GoPro x.jpg

Cybersecurity news you can use

from the GoPro Cybersecurity Team.

Dec 1 Phish art.jpg

Year-End Email Scams

Scammers are customizing their end-of-the-year messages to steal your money and personal information.

Similarly, they can also impersonate managers who urgently request sensitive company information like staff members’ positions, hours, or banking details.  Check out these examples.

Year end phishing email wh.png
Year end Voicemail wh.png
00:00 / 00:19

Here's a voicemail message with instructions that back up the fake email.

Year end text wh.png

We're also seeing text messages and voicemail attachments instructing employees to provide information about jobs and personal financial information. 

Trust your instinct wh.png
Fake Text graphic.png
Cybersecurity Headlines.png
Dec 1 news heads.jpg

> The most common passwords in use this year are 123456 (or a variation of that), QWERTY, "password," and the person's first name. Nordpass says "OneDirection" (the musical group), "2021," and the person's birth year are also popular. Don't use easy-to-guess passwords! Instead, subscribe to and install a password manager on your personal devices.

> The online brokerage company Robinhood says email addresses for 7 million of its 19 million customers have been stolen in a cyber breach. CNBC advises Robinhood customers to consider freezing their credit, setting up credit alerts with one of the big three reporting agencies, or subscribing to a credit monitoring service. 

> Google Chrome users have a new tool to help them discover if their passwords are for sale on the dark web. If you use Google's Chrome web browser to store your passwords, go to, click on "Password Checkup," and follow the instructions.

GoPro x.jpg

Received a suspicious email

or think you've been phished?

Do not interact with the email or its sender.


Immediately let InfoSec know by clicking the Phish Alert Button in the Outlook dashboard or forwarding it to


Contact if you have been involved in any other cybersecurity incident or if you believe your data has been compromised.

Answers readers cybersecurity questions.png

"If someone sends you an email that says you should click the 'Validate' button to confirm your email address, is it spam?"

Probably so. Unless you recognize the sender's actual email address (the part that's between the "<" and the ">")...and the sender has a valid reason to ask...simply delete the email.

"My wife received an email from a friend, asking to purchase an Amazon gift card because the friend was having trouble getting it resolved through Amazon. She contacted the friend, who confirmed she didn't send the gift card email. So does my wife need to change her email password? Should her friend?"

Ignore requests to purchase gift cards. Your wife isn't at risk simply because she received a suspicious email. But her friend's address book was likely hacked, exposing all the addresses in it. Your wife's friend should change her email password right away. Google recommends creating a unique password at least 12 characters long for each email account. For an email account used for sensitive communications, Microsoft says the password should be 64 characters long!

"My question is — what does 'encrypted' mean? And what are 'cookies'?"

“Encrypted” means that information is converted into secret code as it leaves your computer. You (the sender) and those to whom you send it, are the only ones who can understand what you sent. Most email platforms, like Gmail and Outlook, are not fully encrypted. Websites whose addresses begin with “HTTPS”, such as banks and the IRS, are encrypted.


"Cookies" are small bits of data that are generated as you use the web. Cookies include usernames, passwords, and information about what you do when you visit websites. This information is stored in your web browser. Cookies don’t cause computer viruses, but they do identify your computer as well as personal information about you to the websites you visit.

Do you have a cybersecurity question?

Aware Force Cybersecurity News • December 2021 a • Edition #135

A Aware Force logo no gradient.png

Cartoon © 2021 Tom Fishburne | Marketoonist

Original content © 2021 Aware Force LLC | Aware Force is a registered trademark