An anonymous reader writes:Indian police have arrested 70 people and are questioning hundreds more after uncovering a massive scam to cheat thousands of Americans out of millions of dollars by posing as U.S. tax authorities and demanding unpaid taxes, a police officer said Thursday. According to police in Mumbai, the yearlong scam involved running fake call centers which sent voice mail messages telling U.S. nationals to call back because they owed back taxes. Those who called back and believed the threats would fork out thousands of dollars to “settle” their case, Mumbai police officer Parag Marere said Thursday. The scam brought in more than $150, 000 a day, Marere said without giving a total sum. If the scam netted that amount daily, it would have made almost $55 million in one year. Some victims were also told to buy gift vouchers from various companies, and hand over the voucher ID numbers which the impostors then used to make purchases, Marere said. Police said they are likely to file charges against many of the 600 or more people still being questioned on suspicion of running the fake call centers, housed on several stories of a Mumbai office building. Read more of this story at Slashdot.
Continued here:
Fake Call Centers in India Scam Americans Of Millions
An anonymous Slashdot reader quotes the AP: All 800 police departments in California must begin using a new online tool launched Thursday to report and help track every time officers use force that causes serious injuries… The tool, named URSUS for the bear on California’s flag, includes fields for the race of those injured and the officers involved, how their interaction began and why force was deemed necessary. “It’s sort of like TurboTax for use-of-force incidents, ” said Justin Erlich, a special assistant attorney general overseeing the data collection and analysis. Departments must report the data under a new state law passed last November. Though some departments already tracked such data on their own, many did not… “As a country, we must engage in an honest, transparent, and data-driven conversation about police use of force, ” California Attorney General Kamala Harris said in a news release. It’s an open source tool developed by Bayes Impact, and California plans to share the code with other interested law enforcement agencies across the country. Only three other states currently require their police departments to track data about use-of-force incidents, “but their systems aren’t digital, and in Colorado’s case, only capture shootings.” Read more of this story at Slashdot. 
Slashdot reader MojoKid quotes an article from Hot Hardware: A security researcher for AVG has discovered a new piece of ransomware called Fantom that masquerades as a critical Windows update. Victims who fall for the ruse will see a Windows screen acting like it’s installing the update, but what’s really happening is that the user’s documents and files are being encrypted in the background… The scam starts with a pop-up labeled as a critical update from Microsoft. Once a user decides to apply the fake update, it extracts files and executes an embedded program called WindowsUpdate.exe… As with other EDA2 ransomware, Fantom generates a random AES-128 key, encrypts it using RSA, and then uploads it to the culprit. From there, Fantom targets specific file extensions and encrypts those files using AES-128 encryption… Users affected by this are instructed to email the culprit for payment instructions. While the ransomware is busy encrypting your files, it displays Microsoft’s standard warning about not turning off the computer while the “update” is in progress. Pressing Ctrl+F4 closes that window, according to the article, “but that doesn’t stop the ransomware from encrypting files in the background.” Read more of this story at Slashdot. 
Ransomware is “generating huge profits, ” says Cisco. Slashdot reader coondoggie shares this report from Network World: Enterprise-targeting cyber enemies are deploying vast amounts of potent ransomware to generate revenue and huge profits — nearly $34 million annually, according to Cisco’s Mid-Year Cybersecurity Report out this week. Ransomware, Cisco wrote, has become a particularly effective moneymaker, and enterprise users appear to be the preferred target. Many of the victims were slow to patch their systems, according to the article. One study of Cisco devices running on fundamental infrastructure discovered that 23% had vulnerabilities dating back to 2011, and 16% even had vulnerabilities dating back to 2009. Popular attack vectors included vulnerabilities in JBoss and Adobe Flash, which was responsible for 80% of the successful attacks for one exploit kit. The article also reports that attackers are now hiding their activities better using HTTPS and TLS, with some even using a variant of Tor. Read more of this story at Slashdot.