{"id":33054,"date":"2024-04-01T12:34:31","date_gmt":"2024-04-01T10:34:31","guid":{"rendered":"https:\/\/www.kaspersky.co.za\/blog\/beekeepers-against-cybercrime\/33054\/"},"modified":"2024-04-01T12:34:31","modified_gmt":"2024-04-01T10:34:31","slug":"beekeepers-against-cybercrime","status":"publish","type":"post","link":"https:\/\/www.kaspersky.co.za\/blog\/beekeepers-against-cybercrime\/33054\/","title":{"rendered":"Beekeeper vs. cybercrime"},"content":{"rendered":"

Did you know that cybersecurity and\u2026 beekeeping<\/em> are like two peas in a pod? If not, you probably missed the introduction, back in 2019, of our bee-hive-oristic engine<\/a>, which protects ATMs from physical break-ins through integration with an actual beehive (while also providing the ATM\u2019s owners with honey, beeswax, and propolis). To implement the engine, we proposed training ATM maintenance workers and cash-in-transit personnel in applied beekeeping for information security.<\/p>\n

So, when the new movie with Jason Statham, The Beekeeper<\/a>, came out earlier this year, I knew right away it had to be about cybersecurity. And wouldn\u2019t you know it, I was right. Now, let\u2019s break down the cybersecurity cases shown in \u201cThe Beekeeper\u201d. Sure, there\u2019ll be spoilers, but come on, you don\u2019t watch a Statham movie for the plot twists now do you? It\u2019s all about the action, right?<\/p>\n

The main character, Adam Clay, is a retired beekeeper \u2014 in the sense that he\u2019s a former member of a beekeeper special-ops unit. The Beekeepers are a secret organization that answers to nobody, keeps order in the country, and follows the philosophy drawn from the book \u201cBeekeeping for Beekeepers\u201d. After retirement, Clay moves in with a sweet old lady, Eloise Parker, and devotes himself to his favorite pastime: beekeeping. That\u2019s right, Adam is a beekeeper. Literally. Breeding bees in his free time. (Look, I didn\u2019t write the movie, OK?) Of course, as usually happens in any Jason Statham movie, some bad guys show up, mess with Adam\u2019s loved ones, and then spend the rest of the movie trying to mess with the man himself \u2014 to no avail. All this happens against a backdrop of some sinister cybercrimes, which actually seem way more realistic than the action sequences.<\/p>\n

Vishing: robbery over the phone<\/h2>\n

The first to get stung is poor Eloise. One day, when she opens her list of banking transactions, she receives a well-crafted warning that her computer\u2019s hard drive is infected with two viruses. Very conveniently, the warning displays a tech-support number to help her get rid of the malware.<\/p>\n

Of course, it\u2019s scammers on the line \u2014 using their social engineering tricks to rob the poor woman blind. Here\u2019s how they do it: first, they convince her to visit the website friendlyfriend.net and download a certain app (which actually gives them control of the victim\u2019s computer). Then, as an apology for the inconvenience, the fraudsters promise to wire $500 to Eloise, but \u201caccidentally\u201d transfer $50,000 and ask her to return the excess. She seems to consider contacting the bank, but the guy on the phone convinces her he\u2019ll lose his job if she does, and persuades her to transfer the money directly. This is how the scammers get Eloise to enter her \u201cpassword for all accounts\u201d, which they promptly intercept and use to drain not only all her savings and retirement funds but also two million dollars from the charity fund she runs.<\/p>\n

Lessons from the vishing attack<\/h3>\n

Gotta hand it to the writers, they did their homework on online scams. The attack depicted in the movie combines real-life fake tech-support<\/a> and vishing<\/a> tactics with a clever twist \u2014 the \u201caccidental\u201d overpayment. Eloise is portrayed as a completely inexperienced user (precisely the type scammers target in real life), and she makes a bunch of mistakes we can learn from.<\/p>\n