Talk about an oldie but a goodie. What would you say if I told you criminals have resorted to one of the oldest scams there is? Stealing checks out of mailboxes. Do people still send checks through mail? Apparently, they do.
From Scamicide, “criminals around the country are stealing mail with checks in them from U.S. Postal Service mailboxes, ‘washing’ the checks to remove the name of the person or company to whom the check was made out and then writing in their own name.” The solution to this of course is simple. Stop sending checks in the mail.
Presidential Election Scam
Do you like one Presidential candidate over another? Enough to maybe even donate to their campaign? Be careful. Cyber criminals will try to trick you into donating your money to them instead.
In an article on Scamicide, “Scammers are taking advantage of the public’s interest in the presidential election to make robocalls in which they pose as campaign workers seeking your donations. This particular scam can easily seem legitimate. Caller ID can be tricked through a technique called ‘spoofing’ to make it appear as if the call is coming from a candidate or some political organization and recordings of the candidate can also be incorporated into the call to make the call appear more legitimate.” Be safe, donate your money to yourself.
Hurricane Laura Scam
Even a hurricane that passed quickly through the news cycle can be an excuse for hackers to try and scam people. Remember Hurricane Laura? It was just last week. This week? Scammers.
“Natural disasters such as hurricane Laura which recently devastated parts of Louisiana, tsunamis, tornadoes and earthquakes bring out the best in people who want to donate to charities to help the victims. Unfortunately, natural disasters also bring out the worst in scammers who are quick to take advantage of the generosity of people by contacting them posing as charities.” Be safe, donate your money to yourself. Where have I heard that before?
Phishing Phrontier
Ever use Box? It’s a secure, online service for managing and storing content. Well, maybe all but the secure part. From Dark Reading, “A newly discovered credential phishing campaign used a legitimate Box webpage and exploited widespread trust in Microsoft 365 to capture victims’ credentials in a convoluted attack chain.”
How does something like this happen? Well, according to the article, “The phishers are getting really smart these days, and they’re actually leveraging the trust people have established with hosting sites like Box, Dropbox, [Microsoft] 365, Google Drive, and hosting phishing attacks there.” It’s getting to the point where you can’t trust anybody. Get email security service to protect.
Body Count
Not a good week for the Canadian government. Yeah, you guessed it. They were victims of a cyber-attack. From We Live Security, “On August 15, the Treasury Board Secretariat announced that approximately 11,000 online government services accounts, originating from the Government of Canada Key service (GCKey) and Canada Revenue Agency (CRA) accounts, had been victims of hacking attempts.”
As things turned out, several services had to be shut down after a credential stuffing attack. If you use strong passwords and change them frequently, a credential stuffing attack should never be successful. Now you know.
Credit Card Scam
These online credit card sniffers are getting to be a real headache. According to Security Week, “A sophisticated cybercrime group has stolen payment card data from hundreds of websites over the past five years using JavaScript sniffer malware.”
If you’re unfamiliar with JavaScript sniffers, they work just like real life sniffers you might encounter at an ATM or gas pump. But in this case, they grab your credit card credentials when you use it to buy something on the web. The damage? How about 700 websites in America, Europe and Asia. Yeah.
And that’s the week that was.