Keeping you safer online
Remembering just a few basic steps will prevent fraudsters from ripping you off at work and at home. Take a minute to watch the video below.
Hackers are stepping up computer attacks on cities and counties
Sharp-eyed employees are key to stopping these breaches
$500,000 in payroll money stolen from the city of Tallahassee, Florida
Real estate transactions, phones, city email, payment processing halted in Baltimore
Online residential bill payments unavailable in Akron
Access to municipal computers shut down in San Antonio
Pennsylvania state law enforcement databases unavailable to Allentown police
Computer operations halted in the city of Atlanta; potential cost: $17 million.
The treasurer of Ottawa, Canada sent $100,000 to a fraudster who masqueraded in an email as the city manager.
All those breaches have occurred this year. Hackers are targeting cities and counties with powerful ransomware that locks and encrypts computer files. Municipalities make attractive targets because of the large number of employees with access to computers that are linked to vital city systems.
The preferred method of attack: sending employees urgent, important-looking fake emails that appear to originate from within the city or county but are actually sent by fraudsters. These “phishing” emails are common because they’re so effective.
Simply opening an attachment in some emails triggers a ransomware virus that quickly spreads across the computer network and holds a municipality’s police, real estate, bill payment, and other systems hostage until a ransom is paid.
But the FBI generally advises cities and counties against paying the ransom because is no guarantee the files will be unlocked.
Here are examples of subject lines in phishing emails targeted at city and county employees:
Update to employee benefit plans
Revised vacation schedule
Payroll information attached
HR department announces new employee policies
Updated information about staffing
Urgent: update your beneficiary information
Important tax notice
Employees are the best-defense against ransomware. Use your instinct. Don’t open an email — particularly an urgent one — unless you’re expecting it.
WHEN IN DOUBT, TOSS IT OUT: A fake email making the rounds warns readers they’re facing a lawsuit by “the city”. The email refers to a real law firm and instructs the reader to open the attached Word doc within seven days to learn details about the legal dispute. Krebs on Security says simply opening the document will infect the user’s computer with a sophisticated virus.
WHAT’S A GMAIL PASSWORD WORTH TO A SCAMMER? According to Google and the University of California, on average, $384. Protect your valuable email account with a long password that can’t be guessed and use that password exclusively for your email account.
The IT team in Richland County is committed to keeping you and your family safe online, at work and at home.
We're sending you Aware Force as a resource to keep you informed and alert about cybersecurity threats that are growing in number and complexity.
In the upcoming edition of Cybersecurity News from the Richland County IT team:
The two types of employees who are most apt to get hacked.
June 2019 a • Edition #71
Cyber Cartoon: All rights reserved Slane Cartoons Limited
Original content © 2019 Aware Force LLC
Aware Force is a registered trademark