Stay Cyber Savvy: Your 5-Step Guide to Outsmarting Phishing Scams

Read Time:3 Minute, 9 Second

In today’s digital landscape, distinguishing between legitimate communications and phishing attempts can feel like navigating a labyrinth blindfolded. Phishing is a deceptive tactic where cybercriminals use fraudulent emails, texts, or messages to trick individuals into revealing sensitive information or clicking on malicious links. And let’s not forget its crafty sibling, “smishing” – the text message iteration of this digital charade. 

Now that most brands and even government agencies communicate with consumers via text or email, it’s hard to know whether a message is legit or not. Consider the United States Postal Service, which should be solely focused on dependable package delivery, yet is frequently tasked with warning individuals against clicking on links from unsolicited messages impersonating the postal service. 

Many people are concerned that they’ll unwittingly open an official-looking email or text only to become victims of a scam. Fortunately, there are steps you can take to educate yourself and establish safeguards against phishing and smishing attempts. 

Here are five steps for staying cyber savvy and protecting yourself from phishing scams: 

Educate yourself and your loved ones: Verizon’s Data Breach Investigations Report found that phishing attacks have surged and now account for 36% of attacks. Yet, many Americans still aren’t aware of what phishing is and that they might be at risk. Ask your family members and friends if they know what phishing and smishing are. If not, share what you have learned about it so that they, too, can become aware of the risks. 
Decode deception: Avoiding scams entails recognizing their characteristics and distinguishing them from legitimate communications. For scammers, these attacks are often a numbers game, sending mass messages to as many people as possible. Many phishing texts will have poor grammar or spelling and may not even address you by your first name. Legitimate emails typically address recipients by their first name and demonstrate proper grammar and spelling.
Beware of urgency: Since scammers are in a hurry to send as many messages and get as many clicks as possible, the communications often sound urgent — “Act NOW before we disable your account.” Take the time to slow down and consider whether the urgency of the message aligns with your usual interactions with the organization or service provider before taking any action.
Spot suspicious senders: Another sign of fraud can often be found in irregularities in the sender’s email or phone number. Legitimate banks typically use a consistent 5-digit number for their messages, while scammers might use a full 10-digit phone number or switch between different numbers. In emails, the sender’s email address may appear nonsensical or unrelated to the purported sender, signaling potential fraud.
Use multifactor authentication: Multifactor authentication (MFA) lets users “easily authenticate to online services” by replacing password-only logins with more secure logins. Turning on multifactor authentication means that, even if a scammer steals your password, they won’t be able to get into your account without something like an authenticator app or fingerprint that only you have. 

In a world where even simple emails and text messages can harbor malevolent intent, it’s crucial to fortify yourself with knowledge and vigilance. Using multifactor authentication and learning how to spot scam messages will help you avoid scams. If you want additional protection, our AI-powered Scam Protection scans text messages and alerts users or filters out the text if it detects a scam link. The software also blocks links from scam emails, texts, and social media messages in the event you accidentally click one. It’s not always easy to spot phishing scams, but we can help by providing that first — and second line of defense.  

The post Stay Cyber Savvy: Your 5-Step Guide to Outsmarting Phishing Scams appeared first on McAfee Blog.

Read More

Twitter’s Clumsy Pivot to X.com Is a Gift to Phishers

Read Time:3 Minute, 0 Second

On April 9, Twitter/X began automatically modifying links that mention “twitter.com” to redirect to “x.com” instead. But over the past 48 hours, dozens of new domain names have been registered that demonstrate how this change could be used to craft convincing phishing links — such as fedetwitter[.]com, which is currently rendered as fedex.com in tweets.

The message currently displayed when one visits carfatwitter.com, which Twitter/X will now display as carfax.com in tweets and messages.

A search at DomainTools.com shows at least 60 domain names have been registered over the past two days for domains ending in “twitter.com,” although research so far shows the majority of these domains have been registered “defensively” by private individuals to prevent the domains from being purchased by scammers.

Those include carfatwitter.com, which Twitter/X will now truncate to carfax.com when the domain appears in user messages or tweets. Visiting this domain currently displays a message that begins, “Are you serious, X Corp?”

The same message is on other newly registered domains, including goodrtwitter.com (goodrx.com), neobutwitter.com (neobux.com), roblotwitter.com (roblox.com), square-enitwitter.com (square-enix.com) and yandetwitter.com (yandex.com). The message left on these domains indicates they were defensively registered by a user on Mastodon whose bio says they are a systems admin/engineer. That profile has not responded to requests for comment.

A number of these new domains including “twitter.com” appear to be registered defensively by Twitter/X users in Japan. The domain netflitwitter.com (netflix.com, to Twitter/X users) now displays a message saying it was “acquired to prevent its use for malicious purposes,” along with a Twitter/X username.

The domain mentioned at the beginning of this story — fedetwitter.com — redirects users to the blog of a Japanese technology enthusiast. A user with the handle “amplest0e” appears to have registered space-twitter.com, which Twitter/X users will now see as the CEO’s “space-x.com.” The domain “ametwitter.com” already redirects to the real americanexpress.com.

Some of the domains registered recently and ending in “twitter.com” currently do not resolve and contain no useful contact information in their registration records. Those include firefotwitter[.]com (firefox.com), ngintwitter[.]com (nginx.com), and webetwitter[.]com (webex.com).

The domain setwitter.com, which Twitter/X will currently render as “sex.com,” redirects to this blog post warning about the recent changes and their potential use for phishing.

Sean McNee, vice president of research and data at DomainTools, told KrebsOnSecurity it appears Twitter/X did not properly limit its redirection efforts.

“Bad actors could register domains as a way to divert traffic from legitimate sites or brands given the opportunity — many such brands in the top million domains end in x, such as webex, hbomax, xerox, xbox, and more,” McNee said. “It is also notable that several other globally popular brands, such as Rolex and Linux, were also on the list of registered domains.”

The apparent oversight by Twitter/X was cause for amusement and amazement from many former users who have migrated to other social media platforms since the new CEO took over. Matthew Garrett, a lecturer at U.C. Berkeley’s School of Information, summed up the Schadenfreude thusly:

“Twitter just doing a “redirect links in tweets that go to x.com to twitter.com instead but accidentally do so for all domains that end x.com like eg spacex.com going to spacetwitter.com” is not absolutely the funniest thing I could imagine but it’s high up there.”

Read More

perl-Clipboard-0.29-1.fc41

Read Time:17 Second

FEDORA-2024-966c267928

Packages in this update:

perl-Clipboard-0.29-1.fc41

Update description:

Automatic update for perl-Clipboard-0.29-1.fc41.

Changelog

* Wed Apr 10 2024 Xavier Bachelot <xavier@bachelot.org> – 0.29-1
– Update to 0.29 (RHBZ#2273832)
– Fixes RHBZ#2257224 and RHBZ#2257225
– Convert License: to SPDX

Read More

USN-6727-1: NSS vulnerabilities

Read Time:39 Second

It was discovered that NSS incorrectly handled padding when checking PKCS#1
certificates. A remote attacker could possibly use this issue to perform
Bleichenbacher-like attacks and recover private data. This issue only
affected Ubuntu 20.04 LTS. (CVE-2023-4421)

It was discovered that NSS had a timing side-channel when performing RSA
decryption. A remote attacker could possibly use this issue to recover
private data. (CVE-2023-5388)

It was discovered that NSS had a timing side-channel when using certain
NIST curves. A remote attacker could possibly use this issue to recover
private data. (CVE-2023-6135)

The NSS package contained outdated CA certificates. This update refreshes
the NSS package to version 3.98 which includes the latest CA certificate
bundle and other security improvements.

Read More

wordpress-6.5.2-1.fc39

Read Time:20 Second

FEDORA-2024-8ffb095abb

Packages in this update:

wordpress-6.5.2-1.fc39

Update description:

Upstream annoucement: WordPress 6.5.2 Maintenance and Security Release

Security updates included in this release

A cross-site scripting (XSS) vulnerability affecting the Avatar block type; reported by John Blackbourn of the WordPress security team. Many thanks to Mat Rollings for assisting with the research.

Upstream announcement: WordPress 6.5 “Regina”

Read More