In what is rapidly becoming a theme of targeting remote workers, ITPro reports that “The Cofense Phishing Defense Center (PDC) has discovered a new phishing campaign that targets employees working from home during the coronavirus pandemic. PDC claims that hackers are attempting to harvest Cisco WebEx credentials using a security warning for the application and have successfully averted Cisco’s own Secure Email Gateway.”
The forecast? “PDC predicts that phishing emails will continue to plague remote workers in the next few months.” Stay safe out there.
USA President Phishing Scams
Okay, I understand impersonating the President in an effort to phish victims, but the Vice President? It’s true. According to Bleeping Computer, “Phishing scammers have started to impersonate President Trump and Vice President Mike Pence in emails that distribute malware or perform extortion scams. These emails state they are the latest ‘Coronavirus Guidelines for America’ and prompt the recipient to click on a link to download a document.”
They’re not done. “Another phishing scam almost feels like an extortion scam where the sender pretends to be from Vice President Pence who claims to have just gotten out of a security meeting about the recipient’s company. The email states that the company is involved in human trafficking, drug dealing, and money laundering and that Pence wants to reach an ‘agreement’ before bringing the issue to President Trump.”
Virtual Card Skimming
Most people know about credit card skimming. That’s when a cybercriminal shoves some unobtrusive device into an ATM or gas pump to steal your credentials during a transaction. But did you know the thieves can do the same thing online with a “virtual” card skimmer? It’s true.
According to an online article, “Coronavirus-driven online shopping driving more payment card skimming. Malwarebytes has tracked a 26 percent increase in the number of such skimmers in use in March 2020 compared to February.”
Phishing Phrontier
You expect that malware can cause financial damage. But, what if I told you it could also cause physical damage? That’s now the case according to Schneier on Security.
“Microsoft is reporting that an Emotet malware infection shut down a network by causing computers to overheat and then crash. The infection mechanism was one employee opening a malicious attachment to a phishing email.” Click on the link, burn up your computers. Poof.
Zoom Breach
Working from home, aren’t you? Using video conferencing, aren’t you? You should be very worried because hackers’ new favorite target is the software that runs video conference calls.
According to Security Week, “As tens of millions of people turn to video conferencing to stay connected during the coronavirus pandemic, many have reported uninvited guests who make threats, interject racist, anti-gay or anti-Semitic messages, or show pornographic images.”
What is the name for this new type of mischief? Zoom-bombing, which refers to the popular video conferencing service Zoom. According to the experts, it’s not surprising that this is happening. “Zoom-bombing was always a threat given how the video conferencing app was configured — geared more toward user-friendliness than privacy, said Justin Brookman, director of privacy and technology policy at Consumer Reports.”
Body Count
Aerospace company Visser Precision learned recently that hackers can do more with ransomware than just encrypt your hard drive. The company was hit by the DoppelPaymer ransomware but refused to pay. So, what did the perpetrators do? “The criminals leaked documents and data belonging to Visser Precision, Lockheed Martin, Boeing, SpaceX, the US Navy, and others.”
What this means is that simply backing up your data isn’t sufficient to protect you anymore. Let that be a lesson to you the next time someone tells you the worst thing that can happen from ransomware is encrypted data.
Saint Francis Ministries Breach
You know that hackers have no soul when they start messing with religious organizations. Such was the case with a data breach at the Saint Francis Ministries. According to SC Magazine, “An unauthorized party gained entry into an employee’s email account at Saint Francis Ministries, accessing sensitive personal identifying information, as well as financial and protected health data.”
The article went on to say that “Affected information includes social security numbers, birth dates, driver’s licenses and state IDs, bank and financial account numbers, payment card numbers, treatment and diagnosis information, prescription information, provider names, medical record numbers and patient IDs, Medicare and Medicaid numbers, health insurance information, treatment cost information, and credentials (usernames and passwords).” It would have been quicker to list the information that wasn’t compromised.
Confido Breach
Here is our healthcare data breach of the week. This time brought to you by pharmacy benefits consulting firm Confido. The company started by “notifying 3,600 of its clients’ employees, members, and their dependents, that some of their personal information has potentially been accessed by an unauthorized individual who gained access to an employee’s email account.”
What data were accessed? “A comprehensive review of the email account revealed it contained names, dates of birth, health insurance information, Social Security numbers, prescription information, treatment information, and clinical information such as diagnoses and provider names.” Pretty much everything.
And that’s the week that was.