Cybersecurity news you can use
QR codes have been around for over 20 years. But since the pandemic began, QR codes have grown in popularity. And with more popularity comes more scams.
Check out these examples and tips about how to use QR codes safely.
For closed captioning, click "cc" and select "English"
when the video begins playing.
> The International Red Cross says it has been the victim of a sophisticated cyber hack that led to the theft of personal information involving a half-million “highly vulnerable” people. TechCrunch says the breach occurred because the organization did not update a critical piece of software for several months.
> A small cybersecurity company has developed software that makes blurred text clear enough to read. TechRadar has two recommendations. Don’t blur text — instead, place a solid black bar over the entire text. And never try to hide cells in a spreadsheet by simply coloring the boxes black. The recipient can simply change the boxes’ color back to “none" and read the hidden data.
> Scammers are sending phishing emails promising government money to those impacted by COVID. Tech firm INKY says the emails appear to come from “HR: Employee Medical Identification.” Users are instructed to log into their Office365 account and fill out a form including their password to receive $5,000. On the next screen, they get a message that says “Access Denied.”
> Fake COVID websites: The US Department of Health and Human Services has launched the website covidtest.gov where anyone with a postal address can order free COVID tests. But scammers immediately launched fake sites like covidtestgov.us and freecovidtests.us to collect personal information and credit card numbers from unsuspecting visitors.
> Vehicle alert: between now and Halloween, major cellphone carriers will shut down their older 3G networks to make way for new, faster 5G. The end of 3G will affect millions of cars and trucks built as recently as 2019, making in-nav traffic navigation, emergency call services, smartphone app connectivity, and Wi-Fi hotspots useless. Do a web search on "3G" + your make and model of vehicle to learn more.
> Cybersafety labels for consumer products may be headed our way. The information would look similar to nutrition labels on food packaging. The Washington Post says the idea is to make buyers demand products that are built to better protect against breaches and adhere to privacy standards.
...is the term for text messages sent by scammers,
instructing you to send a payment,
visit a website, respond to a text,
call a number, or click on a link to download a file.
Smishes are usually urgent or intriguing,
like these examples.
Each of these links takes you to a fake login page
that looks genuine — but isn't.
If you enter your name and password,
crooks can hijack your account.
Don't fall for smishes!
I accidentally gave my name, email, and phone number to a phishing scam. I used my temporary email address — not the one linked to my bank account. Will the scammer be able to do anything with this?
You made a smart move having a dedicated email address you only use for important tasks like banking, making mortgage payments, and communicating with government agencies like the IRS. Make sure the password on that account is long and strong. Now, as for the temporary account you shared accidentally, change and strengthen the password. If you accidentally send the scammer your password, shut down the email account (don't just stop using it) and open a new one.
Does just clicking on a link and opening a bad website infect my phone?
There are rare cases where simply clicking on a link will infect an older computer or phone. For more recent electronic devices, as long as you don't download and open something like a Word doc, PDF, or app...or enter your name and a password to "log in" ...you should be safe. No matter what, it's wise to consider purchasing and installing anti-virus software on your computer.
How do I set it up so I receive a TEXT any time one of my credit cards is used?
Do a web search for "transaction alert" plus the brand of card you use. You'll need to download and install its app, give permission to send a text or email message, and then customize the amount of purchase that triggers an alert. This is a good way to stay alert for fraud and to track your spending.
"If you think someone might have breached your connection/network/passwords, etc., and is capturing your data, what can you do to 'test' that theory to check if it's actually happening?"
Here are the most common clues something is amiss on your computer or smartphone:
Your device slows to a crawl, stops working, or your phone is using lots more data than usual.
The cursor moves around the screen on its own.
Pop-up windows appear, especially ones that encourage you to download antivirus or other software.
A new toolbar appears at the top of your web browser.
You’re notified that you’ve changed the password on an account you didn’t change, or an existing password stops working.
You are notified that you’ve logged in from a new computer, but you’re still using the same one.
Friends say you’ve invited them to follow you on a social media account, but you don’t have a new account and you didn’t invite them.
Programs you don’t recognize launch when you start up your computer.
An ounce of prevention: Here are steps you can take now to protect your personal information.
Purchase, install, and run an anti-virus program on your computer and Android phone.
Windows users, launch “Task Manager” and Mac users, launch “Activity Monitor” to see which apps are using your computer’s processing power. Do a web search for the name of a program you don’t recognize to learn more about what it's doing.
Make sure you recognize a sender’s email address before downloading or opening an email attachment.
Restart your Wi-Fi router every few weeks.
Update your computer and phone’s operating system software when a new version is available.
Password-protect your phone, ideally using a fingerprint or face scan.
Change passwords on accounts that might be at risk, particularly your bank, email account, and government accounts like the IRS or Social Security.
Make new passwords at least 15 characters long with special characters like (#^%&!@).
Sources: CSO Online, Komando, USA Today, Microsoft
Aware Force Cybersecurity News • March 2022 a • Edition #141
Cartoon © 2022 CartoonStock
Original content © 2022 Aware Force LLC | Aware Force is a registered trademark