CDC alerts. Cybercriminals have sent phishing emails designed to look like they’re from the U.S. Centers for Disease Control. The email might falsely claim to link to a list of coronavirus cases in your area. “You are immediately advised to go through the cases above for safety hazard,” the text of one phishing email reads.

Health advice emails. Phishers have sent emails that offer purported medical advice to help protect you against the coronavirus. The emails might claim to be from medical experts near Wuhan, China, where the coronavirus outbreak began. “This little measure can save you,” one phishing email says. “Use the link below to download Safety Measures.”

How do I help avoid scammers and fake ads?Scammers have posted ads that claim to offer treatment or cures for the coronavirus. The ads often try to create a sense of urgency — for instance, “Buy now, limited supply.”
At least two bad things could happen if you respond to the ads.
One, you might click on an ad and download malware onto your device.
Two, you might buy the product and receive something useless, or nothing at all. Meanwhile, you may have shared personal information such as your name, address, and credit card number.
Bottom line? It’s smart to avoid any ads seeking to capitalize on the coronavirus.
Tips for recognizing and trying to avoid phishing emailsHere are some ways to recognize and avoid coronavirus-themed phishing emails.
Phishing email messages usually try to lure you into clicking on a link or providing personal information that can be used to commit fraud or identity theft. Here’s some tips to avoid getting tricked.

• Beware of online requests for personal information. A coronavirus-themed email that seeks personal information like your Social Security number or login information is a phishing scam. Legitimate government agencies won’t ask for that information. Never respond to the email with your personal data.
• Check the email address or link. You can inspect a link by hovering your mouse button over the URL to see where it leads. Sometimes, it’s obvious the web address is not legitimate. But keep in mind phishers can create links that closely resemble legitimate addresses. Delete the email.
• Watch for spelling and grammatical mistakes. If an email includes spelling, punctuation, and grammar errors, it’s likely a sign you’ve received a phishing email. Delete it.
• Look for generic greetings. Phishing emails are unlikely to use your name. Greetings like “Dear sir or madam” signal an email is not legitimate.
• Avoid emails that insist you act now. Phishing emails often try to create a sense of urgency or demand immediate action. The goal is to get you to click on a link and provide personal information — right now. Instead, delete the message.
  

Excerpts taken from Norton Lifelock article here - Read Full Article

Ransomware attacks have been increasing over the last few years and are one of the leading causes of data loss for companies.

There are few steps that you can perform to help protect your company and your company data from ransomware attacks.

1. Have a good backup strategy - This is the first law of IT, back up your data.  If you have backups then exposure due to hardware failures and malicious attacks can be mitigated
2. Check your backups - We tell customers that you backup is only as good as the last time you restored it! Check early and often to make sure the backups are running properly.
3. Protection from the Internet - Hackers are constantly probing for holes. Have a good, stateful inspection firewall that only allows traffic that needs to be on your network.  If you are relying on the modem you got from your Internet provider it is likely not enough.
4. Protection from Internet Traffic that passes your firewall - Email is on of the biggest delivery sources for malware.  Have a good anti-virus and malware product on your firewall if possible and also on your internal computers.  Multiple lines of defense are necessary!
5. Educate Your Employees - A training course in how to recognize malware in email, how to avoid it and what to do if you lick the wrong link can easily return the cost of the training in up time and decreased incidents.

If you feel that you could use help with these steps please contact us - Sales@IndyTek.Net 
​

Scam of the Week: Black Friday & Cyber Monday Alert

"With more people than ever poised to partake in this year’s November shopping frenzy, attackers will capitalize by using the brand names of leading e-tailers to exploit users looking for Black Friday deals and coupons by creating fake mobile apps and landing pages to fool consumers into downloading malware, using compromised sites, or giving up their login credentials and credit card information."

"It's Holiday Season for the bad guys too! But not the way you might think. They go into scam-overdrive mode. Black Friday and Cyber Monday are the busiest on-line shopping days and they are out to get rich with your money. So what to look out for?

• At the moment, there are literally thousands of fake sites, looking just like the real thing. Don't fall for it. Make sure the site you go to is the real one. Type in the address or use your bookmark, do not click on links in emails with special offers. And while we're at it...
• Watch out for alerts via email or text that you just received a package from FedEx, UPS or the US Mail, and then asks you for some personal information. Don't enter anything.
• Don't download fake mobile apps that promise big shopping savings, and be very wary of online discount coupons. Think Before You Click!
  

So, especially now, the price of freedom is constant alertness and willingness to fight back. Remember to only use credit cards online, never debit cards. If you think you might have been scammed, stay calm and call your credit card company, nix that card and get a new one. Happy Holidays!"

This alert is also at the KnowBe4 blog, and has additional resource links:

https://blog.knowbe4.com/scam-of-the-week-black-friday-cyber-monday-alert

Check the list for your router and get the whole story here.

https://bit.ly/2IKzpq8

Twitter's 330 million users are being urged to change their passwords after some were exposed in plain text on its internal network.
An error in the way the passwords were handled meant some were stored in easily readable form, said Twitter.
The passwords should have been put through a procedure called "hashing" making them very difficult to read.
Security experts said the way Twitter handled the potential breach was "encouraging".

See whole story here - http://www.bbc.com/news/business-43995168

Please be aware of an email phishing scam that has started in the last week.

Companies are experiencing a wave of phishing scams that target employee paychecks. Here is the scenario:
1.    An employee receives from a company email account e-mail that mimics a familiar and trusted company service or resource, such as an e-signature request or a request to complete a survey.

2.    The e-mail asks the employee to click a link, access a website, or answer a few questions.


3.    Then it directs the employee to “confirm” his or her identity by providing his or her complete log-in credentials. Skeptical employees who question the request via reply e-mail receive a prompt response purporting to verify that the employee should complete the steps contained in the link.

4.    The threat actors then use the employee’s log-in credentials to access payroll portals, reroute direct deposits to other accounts, and wreak other havoc upon the employer’s network.

In some versions of the scam, hackers access employee e-mails to request a password change from the employer’s payroll service and then use the new log-in credentials to change direct deposit instructions."

Employers may want to immediately take the following precautions to avoid security breaches as a result of these phishing scams:

•    Alert your workforce to this scam.
•    Direct employees to forward any suspicious requests to the information technology or human resources departments, rather than replying to the e-mail.
•    Instruct employees to refrain from supplying log-in credentials or personally identifying information in response to any e-mail.


For more detailed information see this link - https://blog.knowbe4.com/scam-of-the-week-wave-of-payroll-direct-deposit-phishing-attacks

Our information security team is aware of several related security bulletins for vulnerabilities identified with “speculative execution functionality” of multiple vendors’ central processing units (CPU). As of this writing, there are three known variants:

CVE-2017-5715 - Branch target injection (SPECTRE)
CVE-2017-5753 - Bounds check bypass (SPECTRE)
CVE-2017-5754 - Rogue data cache load (MELTDOWN)

Review the reference information below to become more familiar with these vulnerabilities and validate that any software applications not managed by GUTS have the latest patches applied.  GUTS additionally recommends that all customers verify that all systems in use within their organizations are verified as having the latest patches applied – including desktops and laptops.

Reference Information
Meltdown Technical Deep Dive PDF
Spectre Technical Deep Dive PDF
VMware Security Response
CERT Vulnerability Notice
CERT Exploit Notice
Google Project Zero Analysis
Microsoft Security Notice
WIRED Magazine news article
AnandTech news article