allows the Pinduoduo app to bypass Android security features to monitor activities in other apps, check notifications, read private messages, and even change settings. It is also difficult to remove once installed.

Mikko Hyppönen, chief research officer at WithSecure, a Finnish cybersecurity firm, said that:

We haven’t seen a mainstream app like this trying to escalate their privileges to gain access to things that they’re not supposed to gain access to. This is highly unusual, and it is pretty damning for Pinduoduo.

Read more : Can SIM Swap empty bank accounts without warning?!

Dedicated Hacking Team To Look For Vulnerabilities

Even more damning, CNN reported that a current employee revealed that Pinduoduo set up a team of about 100 engineers and product managers to look for vulnerabilities in Android smartphones, and find ways to exploit them for profit.

To avoid exposure, the source said that the company targeted users in rural areas and smaller towns, and avoided users in megacities like Beijing and Shanghai.

By collecting expansive data on those users, Pinduoduo was able to create a comprehensive portrait of their habits, interests, and preferences; while improving its machine learning models to personalise push notifications and ads.

Pinduoduo App Gained More Access Than Allowed

Three cybersecurity companies – WithSecure, Check Point Research, and Oversecured conducted independent analysis of version 6.49.0 of the Pinduoduo app that was released in late February 2023, and found code designed to achieve “privilege escalation” – a type of cyberattack that exploits vulnerabilities in the operating system to gain a higher level of access to data that it’s supposed to have.

Our team has reverse engineered that code and we can confirm that it tries to escalate rights, tries to gain access to things normal apps wouldn’t be able to do on Android phones.

The Pinduoduo app was able to continue running in the background, and prevent itself from being uninstalled. This was apparently done to boost the platform’s statistic for monthly active users.

Pinduoduo App Has Access To User Data Without Consent

Delware-based app security start-up, Oversecured, found that the Pinduoduo app had access to user data like locations, contacts, calendars, notifications, and photo albums, without their consent.

The app was also able to change system settings, and access user social media accounts and chats.

Recommended : Beware Of Telegram Screenshot Hack + Scam!

Pinduoduo App Also Snooped On Other Apps

The Pinduoduo app also had the ability to snoop on competing shopping apps, by tracking activity on other shopping apps, and gathering information from them.

Pinduoduo App Able To Secretly Receive Updates

Check Point Research found that Pinduoduo was able to push updates to the app, without first going through an app store review process to detect malicious code.

Pinduoduo App Programmers Attempted To Obscure Malicious Code

Check Point Research also found that some plug-ins used by the Pinduoduo app tried to obscure potentially malicious code by hiding them under legitimate file names, such as Google’s.

Such a technique is widely used by malware developers that inject malicious code into applications that have legitimate functionality.

Pinduoduo Targeted Android Devices

According to Sergey Toshin, founder of Oversecured, Pinduoduo’s malware specifically targeted Android operating systems used by Samsung, HUAWEI, Xiaomi and OPPO.

He also described the app as “the most dangerous malware” ever found in mainstream apps, exploiting about 50 Android system vulnerabilities. Most of these exploits targeted customised OEM code used by smartphone brands to customise their smartphone software.

I’ve never seen anything like this before. It’s like, super expansive.

Recommended : Chinese Netizens Explode Over WPS Office Censorship!

Pinduoduo Removed Exploit + Canned Hacking Team

After cybersecurity researchers started reporting about the app, Pinduoduo released version 6.50.0 on March 5, which removed the exploits they found. Two days later, Pinduoduo disbanded its Android hacking team, according to the same employee.

The hacking team members found themselves locked out of Pinduoduo’s workspace communication app, called Knock, and lost access to files on the company’s internal network, with their privileges revoked.

Most of the team was later transferred to work at Pinduoduo’s sister app, Temu. A core group of about 20 cybersecurity engineers however remain at Pinduoduo.

In addition, Sergey Toshin of Oversecured noted that while the exploits were removed in the new version of Pinduoduo, the underlying code remained and could be reactivated to carry out attacks.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Cybersecurity | MobileTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Maybank FB Ads Scam : How To Recover Your Money?!

If you are one of the many Maybank (MBB) customers who got hit by the Facebook Ads scam, here is how you can recover your money!

 

Facebook Ads Scam Hits Many Maybank Customers!

Many Maybank customers are complaining that they are being charged for fraudulent Facebook Ads advertisement campaigns!

They discovered that their debit cards were charged for Facebook advertisements that they never approved.

Stephanie Wong : I think i am a very cautious person as I did not link my card to any platform or make purchase through any unsafe website at ALL, but it still happens to me.

I found out the money deducted from my bank acc through multiple continuous transactions yesterday, then I called Maybank customer service immediately.

They helped me to cancel the card but then the thing happened again this morning.

@ruffleseedI heard tens of millions of Ringgit were reported misappropriated through @facebook
on multiple bank over the past few weeks.

Delete your phone number from Facebook now and do not let @messenger handle your SMS.

@MyMaybank has yet to answer us re: this intrusion.

Read more : Facebook Ads Scam Hits Many Maybank Customers!

 

Maybank FB Ads Scam : How To Recover Money?!

Generally, you should NEVER use a debit card because it does not offer the protection a credit card does – money is withdrawn directly from your bank account, and the bank is not legally obliged to refund any money lost through scams.

However, Hafizah Ayko who was once a victim shared her experience on how she managed to recover money, even though the scammers used her debit card to run those fake Facebook advertisements.

To help you recover any money you may have lost to Facebook Ads scammers, I translated and “improved” her instructions for you:

Disable Your Debit / Credit Card

First, you need to quickly disable your debit or credit card. You can call up the bank, or in Maybank’s case:

Step 1 : Log into your Maybank2U account.

Step 2 : Go to Cards, and select Manage My Debit Card.

Step 3 : Select Debit Card – Replace, Renew, Activate & Block.

Step 4 : Select Block Debit Card. You will need to get a replacement card from any Maybank branch later.

If you feel that the above steps are too complicated, an alternative method would be to immediately transfer your money to another bank account, if you have one.

But please DO NOT transfer your money to another person’s account. Only transfer your money to another bank account that you own.

NEVER EVER transfer your money to a third party, especially they claim to be police officers or bank officers trying to help you. That is a scam!

Police departments and banks do NOT have special bank accounts to hold and protect your money during scams. And legitimate police and bank officers are NOT authorised to receive money, and will NEVER ask you to transfer money to their bank accounts.

Recommended : Must You Disable Facebook Auto-Fill To Block Scams?!

Disable Facebook Ads

Next, you need to immediately disable all advertisements that the scammer has set up using your Facebook account. The longer they continue to run, the more you are being charged for them!

Step 1 : Go to your Facebook account, and select See all.

Step 2 : Select Ads Manager.

Step 3 : You should see a bunch of fraudulent advertisements running. Turn all of them off.

Recommended : Beware Of Telegram Screenshot Hack + Scam!

Ask Facebook For Refund

After turning off the fraudulent advertisements, you need to report them, and ask Facebook for a refund.

Step 1 : Go to Ad account settings, and select Report a problem at the lower right corner.

Step 2 : Select Ad Policy or Fraud. Then select Fraudulent Activity.

Step 3 : Explain your situation the best you can, and upload any screenshots you have, and send the report.

After that, Facebook should respond that they would issue a refund for the fraudulent transactions in 3-5 business days!

Alternatively, you can submit report unauthorised or unknown charges to Facebook using this online form.

Recommended : Can SIM Swap empty bank accounts without warning?!

Ask Your Bank For A Refund

You should also report the fraudulent transactions to your bank and request for a refund. This works for credit cards, but you should nevertheless give it a try even if the scammers hit your debit card.

Step 1 : Download the Maybank Dispute Form.

Step 2 : Print or directly fill in the information into the PDF form.

Step 3 : Email the form to disputemgmt@maybank.com.my, together with any relevant screenshots, within 20 days from the closing date of the billing period.

Again, banks are not obliged to refund fraudulent charges to debit cards, as the money is withdrawn directly from your bank account. But there is no harm trying.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Cybersecurity | MoneyTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

MILO Malaysia Ramadan Contest Scam Alert!

Please watch out for the MILO Malaysia Ramadan contest scam!

Find out why it is just a SCAM, and WARN your family and friends!

 

MILO Malaysia Ramadan Contest Scam Alert!

People are now sharing the MILO Malaysia Ramadan contest on WhatsApp and Facebook Messenger :

MILO Malaysia Ramadan gift

Through the questionnaire, you will have a chance to get 2000 Ringgit.

MILO Malaysia Ramadan gift

We have prepared a lot of cash gifts as Ramadan gift.

Recommended : Petronas 50th Anniversary Scam Alert!

 

MILO Malaysia Ramadan Contest : Why This Is A Scam!

Unfortunately, this is yet another survey scam, like the Tenaga Nasional 33rd Anniversary scam!!

Nestle confirmed that the viral MILO Malaysia contest a scam in a 30 March 2023 statement on their website:

Nestlé Malaysia Notification on Scams

We have been alerted of a MILO Ramadan Contest offering cash prizes to the public upon completion of a questionnaire. Please be informed that this is a scam which aims to mislead the public.

Nestlé views this matter seriously and has reported it to the relevant authorities.

If you have received a post or message on this, or know anyone who has:

DO NOT share the post
DO NOT provide any personal details (e.g. bank account numbers)
DO NOT make any payments

This is yet another example of a survey scam, that scammers have been using for years:

Now, let me show you how to spot these scams next time!

If you spot any of these warning signs, DO NOT PROCEED and DO NOT SHARE!

Warning Sign #1 : Bad Grammar

Most of these scammers do not have a good command of the English language, so if you spot bad grammar, stay away.

Proper contests or events sponsored by major brands like Nestle will have at least one PR or marketing person who will vet the text before allowing it to be posted.

Recommended : Petronas 50th Anniversary Scam Alert!

Warning Sign #2 : Offering You Free Money Or Gifts

Please do NOT be naive. No one – not even large companies like Nestle – is going to give you money or free gifts just to participate in a survey!

Nestle is a corporation whose business is to make money, not a charity to give you free money.

Warning Sign #3 : Not Using The Real MILO Domain

A genuine Nestle or MILO marketing campaign would use their real domains – www.milo.com.my or www.nestle.com.my.

Or they would run it off the official MILO Malaysia page on Facebook – www.facebook.com/MiloMalaysia/.

If you see nonsensical domains like findinggreedy.cn, consequentlybewilder.cn, merefamily.top, 0yjjg61.cn, 1eaf1rnbeef.top, ldxqw.bar, etc. that’s a sign it’s a SCAM!

Warning Sign #4 : Asking You To Forward The Offer

No brand will insist that you must share the offer with 5 groups or 20 friends on WhatsApp or Facebook Messenger.

Do not click to forward their offer to your family and friends. They will not appreciate being scammed with your help!

Recommended : Facebook Ads Scam Hits Many Maybank Customers!

Warning Sign #5 : Asking You To Download + Register An App

If you click through and joined the fake survey scam, you will eventually be asked to download and register for an app.

This is VERY DANGEROUS. Never agree to download and register for any unknown app from a website.

Always download your apps from an official App Store like Google Play Store (for Android smartphones) and Apple App Store (for iPhones).

Please help us fight scams like this and SHARE this article out!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > CybersecurityFact Check | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Facebook Ads Scam Hits Many Maybank Customers!

Many Maybank (MBB) customers are getting hit by the Facebook Ads scam!

Find out what’s going on, and what you can do to avoid this Facebook Ads scam!

 

Facebook Ads Scam Hits Many Maybank Customers!

Many Maybank customers are complaining that they are being charged for fraudulent Facebook Ads advertisement campaigns!

They discovered that their debit cards were charged for Facebook advertisements that they never approved.

Stephanie Wong : I think i am a very cautious person as I did not link my card to any platform or make purchase through any unsafe website at ALL, but it still happens to me.

I found out the money deducted from my bank acc through multiple continuous transactions yesterday, then I called Maybank customer service immediately.

They helped me to cancel the card but then the thing happened again this morning.

@ruffleseedI heard tens of millions of Ringgit were reported misappropriated through @facebook
on multiple bank over the past few weeks.

Delete your phone number from Facebook now and do not let @messenger handle your SMS.

@MyMaybank has yet to answer us re: this intrusion.

Recommended : Beware Of Telegram Screenshot Hack + Scam!

Fahim Fahmi : Begitu saja duit kena curi 😢

Translation : That’s how [my] money got stolen 😢

Danish Ihsan : Aku dah kena jugak, satu hari 2 transaction.. nasib sedaq awai, habis rm800.. kalau tak lagi banyak.. maybank dah tak selamat, tadi kat bank pun ada akak kena jugak transfer to others acc beribu2 jugak lah,. Solusi, jangan guna maybank buat masa sekarang..

Translation : I got with with 2 transactions in one day.. luckily, I realised early, but lost rm800.. if not it would have been more.. maybank is not safe, just now at the bank a lady transferred thousands [of ringgit] to other people’s account. Solution, don’t use Maybank for now..

Recommended : Watch Out For TNG eWallet SMS Phishing Scam!

 

Analysis : Facebook Ads Scam May Not Be Related To Maybank

Many of those customers are angry with Maybank over these fraudulent charges to their debit cards, which meant the money was directly withdrawn from their bank accounts.

However, on closer analysis, the scammers may not necessarily be taking advantage of leaked Maybank debit card information, or hacked Maybank itself…

Fact #1 : Other Bank Customers Are Affected Too

While most recent Facebook Ads scam cases appear to be affecting Maybank customers, other bank customers are reporting that they took were charged for those fraudulent advertisements.

@eeshepeeka : nohh laki cek pun kena last week tp kat CIMB. ada few transaction for 2 days nasib dia tolak sikit2. sekali deduct RM12+ sehari 3x ja. deduction description pun sama sebiji cam dlm gambaq tu. haiyaa

Translation : Well, my husband also got [scammed] last week but at CIMB. there were a few transactions for 2 days, but luckily [the scammer] deducted only small amounts. each time deducting RM12+ a day for 3 times. The deduction description is the same as the one in the picture. haiyaa

@ItsNeoah : Banyak kali kena kat credit card ambank. Alhamdulilah call ambank dia mintak isi dispute form then tgok next cycle bil dah takde. Letih ngan scammer ni.

Translation : [My] Ambank credit card got hit many times. Alhamdulillah, after calling Ambank, they asked me to fill out a dispute form, then when I checked the next bill cycle [the charges] was removed. Tired of this scammer.

Recommended : Can SIM Swap empty bank accounts without warning?!

Fact #2 : Most Of Them Ran Facebook Ads In The Past

In addition to analysing their stories, I also spoke to someone who knows several Maybank customers who got hit by the scam. From what I can ascertain, most of them ran Facebook Ads in the past.

Stephanie Wong : 3.) Did not run any ads recently, but few years ago

@wnn_tasha : I last pakai FB ad guna akaun ni tahun 2018. Silap tak remove payment method tu.

Translation : I last used FB ad using this account in 2018. My mistake for not removing the payment method.

They said that they paid for Facebook page a few years ago to boost their audience.

That said, at least two Maybank customers said that they have never registered any debit or credit card with Facebook:

Fahim Fahmi : Tak pernah ada link kad dengan FB atau social media yang lain

Translation : [I] never linked [any] card with FB or other social media

@ruffleseed : I have never set up payment methods on Facebook nor have I ever used Facebook ads.

Recommended : Beware Of Telegram Screenshot Hack + Scam!

Fact #3 : Scammer Likely Got Access To Those Facebook Accounts

What is interesting is that most of those who were affected by this Facebook Ads scam reported that their Facebook accounts were used to create and run those ads.

If their debit or credit cards were merely stolen, the scammers could have created a new Facebook account to use those stolen cards to run Facebook ads.

Fortunately, one of the victims “caught” the scammer logging into her account from the United States. This clearly shows that the Facebook Ads scam requires the scammer to gain access to their Facebook accounts.

It is likely that the scammers gained access to their victims’ Facebook accounts using phishing attacks, and simply used the debit or credit cards that those victims earlier registered with Facebook to run advertisements in the past.

Fact #4 : Facebook Auto-Fill Is Not The Problem

After these cases went viral, people blamed the Auto-Fill feature in Facebook, and shared videos and photos on how to disable it.

The truth is – this Facebook Ads scam very likely has nothing to do with Auto-Fill, which is a feature used in many other services and platforms.

Auto-Fill only makes it easier to fill in your debit or credit card details. It does not bypass any verification that is required to make a payment.

Read more : Must You Disable Facebook Auto-Fill To Block Scams?!

Fact #5 : You Can Recover Your Money!

Now, this is important – you need to move fast to cut your losses, and recover the money. You can also improve your Facebook account security to prevent it from happening again.

For more details, please read our guide – Maybank FB Ads Scam : How To Recover Money?!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Cybersecurity | MoneyTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

BitiCodes Scam Alert : Fake Celebrity Endorsements!

You may have seen celebrities endorsements of BitiCodes or Biti Codes circulating on Facebook and Instagram, but they are all FAKE.

Find out why there are so many fake celebrity endorsements of Biticodes / Biti Codes, and how they are doing it!

 

BitiCodes / Biti Codes : Fake Celebrity Endorsements

BitiCodes or Biti Codes claims to be “the crypto industry’s most accurate AI auto-trading app“, which “works by automatically placing trades… using trading bots to strengthen your chances of making a profitable trade.”

If you never heard of it, you won’t be alone, because it’s mainly promoted via advertisements on Facebook, Instagram, etc. They are also promoting it through Google Ads like these examples, which will often appear in completely legitimate websites.

Clicking on those advertisements will lead to legitimate-looking articles from local or crypto publications, often with a celebrity endorsing Biticodes / Biti Codes.

Here in Malaysia, people will see Biticodes being endorsed by the likes of local politicians like Lim Guan Eng or Dr. Mahathir. But those in the cybersecurity industry will quickly realise that these articles are familiar because they are almost exact copies of scam articles used in the previous Bitcoin Revolution scam.

Looking for reviews of Biticodes or Biti Codes is pointless, because they appeared to have paid for advertorials in legitimate media outlets, which are (intentionally?) wrongly listed as “reviews”. Only at the very bottom do they include a disclaimer that it was a sponsored post.

Outlook India

Biticodes Reviews : Today we’ll be talking about one platform called Biticodes that you can use to make an extra source of income. It’s safe, and you do not need to worry about anything. It may help you earn good money in very less time.

Disclaimer : This is sponsored review content posted by us. All the information about the product is taken from the official website (and not fact-checked by us). Contact customer care phone number given on product’s official website for order cancellation, return, refund, payment, delivery etc. related issues. Must consult any financial specialist before investing in BitiCodes Auto-Trading Software.

Tribune India

Biticodes is real or scam review 2022 : With an astonishing success rate of 90%, BitiCodes has what it takes to be your go-to platform for cryptocurrency trading. It can execute multiple deals per second – a rate that even the most experienced cryptocurrency traders would be hard-pressed to match.

Disclaimer : The views and opinions expressed in the above article are independent professional judgment of the experts and The Tribune does not take any responsibility, in any manner whatsoever, for the accuracy of their views. Biticodes are solely liable for the correctness, reliability of the content and/or compliance of applicable laws. The above is non-editorial content and The Tribune does not vouch, endorse or guarantee any of the above content, nor is it responsible for them in any manner whatsoever. Please take all steps necessary to ascertain that any information and content provided is correct, updated, and verified.

In other words, those are NOT legitimate reviews, and the media outlets did not even test Biticodes / Biti Codes. Their disclaimers show that their “reviews” were paid content, written by Biticodes / Biticodes.

 

Avast Explains How BitiCodes Scam Works

In an August 2022 article, the cybersecurity company explained how the BitiCodes (also known as TeslaCoin) scam works:

The scam encourages people to pay to create an account and invest into a fraudulent crypto investment platform. There are two ways the campaign reaches potential victims: Through Facebook ads and email. Ultimately, victims can end up losing at least $250.

At the bottom of the page is a webform requesting site visitors to enter their name, email address, and phone number in order to register for the platform. The victim receives an email from a bot sparking a conversation in the victim’s language.

After a brief example exchange, the bot sends a link to a payment gateway, and asks the victim to transfer $250 in order to activate their trading account. Another scenario involves the bot emailing potential victims with steps to login to a cryptocurrency broker page, and after a few more emails, the bot sends a link to a payment gateway, asking the victim for a $250 initial investment.

I also investigated the articles and the BitiCodes website, and noticed that they are all using highly-suspicious domains and links:

  • celesteal.xyz/biticodes for the BitiCodes website (registered 23 Nov. 2022)
  • thedailypressbriefing.com/my for the BTC-News website (registered 29 Jan. 2023)
  • saveontaxesthisyear.tax for the BTC-News website (registered 6 Feb. 2023)

As you can see, the domains are not only completely unrelated to the article / websites, they are almost brand new! And if you go to their domain root, nothing loads. That is not how legitimate websites function. If you do a WHOIS lookup, you will discover that the owners of these domains are hidden.

Regardless of whether BitiCodes / Biti Codes itself is legitimate, you should avoid any article that do not tally with the official website, or with irrelevant domains.

Don’t fall for the scam. Avoid these BitiCodes / Biti Codes advertisements and fake celebrity endorsements.

Please help us fight fake news – SHARE this article, and SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | Money | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Tenaga Nasional 33rd Anniversary Scam Alert!

Please watch out for the Tenaga Nasional 33th Anniversary survey contest scam!

Find out why it is just a SCAM, and WARN your family and friends!

 

Tenaga Nasional 33th Anniversary Survey Scam Alert!

People are now sharing the Tenaga Nasional 33th Anniversary messages on WhatsApp :

Congratulations!

Tenaga Nasional 33rd Anniversary National Government Power Subsidy!

Through the questionnaire, you will have a chance to get 1000 Ringgit

🎉 Tenaga Nasional 33rd Anniversary National Government Power Subsidy 🎊

Electricity subsidy is being issued…

Recommended : Petronas 50th Anniversary Scam Alert!

 

Tenaga Nasional 33th Anniversary Survey : Why This Is A Scam!

Unfortunately, this is yet another survey scam, like the Petronas 50th Anniversary scam!

Tenaga Nasional confirmed that this survey is a scam in a scam alert on their website on 6 February 2023.

Win Cash Rewards from TNB – 6/2/2023

TNB customers are advised to ignore survey links that claim they can win cash rewards from TNB.

TNB does not organize any kind of cash prize giveaway on social media. Please be careful and avoid spreading this false information.

I know many of us are in dire straits during the COVID-19 pandemic, having lost jobs, income or even loved ones.

Unfortunately, scammers are counting on our desperation to prey on us, using the same survey scam they have been using for years :

Now, let me show you how to spot these scams next time!

If you spot any of these warning signs, DO NOT PROCEED and DO NOT SHARE!

Warning Sign #1 : Bad Grammar

Most of these scammers do not have a good command of the English language, so if you spot bad grammar, stay away.

Proper contests or events sponsored by major brands like Tenaga Nasional will have at least one PR or marketing person who will vet the text before allowing it to be posted.

Read more : Petronas 50th Anniversary Scam Alert!

Warning Sign #2 : Offering You Free Money Or Gifts

Please do NOT be naive. No one is going to give you money or free gifts just to participate in a survey!

Tenaga Nasional isn’t going to give you FREE money, just because it’s their anniversary.

They are a corporation whose business is to make money, not a charity to give you free money.

Warning Sign #3 : Not Using The Real Jaya Grocer Domain

A genuine Tenaga Nasional campaign would use their real domain – www.tnb.com.my.

Or they would run it off the official Tenaga Nasional page on Facebook – www.facebook.com/TNBCareline/.

If you see nonsensical domains like merefamily.top, 0yjjg61.cn, 1eaf1rnbeef.top, ldxqw.bar, etc. that’s a sign it’s a SCAM!

Warning Sign #4 : Asking You To Forward The Offer

No brand will insist that you must share the offer with 5 groups or 20 friends on WhatsApp or Facebook Messenger.

Do not click to forward their offer to your family and friends. They will not appreciate being scammed with your help!

Warning Sign #5 : Asking You To Download + Register An App

If you click through and joined the fake survey scam, you will eventually be asked to download and register for an app.

This is VERY DANGEROUS. Never agree to download and register for any unknown app from a website.

Always download your apps from an official App Store like Google Play Store (for Android smartphones) and Apple App Store (for iPhones).

Please help us fight scams like this and SHARE this article out!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > CybersecurityFact Check | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Scam Alert : Fake Damar Hamlin Donation Requests!

Please watch out for fake donation requests for Damar Hamlin who suffered a cardiac arrest during a primetime NFL game!

 

Scam Alert : Fake Damar Hamlin Donation Requests!

After Damar Hamlin suddenly collapsed from cardiac arrest during the primetime NFL game between the Buffalo Bills and the Cincinnati Bengals, his GoFundMe page has exploded with donations – at publication time, it raised over $7.7 million!

However, scammers are apparently also trying to milk public concern for Damar Hamlin, and his family relayed a warning through his friend and marketing rep, Jordon Rooney, about people requesting cash app and GoFundMe donations in his name.

Damars parents wanted me to get this out there:

Beware of people requesting cash app donations and making GoFundMe’s.

If you do want to support Damar’s foundation, his initial toy drive campaign has turned into the central location for that.

Recommended : Did Damar Hamlin Collapse From Vaccine SADS?!

 

Damar Hamlin Donation Shifted From GoFundMe To Website

To avoid further confusion, the Chasing M’s Foundation created a new website to handle the donations directly.

When Rooney announced the new website, he shared that Chasing M’s Foundation is a 501 (c) (3) non-profit organisation that is dedicated to “supporting the aspirations of youth and community members through sports, education, and enrichment opportunities“.

The executive director, Mario Hamlin, ask that people who wish to donate to the foundation, please do so through the new website. He also asked that people consider donating to the University of Cincinnati Medical Center trauma center, or buy your trauma center team and first responders lunch.

The Hamlin family appears to be making these moves to curb the donation scams that have mushroomed over public support for Damar Hamlin.

So please do NOT donate to any other Damar Hamlin initiatives, cash app requests, or GoFundMe pages. The only legitimate avenues for donations towards Damar Hamlin are:

  • The Chasing M’s Foundation website
  • University of Cincinnati Trauma Center

Alternatively, you can show your appreciation for first responders and trauma teams in your area, by buying them lunch.

Read more : Damar Hamlin Shows Improvement, Asked Who Won!

 

The Real Damar Hamlin Donation GoFundMe Page!

When he was still in college at the University of Pittsburgh, Damar Hamlin started a toy drive on GoFundMe called The Chasing M’s Foundation Community Toy Drive.

Its first program with a 2020 Community Toy Drive, which set a goal of just $2,500 to buy toys for “children who have been hardest hit by the pandemic”.

As I embark on my journey to the NFL, I will never forget where I come from and I am committed to using my platform to positively impact the community that raised me. I created The Chasing M’s Foundation as a vehicle that will allow me to deliver that impact, and the first program is the 2020 Community Toy Drive. 

This campaign gives you the opportunity to contribute to our first initiative and positively impact children who have been hardest hit by the pandemic. 100% of the funds raised will go toward the purchase of toys for kids in need. The time to act is now, as we will be distributing toys on December 22nd from 3:30 to 5:30 PM from Kelly and Nina’s Daycare Center at 800 Russellwood Ave., McKees Rocks, PA 15136. 

If you are not able to contribute monetarily, you can support this initiative in other ways. We are accepting donated toys at the Daycare Center or simply spread the word by sharing this fundraiser on your social channels. 

Thank you so much for supporting me on and off the field. I am grateful to have the opportunity to work with you to help make the holiday season a little brighter for the kids in our community.

Damar Hamlin
The Chasing M’s Foundation

After Damar Hamlin’s sudden collapse on the field, and subsequent hospitalisation in critical condition, his family reused the GoFundMe page to continue funding his community initiatives.

This fundraiser was initially established to support a toy drive for Damar’s community, sponsored by the Chasing M’s Foundation.

However, it has received renewed support in light of Damar’s current battle and we can’t thank all of you enough. Your generosity and compassion mean the world to us.

If you would like to show your support and contribute to Damar’s community initiatives and his current fight, this is the place to do so. This is the only current fund that is being used by the Hamlin Family.

Again, thank you for your thoughts, prayers and generous support during this time.

Damar created The Chasing M’s Foundation to use as a vehicle to bring lasting impact to his community. The foundation supports toy drives, back-to-school drives, kids camps, and more.

 

Damar Hamlin Donation Not Used To Support His Mother’s Daycare

Jordon Rooney also clarified that the official Damar Hamlin GoFundMe donation page is not being used to fund his mother’s daycare centre.

He explained that it was set up as a toy drive during his college days, and the toy giveaway was held at his mother’s daycare centre. Hence, the address listed in the GoFundMe is still his mother’s daycare centre.

Donations sent to his official GoFundMe would be used to support his foundation, which now does more than just toy drives, but also back to school drives, kids camps and more.

This came after sports business analyst Darren Rovell posted that the Damar Hamlin’s official GoFundMe would fund his mother’s daycare centre.

Damars GoFundMe does not support his mother’s daycare.. This was a toy drive that he set when he was in college and held it at the daycare.

The donations will support his foundation, which does toy drives, back to school drive, kids camps and more. Yeah

Please WARN OTHER PEOPLE  by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Cybersecurity | SportsTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Watch Out For TNG eWallet SMS Phishing Scam!

In this article, we will show you many types of TNG eWallet SMS phasing scam, so you can avoid them!

 

Watch Out For TNG eWallet SMS Phishing Scam!

People are getting these SMS messages that appear to be from TNG eWallet, but are really just phishing scams!

RMO TNG eWallet: Bantuan e-dompet kepada golongan B40&M40 RM1000 akan dikreditkan ke dalam TNG eWallet anda. Kemaskini maklumat dan semakan status di www.tngewalletbantuangov.com

RMO T’n GO Your account function has been closed. You need to confirm the device immediately. Follow my.tngwallc.com

RMO TNG Wallet: Permohonan GOpinjam anda telah diluluskan, RM3000 telah kredit ke TNG Wallet anda. Sila semak baki dan tuntutan anda di http://logtouchngo.cc

RMO GOV: Terima kasih atas sokongan anda dari kerajaan BN. Bantuan e-dompet kepada rakyat Malaysia berjumlah RM500 telah kredit ke TNG Wallet anda. Sila sahkan identiti dan semak baki anda di https://touchngoemy.top/

 

How TNG eWallet SMS Phishing Scam Works!

The many examples of the TNG eWallet phishing scam employ SMS spoofing technology to send you SMS messages that appear to be from the TNG eWallet team.

What most people don’t know is that – the TNG eWallet team will never send you any SMS messages to :

  • offer you money from government or other agencies
  • inform you that money has been credited to your eWallet
  • ask you to log into your eWallet account using a link
  • ask you to update your account information using a link

The TNG eWallet team warned users against clicking on any links sent by SMS, even if they appear to be genuine. Genuine TNG eWallet SMS messages will never have a link attached.

These links do not lead to the real TNG eWallet website (https://www.touchngo.com.my/), but use similar-looking fake domains, like:

tngewalletbantuangov.com
my.tngwallc.com
logtouchngo.cc
touchngoemy.top
ewallettouchng.top
touchngosign.com
touchngolog.top
logintouchngo.cc
touchngo.life
touchngologin.cc
my.touchngo.com
my.touchwalf.com
my.touchwalp.com
my.tngowalle.com
my.tngowallet.com
tngwallet.top

If you see such domains, you should be alert that you are being targeted by a phishing scam. NEVER CLICK ON A LINK in any TNG eWallet SMS.

If you click on any of these links, you will be taken to a page that looks like a genuine TNG eWallet login page, but is really a phishing scam page.

If you key in your login details, as well as your phone number and One-Time Password (OTP), the scammers will have full access to your eWallet, and can freely transfer out your eWallet balance.

As many of us link our credit cards to the TNG eWallet, the scammers can also reload your eWallet using those credit cards, and transfer the money out.

So make sure you IGNORE any SMS message that asks you to click on a link, even if it appears to be from TNG eWallet.

Please help to fight financial scams, by SHARING this article with your family and friends!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Cybersecurity | MoneyTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Maybank To Fully Migrate SMS OTP To Secure2u!

Maybank just officially announced that it will fully migrate from SMS OTP to Secure2u, as part of efforts to crack down on scams!

Here is what you need to know…

 

Maybank To Fully Migrate SMS OTP To Secure2u!

On 28 September 2022, Maybank officially announced that it will fully migrate from SMS OTP to Secure2u, as part of efforts to crack down on scams!

By June 2023, all online activities or transactions involving account opening, fund transfers and payments, as well as changes to personal information or account settings, will require Secure2u authentication.

This announcement came after Bank Negara Malaysia (BNM) ordered banks to migrate from the SMS OTP (One Time Password) to more secure authentication methods.

We remain highly committed in helping our customers to avoid being scammed by fraudsters.  This is done through existing security measures that are already in place and as we progressively rollout more measures that can help deter or minimise the likelihood of customers falling prey to financial scams.

We are also supportive of Bank Negara Malaysia’s announcement on 26 September 2022 in relation to the five measures to be adopted by banks in Malaysia to ensure higher standards of security, especially for Internet and mobile banking services.

The banking industry is committed to working together to combat financial scams which are increasingly prevalent in today’s digitalised environment.

– Dato’ Khairussaleh Ramli, Group President & CEO of Maybank

Read more : BNM Orders Banks To Stop Using SMS OTP To Fight Scams!

 

Details Of How Maybank Secure2u Will Replace SMS OTP

Secure2u isn’t new. It was introduced in April 2017 as a more secure way for Maybank customers to authorise Maybank2u and MAE transactions using Secure Verification (one-tap approval) and Secure Transaction activation codes (a 6-digit TAC number generated in the app), as an alternate to SMS OTP.

Maybank also revealed some details of how Secure2u will be enhanced as it replaces SMS OTP :

  • Only one Secure2u device will be allowed per account holder (customer) to minimise the possibility of compromise by a third party
  • Maybank will alert the customer by SMS, a push notification, and an email when Secure2u is registered on a new device.
  • In Q4 2022, Maybank will introduce a cooling-off period whenever customers enable Secure2u on a different device. This cooling-off period will give customers the opportunity to verify and report to the bank in case of any unauthorised Secure2u registration on a new device.

In addition to Secure2u, Maybank is heeding BNM’s call for tightened fraud detection rules and triggers, and has in place a call-back verification process to alert customers of suspicious transactions.

Read more : Maybank: New Secure2u Activations Only On MAE App

 

Maybank Advice On Fighting Scam

Maybank has a dedicated 24/7 hotline for customers to report financial scams at +603-5891-4744. Customers are advised to call the hotline immediately, as soon as they suspect that their banking details have been compromised, or whenever they notice suspicious transactions, so their bank accounts can be suspended swiftly.

Alternatively, customers can also contact the general Maybank Customer Care Hotline at 1-300-88-6688 to report scams / fraud, or to seek assistance in suspending their bank accounts.

Finally, here are some tips from Maybank on how to protect yourself while using online platforms:

  • Avoid installing/downloading apps/Android Package Kit (APK) files or clicking on suspicious links sent via chat messages such as SMS, WhatsApp, Messenger or other similar services.
  • Do not provide permission for any app to send or view your SMSes.
  • Do not ignore any warnings from your devices, especially when downloading or installing a new file.
  • Do not enter your banking details, especially username or password, in any suspicious apps or websites.
  • Always keep your antivirus software updated for constant protection.
  • Only download apps from the genuine app stores such as Apple App Store, Google Play Store or Huawei AppGallery and not from a link.
  • Be alert if you are being prompted to download a file that is not compatible with your device i.e.: iPhone/iPad device being asked to use an Android device to download a file.
  • Always look out for your online banking security image and phrase (i.e.: Maybank2u security image and phrase), to ensure the website and app are legitimate.
  • Do not root or jailbreak your device.
  • Update your mobile device’s operating system (OS) and apps regularly.

Finally, we must all remember to NEVER share with anyone (not even bank employees) details of our bank accounts.

Please SHARE this article and these tips with your family and friends!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Business | CybersecurityTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

BNM : Banks To Stop Using SMS OTP To Fight Scams!

Bank Negara Malaysia has ordered banks to stop using SMS OTP, as a way to fight financial scams!

Here is what you need to know…

 

BNM : Banks To Stop Using SMS OTP To Fight Scams!

Bank Negara Malaysia (BNM) has ordered banks in Malaysia to stop using SMS OTP (One Time Passwords), and migrate to a more secure form of authentication for online transactions.

This move comes after many Malaysians were hit by scams that bypassed the security offered by SMS OTP, leading to great loss of their hard-earned money.

BNM governor Tan Sri Nor Shamsiah Mohd Yunus said major banks in Malaysia have already started migrating from SMS OTP to more secure forms of authentication.

 

BNM : More Measures Beyond SMS OTP To Fight Scams!

In addition to “banning” SMS OTP, BNM has ordered the further tightening of detection rules and triggers to block potential scams.

This includes adding a cooling-off period for first-time enrolments of online banking services, as well as devices being registered for authentication purposes.

Banks will also be required to set up dedicated scam hotlines, and provide convenient ways for customers to suspend their bank accounts if they suspect that those accounts have been compromised.

Banks also have to ensure that customers are able to reactivate their accounts after a reasonable period, after ensuring that their accounts have been secured.

Together with the financial industry, BNM will continue to ensure that banking and payment channels remain secure and equipped with the latest security controls. The effort to combat financial crimes also requires the support of all parties. As consumers, each of us are responsible for protecting ourselves from the threat of scams.

The reality, however, is that methods used by criminals will continue to evolve. BNM therefore continuously intensifies efforts and take steps to combat scams by introducing additional controls and safeguards from time to time.

– BNM governor Tan Sri Nor Shamsiah Mohd Yunus

Read more : Bank Negara Malaysia Email Scam Alert!

Despite these efforts, it is critical that we must all learn to safeguard our personal information and avoid downloading files or installing applications from unverified sources on our computer or smartphones.

We should also check our bank and credit card statements, and notify the banks once we notice anything suspicious.

Those who believe that they are victims of a scam should contact the Commercial Crime Investigation Department Scam Response Centre at 03-2610 1559/1599 or BNMTelelink at 1-300-88-5465; and lodge a police report to facilitate investigations.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Business | CybersecurityTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

How To Turn On Two-Step Verification In Telegram!

Find out WHY you should turn on two-step verification in Telegram, and HOW to do that!

 

Why You Should Turn On Two-Step Verification In Telegram?

Two-Step Verification is a feature that protects your Telegram account from being hijacked by hackers and scammers.

It blocks illegal takeover of Telegram accounts, by requiring a secret password that only you know. And it lets you recover your account via email.

This prevents hackers or scammers from taking over your Telegram account, even if you accidentally share with them the login code.

Read more : Beware Of Telegram Screenshot Hack + Scam!

 

How To Turn On Two-Step Verification In Telegram!

In this guide, I will share with you how to turn on two-step verification in Telegram.

Step 1 : Open Telegram.

Step 2 : Go to Options > Settings > Privacy and Security.

Step 3 : Tap on the Two-Step Verification option.

Step 4 : In the Two-Step Verification screen, tap on the Set Password option.

Step 5 : Key in your preferred password, which can be any combination of capital or small letters and numbers.

Step 6 : You will need to key the same password again, to confirm it.

Step 7 : Next, you can create a hint to remind you of your password. This is optional, and you can skip it if you prefer.

But if you key one in, the hint will be displayed whenever you are asked to key in the password in the future.

Step 8 : After that, you will have the option of adding a Recovery Email address, just in case your account is hijacked.

This is optional as well, but I highly recommend you add a recovery email, which is simply the email address you use.

Step 9 : If you entered a Recovery Email address, Telegram will now send you an email with a 6-digit code to verify that email address.

Step 10 : Look for the Telegram verification code email, and key in the 6-digit verification code.

That’s it! You’re done! From now on, you will be required to key in the password whenever you log into a new device.

This will prevent hackers / scammers from taking over your account, even if you accidentally give them the Login code you receive by SMS.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Cybersecurity | Software | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Beware Of Telegram Screenshot Hack + Scam!

Watch out for the Telegram screenshot hack and scam! Find out how the Telegram screenshot hack and scam works, and what you can do!

 

Telegram Screenshot Hack : New Twist To Old Trick

My friend just got hit by the Telegram screenshot hack, and the hacker is now trying to scam everyone on his contact list!

The Telegram screenshot hack is a new twist to an old trick, and here is how they do it…

Step 1 : Identify A Suitable Target

After obtaining a legitimate Telegram account through phishing or other means, the hacker reads through the messages to identify a suitable target – usually a close friend whom you often chat with, and trust.

For the purpose of our example, the hacker stole your friend’s Telegram account and has identified you as a suitable target.

Step 2 : Attempt To Login From Another Device

The hacker installs Telegram in another device and attempts to log into your account. He only needs the your phone number to do that.

The login attempt triggers Telegram to send a Login code to the your registered devices to authenticate the login. Usually, that’s the Telegram app in your smartphone.

Step 3 : Ask For A Screenshot Of Telegram

Traditionally, this is when the hacker will use your friend’s Telegram account to message you and ask for that Login code. However, asking for the Login code may trigger suspicion, so hackers have now come up with a new twist.

Instead of asking you for the Login code, the hacker will use your friend’s Telegram account to ask you to take a screenshot of your Telegram app and send it to him.

What harm is there? After all, many of us take screenshots and share them with family, friends and even on social media!

The problem is – the screenshot will accidentally reveal your Telegram Login code! Take a look at the actual screenshot my friend sent – it clearly shows the Telegram Login code!

Step 4 : Terminate All Other Sessions

The hacker will immediately use the Login code to log into your Telegram account on his device.

Then he will terminate all other sessions from that Telegram account, which means you get logged out from your Telegram app on your own smartphone!

Step 5 : Change Password

To prevent you from logging back in, and terminating his Telegram session, he will change the password.

Step 6 : Scam Your Friends

Now that the hacker gained control of your Telegram account and locked you out of it, he is free to scam your friends.

In this case, my friend’s contacts all started getting pleas to borrow money for some kind of emergency. The hacker will, of course, promise to pay you back quickly.

Your unsuspecting friends may not realise that this is not you that they are talking to, and may end up sending the hacker money.

In this case though, my friend managed to quickly alert us via WhatsApp that his Telegram account was hacked, so we didn’t tall for the scam.

One of his friends toyed with the scammer, and obtained the bank details. That is obviously not my friend’s name or account number!

 

Telegram Screenshot Hack : How To Prevent It?

Now that you know how the Telegram screenshot hack works, you can pretty much figure out how to prevent it.

Here is my quick summary for those who didn’t go through the whole process above :

  1. Do NOT send anyone your Telegram Login code. Not even anyone claiming to be working for Telegram.
  2. Do NOT send anyone a screenshot of your Telegram app. Even if it’s not a scam, it reveals portions of your chats!
  3. Turn on Two-Step Verification in Telegram. This lets you recover your account, even if you accidentally let someone take over your account.

Read more : How To Turn On Two-Step Verification In Telegram!

 

Telegram Screenshot Hack : How To Recover Your Account?

If you failed to turn on two-step verification, there is still a way to recover your Telegram account after it is stolen by a hacker.

For these steps to work though, you need to have access to your phone number. You must also do this quickly, as the hacker will be alerted to your attempt.

Step 1 : Open Telegram.

Step 2 : Log into your Telegram account using your phone number.

Step 3 : You will be asked if you have the correct number. Click Yes.

Step 4 : Telegram will send a 5-digit code to all your devices with Telegram installed. You won’t receive it since the hacker has already terminated all other sessions.

Step 5 : Click on the option just above the keypad – “Send the code as an SMS“.

Step 6 : You will now receive an SMS with the 5-digit code. Key it in, and you will now have access to your Telegram account.

Step 7 : Go to Options > Settings > Privacy and Security.

Step 8 : Scroll down and tap on Devices.

Step 9 : Tap on the option – Terminate All Other Session – to boot out the hacker.

Bonus Step : Turn on Two-Step Verification to prevent this from happening again!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Cybersecurity | Software | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Can Greeting Photos + Videos Hack Your Phone?!

Can hackers use greeting photos and videos to hack your phone, and steal your data?

Take a look at the viral claim, and find out what the FACTS really are!

 

Claim : Greeting Photos + Videos Can Hack Your Phone!

People keep sharing this warning about greeting photos and videos, which claims that they can hack your phone and steal your data.

It’s a long message, so just skip to the next section for the facts!

Hello Family and friends,

Starting tomorrow, Please do not send network pictures. Look at the following article to understand. I’m going to stop too.

Please delete all photos and videos of Good morning, Evening and other greetings and religious messages as soon as possible. Read the following article carefully and you will understand why.

Read all! Please send this message urgently to as many friends as possible to prevent illegal intrusion.

 

Truth : Greeting Photos + Videos Cannot Be Hack Your Phone!

Many of us get spammed with Good Morning, Good Afternoon, Good Evening photos and videos every day from family and friends.

While they often clog up Facebook, Telegram and WhatsApp groups, they really cannot hack your phone. Here are the reasons why Good Morning messages are very irritating, but harmless…

Fact #1 : Shanghai China International News Does Not Exist

The news organisation that was claimed to be the source of this warning – Shanghai China International News –  does not exist!

Fact #2 : Greeting Photos + Videos Not Created By Hackers

Hackers (from China or anywhere else) have better things to do than to create these greeting photos and videos.

They are mostly created by websites and social media influencers for people to share and attract new followers.

Fact #3 : No Fraud Involving Greeting Photos / Videos

There has been no known fraud involving Good Morning or Good Night messages, videos or pictures.

Certainly, half a million victims of such a scam would have made front page news. Yet there is not a single report on even one case…. because it never happened.

Fact #4 : Image-Based Malware Is Possible, But…

Digital steganography is a method by which secret messages and other data can be hidden in digital files, like a photo or a video, or even a music file.

It is also possible to embed malicious code within a Good Morning photo, but it won’t be a full-fledged malware that can execute by itself.

At most, it can be used to hide the malware payload from antivirus scanners, which is pretty clever to be honest…

Fact #5 : Image-Based Malware Requires User Action

In January 2019, cybercriminals created an online advertisement with a script that appears innocuous and would pass any malware check.

However, the image itself has an “almost white” rectangle that is recognised by the script, triggering it to redirect the user to the cybercriminals’ website.

Once there, the victim is tricked into installing a Trojan disguised as an Adobe Flash Player update.

Such a clever way to bypass malware checks, but even so, this image-based malware requires user action.

You cannot get infected by the Trojan if you practice good “Internet hygiene” by not downloading or installing anything from unknown websites.

Fact #6 : Malicious Code Executes Immediately

If you accidentally download and trigger malware, it will execute immediately. It won’t wait, as the hoax message claims.

Deleting Good Morning or Good Night photos or videos will free up storage space in your phone, but it won’t prevent any malware from executing.

There is really no reason for malware to wait before it infects your devices. Waiting will only increase the risk of detection.

Whether the malware serves to take over your device, steal your information or encrypt it for ransom, it pays to do it at the first opportunity.

Now that you know the facts, please SHARE this article with your family and friends!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | CybersecurityTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Malaysia Police Denies Running Political Troll Farm!

The Royal Malaysia Police (PDRM) denies running a troll farm to corrupt or manipulate public discourse!

Here is what you need to know!

 

Meta Accuses Malaysia Police Of Running Political Troll Farm!

On 4 August 2022, Meta directly named the Royal Malaysia Police (PDRM) as being responsible for a troll farm designed to “corrupt or manipulate public discourse“.

Here were the key findings that the Meta team revealed about the individuals behind the PDRM troll farm :

  • They were active on Facebook, TikTok, Twitter and Instagram.
  • They posted memes in Malay, in support of the current government coalition
  • They posted claims of corruption amongst the current government coalition’s critics
  • They created Facebook Pages that posed as independent news entities, and promoted police while criticising the opposition.
  • Their posting activity were greatest during weekdays, taking breaks for lunch.
  • Their fake accounts were under-developed, and some of them used stolen profile photos.

The troll farm was initially suspected to have originated in China by researchers at Clemson University in South Caroline. But when the Meta team investigated it, they found links to the Royal Malaysia Police (PDRM).

Read more : Meta Accuses PDRM Of Running Political Troll Farm!

The Meta team also revealed that the PDRM troll farm spent about $6,000 (~RM26,750) in Facebook and Instagram ads, paid for primarily in Malaysian Ringgit.

They also shared how successful the PDRM troll farm was in garnering followers on Facebook and Instagram :

  • Facebook Pages : About 427,000 accounts
  • Facebook Groups : About 4,000 accounts
  • Instagram Accounts : About 15,000 accounts

As a result of their investigation, Meta removed 595 Facebook accounts, 180 Pages, 11 Groups and 72 Instagram accounts that were linked to this PDRM troll farm, for violating their police against “coordinated inauthentic behavior“.

What Is Inauthentic Behavior?

Inauthentic behaviour (IB) as an effort to mislead people or Facebook about about the popularity of content, the purpose of a community (i.e. Groups, Pages, Events) or the identity of the people behind it. It is primarily centered around amplifying and increasing the distribution of content, and is often (but not exclusively) financially motivated.

IB operators typically focus on quantity rather than the quality of engagement. For example, they may use large numbers of low-sophistication fake accounts to mass-post or like their content — be it commercial, social or political. They often use tactics similar to other large-scale online activities, like spam.

This behavior pattern distinguishes IB from Coordinated Inauthentic Behavior (CIB) where operators invest in mimicking human social activity as closely as possible.

 

PDRM Denies Meta Accusations Of Running Political Troll Farm!

On 6 August 2022, PDRM issued a short notice (with my English translation) stating that it takes Meta’s allegations seriously, denies them, and is currently gathering information about those allegations.

Penafian PDRM Atas Dakwaan Syarikat Meta Platforms Incorporated

Police Diraja Malaysia (PDRM) memandang serius laporan pihak syarikat Meta Platforms Incorporated yang mendakwa terdapat akaun-akaun palsu di media sosial yang “mempunyai hubungan dengan PDRM”.

PDRM menafikan dakwaan tersebut dan sedang mengampul maklumat lanjut mengenainya.

PDRM Denies Allegations By Meta Platforms Incorporated

The Royal Malaysia Police (PDRM) is taking seriously the report by Meta Platforms Incorporated which claimed that there are fake social media account “with ties to PDRM”.

PDRM denies these allegations and is gathering more information about it.

 

PDRM Troll Farm : Is That Even Legal?!

The Royal Malaysia Police (PDRM) enforces the laws of the country, including the Internet. In fact, they have a Cyber & Multimedia Criminal Investigation Unit under the Commercial Crime Investigation Department.

The PDRM works together with the National Cyber Security Agency (NACSA) to tackle cybersecurity threats, and these would include malicious influence campaigns.

All the more reason why it is both perplexing and troubling that Malaysia’s national police force has been linked to a troll farm designed to promote the current government coalition, while denigrating the opposition.

These are specifically the cybercrimes that NACSA should be looking out for, and the PDRM should be assisting them in arresting anyone in Malaysia who participated in such activities.

The PDRM will no doubt be under tremendous pressure to explain / refute Meta’s allegations.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Cybersecurity | BusinessTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Chinese Netizens Explode Over WPS Office Censorship!

Chinese netizens are incensed over evidence that WPS Office was monitoring and deleting their files!

Find out what’s going on, and what it means for the digital privacy of WPS Office users!

 

Chinese Netizens : WPS Office Is Monitoring + Blocking Our Documents!

Chinese company, Kingsoft, is under fire for claims that its productivity suite WPS Office is actively monitoring and deleting user documents that might displease Beijing!

At the heart of this issue is the WPS Cloud platform that works like Microsoft 365, allowing users to store their documents in the cloud, or locally.

Chinese netizens are alleging that WPS Office was actively monitoring their documents, and even deleting those that were detected to contain content that might displease the Chinese authorities.

One novelist who goes by the pseudonym Mitu, claimed that she was unable to access her unpublished 1.3 million character document. Not only was it blocked in her cloud storage, she couldn’t access the local copy using the desktop WPS client.

She was told that “the file may contain sensitive content and access has been disabled“.

Mitu shared her experience on Lkong – an online Chinese literature forum, and the social media platform Xiaohongshu, in late June 2022; and it only began trending in Weibo in early July after an influencer reposted her complaint.

A Weibo post on her complaint appears to have been deleted, but fortunately a screenshot was captured. This was the post in Chinese, machine translated into English :

Simply put, WPS seems to have some kind of sensitive word harmony function, Then after being detected, not only the ones stored on the cloud disk will be harmonized

According to the victim’s complaint, it is not only on the cloud, but also on local files. It’s hard to escape a harmony.

At present, according to some netizens, it may be checked after being saved.Sensitive words are detected and then determined to be files that may contain sensitive information,

Directly blocked, or it may be directly locked after being remotely detected by the background server local files There is no other way but to appeal (and it will be fixed in time) but this Is it remote from the server?

Now there is a lot of panic in the online literature circle, for fear that hundreds of thousands of words of manuscripts will be blocked overnight. Asking both online and offline harmony, many people re-use ms and writing pads write file

Mitu said she reported the problem to Kingsoft, which eventually apologised and restored access to the file within two days. The company admitted that “the file was not problematic”.

However, her story spurred other Chinese netizens to come forward with their own stories. A writer in Guangzhou who goes by the pseudonym Liu Hai also said that his WPS Office document of nearly 10,000 words was similarly blocked on July 1, 2022.

These incidents have sparked concerns about privacy in China. While the Chinese government routinely monitors and censors social media content, monitoring and blocking of personal documents would represent a new level of censorship in China.

 

WPS Office Admits Blocking File Access

After the online furore over claims that WPS Office deleted user files, the software developer issued a terse public statement on July 11, 2022.

It said that WPS Office does not delete the “user’s local files”, and that it was a misunderstanding. They only deleted the “online document link”, and blocked “others from access the link according to the law”.

Here is the Weibo post in Chinese, machine translated into English :

Statement on the exposure of online transmission #WPS will delete the user’s local files

A recent online document link shared by a user is suspected of violating the law, and we have prohibited others from accessing the link according to law. This has been misrepresented as #WPS delete user local files.

To this end, we specifically declare: WPS, as an office software developed for more than 30 years, has always put user experience and user privacy protection first.

WPS Office cleverly claims that it never “censors, locks or delete users’ local files”, which is technically correct but as Mitu and Liu Hai described, WPS Office blocks access to their users’ local files.

It was discovered that the files can still be opened by other software, like Microsoft Word or Tencent Docs. But the blocked files cannot be opened by WPS Office, even if they are stored locally (in the user’s computer).

It should be noted that Mitu never shared her file online. So WPS Office’s claim that they only blocked “others” from accessing the file is misleading.

 

WPS Office Not The Only Cloud Provider Monitoring Content

To be fair to WPS Office and Kingsoft, they are not the only ones monitoring content uploaded to the cloud. They just took things one step further by blocking access to local files.

By default, traffic to and from cloud-based productivity services like Google Docs, Microsoft 365 and WPS Office are not end-to-end encrypted.

That means they can and most likely are reading / monitoring EVERYTHING you type or upload. This includes files uploaded and stored in cloud-based storage services like Google Drive and Microsoft OneDrive.

That is the right of cloud service providers, because you are using their servers to store your content.

Google, for example, lists content that can be automatically removed and could even lead to a ban :

  • Account hijacking
  • Account inactivity
  • Child sexual abuse and exploitation
  • Circumvention
  • Dangerous and illegal activities
  • Harassment, bullying, and threats
  • Hate speech
  • Impersonation and misrepresentation
  • Malware and similar malicious content
  • Misleading content
  • Non-consensual explicit imagery
  • Personal and confidential information
  • Phishing
  • Regulated goods and services
  • Sexually explicit material
  • Spam
  • System interference and abuse
  • Unauthorized images of minors
  • Violence and gore
  • Violent organizations and movements

People need to be aware of this, and stop assuming that they have privacy on such cloud services, even if they paid to use them.

So it is not surprising that WPS Office monitors everything its users do. If they stopped at blocking access to the online files that contravened local laws, no one would bat an eye.

What is unusual though is that it also blocked access to the users’ local files! That means that their desktop and mobile apps were specifically designed to enforce a list of blocked files issued by WPS Office / Kingsoft.

If WPS Office / Kingsoft goes to that extent, does it mean that they would also alert the Chinese authorities about users producing content that displease them?

That is something everyone should think about, not just Chinese netizens who are justifiably concerned about WPS Office.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | Science | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Canada Internet Outage Due To Software Update, Not China!

The country-wide mobile and Internet outage in Canada was due to a software update, not hacking by China!

Take a look at the viral claim, and find out what the facts really are!

 

Claim : China Responsible For Mobile + Internet Outage In Canada!

Within hours of news breaking that Canada suffered a massive Internet outage, Vancouver Times posted a story claiming that the Royal Canadian Mounted Police (RCMP) identified China as the responsible party.

Vancouver Times also claimed that the RCMP will issue arrest warrants for the hackers responsible, who are connected to the People’s Liberation Army (PLA).

Chinese state hackers are responsible for a massive internet outage that paralyzed large parts of Canada, according to the RCMP. The federal police agency is in the process of issuing arrest warrants for several people they believe are connected to the People’s Liberation Army.

The RCMP will be holding a press conference in the next few days to announce the arrest warrants, according to sources. Canadian intelligence agencies are reportedly receiving guidance from the CIA and the FBI.

On Friday a widespread network outage from Rogers left many Canadians without mobile and internet service. The outages caused significant problems for police, courthouses, passport offices and other facilities.

The outage also disrupted services across retailers, courthouses, airlines, train networks, credit card processors and police forces, pushing many to delay business transactions. Many people were seen at Starbucks, trying to use their internet service.

The mainstream media and big tech want to hide the truth. Beat them at their own game by sharing this article!

Read more : FBI + MI5 Issue Joint Warning On Chinese Spying!

 

Truth : Canada Internet Outage Due To Software Update, Not China!

This is yet another example of FAKE NEWS created by Vancouver Times to generate page views and money from gullible people.

Fact #1 : Vancouver Times Is A Fake News Website

Vancouver Times is a “content aggregator” (copy and paste) website that is known for creating fake news to generate more page views and money.

To look legitimate, they copy and paste news from legitimate news organisations. To drive traffic, they create fake news, sometimes masked as “satire”.

To give themselves a veneer of deniability, they label themselves as a “satire website” in their About Us section.

Vancouver Times is the most trusted source for satire on the West Coast. We write satirical stories about issues that affect conservatives.

Here are some of their fake news that we debunked :

Fact #2 : Outage Only Affected Rogers Communications

On Friday, July 8, 2022, Canada was hit by a massive mobile and Internet outage that hit businesses, banks, and even police emergency lines.

However, it only affected Rogers Communications, and did not affect rivals like BCE, Telus and Shaw Communications.

The outage was extensive because Rogers is Canada’s leading telecommunications provider, with about 11.3 million wireless subscribers, and 2.25 million retail Internet subscribers.

Read more : Shanghai Police Data On 1 Billion Chinese Citizens Leaked!

Fact #3 : RCMP Did Not Blame China For Mobile + Internet Outage

The Royal Canadian Mounted Police did not blame China for Rogers Communications’ mobile and Internet outage.

This was made up by Vancouver Times to trigger right-wing conspiracy theorists, to go viral and draw more page views.

Fact #4 : Rogers Did Not Blame China For Mobile + Internet Outage

Rogers Communications themselves did not blame China for their mobile and Internet outage.

Fact #5 : Canada Confirmed Outage Was Not A Cyberattack

While the reason behind the outage was still unknown, a spokesperson for Canadian Public Safety Minister Marco Mendicino confirmed to CTV News that “the outage was not due to a cyberattack“.

Fact #6 : Rogers Confirmed Outage Due To Maintenance Update

On 11 July 2022, Rogers CEO Tony Staffieri apologised for the country-wide outage of its services.

He also said that the failure was due to “a maintenance update in our core network“. The maintenance work “caused some of our routers to malfunction early Friday morning“.

Fact #7 : Prior Rogers Outage Also Due To Software Update

This wasn’t the first time Rogers Communications’ network failed so drastically.

Just 15 months earlier – Rogers and its subsidiary, Fido, experienced a nationwide cellular service outage in April 2021.

That outage was ultimately traced to “a recent Ericsson software update” that “affected a piece of equipment in the central part” of their network, leading to “intermittent congestion impacting many customers across Canada“.

Fact #8 : It Would Have Been Considered An Act Of War

China attacking Canada’s mobile and Internet network would have been considered an act of war, if it was proven.

The Canadian government would at least have issued a strong statement, if not cut diplomatic ties with China and/or enact sanctions against the Chinese government.

Fact #9 : No One Else Reported This Story

China attacking Canada’s mobile and Internet infrastructure would have been major international news, reported across the globe.

Yet not only did no mainstream media cover this incredible story, it hasn’t even been reported in the usual conspiracy theory websites!

That’s because it was a fake story created by one publication – Vancouver Times, in their attempt to go viral again for more page views and ad money.

Fact #10 : There Is No Such Thing As A Publication Ban

Vancouver Times likes to use the “media blackout” claim, to explain why you can’t find any reputable media outlet reporting on China attacking Canada’s mobile and Internet infrastructure.

That’s utter and complete bullshit. No one – not a judge, not even the Canadian government – can control the worldwide media, or prevent anyone from writing about such an incredible story.

You can also be sure that even if the mainstream media in the Canada refused to run the story, it would have been reported by foreign media outlets, websites and blogs.

Yet, not a single foreign media outlet or online website published their account of this incredible story? That’s because IT NEVER HAPPENED…

Read more : Did Ghislaine Maxwell Just Commit Suicide In Prison?!

Fact #11 : Mainstream Media + Big Tech Would Have Loved The Hype

Vancouver Times is gaslighting you about how mainstream media and Big Tech want to hide the “truth” about China attacking Canada’s infrastructure.

They would all loved such shocking news, because it would have driven tons of traffic and engagement to their websites / platforms.

In fact, that was precisely why Vancouver Times created the fake story – to drive traffic, for the ad money.

Everything that Vancouver Times publishes should be regarded as FAKE NEWS, until proven otherwise.

Please help us fight fake news websites like Vancouver Times – SHARE this fact check out, and SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact CheckCybersecurity | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Shanghai Police Data On 1 Billion Chinese Citizens Leaked!

A hacker is selling data on a billion Chinese citizens, that he stole from the Shanghai national police database!

Find out what’s going on, and what this data breach entails!

 

Shanghai Police Data On 1 Billion Chinese Citizens Leaked!

A hacker who called himself “ChinaDan” posted in the Breach Forums that he hacked into the Shanghai National Police (SHGA) database and stole more than 23 terabytes of data.

He is offering to sell data on 1 billion Chinese citizens, including their name, address, birthplace, national ID number and mobile numbers, for 10 bitcoins – which is currently worth about US$204,285 / €200,227.

In 2022, the Shanghai National Police (SHGA) database was leaked. This database contains many TB of data and information on billions of Chinese citizen.

Databases contain information on 1 billion Chinese national residents and several billion case records, including: name, address, birthplace, national ID number, mobile number, all crime/case details.

He also posted a sample of 750,000 data entries from the three main indexes of the database, for potential buyers to evaluate.

 

Shanghai Police Database Left Unsecured For 14 Months!

ChinaDan claimed that the SHGA database was left unsecured on an Alibaba Cloud server. This was confirmed by several cybersecurity experts who had earlier stumbled upon the same database.

Even worse, the database was apparently left unsecured for at least 14 months! Vinny Troia – the founder of dark web intelligence first, Shadowbyte, said that he first discovered the SHGA database “around January” 2021.

Troia even downloaded one of the main indexes of the SHGA database, which contained information on nearly 970 million Chinese citizens (at that time).

And best of all – they made the data available to anybody who registers for an account!

The site that I found it on is public, anybody (could) access it, all you have to do is register for an account. Since it was opened in April 2021, any number of people could have downloaded the data.

Either they forgot about it, or they intentionally left it open because it’s easier for them to access. I don’t know why they would. It sounds very careless.

Read more : Did Hackers Release Pfizer + Moderna Vaccine Death Data?!

 

This Was Second Hack Of Shanghai National Police Database!

Bob Diachenko – a Ukrainian cybersecurity researcher – discovered the database independently in April, and noticed that the databased was attacked in mid-June by a hacker who copied the data, destroyed the copy on the server and left a ransom note demanding 10 bitcoins for its recovery.

By July 1, the ransom note disappeared, but only 7 gigabytes of data was available on the server, instead of the earlier 23 TB.

It is unknown if this data ransom “hack” was performed by ChinaDan, or a different hacker.

Diachenko said that the unsecured and exposed database continued to be used after that, until it was shut down over the weekend, after news of the data leak broke.

Maybe there was some junior developer who noticed it and tried to remove the notes before senior management noticed them.

This is shocking because it suggests that the database administrators were already aware of a prior breach, but did nothing to secure the database, or shore up cybersecurity measures.

Read more : Was Facebook Taken Down By 13 Year-Old Chinese Hacker?

 

Most Of China Affected By Shanghai Police Data Leak!

The Shanghai National Police data leak is currently the largest leak of public information ever.

It does not just cover people who live in, or have been in Shanghai. The database actually has information on over 70% of its 1.4 billion population in almost all counties in China.

The data contained information about almost all the counties in China, and I have even discovered data related to a remote county in Tibet, where there are only a few thousand residents.
– Yi Fu-Xian, a senior scientist at the University of Wisconsin-Madison

This massive data leak acutely demonstrates the risk of government collection of data. China notably collects a tremendous amount of data on its citizens, including digital and biological data through facial recognition, iris scanners, social media tracking and phone trackers.

Once such data is leaked, it is forever exposed, putting people at risk of scams, identity theft, or even extortion.

 

China Censors Coverage Of Shanghai Police Data Leak

The Chinese government and the Shanghai Police have both refused to comment on the massive data leak.

Instead, they started blocking related words on Weibo, like “Shanghai data leak”, “data leak”, “Shanghai national security database breach”, “1 billion citizens’ record leak”.

Censors have also scrubbed news on this data breach from WeChat, with one popular WeChat user telling his 27,000 followers that he had been summoned to be questioned by the police.

China’s major English-language media like CGTN, Global Times, Xinhua, etc. have also not published any story on the Shanghai police data leak, despite public interest and its wide-ranging consequences for China.

Read more : Chinese Media Accidentally Leaks Ukraine Censorship Order!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Cybersecurity | EnterpriseTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Scam Alert : Nespresso 2022 Mother’s Day Contest!

Please watch out for the Nespresso 2022 Mother’s Day contest scam!

Find out why it is just a SCAM, and WARN your family and friends!

 

Scam Alert : Nespresso 2022 Mother’s Day Contest!

People are now sharing the Nespresso 2022 Mother’s Day Contest scam on WhatsApp :

Nespresso 2022 Mother’s Day Contest

5,000 free coffee machines for your Mother!

 

Nespresso 2022 Mother’s Day Contest : Why This Is A Scam!

Many of us are in dire straits during this COVID-19 pandemic, having lost jobs, income or even loved ones.

Unfortunately, scammers are counting on our desperation to prey on us, using the same survey scam they have been using for years :

Unfortunately, this Nespresso contest is yet another SCAM that you should NEVER participate in!

  1. After you click on the link, you are taken to a page that looks like a genuine Nespresso contest page.
  2. You will be asked to answer three very simple questions.
    The answers are irrelevant – no matter what you answer, you are always allowed to proceed to the next step.
  3. You are then asked to share the promotion with 30 WhatsApp contacts, or 5 WhatsApp groups.
  4. Next, you will be asked to complete one of these tasks to receive the “free” Nespresso coffee machine :
    a) install an app, which is really a malware to send you advertisements, or
    b) enter your credit card details
    Needless to say – proceeding with this step will open you up to great risk of monetary loss. DO NOT PROCEED!
  5. If you install their malware, you will start receiving promotions, some of which will ask you to send an SMS to receive expensive free gifts like laptops and smartphones.
    If you proceed to send the confirmation SMS messages, you will be subscribed and billed for international premium SMS services.

So never click on such contest links, even if they were sent to you by a trusted relative or friend.

They would have certainly been fooled by the scam, so please warn them too!

 

How To Spot Scams Like The Nespresso Survey Contest!

Now, let me show you how to spot these scams next time!

If you spot any of these warning signs, DO NOT PROCEED and DO NOT SHARE!

Warning Sign #1 : Bad Grammar

Most of these scammers do not have a good command of the English language, so if you spot bad grammar, stay away.

Proper contests or events sponsored by major brands like Nespresso will have at least one PR or marketing person who will vet the text before allowing it to be posted.

Read more : Watch Out For Nestle 2022 Anniversary Phishing Scam!

Warning Sign #2 : Offering You Free Money Or Gifts

Please do NOT be naive. No one is going to give you money or free gifts just to participate in a survey!

Petronas isn’t going to give you FREE money, just because it’s their anniversary.

They are a corporation whose business is to make money, not a charity to give you free money.

Warning Sign #3 : Not Using The Real Jaya Grocer Domain

A genuine Petronas campaign would use their real domain – www.petronas.com.

Or they would run it off the official Petronas page on Facebook – www.facebook.com/petronas/.

If you see nonsensical domains like 0yjjg61.cn, 1eaf1rnbeef.top, ldxqw.bar, etc. that’s a sign of a SCAM!

Warning Sign #4 : Asking You To Forward The Offer

No brand will insist that you must share the offer with 5 groups or 20 friends on WhatsApp.

Do not click to forward their offer to your family and friends. They will not appreciate being scammed with your help!

Warning Sign #5 : Asking You To Download + Register An App

If you click through and joined the fake survey scam, you will eventually be asked to download and register for an app.

This is VERY DANGEROUS. Never agree to download and register for any unknown app from a website.

Always download your apps from an official App Store like Google Play Store (for Android smartphones) and Apple App Store (for iPhones).

Please help us fight scams like this and SHARE this article out!

And please WARN your family and friends!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | Home TechTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Watch Out For Nestle 2022 Anniversary Phishing Scam!

Please watch out for the Nestle 2022 Anniversary phishing scam!

Find out why it is just a SCAM, and WARN your family and friends!

 

Nestle 2022 Anniversary Phishing Scam Alert!

People are now sharing the Nestle 2022 Anniversary message on WhatsApp (translated into English) :

CONGRATULATIONS!

Your family has been chosen to receive a lucky drag for the Nestle 2022 Anniversary at the Nestle office.

This contest has been approved by the Malaysian court / police, with the cooperation of Bank Negera Malaysia (BNM).

The link attached to the a website with the following instructions :

  1. Winners must keep the PIN-CEK number as evidence for winner verification and prize collection
  2. There are two ways to submit the contest form – through WhatsApp or this website.
  3. The contest form must be completed with your details. Incomplete forms will be rejected by the sponsor without notice.
  4. Every valid application will be shortlisted. There is no limit to the number of applications.
  5. First Prize Winner : RM10,500
    Second Prize Winner : RM9,300
    Third Prize Winner : RM8,500
  6. To redeem your prize, just use your WhatsApp to :
    a) Fill in the Nestle winner application number
    b) Fill in your full name and identity card number
    c) Attach a clear picture of your BANK ATM CARD – front and back
    d) Go to the nearest ATM machine, and WhatsApp the details above to +60124181128

 

Nestle 2022 Anniversary Phishing Scam : How Does It Work?

The Nestle 2022 Anniversary phishing scam is DANGEROUS. Please warn your family and friends to AVOID it.

Fact #1 : There Is No Such Nestle Giveaway!

There is no such anniversary giveaway by Nestle Malaysia. There is no reason for Nestle Malaysia to give out so much money.

They are a business, not a charity. They are in the business of selling you products, not giving you money.

Businesses do sponsor giveaway contests, but they are generally low value. Nestle Malaysia, for example, is currently giving away RM30 Shopee vouchers.

Fact #2 : Nestle Would Not Use Free Websites

Nestle is a large multinational company. It would not be using free website services like Wix.

Nestle Malaysia has its own website (https://www.nestle.com.my/) and Facebook page (https://www.facebook.com/Nestle.Malaysia) where they post official contests and promotions.

Always verify if a contest is genuine by visiting the official website / social media page.

Fact #3 : Nestle Would Never Ask For Pictures Of Your ATM Card!

Nestle, and any legitimate brand, would NEVER ask you to send them pictures of your bank ATM card!

Sending the pictures of your ATM card will allow them to clone the card, or trick bank staff into giving the scammers access to your bank account.

NEVER EVER SEND ANYONE PICTURES OF YOUR BANK ATM CARD!

Fact #4 : Nestle Would Never Ask You To Go To An ATM

No legitimate contest would require you to go to an ATM machine to receive money.

NEVER TRUST ANYONE WHO ASKS YOU TO GO TO AN ATM MACHINE.

Fact #5 : Nestle Would Never Ask For Your PIN / TAC

Nestle would never ask you for your ATM card’s PIN or any TAC number you may receive.

Giving out those details is how scammers get access to your bank account.

NEVER GIVE OUT YOUR PIN OR TAC NUMBER!

Fact #6 : This Lets Scammers Withdraw Money From Your Bank Account

I know many of us are in dire straits during this COVID-19 pandemic, having lost jobs, income or even loved ones.

Unfortunately, scammers are counting on our desperation to prey on us, using such anniversary scams.

This particular Nestle 2022 Anniversary Scam is a real danger, because it will allow scammers to gain access to your bank account and withdraw money.

Also watch out for the other anniversary scams that I have covered over the years :

Please WARN your family and friends about these scams!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Cybersecurity | Business | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!