With the Holidays upon us, cybercriminals are trying harder than ever to steal your information, your identity, and control your computer. Here is some helpful information you can use to identify social engineering or phishing attempts, and stay on top of the ever changing threat landscape.
With Black Friday, Cyber Monday, and the holiday shopping season soon to be in full swing, cybercriminals are working overtime to turn your search for a deal into a score for the bad guys. Below, is an outline of a few perennial holiday shopping scams. It could be helpful to familiarize yourself with the warning signs around these hoaxes and some tips for avoiding them. Hopefully, these tips might help make your holidays memorable for the right reasons, not the wrong ones.
Phishing Scams: Fake Shipping Notifications, Phony Offers, and More
Phishing scams using fake emails are easy to create, cheap to send, and usually bear tons of fruit in the form of payment card information, account login credentials, and other sensitive pieces of data. Even seemingly innocent messages — like electronic greeting cards — can have malicious software (aka, malware) concealed within them.
Social engineers know that email inboxes will be flooded with order confirmations, shipping notifications, and special offers during this time of the year. They pattern their malicious messages after legitimate emails, which makes it easier to trick recipients. And they are not shy about using big-name brands and logos — like Apple, PayPal, FedEx, and others — to make things look more realistic.
Top Avoidance Tactic: Verify, Verify, Verify
Before you interact with a message, give it a good look and make sure everything seems on the up and up — and remember that it’s always better to err on the side of caution. Logos, ‘from’ addresses, and signatures are not proof of legitimacy; you must look deeper for confirmation.
Here are some questions to ask yourself about unsolicited emails:
- Do I know where this message came from?
- Does this message look like others I’ve gotten in the past, or is something off?
- Is this message confusing or does it make sense?
- When I hover over the ‘from’ address and web links, do I see addresses that make sense or does something look suspicious?
- Is this message asking me for personal information (like login credentials, credit card numbers, etc.)?
If you’re even a little unsure, close out of the email. Instead of clicking a link or downloading a file, visit a website by keying the address into your browser, and log into your accounts via secure channels to confirm offers and notifications.
Social Media: A Few Reminders
Many of us post where we are and what we are doing on Social Media. Remember, there are numerous tools that allow hackers to track social medial posts. Two tips:
- Post your trip and vacation pictures when you get back from your trip…posting while you are on your trip is an open invitation for thieves to burglarize your home.
- Turn on multifactor authentication. If you are using just a username and password, then this is the easiest way for a hacker to gain access your account. A secondary authentication method, such as a text message verification will help reduce the chances that your account will get compromised.
It’s Summer!! And many of us have kids or grandkids or other kids or somebody else’s kids and they are starting to get bored and spend a lot of time on video games or on social media. So this security update is dedicated to kid safety. Many thinks to our cyber division friends in several government agencies for helping with this.
So here’s a post that’s going to be very popular with parents, but might irritate some of the kids. As parents, guardians, and gatekeepers, it is our job to keep kids safe online, and the only way to do that is to monitor what they’re doing, and not allow them to download apps.
Here’s an analogy for you: when you teach your child to swim, do you just throw him/her in the deep end of the pool and shout, “Good luck, kid!” What about this - before your child gets a driver’s license, do you just hand over the keys, and go, “Here you go – figure it out!” No. You don’t. You provide swimming lessons. You teach them how to drive. So why get a kid a phone or a tablet and just hand it over, and let them figure it all out by themselves?
What lurks online is JUST AS DANGEROUS (if not worse) than the deep end of the pool, or being behind a wheel.
Here’s some texting apps kids are downloading, that predators know about and are using to reach out to your child:
- Whats App
- Nextplus (used to be Textplus)
DATING & ANONYMOUS APPS:
Yes, there are dating apps FOR CHILDREN out there, and apps that cater to those who wish to remain anonymous.
- Omgle – seriously, their ad says “talk to strangers!” and they assure you that they pick someone at random for you to talk to, and that you can remain anonymous.
- Yubo (used to be Yolo)
- Yik Yak
And the number one BULLYING APP is Sarahah. Seriously, an app FOR bullying. Not to report bullying, but to actually bully others.
LIVE STREAMING APPS:
These apps allow people right into your home – watching your kid via the mobile cam.
- PHOTO & VIDEO STREAMING APPS:
And last but not least,
Roblox, an innocent game, but unfortunately, the 8-year-old kid chatting with your son through this game is probably a 58-year-old unemployed guy named Horace who hasn’t showered in three days.
There’s absolutely no reason for your child to be on ANY of these apps.
As adults, we are the first line of defense between a child, and a stranger online. Every day someone is coming up with a new way to communicate online, so clearly, the only way to prevent your child from becoming a victim, is to be involved. Check the phone. Check the tablet. Don’t let your child have his or her own AppleID or iTunes account. Lock. It. DOWN!
Make sure you always have the password to all of their devices. If they complain they feel like a prisoner in their own home, let them know that’s a better scenario than being a prisoner in a stranger’s “secret room.”
We truly do care about your kids, and we know you do too.