How low do you have to be to direct a phishing scam at people who are starving? Pretty low, but apparently that’s what’s been happening.
According to an online source, “Food insecurity has long been an issue. Vulnerable populations have been hit especially hard during COVID-19. While countless individuals and organizations have stepped up to help fill the need, others have ventured to exploitation. For example, this phishing scam: a friend of a friend sends you a link through Facebook or What’s App. It offers free help. Sometimes it mentions something about food grants from places like Whole Foods, Walmart, Target. Other times there are promises of coupons or giveaways. But the common thing is that there is always a link.” And of course, the link is a scam. Some people have no heart.
California Wildfire Scam
How long did it take for scammers to use the California wildfires as a theme to launch a new series of scams? Not that long.
According to Scamicide, “Natural disasters such as this bring out the best in people who want to donate to charities to help the victims. Unfortunately, natural disasters also bring out the worst in scammers who are quick to take advantage of the generosity of people by contacting them posing as charities, but instead of collecting funds to help the victims of the fires these scam artists steal the money for themselves.” Here’s a tip: if you want to donate to a charity, you contact them.
Renaissance Health Publishing Scam Refunds
Finally, some good news on the scam front from Scamicide. “The Federal Trade Commission is sending checks to people who were scammed by Renaissance Health Publishing, LLC into buying its worthless pain supplement Isoprex that it advertised as a “miracle” cure for muscle and joint pain, headaches, arthritis, joint inflammation and whatever else might be causing you pain. According to the FTC, Renaissance used false studies to support its claims and did not disclose that endorsers of the product were either paid for their endorsements directly or were company employees.” Now that’s your government tax dollars at work.
If there’s one thing you should know about phishing it’s this. Social media is rapidly becoming the number one delivery vector for phishing attacks, this according to Digital Information World. “As a result of the fact that social media has become important it has also turned people into targets as their online accounts have become extremely valuable so much so that all kinds of phishing scams. Over the past month lots of new types of phishing scams have emerged. Some of these send you an email that makes it seem like your account might end up getting banned if you don’t follow their instructions.” You have been warned.
It’s not great when a major supplier of software to state a local government gets hit with a ransomware attack a few weeks before a major election, but that’s exactly what happened to Tyler Technologies.
According to Security Week, “Tyler this week shut down its website and started informing customers via email that its internal phone and IT systems were accessed without authorization by an unknown third party. The company said the attack disrupted access to some internal systems, and it decided to shut down points of access to external systems while investigating the incident. Some industry professionals reported after the incident was disclosed that the attack appeared to involve a piece of ransomware named RansomExx.” Like we said, not great.
Texas County’s Malware Attack
In keeping with a theme, “Foreign Hackers Cripple Texas County’s Email System, Raising Election Security Concerns,” according to ProPublica. “The malware attack, which sent fake email replies to voters and businesses, spotlights an overlooked vulnerability in counties that don’t follow best practices for email security.” Will there be any way to trust the outcome of the upcoming election? Probably not.
Missouri Health Systems Breach
Healthcare victims are back in the news this week. This week’s victim? Missouri Health Systems. From GovTech.com, ” University of Missouri Health Care reported Friday that it has been working to determine the damage from a data breach that occurred between May 4 and May 6. The hack was accomplished through a phishing attack on employee email accounts, the release stated.”
Hmmm. A phishing attack leading to a data breach. Who’d have thunk it?
Attack on UHS
In keeping with a theme, “UHS confirms hospitals hit by cyberattack, some systems down,” according to SC Magazine. “Universal Health Services confirmed Monday that some of its hospitals are dealing with an ongoing, unspecified cyberattack. It’s not yet clear how many hospitals or systems have been affected or pushed offline, but the company lists hundreds of hospitals, physician networks, ambulatory surgery centers and emergency care facilities across the United States and United Kingdom on its website.” Yeah.
And that’s the week that was.