Trending Security Topics

Cybersecurity Awareness Basics

How to avoid identity theft, frauds, scams and more. Click below for more information.

Cybersecurity Basics



OUCH! Newsletter: CEO Fraud/BEC

Cyber attackers continue to evolve an email attack called CEO Fraud, or Business Email Compromise (BEC). These are targeted email attacks that trick their victim into taking an action they should not take. In most cases, the bad guys are after money. What makes these attacks so dangerous is cyber attackers research their victims before launching their attack. It is also very hard for security technologies to stop these attacks because there is no infected email attachments or malicious links to detect. Here is how the attack works. From “SANS OUCH! September 2018” Don Cavender (9/01/2018)
 

Phishing, Vishing and Smishing

Is the title for this column a quote from a Dr. Seuss book? No. But you’d be forgiven for making that assumption. None of those words (except for “and”) even looks like an actual word, certainly not one you’d find in a professional publication. They’re all real, though, and all types of social engineering fraud your institution could be facing soon. From “Bank News” Alaina Webster (8/29/2018)
 

Email Phishers Using New Way To Bypass Microsoft Office 365 Protection

In May 2018, cybercriminals had also been found splitting up the malicious URL in a way that the Safe Links security feature in Office 365 fails to identify and replace the partial hyperlink, eventually redirecting victims to the phishing site. From “The Hacker News” Swati Khandelwal (8/15/2018)
 

ABA Foundation, FTC Release Infographic On Fake Check Scams

The American Bankers Association Foundation and the Federal Trade Commission today released an infographic to help consumers recognize and understand the growing trend of fake check scams. This form of check fraud often involves a scammer sending a bad check to a victim and then asking for some of the funds to be returned. After the money is sent back, the scammer’s original check bounces. From “ABA Banking Journal” (9/04/2018)
 

Understanding Firewalls For Home And Small Office Use

When your computer is accessible through an internet connection or Wi-Fi network, it is susceptible to attack. However, you can restrict outside access to your computer—and the information on it—with a firewall. Firewalls provide protection against outside attackers by shielding your computer or network from malicious or unnecessary network traffic. Firewalls can also prevent malicious software from accessing a computer or network via the internet. Firewalls can be configured to block data from certain locations (i.e., computer network addresses), applications, or ports while allowing relevant and necessary data through. From “US-CERT” (9/10/2018)
 

Ransomware Recovery: Don’t Make Matters Worse

A recent incident involving a chronic care management company spotlights how paying a ransom to recover decryption keys from ransomware attackers can put sensitive data at additional risk. From “Bank Info Security” Marianne Kolbasuk McGee (9/05/2018)
 

In A Few Days, Credit Freezes Will Be Fee-Free

Later this month, all of the three major consumer credit bureaus will be required to offer free credit freezes to all Americans and their dependents. Maybe you’ve been holding off freezing your credit file because your home state currently charges a fee for placing or thawing a credit freeze, or because you believe it’s just not worth the hassle. If that accurately describes your views on the matter, this post may well change your mind. From “Krebs on Security” Brian Krebs (9/18/2018)
 

Securing Enterprise Wireless Networks

Enterprise network security is the protection of a network that connects systems, mainframes, and devices―like smartphones and tablets―within an enterprise. Companies, universities, governments, and other entities use enterprise networks to help connect their users to information and people. As networks grow in size and complexity, security concerns also increase. From “US-CERT” (9/04/2018)

 

Potential Hurricane Florence Phishing Scams

NCCIC warns users to remain vigilant for malicious cyber activity seeking to exploit interest in Hurricane Florence. Fraudulent emails commonly appear after major natural disasters and often contain links or attachments that direct users to malicious websites. Users should exercise caution in handling any email with a subject line, attachments, or hyperlinks related to the hurricane, even if it appears to originate from a trusted source. From “US-CERT” (9/14/2018)

 

Asked To Pay By Gift Card? Don’t. (Click link to see full article.)

Has someone asked you to go get a gift card to pay for something? Lots of people have told us they’ve been asked to pay with gift cards – by a caller claiming to be with the IRS, or tech support, or a so-called family member in need. If you’ve gotten a call like this, you know that the caller will then demand the gift card numbers and PIN. And, poof, your money is gone. From “Federal Trade Commission” Jennifer Leach (5/31/2018)