GP.png

Cybersecurity news you can use

from the GP Cybersecurity Team

Stop Think Ask.png
00:00 / 00:42

Here's an actual fake voicemail some GP employees have received, warning them of imminent arrest. Yes, the message seems scary, but it's not real, even if the phone number appears to come from inside GP.

What should you do?
Stop — Think — Act

Cell 2.png
Cell 1.png
Cell 3.png
Cell 4.png
Vishing red.png

…is when a cyber crook calls or leaves a voicemail claiming to be from a reputable organization, demanding personal information or payment.

 

Sometimes, these cybercrooks can make it appear as though they're calling from a legitimate GP phone number. But they're actually "spoofing" your phone to make it appear that way.

 

We've had cases of GP employees receiving voicemails that threaten them with jail time, like the one below. 

Click on the button to listen. 

  • Even if the phone number of a threatening or urgent voicemail seems to be coming from inside GP, don't assume it's legitimate. Contact the employee directly. 

  • Don’t answer the phone if you don’t recognize the number. Let it go to voicemail.

  • If you do answer, don’t press buttons or respond to prompts.

  • Hang up as soon as you suspect the caller isn’t legit.

  • If the caller claims to be with GP, contact the department or the employee on your own to confirm.

  • For your personal smartphone, consider subscribing to one of the robocall-screening apps like Nomorobo, Hiya, RoboKiller, Truecaller, and YouMail.

Click on the thumbnail to download and print this guide to staying safe from vishing. 

Vishing _ GP.001.jpeg
Cybersecurity Headlines.png
Sept 15 News graphic.jpg

> Since January, there have been over 1.5 billion cyberattacks on smart home devices like wireless doorbells and lightbulbs, Bluetooth security cameras, and smart appliances. That's up 100% from a year ago! Crooks can use these smart devices to hack into home computers. Threatpost recommends using the devices' smartphone apps to update settings and changing passwords the devices came with. 

> USA Today says scammers are sending thousands of fake emails supposedly from the IRS about a "third round of Economic Impact Payments." The email instructs users to click a link to "re-enter banking information provided to the IRS" in order to receive a direct deposit. Instead, scammers make off with the user's bank login information.

> Employees are getting better at spotting cybercrime. One in three emails flagged by employees as suspicious this summer did, indeed, contain attachments designed to install ransomware on work computers. The cyber-research company F-Secure says words most often found in these dangerous emails include "warning," "your funds," and "this message is for a trusted..."

COVID is on our minds these days. And it's on scammers' minds, as well. 

They know we're worried, so they're playing on our fears. Here's a fake COVID email that seems to come from management with a warning to complete a vaccination form right away or there will be trouble. 

What the scammers really want is the username and password to a Microsoft Office 365 account so they can access the employee's work-related emails and documents. 

Here is the phishing email and clues that it's fake. You can control the movement of the red slider bar with your computer mouse. 

Phishing image from inky.com

GP.png

The Georgia-Pacific Cybersecurity Team is dedicated to keeping you and your family safe online.

 

If you think you've clicked on a phishing email, an urgent text message, or received a suspicious voice mail, alert your supervisor right away so we can check it out. 

One more thing.png
Answers to readers cybersafety questions.png

What does it mean when a website displays a button that says "Accept cookies?" What if I don't want to say yes?

If you accept cookies, you're giving that website permission to track what you do on the site, such as putting items in an online shopping cart. You're also giving the website's owners permission to sell that information to others. Some websites won't let you enter if you decline to accept their cookies. You're seeing lots more requests about accepting cookies these days because of strict new privacy laws in Europe. 

How do you protect yourself against fraudulent text messages? Just delete them and hope they stop?

Don't respond. That just confirms you're seeing the message. Also, blocking individual numbers is a waste of time because cyber crooks usually disguise the numbers they're calling from. Major cellular carriers offer plans designed to block spam text messages. The more powerful versions usually require a paid subscription. Smartphone apps like NoMoRobo and RoboKiller also block unwanted text messages for a monthly or annual fee. 

I believe there are fraudsters who record your voice when you answer a call in an attempt to access sites that use voice recognition access. is this true?

According to the website snopes.com, scammers can't do damage simply by recording your voice. What you might encounter is a scammer claiming they are recording your conversation as a way to intimidate you into paying a bill. Don't give threatening callers information about your bank account, credit, or debit cards. If you owe money, visit the website on your own to confirm and pay. 

Do you have a question about cybersecurity?

Thank you for your question!

Aware Force Cybersecurity News • September 2021 b • Edition #128

Cyber cartoon © 2021 cartoonstock.com

Aware Force A.gif

Original content © 2021 Aware Force LLC

Aware Force is a registered trademark