Threat actors continue to be active and take advantage of our business to commit fraud. SUMA in collaboration with its cybersecurity partners presents the latest security topics to create awareness and educate members to avoid the pitfalls.
Cybersecurity Updates - April 2021
OUCH! Newsletter: Identity Theft
Identity theft happens when a criminal steals information about you and uses that information to commit fraud, such as requesting unemployment benefits, tax refunds, or a new loan or credit card in your name. If you don’t take precautions, you may end up paying for products or services that you didn’t buy and dealing with the stress and financial heartache that follows identity theft.
From “SANS” Lenny Zeltser (3/10/2021)
Identity theft happens when a criminal steals information about you and uses that information to commit fraud, such as requesting unemployment benefits, tax refunds, or a new loan or credit card in your name. If you don’t take precautions, you may end up paying for products or services that you didn’t buy and dealing with the stress and financial heartache that follows identity theft.
From “SANS” Lenny Zeltser (3/10/2021)
FBI: State And Local Governments Losing Millions To BEC
Attackers are targeting state, local, tribal and territorial (SLTT) government entities, masquerading as vendors and suppliers. They use phishing attacks to hijack email accounts at these companies and send urgent fake invoices to their government clients.
From “Info Security Magazine” Phil Muncaster (3/22/2021)
Attackers are targeting state, local, tribal and territorial (SLTT) government entities, masquerading as vendors and suppliers. They use phishing attacks to hijack email accounts at these companies and send urgent fake invoices to their government clients.
From “Info Security Magazine” Phil Muncaster (3/22/2021)
COVID-19 One Year Later
Unfortunately, some people may take advantage of COVID-19 by using fraudulent websites, phone calls, emails, and text messages. While claiming to offer “help,” they may be trying to trick people into providing Social Security numbers, bank account numbers, and other personal information. Do not divulge your bank or credit card numbers or any other personal information over the phone unless you initiated the conversation with the other party and you know that it is a reputable organization.
From “FDIC Consumer News” (3/19/2021)
Unfortunately, some people may take advantage of COVID-19 by using fraudulent websites, phone calls, emails, and text messages. While claiming to offer “help,” they may be trying to trick people into providing Social Security numbers, bank account numbers, and other personal information. Do not divulge your bank or credit card numbers or any other personal information over the phone unless you initiated the conversation with the other party and you know that it is a reputable organization.
From “FDIC Consumer News” (3/19/2021)
Spotting Scammy Emails
Let’s say you get an email about a charge to your credit card for something you aren’t expecting or don’t want. Your first instinct may be to immediately call the company or respond to the email and to stop the payment. Scammers know that, and are taking advantage of it in a new phishing scheme. People tell us they’re getting emails that look like they’re from Norton, a company that sells antivirus and anti-malware software. (Tip: the emails are NOT from Norton.) The emails say you’ve been (or are about to be) charged for a Norton product — maybe an auto renewal or new order. If this is a mistake, the email says, you should call immediately. (Tip: don’t.)
From “Federal Trade Commission” Emily Wu (3/17/2021)
Let’s say you get an email about a charge to your credit card for something you aren’t expecting or don’t want. Your first instinct may be to immediately call the company or respond to the email and to stop the payment. Scammers know that, and are taking advantage of it in a new phishing scheme. People tell us they’re getting emails that look like they’re from Norton, a company that sells antivirus and anti-malware software. (Tip: the emails are NOT from Norton.) The emails say you’ve been (or are about to be) charged for a Norton product — maybe an auto renewal or new order. If this is a mistake, the email says, you should call immediately. (Tip: don’t.)
From “Federal Trade Commission” Emily Wu (3/17/2021)
The Financial Fraud Epidemic
According to financial institutions and federal agencies, since COVID-19 began, fraud attempts have as much as tripled, with a wide variety of new scams emerging that prey on those who have been financially been hit hard by the pandemic and subsequent closures and shutdowns, people who have become isolated, as well as good Samaritans who want to be helpful to those in crisis. Indeed, the pandemic has provided a greenfield opportunity for cyber criminals, who are playing to bank customers’ concerns about job loss, financial health and community safety.
From “ABA Banking Journal” Karen Epper Hoffman (3/04/2021)
According to financial institutions and federal agencies, since COVID-19 began, fraud attempts have as much as tripled, with a wide variety of new scams emerging that prey on those who have been financially been hit hard by the pandemic and subsequent closures and shutdowns, people who have become isolated, as well as good Samaritans who want to be helpful to those in crisis. Indeed, the pandemic has provided a greenfield opportunity for cyber criminals, who are playing to bank customers’ concerns about job loss, financial health and community safety.
From “ABA Banking Journal” Karen Epper Hoffman (3/04/2021)
Tax-Themed Phishing Campaign Emerges
In the latest campaign, if the recipients of a phishing message open what's portrayed as a tax-themed Word document, it displays a blurred background as well as “enable editing” and “enable content” prompts, Cybereason says.
From “Bank Info Security” Prajeet Nair (3/16/2021)
In the latest campaign, if the recipients of a phishing message open what's portrayed as a tax-themed Word document, it displays a blurred background as well as “enable editing” and “enable content” prompts, Cybereason says.
From “Bank Info Security” Prajeet Nair (3/16/2021)
How Ransomware Is Evolving As A Threat To Organizations
The double-extortion tactic also gained more traction in 2020. In this type of attack, the criminals threaten to leak the encrypted data publicly unless the ransom is paid. As such, even victimized organizations that have backups of the stolen data may be more willing to pay the ransom to avoid exposure. At least 16 different ransomware variants are now using the double-extortion plot, according to Unit 42.
From “Tech Republic” Lance Whitney (3/17/2021)
The double-extortion tactic also gained more traction in 2020. In this type of attack, the criminals threaten to leak the encrypted data publicly unless the ransom is paid. As such, even victimized organizations that have backups of the stolen data may be more willing to pay the ransom to avoid exposure. At least 16 different ransomware variants are now using the double-extortion plot, according to Unit 42.
From “Tech Republic” Lance Whitney (3/17/2021)
Best Practices When Using Video Conferencing Platforms
As for best practices when using video conferencing tools, first and foremost if you don’t feel secure, don’t share any information that may put you at risk - whether that’s intellectual property, PII, or heck, even pictures of your kids, if you wouldn’t walk around in public showing that type of information, it’s not safe to broadcast over video either. On top of that, it’s the little things that can make a big difference. Always password protect your meetings, never use a personal event link for a public facing meeting, and ensure your service provider encrypts all audio and video transmission - just following these simple tips can help mitigate some of the many attack tools that hackers have at their disposal.
From “Security Magazine” Maria Henriquez (3/15/2021)
As for best practices when using video conferencing tools, first and foremost if you don’t feel secure, don’t share any information that may put you at risk - whether that’s intellectual property, PII, or heck, even pictures of your kids, if you wouldn’t walk around in public showing that type of information, it’s not safe to broadcast over video either. On top of that, it’s the little things that can make a big difference. Always password protect your meetings, never use a personal event link for a public facing meeting, and ensure your service provider encrypts all audio and video transmission - just following these simple tips can help mitigate some of the many attack tools that hackers have at their disposal.
From “Security Magazine” Maria Henriquez (3/15/2021)
Stay Safe Online During Tax Time
Tax season can be a stressful time for many Americans, and scammers are waiting for you to slip up so they can steal your personal information, money and identity. NCSA and the Internal Revenue Service (IRS) want to help you stay safe online while filing your taxes with these best practices, tips, and resources.
From “National Cybersecurity Alliance” (3/09/2021)
Tax season can be a stressful time for many Americans, and scammers are waiting for you to slip up so they can steal your personal information, money and identity. NCSA and the Internal Revenue Service (IRS) want to help you stay safe online while filing your taxes with these best practices, tips, and resources.
From “National Cybersecurity Alliance” (3/09/2021)
Cybersecurity Updates - March 2021
OUCH! Newsletter: I’m Hacked. Now What?
No matter how secure you are, sooner or later you may have an accident and become hacked. Below are clues you might have been hacked and if so, what to do.
No matter how secure you are, sooner or later you may have an accident and become hacked. Below are clues you might have been hacked and if so, what to do.
From “SANS” Maxim Deweerdt (2/03/2021)
It’s 2021: Your IT Security Is Not As Safe As You Think It Is
Now that more companies are using remote and cloud-based technologies to foster work-from-home arrangements, that warning is particularly urgent this year. Based on our experience, we’ve identified seven different security “postures,” which can be ranked in levels. It’s helpful to think about them as if you’re guarding your own home against an intrusion.
Now that more companies are using remote and cloud-based technologies to foster work-from-home arrangements, that warning is particularly urgent this year. Based on our experience, we’ve identified seven different security “postures,” which can be ranked in levels. It’s helpful to think about them as if you’re guarding your own home against an intrusion.
From “Forbes” Mitchell Sowards (2/09/2021)
Safety First: Will Insurance Companies Stall Or Accelerate Cybersecurity Progress?
Propelled by the surge of cyber incidents and ransomware attacks, businesses and insurance providers are rethinking and redefining how they engage each other, said Trent Cooksley, chief operation officer at Cowbell Cyber. “In order to maintain a profitable loss ratio, insurers might have to request specific controls on businesses before offering coverage,” he said.
Propelled by the surge of cyber incidents and ransomware attacks, businesses and insurance providers are rethinking and redefining how they engage each other, said Trent Cooksley, chief operation officer at Cowbell Cyber. “In order to maintain a profitable loss ratio, insurers might have to request specific controls on businesses before offering coverage,” he said.
From “SC Media” Teri Robinson (2/08/2021)
Ransomware Fact Sheet
The National Cyber Investigative Joint Task Force (NCIJTF) has released a joint-sealed ransomware factsheet to address current ransomware threats and provide information on prevention and mitigation techniques. The Ransomware Factsheet was developed by an interagency group of subject matter experts from more than 15 government agencies to increase awareness of the ransomware threats to police and fire departments; state, local, tribal, and territorial governments; and critical infrastructure entities.
The National Cyber Investigative Joint Task Force (NCIJTF) has released a joint-sealed ransomware factsheet to address current ransomware threats and provide information on prevention and mitigation techniques. The Ransomware Factsheet was developed by an interagency group of subject matter experts from more than 15 government agencies to increase awareness of the ransomware threats to police and fire departments; state, local, tribal, and territorial governments; and critical infrastructure entities.
From “US-CERT” (2/05/2021)
How Much Is Your Info Worth On The Dark Web? For Americans, It’s Just $8
After a data breach or successful phishing campaign, much of the stolen personal information is sold on black markets. Many such marketplaces reside on the dark web. The median credit limit on a stolen credit card is 24 times the price of the card. The median account balance of a hacked PayPal account is 32 times the price on the dark web.
After a data breach or successful phishing campaign, much of the stolen personal information is sold on black markets. Many such marketplaces reside on the dark web. The median credit limit on a stolen credit card is 24 times the price of the card. The median account balance of a hacked PayPal account is 32 times the price on the dark web.
From “Tech Republic” Jonathan Greig (2/08/2021)
Threats Disguised As Online Learning Platforms Surge
Users typically encounter threats disguised as popular video meeting apps and online course platforms through fake application installers, which are often found on unofficial Web sites designed to resemble the real McCoy, or e-mails disguised as special offers or notifications from the platform.
Users typically encounter threats disguised as popular video meeting apps and online course platforms through fake application installers, which are often found on unofficial Web sites designed to resemble the real McCoy, or e-mails disguised as special offers or notifications from the platform.
From “IT Web” (2/04/2021)
Fake WhatsApp App May Have Been Built To Spy On iPhone Users – What You Need To Know
In the case of the bogus WhatsApp software, social engineering tricks are used to dupe users into installing configuration files (known as MDM or Mobile Device Management profiles) onto their phones, and these can install unauthorized malicious code onto an device.
In the case of the bogus WhatsApp software, social engineering tricks are used to dupe users into installing configuration files (known as MDM or Mobile Device Management profiles) onto their phones, and these can install unauthorized malicious code onto an device.
From “Bitdefender” Graham Cluley (2/03/2021)
Cybersecurity Updates - February 2021
To create a secure home network, you need to start by securing your Wi-Fi access point (sometimes called a Wi-Fi router). This is the device that controls who and what can connect to your home network. Here are five simple steps to securing your home Wi-Fi to create a far more secure home network for you and your family.
From “SANS” Joshua Wright (1/06/2021)
From “SANS” Joshua Wright (1/06/2021)
Scam “US Trading Commission” Website Is Not The FTC
Here’s what you need to know. The FTC does shut down scams and return money to people who lost it to dishonest or unfair business practices. But we will never ask for money, or for your bank account, credit card, or Social Security number so that you can get a refund.
From “Federal Trade Commission” Seena Gressin (1/25/2021)
Here’s what you need to know. The FTC does shut down scams and return money to people who lost it to dishonest or unfair business practices. But we will never ask for money, or for your bank account, credit card, or Social Security number so that you can get a refund.
From “Federal Trade Commission” Seena Gressin (1/25/2021)
Target For New COVID Scam: Small Business Owners
There’s a new coronavirus-related scam making the rounds, but this time the crooks are targeting small businesses. It starts with an email that claims to come from the “Small Business Administration Office of Disaster Assistance.” It says you’re eligible for a loan of up to $250,000 and asks for personal information like birth date and Social Security number. Let’s do a CSI-style investigation to spot clues that the email is a fake.
From “Federal Trade Commission” Lesley Fair (1/13/2021)
There’s a new coronavirus-related scam making the rounds, but this time the crooks are targeting small businesses. It starts with an email that claims to come from the “Small Business Administration Office of Disaster Assistance.” It says you’re eligible for a loan of up to $250,000 and asks for personal information like birth date and Social Security number. Let’s do a CSI-style investigation to spot clues that the email is a fake.
From “Federal Trade Commission” Lesley Fair (1/13/2021)
Beware: PayPal Phishing Texts State Your Account Is ‘Limited’
A new SMS text phishing (smishing) campaign pretends to be from PayPal, stating that your account has been permanently limited unless you verify your account by clicking on a link.
From “Bleeping Computer” Lawrence Abrams (1/03/2021)
A new SMS text phishing (smishing) campaign pretends to be from PayPal, stating that your account has been permanently limited unless you verify your account by clicking on a link.
From “Bleeping Computer” Lawrence Abrams (1/03/2021)
Ransomware Attackers Are Making Threatening Phone Calls To Their Victims, Warns FBI
As ZDNet reports, the FBI has sent out a PIN (Private Industry Notification) alert to private sector companies warning them that not only are hackers using the DoppelPaymer ransomware in an attempt to extort money from affected organizations, but that they are also making follow-up phone calls to apply further pressure for victims to pay up.
From “Hot For Security” Graham Cluley (12/22/2020)
As ZDNet reports, the FBI has sent out a PIN (Private Industry Notification) alert to private sector companies warning them that not only are hackers using the DoppelPaymer ransomware in an attempt to extort money from affected organizations, but that they are also making follow-up phone calls to apply further pressure for victims to pay up.
From “Hot For Security” Graham Cluley (12/22/2020)
Get Ready For NCPW 2021!
NCPW is the time of year when government agencies, consumer protection groups, and people like you work together to help others understand their consumer rights and make well-informed decisions about money.
From “Federal Trade Commission” Ari Lazarus (1/21/2021)
NCPW is the time of year when government agencies, consumer protection groups, and people like you work together to help others understand their consumer rights and make well-informed decisions about money.
From “Federal Trade Commission” Ari Lazarus (1/21/2021)
Cybersecurity Insurance Has A Big Problem
For companies looking to bring more cyber insurance into their risk management practices — or buy for the first time — a bit of planning is necessary. After all, we’re looking at an environment in which claims are increasing and insurers lack the historical data and overall experience to develop the analytics they’d use in more mature lines of business, such as property. To build up a sufficient amount of cyber insurance, early purchases of smaller amounts with increases over time can help prime the market to grow with the needs of the companies it supports.
From “Harvard Business Review” Tom Johansmeyer (1/11/2021)
For companies looking to bring more cyber insurance into their risk management practices — or buy for the first time — a bit of planning is necessary. After all, we’re looking at an environment in which claims are increasing and insurers lack the historical data and overall experience to develop the analytics they’d use in more mature lines of business, such as property. To build up a sufficient amount of cyber insurance, early purchases of smaller amounts with increases over time can help prime the market to grow with the needs of the companies it supports.
From “Harvard Business Review” Tom Johansmeyer (1/11/2021)
How To Level Up Your Cybersecurity In 2021
It’s easy to focus on all the ways 2020 has been a challenging year: the Covid-19 pandemic, a sputtering economy, and (for cybersecurity professionals) an explosion of new and increasingly dangerous cyberthreats. However, we shouldn’t ignore all the ways the changes we’ve witnessed in 2020 — such as the shift to remote work — have actually driven long-overdue reconsiderations of our approaches to communication, collaboration and cybersecurity.
From “Forbes” Zach Schuler (1/11/2021)
It’s easy to focus on all the ways 2020 has been a challenging year: the Covid-19 pandemic, a sputtering economy, and (for cybersecurity professionals) an explosion of new and increasingly dangerous cyberthreats. However, we shouldn’t ignore all the ways the changes we’ve witnessed in 2020 — such as the shift to remote work — have actually driven long-overdue reconsiderations of our approaches to communication, collaboration and cybersecurity.
From “Forbes” Zach Schuler (1/11/2021)
We Got Used To SMS Notifications And Phishers Are Capitalizing On It
A rising onslaught of phishing messages delivered via SMS (aka “smishing”) has been hitting mobile users around the world in the last few months. The fake messages impersonate payment, package delivery and streaming services, government and healthcare organizations, popular IT and email providers, online retailers, hospitality organizations, and so on. The attackers’ goal is to get users to share sensitive information either via SMS or by entering it into a spoofed website. The sensitive information the phishers are after includes personal and financial info, online banking and various other account credentials, tax-related information, electronic IDs and associated passwords, etc. Occasionally, the goal extends to getting users to install mobile malware or sign up for pricy services.
From “Help Net Security” Zeljka Zorz (1/08/2021)
A rising onslaught of phishing messages delivered via SMS (aka “smishing”) has been hitting mobile users around the world in the last few months. The fake messages impersonate payment, package delivery and streaming services, government and healthcare organizations, popular IT and email providers, online retailers, hospitality organizations, and so on. The attackers’ goal is to get users to share sensitive information either via SMS or by entering it into a spoofed website. The sensitive information the phishers are after includes personal and financial info, online banking and various other account credentials, tax-related information, electronic IDs and associated passwords, etc. Occasionally, the goal extends to getting users to install mobile malware or sign up for pricy services.
From “Help Net Security” Zeljka Zorz (1/08/2021)
Cybersecurity Updates - January 2021
OUCH! Newsletter: Securing The Generation Gap
Trying to securely make the most of today’s technology can be overwhelming for almost all of us, but it can be especially challenging for family members not as used to or as familiar with technology. Therefore, we wanted to share some key steps to help secure family members who may be struggling with technology and might misunderstand the risks that come with using it.
From “SANS” Chris Dale (12/02/2020)
Trying to securely make the most of today’s technology can be overwhelming for almost all of us, but it can be especially challenging for family members not as used to or as familiar with technology. Therefore, we wanted to share some key steps to help secure family members who may be struggling with technology and might misunderstand the risks that come with using it.
From “SANS” Chris Dale (12/02/2020)
Gritzman said to defend against future attacks on mobile devices, users should avoid jailbreaking or rooting any devices, ensure all system updates and app updates take place on time, and obtain apps directly from official app stores.
From “IT Pro” Rene Millman (12/17/2020)
The FBI, CISA, and MS-ISAC assess malicious cyber actors are targeting kindergarten through twelfth grade (K-12) educational institutions, leading to ransomware attacks, the theft of data, and the disruption of distance learning services. Cyber actors likely view schools as targets of opportunity, and these types of attacks are expected to continue through the 2020/2021 academic year. These issues will be particularly challenging for K-12 schools that face resource limitations; therefore, educational leadership, information technology personnel, and security personnel will need to balance this risk when determining their cybersecurity investments.
From “Cybersecurity and Infrastructure Security Agency” (12/10/2020)
If you get a call, text, email — or even someone knocking on your door — claiming they can get you early access to the vaccine, STOP. That’s a scam. Don’t pay for a promise of vaccine access or share personal information.
From “Federal Trade Commission” Colleen Tressler (12/08/2020)
The gang behind the Ragnar Locker ransomware posted an ad on Facebook in an attempt to publicly shame a victim so it would pay a ransom. Security experts say the innovative tactic is indicative of things to come.
From “Bank Info Security” Doug Olenick (11/13/2020)
Data Privacy Day is a global effort — taking place annually on January 28th — that generates awareness about the importance of privacy, highlights easy ways to protect personal information and reminds organizations that privacy is good for business. Data Privacy Day began in the United States and Canada in January 2008 as an extension of the Data Protection Day celebration in Europe. Data Protection Day commemorates the Jan. 28, 1981, signing of Convention 108, the first legally binding international treaty dealing with privacy and data protection. Data Privacy Day is observed annually on Jan. 28.
From “National Cybersecurity Alliance” (1/05/2020)
Scammers are calling people and using the names of two companies everyone knows, Apple and Amazon, to rip people off. Here’s what you need to know about these calls.
From “Federal Trade Commission” Alvaro Puig (12/03/2020)
A new Zoom-themed phishing attack is circulating through email, text and social media messages, aiming to steal credentials for the videoconferencing service. The Better Business Bureau (BBB) warned last week that the attack uses Zoom’s logo, and in a message tells recipients that their Zoom accounts were suspended and to click a link to reactivate; or that they missed a Zoom meeting, and to click a link to see the details and reschedule.
From “Threat Post” Lindsey O’Donnell (12/01/2020)
This shift is just getting started. IoT-enabled scams and hacks quickly ramped up to a high level – and can be expected to accelerate through 2021 and beyond. This surge can, and must, be blunted. The good news is that we already possess the technology, as well as the best practices frameworks, to mitigate fast-rising IoT exposures.
From “Security Boulevard” Byron Acohido (11/09/2020)