Malware spread through Facebook, a scam aimed at Apple users and a teacher makes a big email mistake.
We’re bringing you the latest cyber security news Welcome to Cyber Security Today. It’s Monday May 14th. To hear the podcast click on the arrow below:
 |
 |
 |
We’re bringing you the latest cyber security news Welcome to Cyber Security Today. It’s Monday May 14th. I’m Howard Solomon.
Many of you know about being careful not to click on suspicious links in your email. The same warning applies to text messages and social media. Security vendor Radware has found a new campaign for spreading malware through Facebook. A message suggests a video worth seeing, which takes the unsuspecting victim to a fake YouTube page. The user is then asked to install a Chrome browser extension to play the video. That extension is malware that steals their Facebook login credentials and can be used for fraud. Radware believes this campaign has been going on since at least March and has infected more than 100,000 users in over 100 countries.
As some of our listeners know, the tough new European Union privacy regulation known as GDPR comes into effect May 25th. To make sure they comply, companies are emailing people on their lists to confirm they want to continue receiving messages. Scammers are taking advantage of this. They’re sending email with messages asking people to update their privacy settings or confirm a new privacy policy. All the user has to do is click on the provided link – which is either malicious or takes them to a phony site. Trend Micro says the latest scam is an email entitled “Update your payment details,” which tells users their Apple accounts have been suspended because of unusual activity. It asks them to click a link to update their payment details. The real goal is to trick Apple users to giving up their IDs and passwords.
Some alert messages can be legit. If you want to be safe, go to a company’s web site yourself to access your account, rather than click on a link in an email.
Email is a wonderful way to communicate – as long as you’re careful. But often we rush through writing messages and hit the send button without carefully checking who it’s going to. A private high school in Britain learned that lesson the hard way this month. Someone intended to send an email with sensitive information about students to a list of teachers. Instead it went to a list of parents. It included log-ins and passwords to different teacher platforms. The school apologized and is investigating. So remember, slow down.
That’s it for Cyber Security Today. Subscribe on Apple Podcasts, Google Play, or add us to your Alexa Flash Briefing. Thanks for listening. I’m Howard Solomon.