Cybersecurity Awareness Basics
How to avoid identity theft, frauds, scams and more. Click below for more information.
Tech Support Scams Top List Of Latest Phishing Threats
You receive a phone call, an email or a popup on the web claiming that your computer is at risk and that some security firm or product is needed to fix the problem. Though such scams seem obvious to people knowledgeable about cyber threats, many people still fall for this type of ploy. In fact, the tech support ruse was the number one scam described by Norton Labs in its new October Consumer Cyber Safety Pulse Report.
From “Tech Republic” Lance Whitney (10/19/2021)
Why Every Month Should Be Preparedness & Cybersecurity Month
The truth is there are a lot more things today than there were in the early 2000s to be prepared for. Look no further than Apple’s iPhone, which wasn’t introduced until 2007. Fast forward to 2021, and look at how much just that one category, the smartphone, changed the way your organization, and more importantly, your accountholders, operate. Many industry pundits say the COVID-19 pandemic accelerated digital adoption by banks and credit unions by more than five years.
From “Jack Henry Fin Talk” Eric Flick (10/05/2021)
OUCH! Newsletter – Avoid The Most Common Email Mistakes
Email is still one of the primary ways we communicate, both in our personal and professional lives. However, quite often we can be our own worst enemy when using email. Here are the most common mistakes people make with email and how to avoid them.
From “SANS” Steffanie Schilling (10/04/2021)
REvil Ransomware Group’s Latest Victim: Its Own Affiliates
To the long list of criminal fabrications, shocking though this may seem, add a new scam, which involves ransomware-as-a-service operations not just lying to victims, but also the criminals' business partners.
From “Bank Info Security” Mathew J. Schwartz (9/25/2021)
New Bill Would Require Ransom Disclosure Within 48 Hours
U.S. lawmakers have introduced legislation that would require the reporting of ransom payments within 48 hours of the transaction. The bill, put forward by Sen. Elizabeth Warren, D-Mass., and Rep. Deborah Ross, D-N.C., would require the Department of Homeland Security to create a voluntary website to log ransom payments and task DHS with a comprehensive study of the correlation between ransomware and cryptocurrency.
From “Bank Info Security” Dan Gunderman (10/07/2021)
You’re Going To Be The Victim Of A Ransomware Attack
The final part of the equation is risk management. Whole books have been written about cybersecurity risk management but the critical aspect is, yet again, you must do it in advance. By planning for an attack, you are forced to think about how you minimize risks to your organization when — not if — one of your machines is breached.
From “Dark Reading” John Zangardi and Nicko van Someren (9/30/2021)
When cybersecurity is inadequate, it can lead to stolen identity and financial loss. Most scams and scammers have two main goals--to steal your money and your identity. You should know what to look for, how they work, and what to do, so you can protect yourself and your finances.
From “FDIC Consumer News” (10/21/2021)
Targeting Generational Profiles For Effective Bank Fraud Prevention
Among the most concerning factors shaping banking fraud patterns today is not just digital transformation and the pandemic. It is also how fraudsters have adapted their tactics according to unique generational differences of consumers. The techniques bad guys use to target the upper age brackets are not the same tactics they use to lure younger Generation X and millennial customers. Even more frustrating is that the fraudsters are sometimes aping many financial institutions’ very own generation-targeted marketing schemes and product offerings to snag each of these widely different groups of consumers.
From “ABA Risk and Compliance” Glen Fratangelo (10/14/2021)
Internet Safety Guide For College Students
Corporations invest billions into protecting private data. Globally, the cybersecurity services market brought in $173 billion in 2020. However, cybersecurity isn't only a concern for government agencies and major corporations. Hackers and scammers also target individuals, including college students. Fortunately, college students can protect their private data and improve their internet safety without a corporate-sized budget.
From “ZD Net” Genevieve Carlton (10/01/2021)
Beware Poisoned Apple AirTags That Exploit Unpatched “Lost Mode” Flaw
If you're unlucky enough to mislay your Apple AirTag tracking device, or the item it is attached to, then never fear. Apple AirTags have a feature that allows anyone who finds one to scan it with their smartphone, and be taken to information which lists the owner's phone number so your property can be returned to you. That's very cool. But what isn't cool is that the feature can be abused to deliver malware or steal credentials from the unwitting Good Samaritan who is trying to locate an AirTag's genuine owner.
From “Bit Defender” Graham Cluley (9/30/2021)
Amazon Impersonators: What You Need To Know
These scams can look a few different ways. In one version, scammers offer to “refund” you for an unauthorized purchase but “accidentally transfer” more than promised. They then ask you to send back the difference. What really happens? The scammer moves your own money from one of your bank accounts to the other (like your Savings to Checkings, or vice versa) to make it look like you were refunded.
From “Federal Trade Commission” Mario Mayo (10/20/21)
Back On The Office Network: What Are The Risks For Mobile Users?
Unfortunately, consumer devices aren’t always protected by stringent cyber security defences like corporate electronics are. So, they could potentially harbour malware and other security vulnerabilities. Even if employees only used corporate mobile devices for remote working, they would have been connected to personal Wi-Fi networks and could be less secure as a result.
From “Computer Weekly” Nicholas Fearn (10/19/2021)
Broadcom Software’s Symantec Threat Hunter Team Discovers First-Of-Its-Kind Ransomware
It's unknown where Yanluowang came from, who's behind it or if it has been used in any attacks other than the one that Symantec responded to against an unnamed "large organization." Among the files it obtained was code that Symantec said seemed to come from an underdeveloped ransomware family, and they were clued in by some suspicious use of the Active Directory query tool AdFind.
From “Tech Republic” Brandon Vigliarolo (10/14/2021)
Over 1.5 Billion Facebook Users’ Personal Data Found For Sale On Hacker Forum
Reported by privacy research company Privacy Affairs, the data found for sale doesn't indicate that the seller actually broke into Facebook's systems, nor that its data tied to any other data breach. Instead, Privacy Affairs said that the data was allegedly obtained by scraping publicly available data shared by Facebook users.
From “Tech Republic” Brandon Vigliarolo (10/06/2021)
Spot The Pandemic Scam: Emergency Broadband Program Impersonators
Have you seen ads on social media that offer to “help” you sign up for a government program that will give you a “free” device and internet service in exchange for money or personal information? While there is a real government program to help people connect during the pandemic, there’s no payment required to enroll. That’s just a scam.
From “Federal Trade Commission” Carly Johnson (10/08/2021)