Cybersecurity News from the
Aware Force Cybersecurity Team
Did Nexx make your garage door? Maybe you should stop using it. Motherboard says all the company's garage door openers use the same password - “anyone can open the garage doors belonging to others anywhere in the world!”
New cyberattacks are aimed at Microsoft Word, Teams, Excel, and PowerPoint users. Researchers say hackers send the victim a realistic-looking email with instructions to confirm a suspicious login attempt to their Microsoft account from Russia. A link in the email leads to the hacker’s website. Another scheme uses a “CAPTCHA” - where the user must confirm the letters in a scrambled image to convince the user that their Microsoft password is about to expire. In both cases, the user is instructed to enter their password to continue, which gives hackers access to any documents stored in their Microsoft account.
In recent days, a Samsung employee entered confidential meeting notes into ChatGPT, instructing the popular artificial intelligence app to summarize the notes. As a result, that confidential information is now available to anyone. Gizmodo emphasizes that any information uploaded to ChatGPT becomes part of its public database.
You're surfing the web...minding your own business...when suddenly:
This message appears on your computer monitor.
The warning claims the computer will be ruined if the user doesn't call for help immediately. But even though the notice looks genuine, it's a scam. The computer is not infected with a virus.
If this type of warning ever appears on your computer's screen, do not call the toll-free number. Instead, quit your web browser, re-launch it, and resume surfing.
• This virus warning uses the same technology as pop-up ads.
• Both Windows and Mac computers are affected.
• When you call for help, scammers charge your credit card to "remove the virus."
• Then they take control of your computer and install software that tracks everything you type.
• Protect yourself by installing and running anti-virus software on your personal computers.
“My home PC has Windows 8 and, as a result, I can't receive Windows updates anymore. I have anti-virus software installed on it. Is my computer still protected from malware and viruses while I decide which new PC to purchase?”
Your anti-virus software should still be able to protect your computer from known threats, but without regular security updates from Windows, your computer may be vulnerable to new threats that the antivirus software is unaware of. Keep using strong passwords and two-factor authentication, and don’t download attachments from emails you’re not expecting.
“I received $540.00 in my PayPal account from someone I do not know. A short time later, I received an email asking me to return the money, paid in error, by initiating a new payment to the sender. PayPal does not provide me with any method to refuse the money. What should I do?”
Contact PayPal customer support and explain the situation to them. They'll be able to provide you with guidance on how to proceed. Don't spend the money or initiate a new payment to the sender.
"My parents just got scammed. Early this morning, they received a phone call from someone claiming to be my brother (who lives in Alaska) and using his exact voice. Mom says there was no mistaking his voice, and she was sure it was him. Supposedly he needed bail money because he had gotten in a car accident and was arrested for DUI after taking NyQuil. After much ado, they were put on a phone with a “bonds agent,” who had them collect cash money - usually, they will warn you that banks are super worried about scammers, so make sure you tell them the cash withdrawal is for personal use or they will lock down your account. After they made their withdrawal - let’s say it was not an amount that can be comfortably misplaced - a person came to the house to pick up the cash. It wasn’t until after the exchange ended that my dad put it all together and called my brother, who was fine. I want people to know about this."
Scams involving fake voicemails will likely occur more often because of advances in artificial intelligence. AI technology can already mimic anyone simply by sampling their voice. Make a plan with your family. Establish a password you only discuss in person and mention on the phone during an emergency, and agree to use a video call to handle requests for money.
© 2023 Aware Force LLC | Cybersecurity cartoon © 2023 CartoonStock