Victims often receive an unsolicited call first

Read More

A recent Bloomberg piece highlighted how Meta Platforms, Inc., (parent company of Facebook) and Apple, Inc., had been successfully socially engineered into providing customer data in response to “emergency data requests” to individuals who they believed to be representing the U.S. government. If your entity is collecting customer data, it is possible you’ll receive a lawful request for the data from a government entity. This may take the form of a warrant, subpoena or national security letter. Do you have a process for handling these requests?

To read this article in full, please click here

Read More

The list of companies accepting payments in cryptocurrency keeps expanding, so customers can buy almost everything they want: electronics, college degrees and cappuccinos. At the same time, the market for non-fungible tokens (NFTs) skyrockets, with new artists becoming millionaires and more established names like Snoop Dogg, Martha Stewart and Grimes capitalizing on the trend.

Cryptocurrency and NFTs are on many organizations’ agenda as they discuss the ramifications of Web3 and the opportunities it presents. This new major shift in the internet’s evolution promises to decentralize our digital world, offering users more control and a more transparent flow of information.

To read this article in full, please click here

Read More

Users asked to choose new username and password on boot-up

Read More

Carbanak Group specialist coordinated network intrusions

Read More

Scientists are now debating whether octopuses, squid, and crabs have emotions. Short answer: we don’t know, but can’t rule it out.

There may be a point when humans can no longer assume that crayfish, shrimp, and other invertebrates don’t feel pain and other emotions.

“If they can no longer be considered immune to felt pain, invertebrate experiences will need to become part of our species’ moral landscape,” she says. “But pain is just one morally relevant emotion. Invertebrates such as octopuses may experience other emotions such as curiosity in exploration, affection for individuals, or excitement in anticipation of a future reward.”

As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

Read my blog posting guidelines here.

Read More

The attack is believed to have been committed by Conti ransomware gang

Read More

What’s worse than a surprise call from a law enforcement official telling you to pay a fine or be forced to serve time? Providing your personal information and paying that fine only to find out that it was all a scam. You didn’t miss jury duty; you didn’t commit a crime — you were just tricked into thinking that you did. 

Sound unbelievable? It’s more likely than you’d think. 

Who Are You Calling Criminal, Criminal? 

According to ZDNet1, the FBI released a warning about scammers impersonating government officials or law enforcement agencies to steal personal information and money from unsuspecting people. 

After acquiring phone numbers and names from real users, scammers use fake credentials from well-known law enforcement agencies to contact victims. Under the guise of these officials, scammers claim that the user’s identity was used in a crime and ask them to provide their social security number and date of birth for verification. The fraudsters will also call or text about apparently missed jury duty, missed court dates, warrants out for arrest, or other local fines that require payment to be solved. 

These criminals demand payment in multiple forms, but the most common are prepaid cards, wire transfers, and cash sent through mail or through cryptocurrency ATMs. If victims do not pay these fines or provide their personal information, the scammers in disguise will threaten them with potential prosecution or arrest. 

How to Identify Phishing Scams Over the Phone 

The FBI states that no law enforcement agency will ever contact you asking for money, but if you’re still unsure whether you’re being scammed, here are a few more phishing tips that can help: 

Confirm the source 

Unsolicited phone calls or texts are best avoided altogether or confirmed with a second source. Verify the caller’s identity with the organization they claim they represent. Ask for a name and position and make it clear you will be following up to verify their identity. 

Keep personal information private 

Do not reveal any personal or financial information over the phone, through text, or through a link provided in a text message. 

Lack of personalization 

Generic greetings that do not address you by name, especially when asking you to verify your identity or pay a fine, are a definite indicator that you may be being scammed. 

Spelling and layout 

Any strange grammar or spelling mistakes in a text message can be signs that this is someone impersonating an official agency, company, or higher-up to scam you. 

How to Identify Other Types of Phishing Scams 

Although scammers try to trick users over the phone, phishing scams can also happen over email. In addition to the tactics mentioned above, here are some extra tips on how to detect and avoid phishing emails: 

A sender address that’s just a bit off 

Cybercriminals will often impersonate well-known brands or individuals by using fraudulent email addresses with just a few alterations of letters or characters. An example is an email address that appears as “bank0famerica.con.” 

Hyperlinks 

If you receive a message or email with a link, hover over the link without clicking on it. This will allow you to see a link preview. If the URL looks suspicious or doesn’t match up with the content in the email, do not interact with it and delete the entire message. 

Attachments 

Be cautious of any attachment in an email. Scammers often use attachments as a sneaky way to deliver viruses and malware onto unsuspecting people’s devices. 

Protect Yourself From Phishing Attacks 

Phishing scams can be deceitful, especially with the added pressure of a seemingly real (but definitely fake) government official or law enforcement agency accusing you of breaking the law. However, by following the tips outlined above, you’ll be able to spot these scams from a mile away and stay safer online! 

The post What the FBI Wants You to Know About the Latest Phishing Scheme appeared first on McAfee Blog.

Read More

Finnish ministries of foreign affairs and defense forced offline earlier today by DDoS attacks

Read More

Orgs must know range of factors when managing supply chain risk, says (ISC)2’s CISO, Jon France

Read More