This Week’s Cybersecurity News, 07/08/2015

Share on

Vishing just won’t stop these days. And ransomware is still going strong, as well. Please read below for more information and tips on how to deal with and prevent these two major problems. Feel free to share this information with family, friends, clients, etc. These are things that anyone can fall victim to at any time and it’s always nice to let others know how they can protect themselves.

Current Threats

  • Vishing
    • You may remember that phishing comes in many varieties and desired outcomes on the part of the cyber actor.
    • Vishing is phishing through the use of fraudulent phone calls or phone messages, i.e., voice + phishing.
    • The cyber actor claims to be from a reputable company, like Microsoft, your bank, etc., and tells you that your account is compromised and, for a fee, they can install software to help you recover the compromised account.
    • They may instead tell you that your subscription to a certain product is up and that they need you to make a payment.
    • The cyber actor will use social engineering to get you to share personal information and financial details.
    • The cyber actor will most likely use voice over internet protocol (VoIP) to spoof the caller ID to make you think the call is coming from a trusted source, like your bank.
    • Here are some tips to keep in mind the next time your phone rings:
      • Do not answer the phone if you don’t recognize the number. If it is important, they will leave a message.
      • If you do answer, hang up as soon as you suspect the call is a scam.
      • Please remember that a reputable company should never, ever ask for your personal information over the phone (or email).
      • Do not press ANY buttons, as this may identify potential targets for more robocalls.
      • Do not respond to any prompts, such as saying “yes,” because your voice may be recorded and used for other fraudulent purposes regarding any of your accounts.
      • If someone leaves a message and a phone number for you to call them back, do not call the number unless you are 100% certain that is the legitimate number.
      • Call the company’s official phone number, if you need to, and tell them about the call you received.
      • Never let someone who calls you like this have access to your computer.
        1. They may install malware.
        2. They may change your password(s).
        3. They may gain access to your account(s).
        4. Call me immediately if you have given access to your work computer.
      • If you did give your financial information to someone during one of these vishing attacks, call your bank immediately and let them know and regularly keep an eye on your account balance and activity.
      • If you gave your personal and/or financial information to someone during one of these vishing attacks, change all your account passwords immediately from a different computer or device and run full antivirus scans on the computer used during the call.
      • If you gave your personal and/or financial information, please file a report with the Federal Trade Commission at https://reportfraud.ftc.gov/#/ and the FBI’s Internet Crime Complaint Center at https://www.ic3.gov/.  
  • Ransomware
    • Ransomware is still an issue for many and it usually targets specific critical infrastructure sectors.
    • Currently North Korean state-sponsored cyber actors are using Maui ransomware to target the Healthcare and Public Health Sector.
    • The Cybersecurity & Infrastructure Security Agency (CISA), the FBI, and the Department of Treasury have released a joint Cybersecurity Advisory saying that these cyber actors have been targeting the Healthcare and Public Health Sector organizations since at least May 2021.
    • While UTIA is not a part of this targeted sector, you may work with those who are.
    • It also is a good time to remind you that ransomware most often infects systems through phishing emails.
      • Never open an attachment or click on a link that you are not expecting or that does not make sense (trust your gut instinct).
      • These attachments can be something like an invoice for an order that you did not place.
      • These attachments can be named to sound like something that makes sense, but it comes from someone you don’t know.
      • A link in a phishing email will almost always contain a malicious file that is automatically downloaded and installed when you click on it.
      • It’s always best to call the sender to verify IF YOU KNOW THE SENDER!
      • It’s always best to forward the email and its Internet headers to OIT Abuse (instructions) if you do NOT know the sender, then delete the message.
      • And never reply to a message you are unsure of, even if it looks like it is from someone you know, but rather call the person instead.
      • Keep your data backed up regularly and you won’t have to worry about paying the ransom.
      • Make sure your backup is in the cloud using Microsoft OneDrive or Google Drive.
      • If you use external storage, make sure it is unplugged as soon as the backup is completed, then store in a safe location away from where you computer is located (e.g., store the backup from your office computer in a locked area at your home).
      • Use multifactor authentication anytime you are given the ability.
      • Multifactor authentication is an extra layer of defense.
      • Set up for each online account, wherever possible.
        1. UT uses Duo for its main apps like Banner, IRIS, K@TE, SUPER, etc.
        2. Many financial institutions, social media, etc., now allow you to use multifactor authentication but you may need to look in their security settings to find out.
      • You can use email, text, or a call to get code.
      • If an app is required, only use a verified app like Google Authenticator.
      • Always call me if you have any questions, concerns, doubts, or other thoughts.

Browser & OS Updates

  • Chrome
    • Google has released a new security update to address vulnerabilities in Chrome.
    • These vulnerabilities could allow an attacker to take control of an affected system.
    • Since your browsers are being managed by UTIA ITS, you should be getting the updates automatically.
    • If you do not close your browser regularly, you may not have the latest updates.
    • In your Chrome browser, go to Settings (the three lines in the upper right-hand corner) and scroll down to Help.
    • Click on Help and click on About Google Chrome.
    • A window will open to show you if your browser is up to date and what version you should have.
    • If you don’t have version 103.0.5060.114, please restart the browser to get the update.
  • OpenSSL
    • OpenSSL has released a security update to address a serious vulnerability specific to OpenSSL 3.0.4.
    • If you use OpenSSL please ensure that you immediately upgrade to Open SSL 3.0.5.

I can’t thank you enough for all that you do to protect the Institute and its data. I am always here to help you. If I don’t get back with you quickly enough via email or if it is an emergency, please call my cell number at any time.

Thanks!

Sandy