Tag Archives: IRISS

Phishing Email Targeting Irish Revenue Service

Posted on by

Today I received an interesting email.  It was a phishing email purporting to be from the Irish Revenue Service.  It bore the good news that I was due a tax refund, €278 in fact. In these days of economic strife €278 could come in quite handy.  However, closer examination of the email reveals that it is an elaborate scam aimed at gleaning the credit card details of unsuspecting victims.

As you can see from the screenshot of the email below, the email imitates a revenue email quite well. It has the appropriate colour schemes and there are no spelling or grammatical mistakes. However, like most phishing emails it does not address me personally but rather has a generic greeting.

 When I examined the email the link behind “Irish Tax and Custom Refund” I find it leads to a website called revenue-ie.com.  Further analysis of this website shows that it is registered and located in China.  The headers of the email point back to an IP address in the United States.

The fake website also looks quite convincing and it is clear from the page that it is looking for people to enter their credit card details.  Interestingly these details also include the credit card security number and requests the password the victim may be using for the Verified by Visa or MasterCard SecureCode schemes. Other requested information could also be used by the criminals for fraud such as mother’s maiden name, date of birth and also the victim’s phone number.

Of course by entering your credit/debit card details simply means that those details will be in the hands of the criminals for them to plunder your account.  Given that most Irish credit/debit cards now use chip and pin will prevent the criminals from cloning those details on blank credit cards.  However, they can still use your details to purchase high value items from online stores and then resell them to generate money.  This probably explains why they request on the website that you wait for up to two weeks for your claim to be processed.

I reported the site last night to IRISSCERT and it now looks like it is offline.  This does not mean however that it may not appear again so remember;

  • Be suspicious of any unsolicited emails that contain links or attachments.  Do not click on those links or attachments without verify the authenticity of the email first.
  • Do not click on links in emails. Always open a website from within a browser by typing in the website addressed into the browser
  • Most banks, credit card companies, government departments will not send you emails requesting your financial details.
  • Keep your anti-virus software up to date
  • Keep your anti-spam service up to date. If you do not have an anti-spam solution contact your ISP or email provider as most of them offer this as a service.
  • You can always check to see if a website is a Phishing website by going to the Phishtank and checking whether the URL has been reported there.
  • You can check if a website contains any malicious content by using a service such as URLVoid or VirusTotal to check the website.

So it looks like we will have to rely on other means other than a refund from Revenue to fund our summer fun.

Call for Papers for IRISSCERT Conference Closing Soon

Posted on by

The annual IRISSCERT Cyber Crime conference is due to be held on November 23rd this year.  As usual the conference is an opportunity to learn about the latest threats in cyber crime and strategies to deal with those threats.  IRISSCERT has has its call for papers open for the past few weeks and it is due to close at 17:30 GMT on Friday the 22nd July.

If you have some thoughts, research or ideas that you would like to share in an open and trusted environment then you should submit your idea to the CFP form (MS Word Doc file) and send it to info@iriss.ie.

Remember cyber criminals are sharing their tactics, tools and other information on how to attack us, isn’t it about time that we shared our ideas so we can better defend ourselves?

Talking Computer Security

Posted on by

I was interviewed today on the Mooney show on RTE Radio 1.  The topic was about cyber crime and its impact on Ireland.  During the show we talked about the attacks on the CAO website, which I discussed previously, and also on the types of attacks that we see at IRISS-CERT

I also mentioned that there are numerous free anti-virus tools available for people to use on their home computer such as Microsoft Essentials.  There is also some good security information provided by Microsoft and also on the makeITsecure website.

We also discussed the upcoming cyber crime conference that IRISS-CERT is running on the 18th of November.  Registration is free and to register simply email info@iriss.ie with your details.  As mentioned on the show IRISS-CERT is also running a cyber challenge competition called HackEire.  If you feel you have the skills to beat our team and break into our systems then why not enter the competition.

The interview is now available online  with the segment approximately 18 minutes into the piece.

IRISSCERT Conference on Cyber Crime

Posted on by

IRISSCERT, (the Irish Reporting and Information Security Service) will be holding its annual conference on Cyber Crime in the D4 Berkley Hotel on November the 18th.  The event looks to be very interesting especially as attendance will be free.  

 This all day conference will focus on providing you with an overview of the current cyber threats facing businesses in Ireland and what you can do to help deal with those threats.

Experts on various aspects of cyber crime and cyber security will share their thoughts and experiences with yousuch as representatives from;

In parallel to the above speaking sessions Ireland’s premier Cyber Security Challenge, HackEire, will be held to identify Ireland’s top cyber security experts.  HackEire will see 10 teams, up to a maximum of four people per team, compete against each other in a controlled environment to see which team will be the first to exploit weaknesses in a number of systems and declare victory.  The purpose the HackEire competition is to demonstrate how attackers could gain access to your systems and allow you to learn from the event on how to prevent such attacks from impacting your network.

The conference will be open to anyone with the responsibility for securing their business information assets.  There is no charge for those who wish to attend.

The IRISSCERT Annual Conference is an opportunity to not only increase your knowledge but also to meet and network with your peers in a relaxed environment.

If you are interested in attending please register at info@iriss.ie

Upcoming Speaking Engagements

Posted on by

We may be in the middle of the summer but already the calendar for the autumn is starting to fill up.   I will be presenting at Source Barcelona and also at BruCON in September.  For both of these seminars I will be talking about the lessons learnt from when I set up IRISS-CERT and how those lessons can be applied to those looking to set up their own incident response team.  While the topic may be similar the approach to each talk will be different. 

Source Barcelona has two tracks, one business and the other technical, and my presentation will be in the business track.  So the focus of that talk will be on the business aspects of setting up an incident response team.  Xavier Mertens gives a great overview of the different tracks in Source Barcelona over on his /dev/random blog.

BruCON is a more traditional technical security event and my presentation at that seminar will focus more on the technical aspects of setting up an incident response team and the tools, challenges and solutions one can face.

Also in September I will be speaking at the Cloud Computing Summit 2010 which will be held in Dublin.  I will be on a panel discussing issues surrounding the Security, Compliance and Regulatory requirements with cloud computing.

Then of course in November there is the IRISS-CERT Annual Cyber Crime conference.  Details have yet to be finalised regarding the speaker lineup but already it is looking excellent and it promises to be another exciting event this year.

Hopefully I will get to meet some of you at one of the above conferences.

Think You Know Computer Security?

Posted on by

Computer security conceptWell if you do then you should try the HackEire challenge being run by the Ireland’s CSIRT, the Irish Reporting and Information Security Service, as part of their annual Cyber Crime Conference.

The competition is open to teams of up to 4 people in each team.  IRISS have set up a dedicated network with a number of servers on it with each server containing a flag.  The winning team will be the one that gathers all the flags in the quickest time.

The purpose of the challenge is to not only identify Ireland’s top computer security attack team but to also serve as a demonstration as to how your systems can be compromised.  The lessons learnt from the exercise will help those who manage computer systems and networks to better protect and secure them.

So if you know your Nessus from your Nmap why not give it a go?  Entry to the HackEire competition is free as is entrance to the IRISS Cyber Crime Conference.

Upcoming IRISS CERT Conference on Cyber Crime

Posted on by

The Irish Reporting and Information Security Service will be holding its first annual conference on Cyber Crime.  The event looks to be pretty interesting especially as attendance will be free.  The following is from IRISS CERT‘s website:

IRISS will hold its first annual conference on the 19th of November 2009 at the D4 Berkley Court hotel.  This all day conference will focus on providing you with an overview of the current cyber threats facing businesses in Ireland and what you can do to help deal with those threats.

Experts on various aspects of cyber crime and cyber security will share their thoughts and experiences with you while a number of panel sessions will provide you with the opportunity to discuss the issues that matter to you most.  There will be a number of expert speakers on cyber crime including representatives from;

In parallel to the above speaking sessions Ireland’s first Cyber Security Challenge, HackEire, will be held to identify Ireland’s top cyber security experts.  HackEire will see 10 teams, up to a maximum of four people per team, compete against each other in a controlled environment to see which team will be the first to exploit weaknesses in a number of systems and declare victory.  The purpose the HackEire competition is to demonstrate how attackers could gain access to your systems and allow you to learn from the event on how to prevent such attacks from impacting your network.

The conference will be open to anyone with the responsibility for securing their business information assets.  There is no charge for those who wish to attend.

The IRISS Annual Conference is an opportunity to not only increase your knowledge but also to meet and network with your peers in a relaxed environment.

If you are interested in attending please register at info@iriss.ie

Survey on Information Security Metrics

Posted on by

Noel Comerford, one of the volunteers for the Irish CERT (IRISS) , is currently conducting some research work on the topic of Information Security Metrics as part of his MSc in Information Security.  Noel is trying to establish how widely used and how effective Information Security Metrics are within Irish organisations and has set up a survey to help him achieve this.

So whether or not you employ Information Security Metrics please take some time to take the survey so we can get a good overview as to how effective Irish organisations are at using Information Security Metrics.  

Noel hopes to publish the results in the autumn and the survey will remain open for answers until July 24th.

AIB Phishing Alert

Posted on by

090207_aib_phishing_emailThe Irish Reporting and Information Security Service (www.iriss.ie) have issued an alert regarding a Phishing attach against AIB customers.

Please do not respond to this email or indeed click on the link. Even though you may not enter your details the site could be infected with computer viruses and other malware.

If you have responded to the email please contact AIB immediately

Presenting at the Next ISACA Ireland Meeting

Posted on by

The next ISACA Ireland chapter meeting will be held on the 3rd of February in Deloitte & Touche’s offices on Earlsfort Terrace.  I will be presenting to the meeting on why I founded the Irish Reporting and Information Security Service.  During the presentation I will provide a background into why I felt it necessary for Ireland to have a CERT, what IRISS is and an overview of the incidents that we have dealt with since its inception in November 2008.

The meeting kicks off at 18:00 and will finish at 19:00, followed by refreshments.  If you wish to attend you should contact Suzanne Hughes on +353-1-4172894 or suhughes@deloitte.ie.  There is no cost for ISACA members but will cost €10 for non-members.

I hope to see you there.