I’d like to make some smart references to the Coachella event, except that I’ve only heard of about six of the acts, one of them is named after a TV show and I mean, come on…”Swet Shop Boys”?
Instead, I’ll begin by pointing out that the last time I went to a music festival was in 2001, and there was a huge riot, a power generator exploded and set my tent on fire, and I was stranded on a hill at 2AM with half a dozen firemen holding axes. I am not the right person to ask, unless you want to know about sleeping in a ditch at 2AM with no tent due to it being a smoking pile of burnt ash.
I mentioned the exploded and very much on fire generator, right?
All well and good, but what we have here is a different kind of risk, in the form of a compromised database up for grabs on the Dark Web. The data swiped includes the following:
Usernames, first and last names, shipping addresses, email addresses, phone numbers and dates of birth.
You don’t even need to know Beyonce pulled out of the event to know this isn’t a good thing, as it opens the door to very personalized phishing attempts. Smooth criminals will no doubt fire off some fake refund/special festival deals at people who may not know about the breach, so it’s crucial we heal the world by ensuring word gets out about what happened.
If, after you’ve finished working 9 to 5, you become a calendar girl and spend a perfect day mapping out upcoming events for a nice Saturday in the park—and yes, this is the obligatory section jamming in as many song titles as possible, I won’t do it again—then you should keep one hand in your pocket, and the other pointing at dubious emails (Sorry. Sorry. Won’t do it again. And anyway, it wasn’t me).
The good news is, no payment information was compromised—but by the same token, cards can be canceled and replaced. It’s a bit trickier to replace the information swiped above, to varying degrees of difficulty and/or time-wasting inconvenience. Lots of techniques exist for spotting a fake mail and more often than not a few moments of fact checking works wonders.
If you’re off to Coachella this year, have a good time and remember to go directly to the source where all email missives are concerned. There may be dancing in the street in California, but the man who sold the world—and quite possibly your home address—is still in no immediate danger of having some Folsom city blues.
Chris “Martin” Boyd
Source: Malwarebytes Labs @ March 2, 2017 at 12:33PM