Apparently there’s someone out there using the idea that a family member has been a car wreck as an opportunity to phish you in Bowling Green, KY. “According to the Warren County Sheriff’s Office, if a family member was involved in a ‘wreck’ they do not need you to immediately send them money. Also, do not give out your date of birth or social security number.”
If you’ve been paying any attention, you’ve seen that the healthcare industry is under a constant threat from phishing attacks that lead to ransomware. Every week it seems there’s another healthcare organization hit with a data breach or ransomware. The question is, why? And now we know the answer.
The short answer is, healthcare organizations are an easy target for hackers because their cyber defenses stink. So, the real question is, why do healthcare organizations cyber defenses stink? The short answer here is, it’s just not a priority for them. And apparently, the hackers know it.
By now you should know that coronavirus is being used to phish victims. And now apparently, it’s also being used to launch ransomware…on smartphones. From SC Magazine, “A malicious Android app that supposedly helps track cases of the coronavirus actually locks users’ phones and demands a ransom in order to restore access.”
Candidates running for political office today, especially those running for president, have to get their message out. And more and more that means sending out emails. Lots of emails. Emails that can easily be misinterpreted as spam.
Worried that your security certificate is out of date? You should be, but not because it’s out of date, but because the notice you get informing you it’s out of date is a scam.
We always get excited when we stumble upon a vulnerability that affects a billion of anything. Today’s star? Kr00k. It’s crime? Exposed Data from Over a Billion Wi-Fi Devices.
You almost have to be living under a rock or in a cave to not be aware of the constant threat from cyber events in general and phasing attacks and ransomware in particular. But that’s what seems to be the case for a lot of small and mid-size businesses today.
This week’s first scam comes courtesy of the U.S. Postal Service. From an article online, “USPS® and the Postal Inspection Service are aware of the circulation of a fake email/email scam claiming to be from USPS officials including the Postmaster General.
Security Awareness training companies love to point out how important employee training is in keeping organizations safe from ransomware and malware. And to be sure, training employees to spot phishing emails is better than not doing it. But, the ubiquity of security awareness training advertising has led to two large problems.
Got an Amex or a Chase credit card? Then you were the target of a new phishing campaign this week. According to Information Security Buzz, “A new phishing campaign involves scammers sending fake Chase and Amex fraud protection emails asking users if the listed card transactions are valid. Victims who click the no button in the message to dispute the transactions will be redirected to a fake yet legitimate-looking Chase or American Express login site where they will go through a fake verification process that invites them to enter their username, password, birth date, social security number, as well as their bank and credit card information.” Continue reading “Cyber Security News Update – Week 8 of 2020” »