Online perpetrators are not taking holiday vacations this year
This holiday season, as gifts are purchased online and in stores across the world, unfortunately some see this as an opportunity to steal your online banking credentials. So while you shouldn’t be scared to buy Grandma that scarf she’s been wanting, you do need to be weary about a new spear phishing campaign.
The FBI Denver Cyber Squad released information on the new campaign that involves personal and business bank accounts, financial institutions, money mules and jewelry stores:
“The campaign involves a variant of the ‘Zeus’ malware called ‘Gameover.’ The spam campaign is pretending to be legitimate emails from the National Automated Clearing House Association (NACHA), advising the user there was problem with the ACH transaction at their bank and it was not processed. Once they click on the link they are infected with the Zeus or Gameover malware, which is able to key log as well as steal their online banking credentials, defeating several forms of two factor authentication.”
Okay, so how do you stay away from this trick and others like it?
Well, here are three simple tips to remember this holiday season to be sure you do not take the bait:
1. Be weary of emails from senders that you have never seen before. Even if the subject line is tempting with an urgent call to action, look at the source and be cautious of the sender.
2. Understand your bank’s policy on communication, and call your bank if a message seems urgent to confirm the email’s validity.
3. If you think you are sure the link is okay to use, still copy and paste it in a search engine to see if it is linked to a valid site. If someone has reported it as spam, it may appear at the top of the organic search, and you will know that it is a good possibility to be fraudulent.
For more information on this FBI investigation and campaign details click here.
The most effective way to keep your users safe is to provide annual Security Awareness Training to help them identify and avoid threats. Check out our Security Awareness Training course to get started.
December 05, 2011 by Robert Hodges
I thought I would share a few malicious emails I received this week because it’s not always obvious if an email is a scam or legitimate. There is often something that gives it away, but you need to be looking for it.
First, if you receive an email claiming to be from officeprinter@nameofyourbusiness… or something similar, delete and do NOT click on the link.
This week our employees were sent some end-of-year paperwork, and many of you are probably going through the same process. Your first response to an email from your domain might be “Oh, this is the [HR paperwork] I was expecting!” But the attachment or link in this email is actually a malicious attack.
If someone at your organization really sent you an attachment, it would most likely come from a person you recognize, not a generic email (or a general email you are already familiar with). Regardless, it’s usually a good idea to check with your manager or the person who sent it before you act on the message–especially if you weren’t expecting it or are not sure what it is.
Second, especially if you are in sales, do not believe every “lead” is legitimate. I recently received a message similar to this:
I would like to make an order, and ship to New York, NY or pick it up from your store. And my payment will be through my credit card.
Please let me know if you can assist me with the order, and please do not forget to include the website of your PRODUCT in your reply. Your quick response will be highly appreciated.
Your first hint that this is a scam is that the person doesn’t even know what product she supposedly wants to buy. By saying, “include the website to your PRODUCT in your reply,” it shows the sender doesn’t even know which organization you are associated with. So how would she be ready to make a purchase?
Once you collect the payment (from a stolen or fake credit card), they will either pick up the product and vanish before you get the charge-backs, or another common international scam is to ask you to wire part of the money to their “3rd party shipping company” which is simply a fake business that will take that money and vanish – again before you see the charge-backs hit. Be aware that legitimate shipping requests will ask you to use their shipping account number, not wire money directly to a shipper’s bank account.
These are just two examples of recent malicious emails I have received. You may get a handful of similar attacks like these, and these scammers are very creative at pretending they are interested in purchasing.
Here at GLS, we have our employees take our Information Security Awareness course to be sure they are ready for similar and other attacks. For information on how this course can help Information Security Awareness within your organization click here.