Welcome, Guest

 or  Register

BEWARE!!!! Coronavirus crisis brings increase in cyber attacks
Quote:Coronavirus crisis brings increase in cyber attacks


Cyber criminals are taking advantage of the coronavirus crisis.

Cyber counter-terrorism expert Zohar Pinhasi says his cyber security firm, MonsterCloud, has had an 800 percent increase in calls since the virus forced many Americans to work from home.

Those remote connections are not always secure, Pinhasi said, giving hackers easy access to devices and networks.

"From those criminals perspective, it's heaven," he said. "They have stepped on a gold mine."

Hackers will often send bogus emails called phishing or spear phishing emails.

The recipient can be tricked into clicking and opening the email because it appears like it could be from someone they know and trust - or be about an important subject -- like the coronavirus.

Once they have infiltrated the network, the hacker can hold it hostage and demand ransom payments.

And ransomware attacks aren't the only tactic.

"Those criminals converted ransomware to something called doxware," said Pinhasi.

"If you're not going to pay us, we will sell your data and in addition to that, notify your customers that you were hacked and their data was compromised. This is a game changer since the Coronavirus started - we've seen it in the past, but not to that degree."

Pinhasi said there are several steps individuals, businesses, and government agencies can take to prevent a cyber attack -- even with so many remote workers.

   Make sure everyone is using a VPN, or a virtual private network, to do office work from home.
   Require devices to have two-factor authentication, which verifies a person's identity before logging in.
   Only use WiFi networks that are password protected.
   Companies should maintain a reliable back up for their data on a different network.
   Organizations should make sure their antivirus software is up to date.
   Everyone should think before they click on links and emails.

"Think before you click is major here," he said, adding he is "extremely worried" about level of cyber security businesses and governments have during this Coronavirus crisis.
Reply Share


Reply Share

In response to the China Lied thread by guest.....

Hate to ask for my own thread, but Maybe pin this for a while???

Think before you click.
Reply Share
Pinning because I just learned we have had issues here of bogus info and bad links
Reply Share
The phishing has stepped up more than 200% for me. OMG, my Amazon account is suspended. OMG, my eBay account has been compromised. OMG those porn pics will be released if I don't send bitcoin right now. You betcha. I'm especially worried about the porn pics. Um hmm.

Be careful. Some of the shit looks pretty good (not the porn).

I'm also getting ten or more emails in Russian every day. I can't even tell what to be offended about!

Frigg, Librarian, Verity, VonLud  likes this!
Reply Share
Scam of the Week: Working From Home? Don’t Fall for This “Phony” Call

The Coronavirus Disease 2019 (COVID-19) pandemic has caused a massive shift in the number of employees who are working remotely. From a cybercriminal’s perspective, this is a perfect opportunity for their social engineering scams.
One scam involves cybercriminals calling you and posing as support personnel from the companies or services that your organization may be using to allow you to work remotely. Typically, the caller will try to gain your trust by stating your job title, email address, and any other information that they may have found online (or on your LinkedIn profile). Then, the caller claims that they will send you an email that includes a link that you need to click for important information. Don’t fall for this scam!

Remember the following to help protect yourself from these types of scams:

• Never provide your personal information or work information over the phone unless you’re the one who initiated the call.
• Scammers can spoof any number they’d like. Therefore, even if a call looks like it’s coming from a legitimate source, it could be a scam.
• If you receive this type of call, hang up the phone immediately and notify the appropriate team in your organization.

Stop, Look, and Think. Don't be fooled.

The KnowBe4 Security Team
Reply Share
Malicious cyber threat actors are capitalizing on the global attention surrounding the novel 2019 Coronavirus (COVID-19) to facilitate scams, distribute malware, and send phishing emails. Threat researchers have identified several dozen malware variants, threat actors are targeting and preying on peoples fears over the pandemic.

The FBI reports scammers are leveraging the COVID-19 pandemic to steal your money and your personal information, or both. Protect yourself and do your research or report to your Information Security team before clicking on links purporting to provide information on the virus; donating to a charity online or through social media; contributing to a crowdfunding campaign; purchasing products online; or giving up your personal information to receive money or other benefits. The FBI advises you to be on the lookout for the following:

• FAKE CDC EMAILS - Watch out for emails claiming to be from the Centers for Disease Control and Prevention (CDC) or other organizations claiming to offer information on the virus. Do not click links or open attachments you do not recognize. Fraudsters can use links in emails to deliver malware to your computer to steal personal information or to lock your computer and demand payment. Be wary of websites and apps claiming to track COVID-19 cases worldwide. Criminals are using malicious websites to infect and lock devices until payment is received.

• PHISHING EMAILS - Look out for phishing emails asking you to verify your personal information to receive an economic stimulus check from the government. While talk of economic stimulus checks has been in the news cycle, government agencies are not sending unsolicited emails seeking your private information to send you money. Phishing emails may also claim to be related to charitable contributions, general financial relief, airline carrier refunds, fake cures and vaccines, and fake testing kits.

• COUNTERFEIT TREATMENTS OR EQUIPMENT - Be cautious of anyone selling products that claim to prevent, treat, diagnose, or cure COVID-19. Be alert to counterfeit products such as sanitizing products and Personal Protective Equipment (PPE), including N95 respirator masks, goggles, full face shields, protective gowns, and gloves. More information on unapproved or counterfeit PPE can be found at http://www.cdc.gov/niosh. You can also find information on the U.S. Food and Drug Administration website, http://www.fda.gov and the Environmental Protection Agency website, http://www.epa.gov. Report counterfeit products at http://www.ic3.gov and to the National Intellectual Property Rights Coordination website at iprcenter.gov
Reply Share
Below are some examples of the phishing emails related to COVID-19. There are many others, please be careful and think twice before clicking or opening attachments!

A phishing campaign, centered around purported advice from the U.S. Centers for Disease Control (CDC) was first reported in early February 2020. This campaign, which utilized the URLs cdc-gov[.]org and cdcgov[.]org, employed convincing phishing emails that claimed the CDC had “established a management system to coordinate a domestic and international public health response”

Also in mid-February 2020, a phishing campaign spreading a well-known credential stealer was reportedly using shipping industry concerns as the theme. While the specific threat actors remain unidentified, they are likely from Russia or Eastern Europe. At the same time, another likely related campaign utilizing a credential stealer was amplifying COVID-19 misinformation and conspiracy theories allegedly tied to the World Health Organization (WHO), the Australian Medical Association, US Centers for Disease Control and Prevention (CDC), and several private companies.
Reply Share
Scam of the Week - Exploiting the Coronavirus: Fear of Infection

The newest Coronavirus-themed phishing attack may be the most ruthless yet. The cybercriminals are sending emails that appear to be from a hospital and warn that you have been exposed to the virus through contact with a colleague, friend, or family member. Attached to the email is a “pre-filled” form to download and take with you to the hospital. Don’t be fooled. The attachment is actually a sophisticated piece of malware. This threat relies on panic and fear to bypass rational thinking. Don’t give in!
Remember to stay vigilant:

• Think before you click. The bad guys rely on impulsive clicking.
• Never download an attachment from an email you weren’t expecting.
• Even if the sender appears to be from a familiar organization, the email address could be spoofed.

Stop, Look, and Think. Don't be fooled.
The KnowBe4 Security Team
Reply Share
My company <- I hate saying that - of almost 50,000 employees world wide - are schooled HARD and tested with company generated click bait/phishing emails to see if we are paying attention. If you screw up, you are added to an anonymous list and have to take a refresher course that you will/must pass.
Bottom line...Pay attention to your "spider senses"
Fuck That Shit!
Reply Share

Post Thread  Back To Forum
Quick Reply
Type your reply to this message here.

Please select the number: 2
1 2 3 4 5 6 7 8 9 10