The Internet Crime Complaint Center (IC3) issued a notice on May 8th that revealed a recent claim by the FBI and other agencies that cyber criminals are targeting travelers abroad through pop-up windows while they attempt to connect to the Internet in their hotel rooms.
Specifically, as travelers attempt to setup a hotel room Internet connection through their laptop, they are presented with a pop-up window that asks to update a widely-used software product. If the user clicks “accept and install,” malicious software downloads on the travelers’ laptops. The pop-up window appears to offer a routine update to a legitimate software product for which updates are frequently available.
The FBI recommends that those who travel abroad take extra caution before updating software products on their hotel Internet connection. For example: (1) check the author or digital certificate of any prompted update to see if it corresponds to the software vendor because that may reveal an attempted attack; (2) perform software updates on laptops immediately before traveling, and (3) only download software updates directly from the software vendor’s website if updates are necessary while abroad.
Anyone who believes they have been a target of this type of attack should immediately contact their local FBI office, and promptly report it to the IC3’s website at www.IC3.gov. By way of background, IC3 was established as a partnership between the Federal Bureau of Investigation and the National White Collar Crime Center to serve as a means to receive Internet related criminal complaints and to further research, develop, and refer the criminal complaints to federal, state, local, or international law enforcement and/or regulatory agencies for any investigation they deem to be appropriate. Since its inception, the IC3 has received complaints crossing the spectrum of cyber crime matters, to include online fraud in its many forms including Intellectual Property Rights matters, Computer Intrusions (hacking), Economic Espionage (Theft of Trade Secrets), Online Extortion, International Money Laundering, Identity Theft, and a growing list of Internet facilitated crimes.
To learn more about corporate espionage and how to protect your business, contact Norris McLaughlin’ Cyber Security & Data Protection Group at firstname.lastname@example.org.
Post originally published on eLL Blog.
Read related articles: