Last month, researchers discovered one of the most dangerous cybersecurity issues in history. It's a flaw in computer code used in critical software that experts are calling “Log4J.” Since Log4J was discovered, cyber pros have been working to fix it, trying to stay ahead of crooks who can exploit Log4J to break into computer networks around the world.
There's not much that consumers can do to help, except to avoid clicking on links in phishing emails and update the software running on their personal computers when alerted.
Here’s a short video about staying safe while cybersecurity teams work to knock out Log4J.
Cybersecurity news you can use
> Fake COVID websites: The US Department of Health and Human Services has launched the website covidtest.gov where anyone with a postal address can order free COVID tests. But scammers immediately launched fake sites like covidtestgov.us and freecovidtests.us to collect personal information and credit card numbers from unsuspecting visitors.
> Cybercrooks are sending out emails with links to stream the new Spider-Man movie, “No Way Home,” which is only playing in theaters. Cybersecurity firm Kaspersky says when purchasers provide credit card or bank account information, money is debited from their accounts, but the links never work.
> Hackers are also sending phishing emails that claim victims’ Twitter accounts must be updated or they’ll risk losing their "verified account status." Bleeping Computer says scammers then collect username and password information, lock users out of their Twitter accounts, and post dangerous links.
"I've used my credit card to make deposits required by service providers (e.g. veterinarian's office) to set up the appointment. They always ask for my card number, expiration date, and security code. It seems this is a sure-fire way to have my card fraudulently used. What can I do to prevent that?"
Check to see if your card will automatically text you every time it's used, showing the merchant name and amount charged.
"Can you recommend where to research a home firewall? I don't have $450 to spend on a turnkey system but I do want to be safe @ home!"
CNet, TechRadar, Consumer Reports, and PCMag are solid websites for researching technology products. By the way, you may not need a standalone home firewall because your Wi-Fi router already has one built-in. Consider installing a VPN and anti-virus software instead.
"In last month's cybersecurity news, you showed a video that recommended storing photos of my drivers' license, insurance card, and other personal documents on my phone and then password protecting my phone for safety. Isn't that dangerous?"
Good question. Using a face scan or fingerprint scan is a solid defense against someone breaking into your phone. A pattern lock, where you drag your finger along the screen to unlock the device, is the least secure method. Leaving your phone unlocked is dangerous because anyone who possesses the phone can easily access personal information stored on it.
Aware Force Cybersecurity News • January 2022 a • Edition #137
Spider-Man imagery © Sony Pictures
Cartoon © 2021 Tom Fishburne | Marketoonist
Original content © 2022 Aware Force LLC | Aware Force is a registered trademark