It’s been awhile since we’ve seen an iPhone scam. Maybe that’s why it’s making the rounds again. According to an article on Scamicide, “A scam is appearing on Facebook and other social media where you are asked to like a promotion found on your Facebook page where you are told that merely by completing a survey and sharing a link with your friends, you will receive a free iPhone12. Of course, you are not going to get a free iPhone 12 in exchange for merely completing a survey and sharing a link with your friends. What you are going to get when you complete this particular survey, which requires you to provide your cell phone number, is a cramming charge on your cell phone bill for a text messaging service for which you have unwittingly signed up. As for your friends, if they click on the link that you have enabled them to receive, they will end up being defrauded as well.” If it sounds too good to be true… Continue reading “Cyber Security News Update – Week 41 of 2020” »
Email marketing has gained much significance over the past few years. Every organization worth its salt uses email marketing as one of its primary promotional strategies. Sending bulk emails using the standard email servers has its limitations. The ideal solution is to use an SMTP relay service to ensure guaranteed delivery of marketing and other emails to the prospective customer’s inbox. Let us discuss the concept of SMTP services and understand its significance.
How low do you have to be to direct a phishing scam at people who are starving? Pretty low, but apparently that’s what’s been happening.
According to an online source, “Food insecurity has long been an issue. Vulnerable populations have been hit especially hard during COVID-19. While countless individuals and organizations have stepped up to help fill the need, others have ventured to exploitation. For example, this phishing scam: a friend of a friend sends you a link through Facebook or What’s App. It offers free help. Sometimes it mentions something about food grants from places like Whole Foods, Walmart, Target. Other times there are promises of coupons or giveaways. But the common thing is that there is always a link.” And of course, the link is a scam. Some people have no heart. Continue reading “Cyber Security News Update – Week 40 of 2020” »
GDPR, or General Data Protection Regulation, is a regulation in EU law on data protection and privacy in the European Union and the European Economic Area. It’s a law that gives control of people’s personal data back to the people. It includes the right to see all the data a company has on you, as well as the “right to be forgotten.” In other words, a company that is covered by the GDPR has to delete your personal data at your request.
Waiting on a package from somewhere? Be careful, it could be a scam called the “waiting package” scam. How original.
According to the US Federal Trade Commission, “The messages are coming from scammers. In some cases, they’re targeted at college students. In that version, scammers text returning students to say there’s a package waiting for them — sometimes claiming it’s been waiting since last spring, when many students had to go home from campus quickly.” Don’t click that link.
As crazy as it is to believe, spammers would not keep throwing out spam unless they got a return on their investment. So, while it might seem unlikely that someone would fall for the fake pill spam that has been going around forever, somebody must be falling for it or it would have died out a long time ago.
If you don’t know what a “car wrap” is, it’s a company that pays people to drive their car around “wrapped” in a company advertisement for a fee. Seems like pretty easy money. Which is probably why scammers decided to turn it into a scam.
The one thing you could always count on with a phishing page is that something would give it away as a phishing page. After all, it’s not the real page, so there must be something different about it. Protecting yourself from a phishing attack simply came down to being able to identify the clue that gave away the web page as a phishing page. But what if attackers could find a way to phish you with the legitimate page you actually intend to visit? There wouldn’t be any clues giving it away as a fake page because it isn’t. That would be a problem, and unfortunately that problem has become reality.
Beware of photo sharing messages from Google. It’s a scam according to the Better Business Bureau.
From the BBB, “You get an email or text message that appears to come from Google Photo. Someone is sharing an album of photos with you. To view the photos, you just need to click the link. The message looks so real! It may use a convincing URL, which has been created by Google’s goo.gl URL shortened to appear to be an official Google domain name. The catch? There is no photo album. It’s a phishing con.”
We forward business emails all day, every day and never give it another thought. But maybe we should. According to a University of Arkansas law professor, it could violate copyright law.
“In a major article examining the strength of legal arguments to protect private email expression, a University of Arkansas law professor concludes that, based on the historical common law, today’s Federal Copyright Act does not protect someone from copying and distributing another person’s private expression, which means that forwarding email without permission of the sender may be against the law. Going back more than 250 years, the common law recognized that authors of personal correspondence hold absolute property rights in their private expression,” said Ned Snow, assistant professor of law.
Talk about an oldie but a goodie. What would you say if I told you criminals have resorted to one of the oldest scams there is? Stealing checks out of mailboxes. Do people still send checks through mail? Apparently, they do.
From Scamicide, “criminals around the country are stealing mail with checks in them from U.S. Postal Service mailboxes, ‘washing’ the checks to remove the name of the person or company to whom the check was made out and then writing in their own name.” The solution to this of course is simple. Stop sending checks in the mail.
The first wave of pandemic-related phishing attacks targeted vulnerable employees and consumers. There were attacks that used home delivery services and attacks that used travel-related services. There were attacks on spoofed resumes and attacks on the SBA’s Office of Disaster Assistance. Now hackers have moved on to the gainfully employed by attacking the virtual private networks (VPN) that remote workers use to connect to the office while working remotely.
Who are the most targeted brands for scams? Microsoft, Apple and Amazon. Today we have a scam to tell you about for all three. First, Outlook.
The interesting thing about this scam, is the tact the scammers took. “Out are the implied threats, the exclamation points (!!!) and the money ($$$) you might lose if you don’t act right now; in are the happy and unexceptionable ‘here’s a problem that you can fix all by yourself without waiting for IT to help you’ messages of a sort that many companies are using these days to reduce support queuing times.” You can catch more flies with honey than vinegar.
Let’s face it, hackers do whatever they can to get you to click on their link. And they have a lot of tools in their toolbox to get you to click. Everything from social engineering to display name spoofing to domain name spoofing. It’s all to get you to do one thing: click the link.
Look here, another Amazon phishing scam, this one courtesy of Scamicide. From the article, “The latest Amazon phishing scam starts with an email that appears to come from Amazon when you do not have any email security service, informing you that your accounts have been locked due to suspicious activity. You are prompted to click on a link to verify your account within 24 hours or risk having your account permanently shut down.”
The US Small Business Administration (SBA) does the important work of supporting small businesses in the US. They provide a lot of resources, but none more important than small business loans. And with the onset of COVID-19, the organization has come up with unprecedented emergency financial relief options for small businesses. And of course, with that much money being made available, it was only a matter of time before hackers tried to get their hands on it.
What’s old is new again. And what is it that’s new again? The venerable old jury duty scam. Apparently, it’s making the rounds again, so be on the lookout.
According to Scamicide, this is how it works. “Generally, the scam starts with a telephone call that you receive purportedly from a law enforcement officer informing you that you have failed to appear for jury duty and that a warrant has been issued for your arrest. You are told, however, that you can avoid arrest and greater fines by purchasing gift cards and then sending photographs of the gift cards to the phony law enforcement officer to prove that they have been purchased. You are then told that you should then mail the gift cards to the local Clerk of Court’s office.” Gift cards? Really?
The latest Threat Intelligence Report is out. Its findings are based on an analysis of 195 billion emails analyzed from January through June 2020. Of that large number, an astonishing 47% were flagged as malicious or spam.
It won’t come as a shock to learn that there were two main themes in the threatening emails this spring. According to HelpNetSecurity, “Two main trends ran throughout the analysis: the desire for attacker’s monetary gain and continued reliance on COVID-19-related campaigns, especially within certain vertical industries.” From the report, “One of the most significant observations of this research is that threat actors are launching opportunistic and malware-based campaigns across multiple verticals at volumes never seen before.”
The Simple Mail Transfer Protocol (SMTP) server is a communication protocol or the technology behind email communication. In other words, SMTP is the protocol that allows you to send and receive emails. Every SMTP server has a unique address and needs to be set up in the mail client that you are using. If you are using SMTP host Gmail for example, then the SMTP address is smtp.gmail.com. If you want to find the address of the SMTP server you are currently using, you can easily find it in your email client settings.
After 89 years, the Washington Redskins are losing their team name. But, that’s not the only thing that got lost this week. So, too, did people’s money who tried to purchase the suddenly-hard-to-find merchandise.
According to Scamicide, “the termination of the old name and the refusal of major retailers such as Amazon, Walmart and Target to sell Redskins jerseys, caps and other merchandise carrying the old name and logo has created a demand by many people seeking to purchase the soon to be rare merchandise with the old name and logo. While there are legitimate sellers of these items, scammers have also sprung into action and have set up websites offering the merchandise at bargain prices. Of course, these bargain prices are no bargain because after you order the merchandise online, the merchandise never comes.” Maybe you should wait to buy a new jersey.