News and Information

  • Phishing Fraud during COVID-19

    Financial organizations have seen an increase in phishing events during the COVID-19 pandemic. It is important that you understand phishing events and educate your cardholders. Phishing events are when a fraudster attempts to steal a person’s data, mainly login credentials, and card information. The fraudster then uses this information to process fraudulent card transactions or ATM withdrawals. Fraudsters often utilize social media or information bought on the Dark Web to initiate scams.

    An example of the recent Phishing Attack:

    • The fraudster gathers information from social media to make the scam more believable.
    • Cardholder receives a phone call from the fraudster posing as a financial institution employee.
      • Fraudsters often spoof phone numbers from the financial institution when contacting the victim, making it seem legitimate.
    • Fraudster advises cardholder that they have fraud attempts on their card and they will receive a text with a case number.
      • While on the phone, the fraudster will perform a transaction they know will generate a fraud alert.
      • When the cardholder receives the case number, the fraudster asks for the case number over the phone so the card can be permanently blocked.

                        - Instead the fraudster is using the case number to call into the SecurLOCK IVR and validate the activity as valid, so they can continue to use the card fraudulently.

    • The fraudster may suggest the cardholder transfer money into their checking account from savings to make it “safer,” thereby giving the fraudster access to more money.
    • The cardholder thinks the fraud was caught and stopped, while the fraudster is busy committing more fraudulent transactions and stealing more money.

    Educating cardholders is one of the best lines of defense in preventing phishing attacks. Advising cardholders on how your financial institution and FIS interacts with them will mitigate losses due to this type of activity.

    FIS will never contact the cardholder to ask for the following:

    • Account Number/Card Number
    • CVV
    • PIN
    • Passwords
    • Social Security Number
    • Online Banking Credentials

    FIS will never advise a cardholder to transfer money or withdraw money. If any information concerning suspicious activity is texted to the cardholder, FIS does not call and ask the cardholder for the information. When cardholders call into SecurLOCK to validate suspicious transactions, FIS will request the case number to authenticate them. The cardholder should always reply NO if they are unaware of the transactions in question received via a text or email, no matter what direction has been given to them.

     

  • Tech Tips

    Spoofed SMTP Relay Services

    Simple Mail Transfer Protocol (SMTP) is the standard method that mail servers use to send emails. Organizations typically use a SMTP replay service to send mass emails, such as marketing materials. Some organizations use Gmail as an SMTP relay service, but unfortunately, cybercriminals have found a vulnerability in the Gmail service.

    Using this vulnerability, cybercriminals can spoof any organization that also uses Gmail as a relay service. For example, let's say that a legitimate organization owns the domain sign-doc[dot]com, and disguise the emails by spoofing the legitimate domain, sign-doc[dot]come. Since the spoofed domain is being relayed through Gmail, most email clients will consider the malicious email safe and allow it to pass through security filters.

    Follow the tips below to stay safe from similar scams:

    • This type of attack isn't limited to Gmail. Other SMTP relay services could have similar vulnerabilities. Even if an email seems to come from a legitimate sender, remain cautious.
    • Never click on a  link or download an attachment in an email that you were not expecting.
    • If you need to verify that an email is legitimate, try reaching out to the sender directly through phone call or text message.

     

    The Keep-It-Simple Scam

    In a new scam, cybercriminals use short, simple phishing emails to try to sneak past security-aware employees. The scam itself is a typical credential-stealing phishing attack: You receive an email notification stating that some of your emails could not be delivered. To review these emails, you are directed to click a link. If you click the link, you are taken to a fake login page and any credentials that you enter on the page will go straight to the cybercriminals.

    What makes this scam unique is the simple phishing email. The email looks like a plain text alert with only a few lines of information and no images or logos. With so few details to look at, it could be difficult to determine if the email is legitimate. To match the plain text design, the link in the email is a long URL instead of the usual "Click Here" type of link. Cybercriminals want you to trust the URL, but if you hover your mouse over the link, you'll find that the link does not lead to the URL shown in the email.

    Follow the tips below to help you stay safe from similar, simple scams:

    • Never click on a link in an email that you were not expecting, even if it appears to come from a program or application that you use.
    • When you receive an alert email, ask yourself questions such as: Did I sign up for email notifications? Have I received alerts like this in the past?
    • If you think the notification could be real, log in to the program or application directly instead of clicking the link in the email.

     

    Expect a Surplus of Supply Chain Scams

    Throughout April, Shanghai and other major cities in China have been on lockdown due to recent COVID-19 outbreaks. Along with the ongoing war in Ukraine, these lockdowns have drastically impacted supply chains for industries around the world.

    We expect to see another wave of supply chain-related phishing and social engineering attacks. Cybercriminals could use this news to spoof shipping delay notifications, create fake advertisements for hard-to-find products, or write misleading articles about well-known organizations that could be impacted by the shortages.

    Use the tips below to help you spot supply chain scams:

    • Never click on a link or download an attachment in an email that you were not expecting.
    • Watch out for sensational or shocking headlines about the world's supply chains. These headlines could lead to articles that contain disinformation, or false information that is intentionally designed to mislead you.
    • If you are expecting a shipment and receive a related email, confirm that the email is legitimate before clicking any links in the email. Look for details such as the order number, the purchase date, and the payment method used for the purchase.

     

    Persistent MFA Prompts

    Multi-Factor authentication (MFA) can help you protect your online accounts by requiring that you approve login attempts before you can access the accounts. However, if you accidentally approve an MFA notification that you didn't request, cybercriminals may be able to access your accounts and personal information.

    In a new scam, cybercriminals are annoying you into approving an MFA notification. If cybercriminals figure out your login credentials for an account, they can send you repeated MFA notifications. The cybercriminals hope that you will eventually approve a notification to stop the notifications from sending. Then, the cybercriminals can update the MFA settings in your account to send notifications to their device instead of your own. As a result, the cybercriminals can gain permanent access to your account and any personal information that's in the account.

    Follow these tops to stay safe from MFA scams:

    Never approve an MFA notification that you didn't request.

    Create unique, strong passwords for each of your online accounts. If the cybercriminals can't figure out your password, they won't be able to scam you with MFA notifications.

    If you receive an MFA notification for an account that you aren't trying to log in to, immediately change your password for the account.

     

    Europol Vishing Scam

    Voice phishing, or "vishing", is a phishing attack conducted by phone. Vishing is a classic tactic that cybercriminals continue to use today. Recently, cybercriminals launched a vishing attack that impersonates Europol, the law enforcement agency of the European Union (EU). Using advanced techniques, cybercriminals disguise their phone numbers to display as an official Europol number on your caller ID.

    The call starts as an automated message, stating that your personal data has been compromised and to press the 1 key to continue. If you press 1, you're greeted by a real person who sounds polite and professional. The caller offers to help as long as you give them information such as your name, address, and identification number. Any information you provide will be delivered straight to the cybercriminals.

    Follow these tips to stay safe from similar scams:

    • Never trust your caller ID. Cybercriminals can spoof phone numbers to look like a familiar or safe caller.
    • If you did not initiate the call, do not provide personal information over the phone.
    • If you're not sure if a call is coming from a legitimate organization, hang up. Then, find the official phone number for the real organization and call them directly. Don't call the suspicious phone number again.

     

    Watch Out for Apple and Meta EDR Scams

    In the United States, law enforcement agencies must obtain a court-ordered warrant or subpoena before requesting user data from a tech company. However, in extreme scenarios, law enforcement agencies can bypass this process by issuing an Emergency Date Request (EDR). Since the request is urgent, tech companies must act quickly and trust the agency that issued the request. Unfortunately, cybercriminals have begun hijacking law enforcement agency email systems in order to send fakes EDRs and gather sensitive user data.

    Recent news has revealed that in 2021, Apple, Meta, and other tech companies responded to fake EDRs and provided user data to cybercriminals. This data included users' addresses, phone numbers, and IP addresses. Now that this data breach is making headlines, we expect cybercriminals to use EDR-related data leaks as a topic in phishing attacks and social media disinformation campaigns.

    Here are some tips to stay safe:

    • Because cautious of emails or phone calls that claim your or your organization have been affected by these data leaks. Typically, this sort of information is communicated through regular mail.
    • Watch out or sensational or shocking headlines about Apple, Meta, or other tech companies that have experienced EDR-related data leaks. These headlines could lead to articles that contain disinformation, or false information designed to intentionally mislead you.
    • Protect yourself from potential data breaches by regularly updating your passwords, using multi-factor authentication, and limiting the amount of information you share with social media platforms and online services.

     

    You've Got Mail and Malware: New QakBot Email Scam

    You may have seen a suspicious email that appears to come from a trusted source, such as a friend or a popular brand. But have you ever seen a suspicious email that appears to come from you? In a new scam, cybercriminals use your own email address to send phishing links to other users.

    The scam works by using the newest version of malware called QakBot. To begin the scam, the cybercriminals send you an email that contains a phishing link. If you click on the link, the QakBot will be installed on your computer. The newest version of QakBot can record your keystrokes, steal your login credentials, and even access your email accounts.

    If QakBot is installed on your compuer, cybercriminals can use your email account to send phishing emails to users in your email threads. Using the "Reply to All" functionality, QakBot will send phishing emails to users you have already interacted with. Since the phishing emails will look like they came from your email address, they will appear more trustworthy and will be difficult to spot.

    Follow the tips below to stay safe from these types of scams:

    • Watch out for a sense of urgency in emails or messages that you receive. Phishing attacks rely on impulsive actions, so always think before you click.
    • Never click on a link or download an attachment in an email that your were not expecting, even if the email seems to come from someone you know.
    • Watch out for emails that contain only a short message and a link. If you're unsure if the link is safe, reach out to the sender by phone to confirm the email is legitimate.

     

    Malicious MFA Bypassing Method

    Multi-factor authentication (MFA) is a great way to add an extra layer of security to your login portals. However, clever cybercriminals may use a new method to bypass MFA and compromise your accounts. While cybercriminals haven't used this method in a real-world scam yet, researchers believe this scam could occur in the future.

    In this scam, the cybercriminals use software called noVNC and a simple phishing link to bypass your MFA. The cybercriminals send you a phishing email that tells you to take urgent action and log in to your social media account or a similar website. If you click the link, you'll be redirected to a fake login page that looks similar to the targeted website. However, this fake login page is actually on the cybercriminals' server.

    If you enter your credentials and MFA passcode on this page, the cybercriminals will be able to log in to your account from their own devices. Then, the cybercriminals can store your credentials for future access to your account.

    Follow the tips below to stay safe from these types of scams:

    • Watch out for a sense of urgency in emails or messages that you receive. These types of scams rely on impulsive actions, so always think before you click.
    • Never click on a link or download an attachment in an email that you were not expecting.
    • Remain cautious, even when you're using additional safety precautions such as MFA. While these precautions are helpful, it's important to stay alert and look out for red flags.

     

    Contact Form Fraud

    Cybercriminals are always devising new ways to steal your information and attack your network. In a recent scam, cybercriminals use contact form to bypass email filters and install malware.

    In this scam, a cybercriminal pretends to be a potential client who wants to request a quote. To request a quote, the cybercriminal submits a contact form on an organization's website. In the form, the cybercriminal may spoof a legitimate domain to appear more reputable.

    Inevitably, an employee from the organization will reply back to the quote request. Since the employee seems to be initiating contact with a potential client, most email filters won't flag the reply. The cybercriminal will then use a file-sharing service to send a malware-infected file back to the employee. If the employee opens the file, the malware can infect their computer and allow the cybercriminal to access their organization's entire network.

    Don't fall for this type of scam! Follow the tips below to stay safe:

    • When you receive an email, stop and look for red flags. For example, watch out for emails that were sent outside of business hours and emails and contain multiple spelling or grammatical errors.
    • Watch out for take attachments share using a file-sharing service. Cybercriminals can use file-sharing services to bypass antivirus software.
    • Even if an email seems to come from a legitimate sender, remain cautious. Remember, cybercriminals can spoof domains. If you need to verify that an email is legitimate, try reaching out to the sender directly through phone call or text message.

     

    Microsoft 365 Users Targeted with Fake Voicemails

    Cybercriminals continue to find new ways to trick users and steal their credentials. Sometimes, they even recycle decades-old tools that were never intended to be malicious.

    For example, in a new scam, cybercriminals attack Microsoft 365 users with malicious files disguised as voicemails. The scam works by sending an email with a voicemail file attached. The filename ends in "mth.mp3". appearing to be a legitimate MP3 file. However, this file is actually a malicious HTML file that has been disguised using right-to-left override (RLO) functionality.

    RLO was created 20 years ago for languages that read from right-to-left. Unfortunately, cybercriminals now use this functionality to make malicious files look safe. For example, in this scam, cybercriminals use ROL to display "mp3.htm" as "mth.mp3". If you open the file, you will be taken to a fake Microsoft 365 login page instead of a voicemail. Then, any credentials that you enter on the fake login page will go straight to the cybercriminals.

    Follow these tips to stay safe from similar scams:

    • Never click links or download attachments in an email that you were not expecting.
    • Before you share any sensitive information online, make sure the website is legitimate. For example, an MP3 file should never take you to a login page. If you're uncertain, navigate to the website directly.
    • Remember that cybercriminals can use more than just links within emails to phish for your information. Always think before you click!

     

    Watch Out for Scams Related to Ukraine

    The recent war in Ukraine has gathered a lot of attention. Unfortunately, cybercriminals often take advantage of world events to prey on your emotions. Now more than ever, its important to watch out for phishing attacks and disinformation campaigns.

    Cybercriminals may use several different tactics to scam you. For example, cybercriminals may try to trick you into sending money using cryptocurrency. The cybercriminals may take advantage of your sympathy by pretending to be Ukrainians in need of financial assistance.

    Cybercriminals may also try to catch your attention and manipulate your emotions by spreading disinformation. Disinformation is false information designed to intentionally mislead you. Cybercriminals may spread disinformation in the form of emails, text messages, or social media posts.

    Don't fall for these scams. Follow the tips below to stay safe:

    • Avoid making donations to unknown users. If you would like to donate to support a cause, donate directly through a trusted organization's website.
    • Watch out for social media usernames that only consist of random letters and numbers. These accounts may be run by bots instead of legitimate users.
    • Stay informed by following trusted news sources. If you see a sensational headline, be sure to do research to verify that the news story is legitimate.

     

    Fake QR Codes

    QR codes have become increasingly popular in recent years, especially due the social distancing efforts and a need for contactless services. They are commonly used to access restaurant menus, discount codes, and to make payments. Unfortunately, cybercriminals have taken advantage of this tool, creating fake QR codes that trick you into providing your personal information.

    Since custom QR codes are easy to generate, cybercriminals can easily create fake codes for various malicious purposes. For example, cybercriminals could place a fake code in a coffee shop, encouraging you to connect to free Wi-Fi. Or, they could place the fake code on a parking meter, enticing you to make a quick and easy payment. However, if you scan theses fake QR codes, the cybercriminals may steal your payment information or redirect you to a malicious website

    Follow these tips to stay safe from QR code scams:

    • Cybercriminals use the convenience of QR codes to trick you into acting impulsively. Always think before you scan.
    • Be cautious of QR codes without labels, or codes that promise outrageous deals. Remember that if an offer seems too good to be true, it probably is!
    • Don't share payment information or personal details via QR codes. Instead, navigate directly to a safe website to make the payment or share the details.

     

    Cybercriminals Are Hiring!

    Recruitment websites are a great way to find new job opportunities. Unfortunately, very few of these recruitment websites properly validate the people posting jobs, which makes it surprisingly easy to create fake job posts.

    Cybercriminals have been creating fake job posts that appear to be listed by a legitimate organization. These fake posts direct you to contact a malicious email address, phone number, or website that appears to belong to the spoofed organization. Cybercriminals use this scam to try to steal your personally identifiable information. This type of information is often provided when applying for a job, which makes this scam simple, yet effective.

    Follow the tips below to stay safe from these types of scams:

    • Watch out for grammatical errors, unusual language, and style inconsistencies in job posts. Be suspicious of job posts that look different compared to other job posts from the same organization.
    • Avoid applying for a job within a recruitment website's platform. Instead, look up the organization's official website and find their careers page.
    • Cybercriminals could also use this scam to target people within a specific organization. Be sure to follow your organization's specific guidelines when applying for internal positions.

     

    Cybercriminals Go for the Gold

    The Last week, the opening ceremony of the 2022 Olympic Winter Games took place in Beijing. With representatives from 91 countries, the Olympics are watched by billions of spectators from all over the world.

    Unfortunately, cybercriminals often use worldwide events like the Olympics to catch your attention and manipulate your emotions. As the games continue, be extra cautious of any emails, text messages, and social media posts that mention the Olympics.

    Remember these tips to help you stay safe:

    • Watch out for sensational or shocking headlines about participating countries and athletes. These headlines could lead to articles that contain disinformation, or false information designed to intentionally mislead you.
    • No matter how exciting or disappointing the news is, always think before you click. Cybercriminals target your emotions in hopes of tricking you into acting impulsively.
    • Stay informed by watching official Olympic broadcasts and checking trusted news sources.

     

    Scam of the Week: Exploiting the Coronavirus: “New Approved Vaccines” Infect Your System with Malware

    The COVID19 pandemic has led to many creative phishing attacks such as phony offers for free testing, claims that you have come in contact with an infected person, and even accusations that you have violated health and safety protocols. Scammers have come up with yet another Coronavirus-themed attack. This time, they are taking advantage of the worldwide race to develop a vaccine. 


    The phishing email uses the subject line “URGENT INFORMATION LETTER: COVID-19 NEW APPROVED VACCINES”. Within the email, you are directed to download an attachment to view this letter. The attachment itself is named “Download_Covid 19 New approved vaccines.23.07.2020.exe”. If you were to download and open this file, you would find that it is actually a piece of malicious software designed to gather data such as usernames, passwords, and other sensitive information.

    Don’t be fooled! Remember these tips:

    • Watch for sensational words like “URGENT”. Remember, the bad guys want you to panic and click without thinking.
    • Never download an attachment from an email you weren’t expecting. 
    • Don’t trust an email. Instead, visit an official government website or a trusted news source for information on vaccine developments.


    Stop, Look, and Think. Don't be fooled.

     

    Scam of the Week: Smishing for Access to Your Bank Account

    Emails are a quick and easy way for cybercriminals to phish for your information—but it’s not their only tool. Smishing, or SMS Phishing, is another way the bad guys try to trick you. Many of us are used to receiving legitimate promotions, reminders, and security notifications via text message. These messages—both real and fake—are brief and often include links, so it can be difficult to spot a smishing attempt.

    One recent example involves scammers posing as your local postal service while sending malicious text messages as part of their smishing attack. The message claims that you have a package waiting for pick up, but to see more information you must click the link in the text. If you click the link, you’re taken to a phony verification page. Here, you’re asked to enter your banking information to verify your identity. If you provide any information on this page, your data is sent directly to the cybercriminals—giving them full access to your bank account. Don’t be fooled!

    Here’s how to stay safe from this phishing attack:

    • Think before you click. Are you expecting a package? Is this how the postal service usually handles things? Consider anything out of the ordinary a red flag.
    • Never trust a link in an email or text message that you were not expecting. Instead of clicking the link, open your browser and type the official URL of the website you wish to visit.
    • Go old school. Pick up the phone and call your local post office. Be sure to call their official phone number—not the one that sent you the suspicious text message.


    Stop, Look, and Think. Don't be fooled.

     

    Scam of the Week: Exploiting the Coronavirus: A Sneaky Pandemic Relief Scam

    A new phishing email—seemingly sent from your local government funding agency—is offering phony relief grants to those in need. What makes this scam especially sneaky is that the bad guys use a Dropbox link to disguise their malicious attachment. Dropbox is a legitimate and commonly-used file sharing service. Therefore, the email security filters that your organization has in place may not consider the link as a red flag–increasing the chances of this email landing in your inbox.

    The phishing email urges you to click a Dropbox link so you can download a file that supposedly contains information about your relief grant payment. The link even includes an expiration date for an added sense of urgency. If you click the link, then, download and open the phony file, you’re taken to a look-a-like Microsoft 365 login page. If you enter any information on this page it will be sent directly to the scammers.

    Remember these tips:

    • Never click a link or download an attachment from an email that you weren’t expecting. Even if the sender appears to be a legitimate organization, the email address could be spoofed.
    • Be cautious of unexpected deadlines. Scammers often create a sense of urgency to spark impulsive clicks.
    • Get confirmation before clicking a Dropbox link. If you feel the file could be a legitimate resource for your organization, reach out to the sender another way—like by phone—instead of trusting the email.


    Stop, Look, and Think. Don't be fooled.

     

    Scam of the Week: SpaceX YouTube Scam

    Scammers recently hijacked three YouTube channels and used them to collect nearly $150,000 in cryptocurrency. They used these stolen channels to impersonate the official SpaceX YouTube channel. The hijackers played fake live stream interviews with Elon Musk, founder and CEO of SpaceX, while promoting bogus cryptocurrency giveaways. These giveaways are based on an old-school scamming tactic in which cyber criminals ask for a small payment while promising a large payout for the so-called investment.

    This scam was successful for two main reasons: First, using existing YouTube channels gave the cybercriminals a large, trusting audience of subscribers. Second, the scammer’s “investment offer” appeared to be coming from the well-known, tech-savvy billionaire, Elon Musk–rather than from a random stranger–so it seemed to be more legitimate.

    Here’s what we can learn from this scam:

    • If something seems too good to be true–like an unbelievable investment opportunity–it probably is! Question everything.
    • Whether it’s a phony website, a disguised email address, or a hijacked YouTube channel, anyone and anything can be spoofed.
    • Experts speculate that the scammers gained access to these YouTube channels through a data breach of a different website. This is a great example of why you must use a different password for every login.


    Stop, Look, and Think. Don't be fooled.

     

    Scam of the Week: Exploiting the Coronavirus - Excel Attachment Phishing Campaign

    Microsoft has reported a massive phishing campaign that uses an Excel attachment as bait. The phishing email looks like it is from the Coronavirus Research Center of John Hopkins University–a well known medical organization in the US. The email includes an Excel attachment that is disguised as an updated list of Coronavirus-related deaths, but the file actually contains a hidden piece of malware.

    If you open the infected Excel file and click “Enable Content” when prompted, a program called NetSupport Manager will be automatically installed on to your computer. This program is a tool that allows someone to access your computer remotely. Cybercriminals are using NetSupport Manager to gain complete control over a victim’s system; allowing them to steal sensitive data, install more malicious software, and even use the machine for criminal activities. Don’t be a victim!

    Here are some ways to protect yourself from this scam:

    • Think before you click! The bad guys know that you want to stay up-to-date on the latest COVID-19 data so they use this as bait. They’re trying to trick you into impulsively clicking and downloading their malware.
    • Never download an attachment from an email that you weren’t expecting. Remember, even if the sender appears to be a legitimate organization, the email address could be spoofed.
    • Always go to the source. Any time you receive an email that claims to have updated COVID-19 data, use your browser to visit the official website instead of opening an attachment or clicking a link.


    Stop, Look, and Think. Don't be fooled.

    Scam of the Week: Exploiting the Coronavirus: From Unemployed to Money Mule

    Due to the Coronavirus crisis, unemployment numbers have skyrocketed. As usual, the bad guys are quick to take advantage of these hard times and are sending out phony work-from-home opportunities. Typically, these phishing emails contain grammar mistakes and offer minimal details about the hiring company and the job requirements. But the scammers still manage to grab your attention because the job opportunity includes a great paycheck.

    Once accepted, these scammers ease the victim into their new "job", by asking them to complete basic errands, but eventually, they’re given the task of transferring funds from one account to another. Typically, these are stolen funds and the unsuspecting "employee" is being used as a money mule. Even though these victims are unaware of the crime they are committing, they can still face hefty fines and prison time.

    Remember these tips and share them with your friends and family who may be looking for work:

    • Be wary of emails with spelling or grammatical errors.
    • Never trust unusual requests or job offers. If something doesn't feel right, it probably isn't.
    • If you feel you have been solicited to be a money mule, contact your local authorities or report the situation to the appropriate federal agency.


    Stop, Look, and Think. Don't be fooled.

     

    Scam of the Week: Exploiting the Coronavirus: Netflix is More Popular Than Ever - Especially with Cybercriminals


    Long before the COVID-19 pandemic, bad guys were spoofing Netflix emails in an attempt to collect your sensitive information. With more and more people looking for at-home entertainment, Netflix has gained over 15 million new subscribers. Cybercriminals are happily taking advantage of this larger audience!

    Netflix themed phishing attacks can vary from phony email alerts accusing you of non-payment to offering you free streaming access during the pandemic. Both of these strategies include a link that takes you to a fake Netflix page designed to gather your information and deliver it to the bad guys.

     

    Use the following tips to stay safe:

    • These types of scams aren’t limited to Netflix. Other streaming services like Disney+ and Spotify are also being spoofed. Remember that if something seems too good to be true, it probably is.
    • Never click on a link that you weren’t expecting. Even if it appears to be from a company or service you recognize.
    • When an email asks you to log in to an account or online service, log in to your account through your browser - not by clicking the link in the email. This way, you can ensure you’re logging into the real website and not a phony look-alike.


    Stop, Look, and Think. Don't be fooled.

    ---

    Tech Tip - Scam of the Week - Exploiting the Coronavirus:  Re-opening your organization? The bad guys have a plan!

    Recently, some countries have chosen to lift restrictions that were originally put in place to control the spread of COVID-19. Beware! The bad guys are already taking advantage of this news. They have crafted a well-written phishing email that appears to come from the VP of Operations in your organization. The message claims that your organization has a plan for reopening, and it instructs you to click on a link to see this plan. Clicking the link opens what appears to be a login page for Office365, but don’t be fooled! If you enter your username and password on this page, you would actually send your sensitive credentials directly to the bad guys.

    Here’s how to protect yourself from this clever attack:

    • Never click on a link or an attachment that you weren’t expecting. Even if it appears to be from someone in your own organization, the sender’s email address could be spoofed. When in doubt, reach out to the sender by phone to confirm the legitimacy of the email before clicking.
    • When an email asks you to log in to an account, do not click the link in the email. Instead, go directly to the website through your browser. This ensures you are accessing the real page and keeping your credentials safe.
    • This attack tries to exploit the restlessness and uncertainty of life in quarantine. Don’t let the bad guys toy with your emotions. Think before you click!


    Stop, Look, and Think. Don't be fooled.

    ---

    Tech Tip - Scam of the Week - Exploiting the Coronavirus: Is the CDC Closing Your Facility?

    As the COVID-19 pandemic rages on, the bad guys find increasingly creative ways to weaken your defenses. The newest phishing trend is an email that appears to be from the CDC (Centers for Disease Control and Prevention). The email has an intense subject line: “NOTICE OF CLOSING YOUR FACILITY AND DISINFECT NG THE AREA - BY NCDC WH 20982 COV-19 Due To Recent Corona Virus COVID-19 Pandemic.”

    You’re instructed to download an attachment which is supposedly a letter from the CDC claiming that they will close your facility. If you download the file, you’d find that it is actually a malicious program designed to gain access to your company’s sensitive information. Don’t be tricked!

    How to beat the bad guys:

    • Think before you click. These malicious actors are playing with your emotions and this threat relies on panicked clicking.
    • Never click a link or download an attachment from an email you weren’t expecting. Remember, even if the sender appears to be a legitimate organization, the email address could be spoofed.
    • If you receive a suspicious email that claims to be from an official organization such as the CDC or WHO (World Health Organization), report the email to the official organization through their website.


    Stop, Look, and Think. Don't be fooled.

  • ACH Newsletters