Security Updates
The [US] Internal Revenue Service (IRS) is warning of ongoing phishing attacks impersonating the IRS and targeting educational institutions. The attacks use tax refund payment baits and mainly focus on universities' staff and students with .edu email addresses.
- The rest of the story: https://www.bleepingcomputer.com/news/security/scammers-target-universities-in-ongoing-irs-phishing-attacks/
- IRS warning: https://www.irs.gov/newsroom/irs-warns-university-students-and-staff-of-impersonation-email-scam
- Researcher's blog: https://abnormalsecurity.com/blog/irs-impersonation/
What is Identity Theft? Identity theft happens when a criminal steals information about you and uses that information to commit fraud, such as requesting unemployment benefits, tax refunds, or a new loan or credit card in your name. If you don’t take precautions, you may end up paying for products or services that you didn’t buy and dealing with the stress and financial heartache that follows identity theft.
Read more at https://www.sans.org/security-awareness-training/resources/identity-theft
Have I Been Hacked? No matter how secure you are, sooner or later you may have an accident and become "hacked". Below are clues you might have been hacked and if so, what to do. See https://www.sans.org/security-awareness-training/resources/what-do-when-hacked for more information.
To create a secure home network, you need to start by securing your Wi-Fi access point (sometimes called a Wi-Fi router). This is the device that controls who and what can connect to your home network. Here are five simple steps to securing your home Wi-Fi to create a far more secure home network for you and your family.
- Change the admin password
- Create a network password
- Apply firmware updates
- Activate a guest network
- Use secure DNS filtering
Read the details in the SANS OUCH! newsletter at https://www.sans.org/security-awareness-training/resources/securing-wi-fi-home
Trying to securely make the most of today’s technology can be overwhelming for almost all of us, but it can be especially challenging for family members not as used to or as familiar with technology. Therefore, we wanted to share some key steps to help secure family members who may be struggling with technology and might misunderstand the risks that come with using it. Read more at https://www.sans.org/security-awareness-training/resources/securing-generation-gap
While online holiday shopping is nothing new, more of us will be avoiding the malls and brick-and-mortar stores this year — which opens up big opportunities for cybercriminals. This, along with COVID-19, is expected to anchor most of the scam and phishing lures in circulation this season. Read more at https://threatpost.com/online-holiday-shopping-phishing/161412/
A common misconception about cyber attackers is that they use only highly advanced tools and techniques to hack into peoples’ computers or accounts. Cyber attackers have learned that the easiest ways to steal your information, hack your accounts, or infect your systems is by simply tricking you into doing it for them using a technique called social engineering. Read more on this month's OUCH! newsletter from SANS, https://www.sans.org/security-awareness-training/resources/social-engineering-attacks
For those that are leery about clicking links in email messages, here's another path to the UNI 2020 NCSAM scavenger hunt. Check back often as new questions will be posted several times per week. Answers to questions from earlier in the month are available here.
The "Are you available" scam is still alive and kicking. If you receive such a message, even though the display name is a well-known campus name, check the actual email address of the sender. It's likely to be a gmail.com account incorporating the impersonated UNI person into the username portion of the address. Don't be fooled! Mark the message as spam and move on to the next message in your inbox.
If you do interact with the imposter, you'll be asked to buy a large quantity of untraceable gift cards with a promise of reimbursement. That won't happen and you'll be out the money you spent and also filing a police report for the fraud you experienced.
With so many of us now working from home, you are most likely finding yourself remotely connecting with your co-workers using virtual conferencing solutions like Zoom, Slack, or Microsoft Teams. Your family members - perhaps even your children – may also be using these same technologies to connect with friends or for remote learning. Regardless of why you are connecting, here are key steps you can take to make the most of these technologies safely and securely.
Pages
- ITTC 36
- (319) 273-5555
