Security Updates: Possible Ticketmaster Breach & Fake Antivirus Websites
Most weeks there are stories of data breaches, ransomware attacks, spoofing, phishing, new malware threats, and more. It can be overwhelming trying to keep up with all of these threats, so we cover some of the larger ones that are likely to affect a great deal of people. The purpose of these posts is not to alarm, but rather to inform in hopes of protecting even a single person's data.
To that end, this post discusses a possible breach at Ticketmaster as well as fake antivirus websites tricking users into downloading malware.
Security Updates: Possible Ticketmaster Breach & Fake Antivirus Websites
The following are two current security threats that have the potential to affect a large amount of the population and knowing about them can help protect your data and privacy.
Possible Ticketmaster breach
Several articles have reported that Ticketmaster has likely suffered a data breach. Days ago an alleged database was offered up for sale and claimed to contain information about 560 million Ticketmaster customers and their credit card details. The group offering the alleged data for sale is the same group that was associated with the recent AT&T breach.
While this data breach has not been confirmed yet, there are things you still need to look out for and pay attention to.
What you can do:
- Always be careful of unsolicited emails and links within emails.
- If you have a Ticketmaster account, log into it and update your password to something you do not use with any other website or account.
- Additionally, if you have a Ticketmaster account, pay close attention to charges on the credit card associated with this account.
- Check Ticketmaster's website rather than wait for email notifications. This can help to prevent opening emails from spammers or clicking on suspicious or malicious links.
- Remember to set up multi-factor authentication anywhere it is supported!
Click the link for more information about the alleged Ticketmaster breach.
Fake antivirus websites
Several websites spoofing legitimate antivirus websites have recently popped up. The purpose of these is to trick users into downloading "antivirus software", which is really malware pretending to be legitimate antivirus software. This is a terrible trick to play on users who are attempting to protect their privacy and maintain the integrity of their data.
The fake websites include the following antivirus targets:
- Avast
- Bit Defender
- Malwarebytes
The fake websites make themselves appear to be the real deal, including links to free downloads of the "antivirus software". Unfortunately, this is not what users end up with. Instead, they end up with trojans or other malware.
What you can do:
One of the most important things you can do is go directly to the websites of antivirus software to look for their downloadable files. In the absence of that, when searching for antivirus software, or any application, make sure the links in the search results that you click on go directly to the company's domain, not some other third party. This can be tricky at times, but it is well worth the effort to be sure you are clicking on a legitimate link.
You will want to be sure that the URL contains the domain name. A subdomain, such as download.avast.com, would be fine. Whereas, avast-securedownload.com, which was actually used in this threat, is not okay. The most important part to pay attention to, and how you can tell this is not okay, is by looking at what is between any other period in the name of the URL and before the .com portion.
If Avast's domain is avast.com, then anything.avast.com belongs to Avast and is legitimate. Anything else with Avast in the name but with other items before the .com, such as the example above with avast-securedownload.com, is not the same domain, is not a subdomain, and is not controlled by Avast.
Click the link for more information about the fake antivirus websites.
New threats will continue to come. Sometimes they are things you cannot control, like the potential Ticketmaster breach. Other times, simply double-checking to be sure the actual domain is legitimately owned by the company you are trying to visit can be a very important step in protecting your privacy and data.
As always, doing what you can to protect yourself from being an easy target is definitely worth the effort!