Cyber Security for Employees – Spoofing

Spoofing . . . Masquerading as someone or something else Spoofing is pretending to be someone or something to obscure your real identity. It could be a website, email address, Caller ID or credit card number that is being duplicated. Spoofing isn’t all bad and there are circumstances where it is a legitimate technique. For instance, if you have a tele-marketer call on your behalf, they may spoof your number so your information is displayed on Caller ID. In the early days of the Internet, email spoofing was often used especially for system-to-system communications. The basic mail protocols that we continue to use today are open and easy to spoof. That’s why you should take a closer look. Phone number spoofing Spoofing a phone number can be done for legitimate or diabolical reasons. With the availability of Caller ID technology came the ability to fool the system. Tele-marketers will … [Read more...]

Cyber Security for Employees – Persuasion

Technology may be the first line of defense . . . but technology alone cannot keep us safe. Technology solutions like anti-spam, anti-virus and malware protection catch the majority of threats, but when there are millions of threats every minute some are going to make it to your inbox. That’s why you and your skepticism are absolutely vital in the ongoing battle against cybercrime. When our defenses are up, we are good at spotting a scam, but when we get fooled it usually falls into one of seven principles. Although these hustle principles are rooted in the real world, they work in cyber-space as well.   The principles* Distraction principle. While you are distracted by what retains your interest, hustlers can do anything to you and you won't notice. Social Compliance principle. Society trains people not to question authority. Hustlers exploit this “suspension of … [Read more...]

Locky Ransomware Sent as Invoice Attachment

Locky ransomware is the latest threat and is a variation on previous encryption attacks. It is delivered by email and fools you into opening an invoice attachment.  After deploying, it encrypts files on local and network drives. Although CryptoLocker and CryptoWall used different methods to gain access to your system, they had the same goal to get you to pay a ransom to unlock your files. At this writing, Locky is using an email attachment of an invoice as its entry point, but the delivery will certainly change as the threat evolves. After you click on the invoice, the view looks scrambles and you are prompted to instructed to Enable Macros.  Once you do that, Locky executes and encrypts your files. Locky has some additional attack strategies not seen in previous crypto-type of attacks.  Here are two links if you want to read more: Locky Information from Bleeping … [Read more...]

Microsoft Calling – Your Computer Needs Help!

The day is going well. You answered all your email and now you’re working on a presentation for next week. The computer seems a little slow, but it’s a large file. The phone rings … “Hello! This is Jake from Microsoft and we have been alerted that you have a virus on your system. I would like you to go to: http://www.#@$!.com (this is not a real website) and put in this code so that I can help.” Stop! It’s a scam. Shortly after you allow them to login, they will be asking for your credit card number. You will be a victim. Don’t engage them, just hang up. You will never receive a legitimate, unsolicited call from Microsoft or its partners to charge you for computer fixes. Even if you became suspicious and did not provide your credit card, if you allowed them access to your system, you must: Change your passwords. Change the password on your email, bank and other critical … [Read more...]

The Internet of Things and Baby Monitors

It is reassuring to know that you can use a baby monitor to keep an eye on your child from anywhere.  Or is it? The Internet of Things is created by devices that inventory, capture and record everything in our world and make that information available electronically anywhere - anytime.  Devices, like baby monitors, that provide information through an Internet connection have seen fast growth. The convenience they offer is attractive.  But what if the security they provide is lacking? Recent accounts have shown many baby monitors have security holes.  There have been a couple of reports where the hacker got into the monitor and did some very inappropriate and disturbing things.  It is impossible to know why hackers do what they do or understand how someone could be so crude, but the important lesson is that you have to be vigilant and protect yourself. There are so many … [Read more...]