Before you take the fun-looking quiz that popped up in your social media feed, think twice. The person holding the answers may be a hacker. 

Where people go, hackers are sure to follow. So it’s no surprise hackers have set up shop on social media. This has been the case for years, yet now social media-based crime is on the rise. Since 2021, total reported losses to this type of fraud reached $2.7 billion. 

Among these losses are cases of identity theft, where criminals use social media to gather personal information and build profiles of potential victims they can target. Just as we discussed in our recent blog, “Can thieves steal identities with only a name and address?” these bits of information are important pieces in the larger jigsaw puzzle that is your overall identity. 

Let’s uncover these scams these crooks use so that you can steer clear and stay safe. 

A quick look at some common social media scams 

Quizzes and surveys 

“What’s your spooky Halloween name?” or “What’s your professional wrestler name?” You’ve probably seen a few of those and similar quizzes in your feed where you use the street you grew up on, your birthdate, your favorite song, and maybe the name of a beloved first pet to cook up a silly name or some other result. Of course, these are pieces of personal information, sometimes the answer to commonly used security questions by banks and other financial institutions. (Like, what was the model of your first car?) With this info in hand, a hacker could attempt to gain access to your accounts.  

Similarly, scammers will also post surveys with the offer of a gift card to a popular retailer. All you have to do is fork over your personal info. Of course, there’s no gift card coming. Meanwhile, that scammer now has some choice pieces of personal info that they can potentially use against you. 

How to avoid them: Simply put, don’t take those quizzes and surveys online. 

Bogus benefits and get-rich-quick schemes  

The list here is long. These include posts and direct messages about phony relief funds, grants, and giveaways—along with bogus business opportunities that run the gamut from thinly veiled pyramid schemes and gifting circles to mystery shopper jobs. What they all have in common is that they’re run by scammers who want your information, money, or both. If this sounds familiar, like those old emails about transferring funds for a prince in some faraway nation, it is. Many of these scams simply made the jump from email to social media platforms. 

How to avoid them: Research any offer, business opportunity, or organization that reaches out to you. A good trick is to do a search of the organization’s name plus the term “scam” or “review” or “complaint” to see if anything sketchy comes up. 

Government imposter scams 

If there’s one government official that scammers like to use to scare you, it’s the tax collector. These scammers will use social media messaging (and other mediums like emails, texts, and phone calls) to pose as an official who’s either demanding back taxes or offering a refund or credit—all of which are bogus and all of which involve you handing over your personal info, money, or both.  

How to avoid them: Delete the message. In the U.S., the IRS and other government agencies will never reach out to you in this way or ask you for your personal information. Likewise, they won’t demand payment via wire transfer, gift cards, or cryptocurrency like Bitcoin. Only scammers will. 

Friends and family imposter scams 

These are far more targeted than the scams listed above because they’re targeted and often rely upon specific information about you and your family. Thanks to social media, scammers can gain access to that info and use it against you. One example is the “grandkid scam” where a hacker impersonates a grandchild and asks a grandparent for money. Similarly, there are family emergency scams where a bad actor sends a message that a family member was in an accident or arrested and needs money quickly. In all, they rely on a phony story that often involves someone close to you who’s in need or trouble. 

How to avoid them: Take a deep breath and confirm the situation. Reach out to the person in question or another friend or family member to see if there really is a concern. Don’t jump to pay right away. 

The romance con  

This is one of the most targeted attacks of all—the con artist who strikes up an online relationship to bilk a victim out of money. Found everywhere from social media sites to dating apps to online forums, this scam involves creating a phony profile and a phony story to go with it. From there, the scammer will communicate several times a day, perhaps talking about their exotic job in some exotic location. They’ll build trust along the way and eventually ask the victim to wire money or purchase gift cards.  

How to avoid them: Bottom line, if someone you’ve never met in person asks you for money online, it’s a good bet that it’s a scam. Don’t do it. 

Protecting yourself from identity theft and scams on social media 

Now with an idea of what the bad actors are up to out there, here’s a quick rundown of things you can do to protect yourself further from the social media scams they’re trying to pull. 

Use strict privacy settings. First up, set your social media profile to private so that only approved friends and family members can access it. McAfee’s Social Media Privacy Manager can easily help you do this. This will circulate less of your personal information in public. However, consider anything you do or post on social media as public information. (Plenty of people can still see it, copy it, and pass it along.) Likewise, pare back the information you provide in your profile, like your birthday, the high school you attended, and so on. The less you put out there, the less a scammer can use against you. 
Be a skeptic. You could argue that this applies to staying safe online in general. So many scams rely on our innate willingness to share stories, help others, or simply talk about what’s going on in our lives. This willingness could lower your guard when a scammer comes calling. Instead, try to look at the messages you receive beyond face value. Does something seem unusual about the language or request? What could be the motivation behind it? Pausing and considering questions like these could spare some headaches. 
Know your friends. How well do you know everyone on your list of friends and followers? Even with your privacy settings set to the max, these people will see what you’re posting online. Being selective about who you invite into that private circle of yours can limit the amount of personal information people have immediate access to via your posts, tweets, and updates. However, if you like having a larger list of friends and followers, be aware that any personal info you share is effectively being broadcast on a small scale—potentially to people you don’t really know well at all. 
Follow up. Get a message from a “friend” that seems a little spammy or just plain weird? Or maybe you get something that sounds like an imposter scam, like the ones we outlined above? Follow up with them using another means of communication other than the social media account that sent the message. See what’s really going on.  
Look out for each other. Much like following up, looking out for each other means letting friends know about that strange message you received or a friend request from a potentially duplicate account. By speaking up, you may be giving them the first sign that their account (and thus a portion of their identity) has been compromised. Likewise, it also means talking about that online flame with each other, how it’s going, and, importantly if that “special someone” has stooped to asking for money. 

Stay steps ahead of the scams on social media 

Above and beyond what we’ve covered so far, some online protection basics can keep you safer still. Comprehensive online protection software will help you create strong, unique passwords for all your accounts, help you keep from clicking links to malicious sites, and prevent you from downloading malware. Moreover, it can provide you with identity protection services like ours, which keep your personal info private with around-the-clock monitoring of your email addresses and bank accounts with up to $1M of ID theft insurance. 

Together, with some good protection and a sharp eye, you can avoid those identity theft scams floating around on social media—and get back to enjoying time spent online with your true family and friends. 

The post Quizzes and Other Identity Theft Schemes to Avoid on Social Media appeared first on McAfee Blog.

Read More

The cryptocurrency-powered iris-scanning project led by OpenAI CEO Sam Altman must halt collecting data for 90 days in Portugal

Read More

Andrew Appel shepherded a public comment—signed by twenty election cybersecurity experts, including myself—on best practices for ballot marking devices and vote tabulation. It was written for the Pennsylvania legislature, but it’s general in nature.

From the executive summary:

We believe that no system is perfect, with each having trade-offs. Hand-marked and hand-counted ballots remove the uncertainty introduced by use of electronic machinery and the ability of bad actors to exploit electronic vulnerabilities to remotely alter the results. However, some portion of voters mistakenly mark paper ballots in a manner that will not be counted in the way the voter intended, or which even voids the ballot. Hand-counts delay timely reporting of results, and introduce the possibility for human error, bias, or misinterpretation.

Technology introduces the means of efficient tabulation, but also introduces a manifold increase in complexity and sophistication of the process. This places the understanding of the process beyond the average person’s understanding, which can foster distrust. It also opens the door to human or machine error, as well as exploitation by sophisticated and malicious actors.

Rather than assert that each component of the process can be made perfectly secure on its own, we believe the goal of each component of the elections process is to validate every other component.

Consequently, we believe that the hallmarks of a reliable and optimal election process are hand-marked paper ballots, which are optically scanned, separately and securely stored, and rigorously audited after the election but before certification. We recommend state legislators adopt policies consistent with these guiding principles, which are further developed below.

Read More

The US Treasury has designated several Russian blockchain and virtual currency firms for sanctions evasion

Read More

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.

The recent years’ events, including the proliferation of ransomware, the pandemic, and political tensions, have fast-tracked the development of both offensive and defensive tools in the cyber domain. Cybersecurity concepts that were nascent a few years ago are now being refined, demonstrating the practical benefits of modern digital risk management strategies.

Gartner analysts have highlighted the expansion of the attack surface as a significant risk for corporate cyber environments in the upcoming years. The most vulnerable entities include IoT devices, cloud apps, open-source systems, and complex software supply chains.

There is an increasing demand for concepts like Cyber Asset Attack Surface Management (CAASM), External Attack Surface Management (EASM), and Cloud Security Posture Management (CSPM) in corporate security frameworks. This trend is also documented in Gartner’s “hype” chart.

Let’s discuss the concept of CAASM, which is centered on identifying and managing all digital assets within an organization, whether they are internal or external. This approach aims to provide a comprehensive view and control over the organization’s cyber environment, enhancing security measures and management practices.

What Is CAASM

CAASM assists IT departments in achieving end-to-end visibility of a company’s cyber assets. This strategy creates a fuller understanding of the actual state of the infrastructure, enabling the security team to respond promptly to existing threats and potential future ones.

CAASM-based products and solutions integrate with a broad array of data sources and security tools. CAASM gathers and aggregates data and analyzes perimeter traffic, providing a continuous, multi-dimensional view of the entire attack surface.

Having access to current asset data enables information security officers to visualize the infrastructure and address security gaps promptly. They can prioritize the protection of assets and develop a unified perspective on the organization’s actual security posture. This sets the stage for proactive risk management strategies.

Exploring CAASM’s Core Functions

The CAASM approach equips security professionals with a variety of tools necessary for effectively managing an organization’s attack surface and addressing risks.

Asset Discovery

A lack of visibility into all of an organization’s assets heightens the risk of cyberattacks. Cyber Asset Attack Surface Management products automatically detect and catalog every component of a company’s digital infrastructure, encompassing local, cloud, and various remote systems, including shadow IT.
A company employing CAASM gains a clear overview of all its deployed web applications, servers, network devices, and cloud services. CAASM facilitates a comprehensive inventory of the devices, applications, networks, and users constituting the company’s attack surface.

Vulnerability Detection

It is important to understand the risks each asset poses, such as missing the latest security updates or opportunities to access sensitive data. CAASM systems integrate asset data, helping security teams identify misconfigurations, vulnerabilities, and other risks. The analysis considers software versions, patches, and configurations that hackers could exploit to launch an attack.

Risk Prioritization

CAASM systems evaluate how critical detected vulnerabilities are, helping prioritize and reduce the most substantial risks. Suppose the developers at a company are using an open-source library that has a known Log4Shell vulnerability. In such a scenario, CAASM will assist IT specialists in identifying all assets impacted by this vulnerability. It will also help prioritize this issue among other risks and communicate the relevant risk information to the information security department.

Integration With Security Tools

Broad visibility into infrastructure components is realized by integrating CAASM solutions with existing cyber defense tools, including:

Active Directory monitoring and protection solutions
Vulnerability scanners
Endpoint Protection Platforms (ERP)
Software Bill of Material (SBOM)
External Attack Surface Management (EASM)

Continuous Monitoring

CAASM products continuously monitor an organization’s attack surface for changes and new vulnerabilities, covering hardware, software, and data, both on-premises and in the cloud. For example, should new cloud storage be deployed without adequate access controls, CAASM will spot the insecure configuration and alert the security team. This real-time visibility significantly narrows the window of opportunity for potential attacks.

Mitigation and Remediation

CAASM platforms offer insights and recommendations on ways to remedy identified vulnerabilities, asset misconfigurations, and issues with security tools. For example, these actions can involve automated virtual patch deployment, configuration tweaks, or other measures designed to reduce the organization’s attack surface.

Reporting and Analytics

The advanced reporting and analytics features of CAASM products enable a company to track its infrastructure security status over time, assess the success of its security initiatives, and demonstrate compliance with regulatory requirements.

CAASM vs. Other Surface Management Tools

Let’s explore the main differences between CAASM and similar strategies. Using a table, we will compare them side-by-side, focusing on External Attack Surface Management and Cloud Security Posture Management systems.

CAASM vs. EASM vs. CSPM

 
CAASM
EASM
CSPM

Product Focus

Covers all cyber assets including on-prem, cloud, remote systems, and IoT devices.

Focuses on external resources like public apps, cloud services, servers, and third-party elements.

Targets cloud infrastructure, settings, and security policy compliance.

Threat Management

Manages internal and external threats, integrates with EASM tools for external data.

Addresses threats from external sources or attackers.

Fixes misconfigurations and compliance issues in cloud environments.

Visibility

A comprehensive view of the attack surface includes assets, misconfigurations, and vulnerabilities.

Views external attack surface from an attacker’s perspective.

Continuous monitoring of cloud security status.

Integration

Integrates with diverse data sources and security tools to detect and prioritize weak points.

Uses scanning, reconnaissance, and threat analysis to assess external risks.

Integrates via APIs with cloud service tools for security policy assessment and monitoring.

Attack Surface Management

Controls and reduces attack surface through continuous vulnerability detection and monitoring.

Manages the external attack surface by identifying exploitable software and network elements.

Improves cloud security through the identification and resolution of misconfigurations and compliance risks.

Objectives

Aims to improve overall security by timely addressing risks across all assets.

Seeks to reduce the risk of data breaches by minimizing external attack surface.

Aims to improve cloud security according to best practices and standards.

As you can see, CAASM is a universal security information system that encompasses and continuously protects all the company’s digital assets against both external and internal threats. Integrating CAASM-based products enhances data sharing, effectively complementing EASM and other tools aimed at overseeing the company’s assets.

Measuring the Success of CAASM Adoption

You can assess the effectiveness of CAASM after its integration into the company’s cyber defense system by monitoring various indicators. Let’s identify the main factors that will help you make this evaluation.

Asset Coverage

The primary measure of CAASM’s effectiveness lies in how comprehensively it covers the organization’s assets. This includes servers, devices, applications, databases, networks, and cloud resources. The broader the range of assets CAASM can monitor, the more accurately it can map the potential attack surface, leading to more effective threat protection.

Mean Time to Inventory

The Mean Time to Inventory (MTTI) metric shows how quickly new assets are identified and added to CAASM. A quicker discovery process suggests a proactive strategy in spotting and handling assets.

Vulnerability Mitigation Speed

The vulnerability detection and remediation rates reflect the percentage of identified vulnerabilities resolved within a specific timeframe. Swiftly addressing issues signifies a more efficient strategy in minimizing security risks.

Incident Detection and Response Time

Mean Time to Detect (MTTD) shows how quickly a security incident is noticed, while Mean Time to Respond (MTTR) tracks the time taken to respond and recover. Lower MTTD and MTTR indicate that CAASM is performing more efficiently within the company.

Compliance

This metric reflects the share of assets adhering to industry standards and regulatory requirements. The greater this percentage, the more efficiently assets are managed, leading to a decreased chance of security incidents.

Cost Savings and ROI

Reducing business downtime, cutting incident response expenses, avoiding regulatory penalties, and more – all reflect the effectiveness of CAASM implementation and contribute to its ROI in the long run.

Conclusion

CAASM is beneficial for mature organizations with complex and dynamic infrastructures. Continuous monitoring of all assets, including shadow IT, enables the timely adaptation of protection measures against existing and emerging threats, making CAASM a valuable component of a company’s cybersecurity strategy.

Read More

The US government wants developers to get serious about tackling SQL injection bugs

Read More

Watch the Video on YouTube.com

A 15-minute talk by Bruce Schneier.

Read More