1. The Health Information that Gives Viruses
When something makes global headlines, like the Coronavirus has, the scams are quick to follow. The World Health Organization (WHO) has put out an alert about ongoing phishing attacks that impersonate the WHO and try to steal confidential information and deliver malware.
These attacks come in various forms. One may include a link to an “updated map of confirmed cases” or a map claiming to predict where the virus will spread to next. Others may attach a document of “safety measures” to review and share with your family and business. And others try to get your personal information as a request from the WHO.
There is obviously a lot of information being shared about this virus and ways to try to prevent getting sick as it impacts people worldwide.
So what can you do?
- Be suspicious of any unsolicited messages. Especially when it appears that you have been contacted by an agency such as the WHO, find another way to verify its legitimacy before engaging with anything in the message.
- Independently navigate to the website and find any pertinent maps or information there. If it’s really from the WHO, then it won’t be private and emailed solely to you. There are also other agencies to contact for information, such as the CDC or NIH.
2. Beware the Browser Extension
We do so much online that adding browser extensions to type less, shop more frugally, and save passwords, for example, can seem like a godsend. But beware: not all browser extensions are created equally.
Google recently removed more than 500 extensions that were found to be stealing private browsing data and perpetrating ad fraud, among other unsavory activities.
They were discovered through an advertising-as-a-service Chrome extension designed for businesses. Rather than help advertise their businesses, however, the users of the extension fell under server commands to visit a round robin of sites to accumulate fraudulent ad revenue. Some sites were benign and others malvertising, or phishing sites. The extension also had code giving itself extensive permissions for accessing data and was able to steal private browsing data from the infected browsers.
Stay safe with these tips:
- Always vet the software you plan to install. Whether it is on a desktop computer, a laptop, or a phone, just because something is available through the Google App Store (or Apple’s or any other), does not mean it is secure. This applies to extensions, plug-ins, apps, etc.
- Remember the saying that, “if you’re not paying for the product (or not sure exactly what it is), then YOU are the product.” If a deal seems too good to be true, it probably is. As one of my employees likes to say, “trust…but verify.”
3. Seasonal Scams: Valentine’s Day Edition
According to the FBI’s Internet Crime Complaint Center latest figures, confidence/romance scams cost victims an astounding $475,014,032 in 2019.
As if dating and relationships don’t already cost too much and often end in heartbreak…
That’s just a joke. All these scams can paint a pretty depressing picture, so I like to lighten things up every once in a while. They’re a serious problem, but my team and I don’t want you to feel overwhelmed. You’re already taking an important first step by embracing awareness. And when you’re ready to talk next steps, we’re here.
In any event, holidays will continue to attract scammers. They’re an easy opportunity to send appropriately themed messages that can play on your emotions or seem like a realistic offer to download that dating app full of malware or con artists for an extremely low entry price.
“For cybercriminals, Valentine’s Day is just another holiday and the opportunity for just another scam,” explains Terence Jackson, chief information security officer at Thycotic. “If you don’t know who the mark is, it’s most likely you. Phishing is still the attacker’s weapon of choice, and there will be no shortage of well-crafted emails and messages designed to emotionally engage you and prevent you from making rational decisions.”
Next up will be St. Patrick’s Day. Then Easter, Tax Day, etc. So keep an extra eye out for those ‘lucky’ deals and offers that will send you ‘over the rainbow.’ Many will be legitimate sales, but others will be designed to steal your passwords, your money, and your faith in humanity.
So how can you protect yourself?
- Try to be more aware around all the holidays. There’s usually a lot going on, so scammers think they can slide in unnoticed and catch you clicking on a malicious link while you’re distracted.
- Pay attention to your emotions. When you’re reading or watching something online, and it tugs on your heartstrings, try to pause before opening your purse strings. Generosity should be admired rather than punished, but there will always be bad actors trying to take advantage or others’ good intentions.
