Three email password scams to watch out for
Welcome to Cyber Security Today. It’s Wednesday December 11th. I’m Howard Solomon, contributing reporter on cyber security for ITWorldCanada.com.
Today’s news focuses on three phishing scams aimed at getting your passwords.
First, according to security vendor Malwarebytes, Playstation subscribers are getting fake messages on the platform from the developers of the game Elder Scrolls threatening to kick them off the game. The message says there has been some unusual activity with their account. To confirm they are the rightful owner the subscriber has 15 minutes to click on the alert, log in with their email address, password and date of birth listed on the account. Ignore this warning. If there is a real problem a game developer will email you; they won’t send a message on the gaming service. And no company will send a message asking for your password. If there is a real problem go to the company web site yourself and log in there — don’t click on a link in the email or message.
In the second report a security training company called the SANS Institute describes a new version of an old scam, the infected email attachment for stealing passwords. The victim gets an email with a message like: “Please find attached a copy of your payment notification.” Usually when the document is opened it goes to a fake website login page that the attacker has to take the effort to set up. Victims might deduce something is suspicious by an odd or unfamiliar Internet address. A new scam gets around that by making a fake login page that pops up after someone clicks on the document. Victims are asked to log in on the fake page with Gmail, Office 365, Yahoo, Hotmail or other accounts. It looks like the login goes well, but then the page asks for a phone number and recovery email as well. Then a low-quality phony invoice is displayed. Finally, the victim is sent to a real email site. The goal of all this, of course, is to steal usernames and passwords. Again, to protect yourself don’t log into sites from links in email or text attachments.
The third scam was discovered by security vendor Palo Alto Networks and is similar to the last one: The victim gets an email with an attachment. This one seems to come from their employer, with the subject line referring to an annual bonus or a payroll notification. The attachment is a letter about direct payment deposit to the victim. It asks the victim to click on a link, review the payment or bonus and sign it. The link really goes to an infected document that sends hidden malware from a criminal website. The malware steals user names and passwords every time the victim logs into a site. Note that in this scheme the criminals may target a specific person so the email is sent to a named individual within the right company to enhance its authenticity.
These three examples are reasons why you need to be careful with all email and texts. Slow down, read them carefully, make sure they really are legit. And, where you can subscribe to two-factor authentication requiring you be sent an extra login code in addition to a username and password.
In other news, over 100 Colorado dentists didn’t have proper data backup and have been stung after their technology supplier was hacked and used to pass on ransomware. The lesson: Any company that has access to your firm’s systems can be used as a door to an attack. Meanwhile in England a member of a Russian-speaking cyber gang sentenced earlier this year to more than six years in prison was told last week to pay the court about $350,000. If he doesn’t, he’ll have to spend to more years behind bars — and still pay the money.
Finally, yesterday was Microsoft’s monthly Patch Tuesday, when security updates for Windows and other products were released. If updates aren’t automatic for your machine, make sure they’re installed by going into Settings and then Windows Update.
That’s it for Cyber Security Today. Links to details about these stories can be found in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cyber security professionals. Cyber Security Today can be heard on Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening. I’m Howard Solomon