Cybersecurity news from
the Global Information Security Team
Buying something on Facebook Marketplace? Avoid using a debit card or cash transfer app. Cases of fraudsters accepting money and then not delivering merchandise are rising. BusinessDIT says more than 1 billion people use Marketplace, accounting for more than half of all e-commerce from social media.
Dallas is the latest of nearly 30 US cities and municipalities to be hit with ransomware this year. For two days, citizens could not use online police, fire, utility, and library services. Crooks used city-owned printers to convey their payment demands. Most ransomware attacks occur when an employee opens a malicious file attached to an email, but Reuters says a third-party vendor’s system was breached this time, giving hackers access to city computers once an employee signed in.
100,000 times every second, someone searches for something on Google. For the first time, the basic style that Google uses to display search results is about to change. The Wall Street Journal says Google will begin using AI to show social media conversations, videos from TikTok and Reels, and answers to questions — instead of just the “10 blue links” we’re used to.
The Smashing Pumpkins rock band paid a ransom to prevent their new album ATUM (pronounced "autumn") from being posted online by hackers. Somehow nine songs were stolen last fall before the mix was even final. Lead singer Billy Corgan told KROQ radio that the FBI got involved, found the hacker, and prevented the files from being leaked.
"One of the most prevalent threat actors in the United States is teenagers.”
— Charles Carmakal, CTO of Mandiant Consulting.
“Criminal syndicates are enticing those below 18 to be involved as they would be treated as juveniles with more lenient punishments.”
— Universiti Sains Malaysia criminologist Datuk Dr. P. Sundramoorthy
"Teens are incredibly effective social engineers; We've seen very young individuals break into some of the biggest organizations by leveraging these techniques that are hard to defend against."
— Ray Walsh, Digital Privacy Expert, ProPrivacy
Teens who become cybercriminals often have a passion for technology. They are recruited through dark-web job boards, forums like 4chan, gaming forums, or even while communicating with others in multiplayer games.
Teens start hacking because the challenge and fun entice them, sometimes by mistake. Some turn to cybercrime because of their beliefs regarding a specific issue, others to make money.
Criminal groups openly advertise open hacking positions using dark-web job boards and hacker forums and do not shy away from accepting anyone capable, regardless of age.
Ethical hackers aim to investigate the system or network for weak points that malicious hackers can exploit or destroy. They can improve the security footprint to withstand attacks better or divert them.
Parents can play a crucial role by encouraging ethical hacking and educating them on the consequences of cybercrimes. Many teens are enticed by money to be made as cyber criminals.
But there is a huge demand, with high-paying careers existing in cybersecurity. Teens can get the same thrill by helping prevent cybercrimes instead of committing them because the role of a defender requires much greater skill than an attacker.
Parents, here are resources you can use to help your great tech-oriented kid.
Click on the image to download and print the PDF.
Artwork created by generative AI
The Global Information Security Team is dedicated to keeping our company, you, and your family safe online. If you think you've clicked on a phishing email, an urgent text message, or received a suspicious voicemail, contact GIST at email@example.com.
“You keep telling us to set up multifactor authentication on our accounts. But how effective is it? Is it worth entering a code whenever I want to access one of my accounts?"
Multifactor authentication requires entering a unique code, like a number emailed or texted to you — plus your password — to access an account online. MFA isn’t foolproof but protects your accounts much better than just a password. Set up MFA everywhere an account involves sending or receiving personal information.
"I travel a lot and just read an alarming article about 'juice jacking.' How often does this happen?"
Last month, the Wall Street Journal printed an alarming story about hackers who steal information from travelers by tampering with outlets at airport recharging stations and intercepting data on devices. This rarely happens, but take common sense precautions. Bring your own charging cables (never use a cable you found lying around) and keep your device locked while recharging.
"I frequently get many of the same spam emails over and over, even after repeatedly marking them as 'phishing.' Is there anything I can do to stop this?"
Blocking the sender is one step, but since spammers frequently change email addresses, this will probably be frustrating. If the email is from a legitimate company, click the “unsubscribe” link at the bottom. Also, make sure the spam filter in your email app is turned on. You'll usually find it in “settings” or “preferences.” The stronger the setting, the less spam you'll get, but legitimate emails will more often wind up in your spam folder.
© 2023 Aware Force LLC | Cybersecurity cartoon © 2023 CartoonStock