While the response to Cowles’ tale has been a mix of praise and mockery, experts in online threats say it’s foolish to think you’re too savvy to never fall for a professional scammer. “The reality is, criminals perpetuating fraud—whether via phone, email, or social media—are very good at social engineering,” says Selena Larson, a senior threat intelligence analyst at security firm Proofpoint, who describes Cowles as “extremely courageous.”
Manipulative tactics the scammers used against Cowles are common. They include, Larson says, “making someone afraid for themselves or their families, making them excited or enticed by the possibility of money or romance, or any number of heightened emotions to push them into making decisions they otherwise wouldn’t.” To protect yourself from scams like the one that hooked Cowles, Larson suggests being on high alert for anyone trying to isolate you from people in your life, and don’t trust someone posing as a government employee or celebrity. “Forcing a sense of urgency,” like asking for money immediately, is also a huge red flag. “If people are worried they are being targeted by fraudsters,” Larson says, “they should immediately break off contact and report the activity.”
Or you can adopt Cowles’ new tactic: Never answer the phone.
Generative AI tools like ChatGPT are all the rage—including among hackers working on behalf of Russia, China, and North Korea, according to research published this week by Microsoft and OpenAI. While researchers note that they have “not identified significant attacks” that use large language models like those powering OpenAI’s ChatGPT, they did find widespread use of generative AI tools for research, reconnaissance, “basic scripting tasks,” and ways to improve code used to carry out cyberattacks. “Microsoft and OpenAI have not yet observed particularly novel or unique AI-enabled attack or abuse techniques resulting from threat actors’ usage of AI,” Microsoft wrote in a blog post outlining the research. “However, Microsoft and our partners continue to study this landscape closely.”
The US Department of Justice announced this week that it had disrupted a botnet controlled by APT28, a hacking group known as Fancy Bear that operates under Russia’s GRU military intelligence service. According to the DOJ, the hackers infected hundreds of routers used by homes and businesses with the “Moobot” malware, which the DOJ says is linked to a cybercriminal group. Fancy Bear hackers then used to Moobot to “install their own bespoke scripts and files that repurposed the botnet, turning it into a global cyber espionage platform,” according to the DOJ. To seize control of the botnet, the US government also used the Moobot malware to delete “stolen and malicious data” in the routers and then tweaked the routers’ firewalls to prevent the hackers from accessing them remotely. US attorney general Merrick Garland praised the operation in a statement as a successful effort to “dismantle the Russian government’s malicious cyber tools that endanger the security of the United States and our allies.”
Ransomware attacks frequently target hospitals, but few have had as widespread an impact as a strike against Romania’s health care system this week. Approximately 100 hospitals took their systems offline after attackers hit a popular hospital management system. Romanian officials say 25 hospitals had their data encrypted by the ransomware, which targeted the Hipocrate Information System (HIS) on the night of February 11. Another 75 hospitals voluntarily took their systems offline to avoid possible infection. The disruption has forced the hospitals to revert to paper records. The attackers, who have not yet been identified, demanded a ransom of 3.5 bitcoin, or around $180,000, to decrypt the files.