Cybersecurity news you can use
from the CCMSI Cybersecurity Team
Helping you stay safe as you work online.
Your social security payment is being cancelled because of Covid. Bummer. Just ignore the vishing voicemail.
…is when a cyber crook calls or leaves a voicemail claiming to be from a reputable organization, demanding personal information or payment.
Nearly 30% of all calls to mobile phones are vishing calls. Most fraudsters already know personal information about the victim, which makes them sound more credible.
Click on the buttons to listen to examples of vishing voicemails. Sound familiar?
Typical Covid vishing. Some callers promise Covid cures, others promise financial relief. Unfortunately, none are real.
Scammers calling for you: make $400 a day working for Amazon from home! Whopee! Unfortunately, Amazon knows nothing of this.
Don’t answer the phone if you don’t recognize the number. Let it go to voicemail.
If you do answer, don’t press buttons or respond to prompts.
Hang up as soon as you suspect the caller isn’t legit.
If the person provides a call-back number, search for the organization's official public phone number and directly call the organization in question.
If the caller claims to be with your employer, contact the department on your own to confirm.
Consider subscribing to one of the robocall-screening apps like Nomorobo, Hiya, RoboKiller, Truecaller, and YouMail.
> Since January, there have been over 1.5 billion cyberattacks on smart home devices like wireless doorbells and lightbulbs, Bluetooth security cameras, and smart appliances. That's up 100% from a year ago! Crooks can use these smart devices to hack into home computers. Threatpost recommends using the devices' smartphone apps to update settings and changing passwords the devices came with.
> USA Today says scammers are sending thousands of fake emails supposedly from the IRS about a "third round of Economic Impact Payments." The email instructs users to click a link to "re-enter banking information provided to the IRS" in order to receive a direct deposit. Instead, scammers make off with the user's bank login information.
> Employees are getting better at spotting cybercrime. One in three emails flagged by employees as suspicious this summer did, indeed, contain attachments designed to install ransomware on work computers. The cyber-research company F-Secure says words most often found in these dangerous emails include "warning," "your funds," and "this message is for a trusted..."
COVID is on our minds these days. And it's on scammers' minds, as well.
They know we're worried, so they're playing on our fears. Here's a fake COVID email that seems to come from management with a warning to complete a vaccination form right away or there will be trouble.
What the scammers really want is the username and password to a Microsoft Office 365 account so they can access the employee's work-related emails and documents.
Here is the phishing email and clues that it's fake. You can control the movement of the red slider bar with your computer mouse.
Phishing image from inky.com
What does it mean when a website displays a button that says "Accept cookies?" What if I don't want to say yes?
If you accept cookies, you're giving that website permission to track what you do on the site, such as putting items in an online shopping cart. You're also giving the website's owners permission to sell that information to others. Some websites won't let you enter if you decline to accept their cookies. You're seeing lots more requests about accepting cookies these days because of strict new privacy laws in Europe.
How do you protect yourself against fraudulent text messages? Just delete them and hope they stop?
Don't respond. That just confirms you're seeing the message. Also, blocking individual numbers is a waste of time because cyber crooks usually disguise the numbers they're calling from. Major cellular carriers offer plans designed to block spam text messages. The more powerful versions usually require a paid subscription. Smartphone apps like NoMoRobo and RoboKiller also block unwanted text messages for a monthly or annual fee.
I believe there are fraudsters who record your voice when you answer a call in an attempt to access sites that use voice recognition access. is this true?
According to the website snopes.com, scammers can't do damage simply by recording your voice. What you might encounter is a scammer claiming they are recording your conversation as a way to intimidate you into paying a bill. Don't give threatening callers information about your bank account, credit, or debit cards. If you owe money, visit the website on your own to confirm and pay.
Aware Force Cybersecurity News • September 2021 b • Edition #128
Cyber cartoon © 2021 cartoonstock.com
Original content © 2021 Aware Force LLC
Aware Force is a registered trademark