In the last few months, India has seen a rise in online scams and other related cyber crimes. A report says that a man from Mumbai recently lost Rs. 2.65 when he fell for an online scam while buying sweets. Last year, star Shubhangi Atre also lost Rs. 2.24 lakh to a scam like this one. These events show that no one is safe from cybercriminals and that even something as simple as buying candy can lead to losing your life savings. At this time, ShadowVault, a dangerous new Mac malware that can steal your private information, has appeared. To make matters worse, some bad players also distribute it among cyber criminals for a monthly fee of $500.
What is ShadowVault malware?
A report by Tom’s Guide says that ShadowVault is a piece of malware that steals information from open and vulnerable MacBooks. Guardz, a security research company, first found this malware in a dark web forum where cybercriminals looking for new malware hang out. In a blog post, the company wrote about how the malware works: “ShadowVault works silently in the background of compromised macOS devices, gathering all kinds of valuable information like login IDs, financial data, personally identifiable information, and more.”
The malware can also take passwords, credit card numbers, cookies, and other information from different browsers.
How malware gets spread
This malware is more dangerous because instead of one group of hackers making it and using it, ShadowVault is being distributed to other cybercriminals who need new malware to steal from innocent people. The story says cybercriminals must pay $500 (about Rs. 41,000) monthly to use this malware.
Rising online scams that you should know about
ShadowVault is just one type of malware and hacking scam that scammers use to steal money from people who don’t know what’s happening. Even though this malware-based attack doesn’t come up to the victim in person, online con artists do come up to people in person and trick them into giving them money. These scams can be as dangerous as any.
Just yesterday, an article in the Indian Express said that online scammers tried to sell a man a MNC pizza restaurant chain license. The man lost a whopping Rs. 1 crore.
In another such case, In March 2023, a 58-year-old man from Mumbai was trying to order sweets online, but ended up being a victim of an online scam, says Free Press Journal.
After calling what he thought was a candy store, he got a malware link on WhatsApp. He was told to follow the steps and pay for the candy with a credit card. After he chose the sweets, he was asked for his credit card information and an OTP to pay for them, which he gave. Soon, Rs. 1,280,000 was taken out of his bank account. When he called the WhatsApp number, he was told it was a mistake and that he would get his money back. He was also sent a new OTP for it. After he gave the code, another Rs. 1.28 lakh was stolen from the victim’s account.
A story from the Times of India says that on July 11, a Mumbai doctor was scammed out of Rs. 1.4 lakh when he tried to order 25 plates of samosas. This was a very similar situation.
How to avoid danger?
Now is the time to be careful and protect yourself from online scams or malware attacks. Once you fall for a trick, getting your data or money back is more complex, but staying away from them is much easier. Check these easy yet essential tips below.
1. Always ensure your device, whether a smartphone or a laptop, has the latest antivirus/security patch installed.
2. Never click on a link you receive on WhatsApp or similar messaging apps or emails unless you know the author. Check once still.
3. Try not to keep all your private information on the same device or network if you can; try to keep some of your most important files offline.
4. Keep two-factor security turned on at all times. Always keep changing your password. And your password should always be a random string of letters and numbers.
5. When buying online, always go through trusted channels such as Zomato and Swiggy or the store’s official website to place an order.