Monday, May 25, 2020

You are at very high risk of getting 'phished' right now

This morning there was an unexpected message in my personal email inbox to click a link and sign in to my new "health portal." It was from a healthcare outfit I'd never heard of, and the sender name displayed was "eCW Patient Portal." There was no doctor's name or healthcare group/facility listed anywhere in the message. So I deleted it.

Perhaps it was legit. If so, I don't really care. The last thing I need is another website login. If one of my healthcare providers truly needs me to log in to their patient portal, I'm sure I'll be informed sooner or later by the trusted source.

Right now, with the COVID-19 pandemic and all the associated new rules that go with it, scammers are having a field day with phishing emails, websites and phone calls. Don't fall for these. Seeing information online (in any form, including video) does not make it real.

There is more fake news, misinformation, and disinformation online than we would like to believe. And it spreads rapidly across social media platforms like Facebook, Instagram and Twitter.

Check out this Wired magazine article about Internet deception (December 2019): https://www.wired.com/story/internet-deception-stay-what-do-now/.

Avoid falling for phishing scams by scrutinizing the sender information as well as the content. Do not click links or open attachments unless you have validated they are safe. When in doubt, contact the sender via an alternate communication channel to validate the message is real.

Even if you know and trust the sender, if anything seems just a tiny bit "off" about the message, trust your instinct and don't click. Every week at work I see at least 10 emails come in from hacked accounts, trying to fool our employees with phishing messages. We train them not to click.

It really is that simple: stop clicking.

Saturday, May 9, 2020

Ignore child pornography scares

Hackers will do anything to get your attention, including making threats against you based on fraudulent claims you've been watching child pornography on your computer.

While most of us are a bit on edge right now, as we attempt to adjust to an uncertain new world amidst COVID-19 fears, we need to maintain good sense and not let our fears get the best of us.

Security expert Brian Krebs warns of a new email scam suggesting that someone using your unique IP address or network interface card address ("MAC") has been caught viewing child pornography. The sender name is fraudulently displayed as "Microsoft Support," and the message indicates that your Windows license will be suspended unless you call a particular number to reinstate it.

This story is so far out there that some of you may wonder how people can possibly fall for this scam. But the truth is, given the right state of mind and circumstances, any one of us can fall victim to a social engineering attack. And the elderly and mentally challenged are prime targets for a scam like this.

Always be skeptical of any email containing a threat or false accusation.

For the full article, go to https://krebsonsecurity.com/2020/05/tech-support-scam-uses-child-porn-warning/.