Warm weather is phishing weather! That's when fraudsters try to get you to click on their fake phishing emails and texts. 9 times out of 10, this is the first step in a cybercrime. So be vigilant. Be suspicious. Be cyber aware!
All summer long, we'll bring you Summer Phishing Camp features to keep you aware and engaged in the latest phishing examples. Click on the arrow below to watch the new Summer Phishing Camp video.
from the NTSC
Keeping you safer as you work online
Spotting a fake email is getting easier because you know the clues. The subject is usually something urgent ("subscription canceled," "your card didn't go through," "check this immediately to confirm").
Have a look at this new example from Proofpoint. The actual email is on the left, and we've outlined clues that it's a fake on the right.
“Your Office365 trial is expiring,” warns the phishing email. Microsoft says scammers are sending fake emails instructing recipients to call an 800 number or the subscription will be renewed automatically. During the call, the user is instructed to visit a website, download, and then open an Excel spreadsheet to cancel future fees. Instead, the Excel sheet installs malware on the computer.
New York Times reporter Nicole Pelroth, who covered the recent ransomware attack against Colonial Pipeline, was asked what organizations can do to protect themselves. In an interview with the cybersecurity group NTSC, Pelroth said, “Two-factor authentication is the most important thing a company can do to stop ransomware attacks.”
In recent days, hackers have breached the computers of the northeast grocery store chain Wegmans, cruise ship operator Carnival Cruise Lines, automaker VW, and luxury automaker Mercedes-Benz. In all cases, sensitive consumer data was stolen including credit card information and email addresses.
How do I set up a phone number where my email provider can text me a message with a link to change my password?
Usually, you can do it at the top in an area called "settings." You must be logged in first. For Yahoo Mail, go to Settings > Account Authentication> Account Security. In Gmail, go to Security > Signing Into Google > Two-step authentication. For AOL Mail, go to account security > two-step authentication (click the box to turn it on). If you're still having trouble, go a web search on "two-factor authentication" and the brand of the email you're using.
I’ve gotten two recorded phone calls saying that my social security number has been compromised and I needed to press a number for more information. It sounded weird so I didn’t press anything — I just hung up. Was it fake?
Good move. Fraudsters love to claim they're from the government. Social security rarely calls you. If they do and you're suspicious, you should hang up and call social security directly. Or check your social security account online.
Is it safe to do my banking online?
From a technology standpoint, yes. Making bill payments through your bank is safe, too. Having said that, make certain your banking password is long and hard to guess. Also make sure it's only used for your bank account. Set up "two-factor" authentication, where the bank texts you with a one-time code (or calls you with a code) whenever you log in.
Aware Force Cybersecurity News • July 2021 a • Edition #123
Cartoon © 2021 cartoonstock.com
Original content © 2021 Aware Force LLC
Aware Force is a registered trademark