News

Finding the Best Place for Repairs After a Car Accident

Leave a comment

Being in a car accident is a scary thing. It is a risk that you take every time you get into a vehicle, but it is frightening beyond words when it actually happens. If you have been involved in an accident, the first thing to prioritize is your health and safety. After that, you can focus on getting the car repairs and auto glass replacement services that you need to be bale to use your car again. Then, you can visit Bengal Law website to hire attorneys.

Before we dive in to this there are some terms you need to know, for example, What is a write-off?

It’s a term commonly used when the insurance industry determines your vehicle to be a total loss. In other words, the cost to repair your vehicle after a collision is more than its value after subtracting the recycle or salvage value. In such cases, you can only make some money with an scrap car for cash service as mentioned before.

Ask How Long Repairs Will Take

When you find a shop for collision repair Lakewood CO, one of the first things that you should ask is how long repairs will take. While the time your car will be in the shop is just an estimation, you need to know what type of arrangements you should make for an alternate form of transportation.

Discuss Insurance Coordination

Many body shops are willing to work with your insurance company to make sure that you get ample coverage for your repairs. Most of the time, the auto repair shop will send an estimate to your insurance company, and the insurance company may pay them directly. Keep in mind that you will need to pay your insurance deductible before any repairs are made so that your policy will cover the rest, also if your insurance doesn’t cover. Make sure to get the most benefits with the insurances available at https://www.bestcarinsurancewsa.com.

When pouting a claim to get insurance or the responsible party to pay for damages and any medical bill you may need to put on a legal claim, Truck accident claims and lawsuits are multi-layered processes that involve. Hence, it is best to get the help of car accident lawyers from Brasure Law Firm for such legal matters. Gathering evidence to prove negligence and identify a liable party for your accident or injuries. Investigating your accident to determine how it was caused. Filing an injury demand letter when working towards a settlement with the defendant. To learn more about this topic, check this article named Why is a Truck Accident Lawyer Necessary After an Accident in New Haven?

Read Client Reviews

If you require windshield services but do not know of a reputable auto glass company, consider looking at online reviews. While you have to take some peoples’ opinions with a grain of salt, this can give you a good overview of the consensus about the place. Look at reviews across multiple platforms so you can get the most accurate information. You can also find cheap insurance for Toyota Corolla at sites like ZeCoverage.com.

When your car needs repairs, you are likely ready to get the ball rolling. Consider these three tips for getting your car in the shop as quickly as possible so that you can be back on the road safely.

Related Posts:

  • No Related Posts
Internet Security, News

ABS-CBN YouTube channels hacked by crypto scammers

Leave a comment

Two of ABS-CBN’s YouTube channels were reportedly compromised earlier today, November 3, 2020. ABS-CBN News and ANC 24/7, both actively airing news updates and have a huge number of subscribers – more than 10 million and 300,000 respectively, were taken over by some unknown hackers.

The two Kapamilya YouTube channels streamed a cryptocurrency video allegedly from Ripple falling out of love with your job. Those who are familiar with the live-streamed video would know that it’s not from the crypto giant proof of income. A simple google search would lead you to a number of reports associated to YouTube crypto scams that leverage on online video channels with high engagement and followers.

Netizen Jeffrey Paaño Lumabi shared screenshots of the Ripple crypto scams that were aired on both ABS-CBN News and ANC 24/7 channels before they both went offline.

ABS-CBN immediately coordinated the security incident to YouTube who took down the accounts leaving hundreds of netizens confused with what really happened to the online news channels. There were initial speculations that YouTube terminated them due to certain violations of their terms of service. Others were even linking the incident to some political parties.

Cyber Security Philippines – CERT released an advisory saying that ABS-CBN’s YouTube account has been compromised linking it with other similar incidents wherein “Youtube accounts [are] being taken over, content wiped and most often used to distribute malicious and pornographic media, at worst, the attackers extorted money from the social media owners.”

Information security researcher and vlogger Japz Divino detailed on his latest vlog what might’ve happened behind the ABS-CBN compromised accounts. Reacting to his fellow vlogger who also got hacked by YouTube crypto scammers, the ethical hacker made use of the video as a sample scenario that possibly happened to any of the administrators of ABS-CBN News and ANC 24/7 YouTube channels.

ABS-CBN already released an official statement after their two accounts have been restored at around 4PM. The company confirmed that a security incident happened which took over their YouTube channels.

They, the Private investigators they hired, added that the investigation is still on-going and that they have implemented security measures to prevent this from happening again.

According to a separate report from Philippine Star, a YouTube spokesperson also confirmed the hacking incident on ABS-CBN’s two channels.

This security incident just shows how important it is to secure all our online accounts even if they’re not as risky as our financial accounts. Who would’ve thought that even YouTube channels are now being targeted to scam people, right?

Now that vlogging has become one of the most popular hobbies by both celebrities and non-celebrities alike, their owners should put an extra layer of security to ensure that their platform won’t be the next to air a YouTube crypto scam.

Related Posts:

data privacy, Internet Security, News, Phishing

Hackers target Alodia’s fans via Facebook phishing

Leave a comment

Fans of cosplayer and vlogger Alodia Gosiengfiao got targeted in a recent phishing scheme that harvests Facebook credentials. The hacker behind this attack got an idea after followers of Gosiengfiao started sharing their email addresses on her official Facebook Page.

Alodia initially announced on her Facebook Page a public invitation to join the online game Among Us. Her fans freely shared their email addresses on the post which also attracted hackers seeing the pool of accounts that they can phish.

Later that day, Alodia received a number of reports saying they can’t access the link sent to their email accounts. Upon further checking, the hackers are already in the move as they have sent out emails containing a malicious link.

In one of the screenshots shared by her follower, it showed the list of email addresses who received the phishing mail. It came from the Gmail account alodia[.]amongusgame[@]gmail[.]com to which Alodia denied sending. According to the social media star, her official email is alodia[@]gmail[.]com.

The Among Us phishing email asks recipients to join a Facebook Group via an embedded link. This embedded link actually redirects to a Facebook phishing page under this URL: hxxp://amongusgroupchat[.]byethost4[.]com/?id=facebook

Those who have successfully accessed the landing page specially via mobile may not have noticed the URL and have just willingly logged in using their Facebook credentials. Doing this only put their Facebook accounts in danger as the hackers behind this scheme just received their credentials on the backend.

Alodia already apologized to her followers and shared screenshots of the malicious email. Her fans, on the other hand, suggested options where she can securely gather information for any future invitations.

For those who have received the email, clicked the phishing link, and logged in with their Facebook credentials, we strongly suggest to update your passwords and enable 2FA.

As of this writing, Google already blocks the phishing URL.

Related Posts:

Internet Security, News, Phishing

BDO smishing continues

Leave a comment

New variants of text-based phishing messages aka smishing have been seen recently online with quite a number of netizens posting screenshots of what they’ve received supposedly from BDO.

Earlier this week, BDO released an advisory on their official Facebook page warning their account holders of the increasing reports that they’ve been getting.

Did you receive this scam text? Scammers send out messages like this to thousands of mobile numbers, even to non-BDO customers. Alert your family and friends who may have also received the text.

Be smarter than a scammer. Do not click on this link that asks you to verify suspicious account activity.

Remember: We will never send you links to verify your account or to collect customer information. #BDOAntiScam

BDO Official Facebook Page

These smishing campaigns are not only being sent out via SMS. There were Facebook accounts (allegedly compromised) that were being used to spread the same messages via Messenger.

BDO has been the subject of online bashing for the poor service of their mobile app. This is most likely the reason why the scammers behind this recent surge of smishing targetted the bank.

It is worth noting as well that the people behind this scam is also the same ones targeting UnionBank customers. One netizen shared a screenshot of an SMS he received last month supposedly from UnionBank. The same sender also sent a message with BDO phishing link this week.

Another variant of this smishing campaign makes use of a BDO-related URL but eventually redirects to a BPI phishing site.

We reviewed the domains associated in these variants and they’re all related to the same IP address that we reported last month.

Below are the new malicious banking domains associated with the IP 163[.]44[.]136[.]225:

Date RegisteredMalicious Domain
2020-10-12bdoonline-privacy[.]com
2020-10-13bdoonlinesecurity[.]com
2020-10-13onlinebdo-security[.]com
2020-10-05metro-bank[.]xyz
2020-09-16online-bdobank[.]com
2020-09-14onlinebdobanking[.]com

Related Posts:

Internet Security, News, Phishing

Rise of smishing attacks vs PH banks

2 Comments

A new active smishing campaign is targeting clients of Banco De Oro (BDO). The most recent report that we have received was just last night with almost the same content as those of the previous variants released this year.

Just this April, UnionBank clients were hit by the SMS-based phishing attack prompting the Aboitiz-led bank to release an advisory. Another wave of this attack was seen towards the end of August.

Ayala’s Bank of the Philippine Islands (BPI) was also not spared as cybercriminals sent out SMS with a malicious link when the pandemic-induced lockdown started in Metro Manila.

The culprits are now eyeing BDO. This turn may not be surprising given that the bank is one of the largest in the Philippines.

This recent surge of smishing attacks is obviously attributed to the increasing number of Filipinos relying on digital banking this pandemic. BPI, for instance, reported an increase to 90 percent of digital transactions versus 72 percent prior to the pandemic.

It seemed like the rise of smishing-related threats will continue. To note, when we were checking the BDO smishing sample, we found newly created domains that may have been bought for similar campaigns. Majority of these domains were malicious variants of UBP and BDO.

The following are the malicious banking domains associated with the IP 163[.]44[.]136[.]225:

Date CreatedMalicious Domain
September 13, 2020onlinebanking-bdo[.]com
September 8, 2020union-bankph-verify[.]com
September 5, 2020portal-unionbankph[.]com
September 1, 2020onlineunion-bank[.]com
August 31, 2020updateunionbankph[.]com
August 31, 2020update-unionbankph[.]com
August 30, 2020onlineunion-bankph[.]com
August 30, 2020banking-unionbankph[.]com
August 28, 2020bankingunionbankph[.]com
August 27, 2020verify-unionbankph[.]com
August 27, 2020verifyunionbankph[.]com
August 27, 2020www[.]metrobankph[.]info
August 27, 2020onlinebankingunionbankph[.]com
August 26, 2020onlinebanking-unionbankph[.]com
August 26, 2020ebanking-unionbankph[.]com
August 26, 2020ub-unionbankph[.]com
August 25, 2020www[.]metrobank[.]website
August 21, 2020secure-unionbankph[.]com
August 21, 2020unionbankph-secure[.]com
August 19, 2020unionbank-validate[.]com
August 17, 2020ph-unionbank[.]com
August 16, 2020unionbank-online.com[.]ph
August 16, 2020unionbankph-online[.]com
August 15, 2020unionbankph-upgrade[.]com
August 12, 2020www[.]bdoonline-security[.]com
August 10, 2020metrobankph[.]com[.]ph
August 8, 2020unionbankph-update[.]com
August 7, 2020unionaccount[.]info
August 7, 2020onlinebdo-getverify[.]com
August 4, 2020bdoonlinevalidate[.]com
August 3, 2020bdoonline-updgrade[.]webstarterz[.]com
August 2, 2020bdo-onlineverify[.]webstarterz[.]com
July 31, 2020bdoonline-verify[.]biz
July 31, 2020bdo-onlineverify[.]info
July 31, 2020bdo-onlineverify[.]xyz
July 31, 2020bdoupdate[.]webstarterz[.]com
July 31, 2020bdoonline-verifylogin[.]webstarterz[.]com
July 29, 2020bdoonlineupgrade[.]webstarterz[.]com
July 28, 2020bdogetverified[.]webstarterz[.]com
July 26, 2020www[.]onlinebdoverify[.]com
July 23, 2020onlinebdo-care[.]com
July 23, 2020bdo-online[.]ph
July 22, 2020onlinebdo-updates[.]com

The IP and domains were already reported to security vendors for blocking. We will also notify the involved banks regarding these findings for the active domains.

Credits: BDO FB Page (for the main photo) and Mr. James Chris Uy (for the BDO smishing copy)

Related Posts:

data privacy, Internet Security, News

Duplicate, fake FB accounts surge in PH

Leave a comment

A lot of Facebook users have been busy checking for duplicate accounts today as more Filipinos share posts on their timeline asking for help to report the fake profiles.

Initially, students and alumni of the University of the Philippines are assumed to be target of this massive social media cloning campaign. However, other random netizens started sharing proofs that they too have dummy accounts.

Facebook has yet to release a statement regarding the incident. This has been causing unnecessary panic online saying that these faceless dummy accounts might be used for fraud and other malicious activities.

The Department of Justice – Office of Cybercrime (DOJ-OOC) released an advisory earlier today encouraging everyone to report directly to them any related incidents. They also advised users to report the fake accounts to Facebook.

“Please be reminded that the intentional acquisition, use, misuse, transfer, possession, alteration or deletion of identifying information belonging to another, whether natural or juridical, without right, and with or without damage, is a crime denominated as Computer-related Identity-Theft, which is defined and penalized under Section 4 (b)(3) of R.A. No. 10175 or the Cybercrime Prevention Act of 2012,” says DOJ-OOC on their Facebook Page.

“Any person found guilty of the said offense shall be IMPRISONED for 6 years and 1 day to 12 years or shall be FINED at least Php200,000.00 up to a maximum amount commensurate to the damage incurred, or BOTH.”

Cybersecurity Philippines CERT also released a separate notice on their Facebook Page asking affected users to report the issue to the National Privacy Commission (NPC).

It’s still unknown whether this incident was initiated by paid online trolls to counter the massive calls to junk the Anti-Terrorism Bill or if this is a Facebook bug that got triggered after a recent update on the social media platform. What’s happening today though should be a wake up call to everyone to pay extra attention in securing their online accounts even in social media, that’s why using a reliable CDR technology can automatically remove potential threats for protection such as the one provided by Glasswall Solutions.

***Updates***

June 7, 2020: Facebook issued an official statement. The social media giant is already “investigating reports of suspicious activity on our platform and taking action on any accounts that we find to be in violation of our policies.”

NPC’s Privacy Commissioner Raymund Enriquez Liboro released a statement as well that they are “monitoring reports about the proliferation of alleged impostor FB accounts that have victimized Filipino data subjects.”

On a separate statement, the Department of Information and Communications Technology posted their statement via their official Facebook Page instructing their “Cyber Security Bureau to actively coordinate with law enforcement agencies and provide the necessary technical assistance on information sharing and analysis needed to address this matter.”

Photo Credit: https://about.fb.com/

Related Posts:

data privacy, Internet Security, News

San Beda University student portal hacked

Leave a comment

The student portal of San Beda University was hacked last June 4, 2020, according to an article published by Rappler. Hackers behind the attack are still unknown. The university has yet to release any statement as of this writing.

Per initial reports, San Beda’s student portal was defaced to get the attention of school’s officials. It looks like the hackers involved in this security incident may have been in contacts with the school. The defacement could just be a proof to let the school know that they are serious about their claims. The compromised student portal has since been taken down. Students used to access the portal to check for their grades.

The culprits posted this message on the defaced website: “Server Pawned. Greetings San Beda University! Do we have your attention now? We’re expecting from you. Don’t try to provoke us. This message may serve as a warning.” This is accompanied by a doomsday timer which will end in 7 days.

They also managed to hack the FB Page for Admissions Center of San Beda University where they also posted the same message.

On June 5, the hackers moved their warning page to GitHub and added a clickable Pandora’s Box button. By the looks of it, this button could lead to a page where the hackers keep the database that they may have obtained.

On June 6, the hackers updated the warning page in GitHub. The timer was set to 00:00:00:00 indicating that they are about to open the Pandora’s Box. This is even if the original doomsday counter says that the school has 7 days to do whatever the hackers are asking them to do. According to the pop up message that appears when you click on the button, the database will be opened anytime today, June 7.

The message was also changed with more information about what could’ve happened to the student portal. Based on the updated GitHub page, San Beda’s student portal has been logging all errors which contain user credentials in clear text format. This allowed the culprits to get hold of a whopping 400,000 user log ins between 2019-2020. They even went on providing evidence that they do have the credentials of the students, parents, faculty members and alumni who have accessed the portal within the mentioned duration.

The hackers are to leak this database publicly anytime today. It seemed like that they were pissed off with how the school officials treated their earlier warnings. The hackers may have been asking for a ransom for the information that they have and would like to keep the negotiation between them only. San Beda may have involved the authorities in the incident which forced the hackers to just leak the database.

San Beda University, like any other institutions in the country, is required to report the incident to authorities and regulatory bodies such as the National Privacy Commission (NPC). For instance, NPC requires institutions to send a breach notification with the agency and to the affected data subjects within 72 hours from the time of discover.

Students and other members of the San Beda University community who have accessed the portal are strongly advised to update their credentials specially if they’re using the same password on their other online accounts such as in social media platforms.

**Updates**

June 7, 2020: San Beda University released a statement saying “the apparent hacker got through the system set up by the third-party company that SBU had hired for their student portal, Princtech Company.” They have also reached out to the National Bureau of Investigation and NPC to probe the breach and other services from the Investigation hotline to help with this as well.

Photo Credits: Rappler.com

Related Posts:

Internet Security, News

CNU website defaced by FilTech Hackers PH

Leave a comment

It wasn’t just members of Pinoy Clownsec who are flexing their skills this quarantine season. Another local hacking group called FilTech Hackers Philippines is also out to prove that they too are still active.

FilTech Hackers Philippines defaced several subdomains of Cebu Normal University (CNU) today. The group didn’t mention any reason why they specifically targeted the institution apart from saying that they are also just bored.

IT staff of the Cebu-based university immediately took down the affected pages. The main page remained accessible as of this writing. CNU has yet to release a statement regarding the recent security issue.

FilTech Hackers Philippines did not just defaced CNU, the group also managed to get hold of a database that they later on posted in their Facebook Page. It’s quite confusing though because the group tagged it as a database of Central North University, a non-existent educational institution.

Apart from CNU, FilTech Hackers Philippines also defaced local classified ad website Gopiko.ph and the website of retail outlet Paseo Outlets.

We have reported this security incident to CNU, Gopiko.ph and Paseo Outlets. Should the affected parties decided to release an official statement, we will update this blog entry.

Related Posts:

data privacy, Internet Security, News

Pinoy Clownsec returns; defaces PNP, universities’ websites

1 Comment

It’s been a while since the last time we covered the hacking activities of Pinoy Clownsec. This year, their return coincides with the start of the general community quarantine in Metro Manila and other major areas in the Philippines. The group kicked off their so-called #OpQuarantine by defacing some websites of the Philippine National Police (PNP) and other universities all because they’re “bored”.

Among those websites that Pinoy Clownsec defaced today include the PNP-Case Information Database Management System (PNP-CIDMS), PNP-Computer-Based Training System (PNP-CBTS), Notre Dame of Dadiangas University, Tarlac Agricultural University (TAU), and Personal Collection Direct Selling Inc.

Pinoy Clownsec is also claiming that they were able to dump the databases from Land Transportation and Franchising Board (LTFRB) Transport Network Vehicle Services (TNVS) registration, PNP-CBTS, PNP-CIDMS, Pamantasan Ng Lungsod Ng Pasig, TAU, and Cebu Technological University.

On their Facebook Page, the group shared “This attack serves as a freedom of expression for those unjustified and inhumane execution of firearms and authority abuse to our fellow Filipinos that couldn’t even fight for their rights. Watching these all over the news makes our eyes sore, we PCS can’t just sit and watch our helpless Pinoy citizen to suffer from these policemen who keep abusing their powers to make these innocents to be criminals. We hope this attack serves as a bullet in your head and catch your attention as well. We will keep compromising everything we got in our hands and continue attacking you guys to leave a note that justice should be executed in the court not in your hand. How will you protect the others if you can’t even protect yourself.”

The content of the defacement has a different tone though. Pinoy Clownsec reasoned out that the hacking are merely because they’re bored and that they have nothing to do with their lives.

The group also invited more members in a Telegram group which was also embedded in the defaced websites.

We have reported this security incident to the involved parties.

Related Posts:

IT security and data privacy news at your fingertips!