Don’t give thanks to this Thanksgiving scam, hold on to your smart phones and a possible data breach at a U.S. healthcare company
Welcome to Cyber Security Today. It’s Monday November 26th . To hear the podcast, click on the arrow below:
I hope our American listeners had a good Thanksgiving weekend – and hopefully none of you had it spoiled by falling for an email scam. According to security vendor Forcepoint, one scam includes mail with your name and with a header like “Thanksgiving Card” or “Thanksgiving Wishes.” The message is along the lines of, “In this season of thankfulness we are especially grateful to you who have worked so hard to build and create the success of our company.” and attached is supposedly a Thanksgiving Day card. It’s not a card, it’s malware. And its malware that is particularly looking for the next time you log into your bank so it can copy your username and password. It’s another example of why you should read email slowly, be suspicious of any attachments even if they seem to be from friends or family. And hover your mouse over the links that are included in any email or texts to make sure the link is genuine.
Many smartphones have fingerprint readers as an extra layer of login security. The idea, of course, is that everyone – except identical twins – has unique fingerprints. Actually, that’s not quite true. Some of us share common parts of fingerprints. This is important because smartphones have small scanners. As a result, they only scan a small portion of a fingerprint. That means they could be vulnerable to being opened with a fake partial fingerprint if it matches the real owners’. It’s a small chance. However, researchers from New York University and Michigan State University now say they can increase the odds with a system that creates what they call DeepMasterPrints using a form of artificial intelligence to make better fake fingerprints. Of course, the attacker first has to get your device. Which is why you’ve got to make sure it’s never out of your sight.
A Philadelphia-area healthcare company called Tadigm Health is notifying some 7,000 patients about security incident involving personal information. Due to a website problem in 2017 names, dates of birth, medical information, and health insurance information on patients could have been accessed. Patients are being urged to review their health insurance policy statements and to monitor explanation of benefits forms for services they did not receive. They are also getting two years of free credit monitoring and identity protection.
Meanwhile, a Florida dental office is notifying patients to watch for identity theft because it no longer has access to their electronic records. You see a company that managed the database refused to hand it back when its software licence expired. So the dentist’s office can’t say if unauthorized access to the database has or will occur. The two
That’s it for Cyber Security Today. Subscribe on Apple Podcasts, Google Podcasts or add us to your or add us to your Flash Briefing on your smart speaker. Thanks for listening.