For many people, the holidays means a dramatic spike in email traffic. There is more communication between family and friends, more solicitations from retailers pitching holiday bargains, and more online shopping confirmations and shipping notifications. It’s also a time of year when cyber-criminals try to take advantage of the overwhelming volume of email communications to catch unwitting victims off guard with phishing scams. Hopefully you would be able to spot a fake malicious email and avoid getting compromised, but don’t be too sure. For additional information on how to stay safe please read on.
We all get offers that seem too good to be true. Whether they come by email or appear on web sites, they are often clever schemes designed to dupe the gullible. Don't be tricked by Internet Fraud. For more information see http://www.lookstoogoodtobetrue.com.
An email with the subject “important” tells recipients that they must sign into Dropbox in order to view a document too big to be sent via regular email, but clicking on the link included in the message brings people to a fake Dropbox login page that is actually hosted on Dropbox.
Link to the rest of this SC Magazine article to find out more about this new scam.
Reusing passwords or using the same password all over the place is like carrying one key that unlocks your house, your car, your office, your briefcase, and your safety deposit box. If you reuse passwords for more than one computer, account, website, or other secure system, keep in mind that all of those computers, accounts, websites and secure systems will be only as secure as the least secure system on which you have used that password. Don't enter your password on untrusted systems. One lost key could let a thief unlock all the doors. Remember: Change your passwords on a schedule to keep them fresh.
The Senate Intelligence Committee will vote Tuesday on a bill that would allow companies to share information about digital threats, but the legislation faces potential roadblocks over concerns it could boost surveillance efforts and endanger net neutrality. Additional information can be found here.
It's inevitable that at some point at a college or university a request for sensitive data will be made to the owning department for a research project, a cross departmental project, or even a report to upper management. All of these scenarios are common and acceptable requests, however, the method used to transmit or share the requested confidential data is critical to the safety and security of that data. Here is an example of using an incorrect transmission method and the repercussions that followed.
- Approval of the data owning department is given (preferably in writing).
- A secure, encrypted transmission method is setup to send and receive the data.
- Communication! If you're unsure transmitting this data is appropriate or safe contact your security team.
Email phishing continues to increase and the attackers are constantly looking for better ways to trick you. Phishers have their sites focused on PayPal now more than ever. Read this SC Magazine article summarizing "The Internet Threats Trend Report April 2014" to learn more.