fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Rideshare Account Hacker Faces up to 22 years in Prison

Rideshare Account Hacker Faces up to 22 years in Prison

A man pleaded guilty to fraudulently opening rideshare and delivery service accounts using stolen identity information sold on dark web marketplaces.

Flavio Candido da Silva, 36, resident of Malden, Massachusetts, has pleaded guilty to one count of conspiracy to commit wire fraud and one count of aggravated identity theft in a federal court in Boston.

The man is believed to be a leading actor of an 18-member team who stole identities and falsified documents to create false rideshare and delivery service accounts and then sold or rented them to other individuals.

Also Read: Vulnerability Management For Cybersecurity Dummies

The fraud scheme

The defendant obtained victim names, dates of birth, driver’s license information, and social security numbers (SSNs) on dark web marketplaces and used them to forge counterfeit documents.

The photographs used for circumventing the facial recognition checks used as protection measures in rideshare and delivery service provider systems were often taken directly by the actors.

For this purpose, the scammers intentionally caused a minor vehicle accident to exchange information with the victim or photographed the victim’s license while completing an alcohol delivery through one of the services.

“As a result of the scheme, Internal Revenue Service Forms 1099 were generated in victims’ names for income that conspirators earned from the rideshare and delivery companies,” reads the announcement from the Department of Justice.

In addition to the above, da Silva used GPS spoofing technology with bots to make it appear as if he was making deliveries.

This practice artificially increased his income and raised the amount of damages incurred to the victimized companies to about $200,000.

To prevent getting his accounts flagged for fraudulent activity, da Silva referred drivers to other co-conspirators and coordinated with them to ensure the submission of positive service feedback.

The sentence of da Silva and his co-conspirators will be announced on April 22, 2022. Wire fraud charges are punished by up to 20 years in prison, identity theft carries up to two years, while a fine of $250,000 or twice the gross gain/loss from the offense will also be considered.

Also Read: Compliance With Singapore Privacy Obligations; Made Easier!

A large-scale problem

The activities of da Silva and his co-conspirators are just an example of a widespread phenomenon that has turned gig workers into hacking targets.

Ever since the start of the pandemic and the emergence of a broad gig worker economy, hackers have been trying to get their hands on the accounts of rideshare and delivery workers to steal their hard-earned money.

The internet is full of social engineering examples against rideshare workers who lost their accounts and balances to hackers. So if you’re working as one, be sure to enable multi-factor authentication on your accounts and be careful with who you share personal information.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us