Cybersecurity Tips to Put into Practice During Remote Work

As the situation with Coronavirus COVID-19 advances, many state governments are now issuing orders to work from home for the purposes of slowing down the spread of the virus through “social distancing”. While this period of uncertainty and fear grows, so do the phishing attempts of cybercriminals who seek to take advantage of potential victims.  

European cybersecurity agency ENISA has been warning users to stay vigilant for any suspicious looking emails that arrive in users’ inboxes – especially those that mention the Coronavirus – urging people to avoid clicking links or downloading files that may otherwise include malware and infect devices. Instead, it is recommended to check the legitimacy of the email through methods such as checking the direct website or calling a company’s direct phone line if the email and sender looks suspicious. Any unusual requests through an email should be handled with skepticism and caution.

Aside from being careful of such emails, ENISA also recommends employees to follow these security measures to stay safe while working from home:

  1. Maintaining a secure WiFi connection and having WiFi password protected so as to keep others away from accessing your web traffic. Employees should also make certain their connection on WiFi is secure rather than using an untrusted network through public WiFi.
  2. Having an antivirus software downloaded on your device as you work on sensitive material
  3. Making sure your computer software is up-to-date with the latest security updates
  4. Locking your desktop screen when it is not in use 
  5. Making sure all files are being backed up in case of an emergency (e.g. a ransomware attack)

During this time with remote work, employers should also take responsibility in making sure all employees are well equipped with tools necessary to ensure business security. For example, having an emergency cybersecurity plan or support available for workers when facing technical issues, or having a protocol to follow when working from home in the case of accessing sensitive files.

4 Tips to Keep in Mind to Avoid SMS Scams

From time to time, we receive strange texts from numbers we don’t recognize telling us that our Amazon account has or needs a delivery update or that there is unusual activity detected in our bank account. Texts like these are accompanied with a suspicious looking link that asks you to click to log in. The issue with these messages is that sometimes it could be difficult to tell if it’s a scam when it mentions a company, bank, or other entity we typically interact with. While this may be so, we’ve outlined a few tips for you to keep in mind when you get that suspicious SMS message:

Tip #1: Don’t Click on Links from a Text You Don’t Recognize

It’s important to look out for one of the bigger signs that the text you received could be a scam: if it asks you to click on a link. Usually, you can tell when a link is fraudulent through the domain name. Other times it may be a bit more difficult to assess the link, especially if the company name is used within the link. In whichever case, it’s best practice to just avoid clicking on any such links sent to your phone. If you receive a delivery notification that asks you to check its status through a link, go to your web browser or application instead and log into your account to do so. 

Tip #2: Don’t Reply to Suspicious SMS Messages

Messages that you don’t recognize could ask you to reply “YES” or “NO” or to give them a call about your bank account that was experiencing suspicious activity. In any case, avoid replying back to such messages and note that call to action texts that you don’t recognize could very well be an SMS scam. 

Tip #3: Be Mindful of the Message Content

It’s important to look out for a few tell-tale signs within message content that may reveal the malicious nature of a text. Several things to spot include the greeting message, spelling, grammar, and the link provided. If anything seems out of character through the message, then you’re probably right to think it may be fraudulent. Again, it’s always best to sign into your account through the official website than clicking on a link you’re unsure of – especially if the domain doesn’t appear to be an official company website link. 

Tip #4: Use Your Phone’s Block Feature

To help you avoid receiving any further messages from a sender, iPhones come equipped with the ability to “Report Junk” for texts you don’t recognize. The option appears when your phone recognizes that the number is not part of your contacts list. You can also block a number that sends you malicious messages by pressing on the contact info button at the top of your iMessage, press on the number once more at the top, then scroll to the bottom to press “Block this Caller”.

Phishing Scam With Fake Invoices Spreads Across US and UK

A malware called Emotet is spreading through the US and UK, specifically targeting banks and financial sectors according to a report published by Menlo Security. Cybercriminals have implemented a malware campaign that spreads via phishing emails, with the attachment of a malicious Microsoft Word document attachment. The email is made to look official through mention of financial topics such as invoices or banking details in the subject line, attracting victims to click on the file. 

Emotet malware use was on the decline back in December 2019, yet began to pick up momentum again early into the new year as cybercriminals use it for new malicious purposes. 

These targeted attacks are meant to disrupt multiple sectors including media/entertainment, transportation, and food/beverage in locations such as the US, UK, Philippines, Spain, and India. Emotet attacks have largely been focused on the financial services sector, with half of these campaign attacks affecting the US and a quarter affecting the UK. 

After a user clicks to download the infected Word file and presses on “enable editing”, embedded macros are deployed onto the victim’s computer, which then successfully transfers the Emotet malware. Once transferred over to the user’s device, Emotet not only steals sensitive information, but can also facilitate the spread of more malware to other computers that use a shared network.  

Emotet can’t be traced to just one source of administration, since its function as a botnet infects Windows computers globally, which then spreads further through those infected devices. 

As Emotet continues to wreak havoc, business employees should take precautionary measures in avoiding any suspicious emails that arrive in their inbox, as documents or any links attached could very well be infected with malware. Users should be cautious of those emails that ask to “enable macros”. Keeping computer operating systems up-to-date is also an important step to take in order to stay safe.

California’s New Privacy Law Protects Consumers’ Submitted Data

California residents rejoice – a new law passed for 2020 allows for greater consumer data protection in which one can opt-out of having companies collect and sell their data to third parties. This includes any data collected from social networking websites, consumer goods retailers, banks, etc. 

The new act is called the California Consumer Privacy Act (CCPA) and ultimately protects people from having their data monetized. Under this act, consumers have the right to access copies of any data collected by companies. Those businesses that violate the Act can face State fines or sanctions placed upon them. Enforcement of the Act begins this year in July, and any company that has yet to comply with the change in data collection may not face trouble until then. 

For those companies already in compliance with the new law, consumers can find their data collection opt-out pages typically under the Privacy tab. Recently, a directory of links was created to include these company pages for easy access to opt-out requests –  if in case the page isn’t found straightforwardly on the company site homepage. 

For more information on California’s new Consumer Privacy Act, please visit this page here. The directory of opt-out request pages can be found here.

New Orleans Struck by Cyberattack, City Declares State Of Emergency

On Friday, December 13, New Orleans Mayor LaToya Cantrell declared a state of emergency for the city after a cyberattack was detected around 11 a.m. 

The incident began at around 5 a.m. when NOLA Ready – New Orleans’ emergency preparedness campaign – confirmed “suspicious activity…on the City’s network” and a “cybersecurity incident” by the time 11 a.m. rolled around. Once the threat was established, New Orleans’ IT department issued a shutdown of all employee devices and disconnection from Wi-Fi. Servers were also ordered to be powered down following the attack. Emergency response lines were still open to take calls, however. 

The City of New Orleans declared a state of emergency shortly after the cyberattack was detected. A press conference was held the Friday of the incident, in which Mayor LaToya Cantrell confirmed that a cyberattack was responsible for the unusual network activity. Officials stated how no data was lost after the attack and that there is still no indication that passwords were compromised. Chief Information Officer Kim LaGrue confirmed that phishing emails had been sent to employees that asked for their login information while the attack went underway. There was also evidence of ransomware – specifically the Ryuk strain – as cause for the cyberattack. 

Mayor Cantrell did later affirm that ransomware was behind the attack, but investigations are still ongoing to verify if Ryuk was indeed involved according to the press conference held Monday, the 16th. 

It’s always important to take precautionary steps in making sure you’re prepared for an impending cyberattack. Some cybersecurity steps you can take include:

-Backing up all your data

-Being mindful of what email links and attachments you click on

-Patching software vulnerabilities

-Using strong passwords and activating two-factor authentication for your accounts

Inverselogic’s 2019 Holiday Gift Guide

It seems like yesterday that we celebrated the New Year, and in a blink of an eye, the holiday season has arrived once again. Inverselogic’s 2019 year was quite eventful and exciting with the onboarding of new client projects such as the establishment of Second Home’s new Los Angeles based location – a co-working space that evokes a futuristic atmosphere, the debut of Cellar Thief’s new website – an e-commerce store for wine enthusiasts – in addition to the site launches for Walker Wines and Blacksmith Wines – two stores that celebrate discriminating collectors who seek rare wines from the world, such as French Bordeaux or Italian Barolo. Even though the year is coming to a close, we are still busy with ongoing Windows 10 operating system upgrades as well as our preparation for the upcoming 106th Annual Rosebowl Game – a perfect way to kickstart 2020 with one of the year’s largest sporting events. 

While 2019’s conclusion is fast approaching, our enthusiasm for imparting valuable cyber security information never wanes. Alongside this, Inverselogic strives to provide all our clients with top quality technology services, and our dedication to client satisfaction has been and always will be one of our principal missions. Additionally, our team is committed to delivering innovative technology solutions that best serve our clients’ needs and ensure their continued success.

We would like to express our sincerest gratitude to all our wonderful clients for making 2019 another fantastic, prosperous year. Every year brings us the opportunity to learn, grow, and succeed with our clients. We’re thankful for our business partnerships and the goals that we achieve through every project together. From our team to yours, we hope your 2019 was just as successful.

Inverselogic welcomes the forthcoming new year as we look forward to what 2020 may bring. We would like to wish you a fun and safe holiday season and a very Happy New Year!

Please enjoy our annual Holiday Tech Gift Guide, which features all of this year’s newest and coolest gadgets. We understand that holiday shopping can be hectic around this time, so we’re here to make your experience stress-free as you search for that perfect gift for your loved ones!

UPS Drones Began Delivering Prescription Medications in US

Image Source: UPS

A subsidiary of UPS called UPS Flight Forward began its drone delivery in North Carolina at the beginning of November. Through a partnership with CVS Pharmacy and Matternet, the company successfully delivered medication to both a home and retirement community. 

The drone delivered packages without human operation, although it was monitored remotely. During its delivery, the machine lowered the package it carried through use of a cable. This approach to delivering residents’ packages has taken the burden off those who have restricted mobility. 

Drone deliveries have been happening since earlier this year, with UPS delivering medical supplies to North Carolina’s WakeMed Hospital beginning in March. Google also launched its own drone delivery operation called Wing in October this year, transporting supplies like over-the-counter medications to residents in Virginia. UPS’s Flight Forward now allows for easy, stress-free delivery of prescription medications to residents.

In order for companies to operate drone delivery services, they must receive a Part 135 Standard certification that is administered through the Federal Aviation Administration, granting said companies the ability to carry packages weighed over 55 pounds and fly an unlimited amount of drones during day or night. UPS recently received its Part 135 certification this September. With this granted certification, companies like UPS can explore new possibilities for their drone delivery services, perhaps extending their delivery locations and even categories beyond prescription medications or medical supplies. Google’s Wing has already tested delivering a range of items from Walgreens and a gift shop called Sugar Magnolia in Virginia.

Google’s New Application Tools for Maps, YouTube, and Assistant Put Privacy in the Hands of Its Users

Image Source: www.iStock.com/IngusKruklitis

Just in time for National Cybersecurity Awareness Month, Google Maps, YouTube, and Google Assistant were recently announced to have new tools related to user privacy and security. The new updates to these applications give users more control over what data Google can retrieve, and even gives the option for users to delete already collected data such as within Google Voice Assistant. 

Google Maps has now included an incognito mode to keep the application from tracking which places you search for and where you travel to, this thus giving its application users more control over privacy. Incognito mode also helps to keep users’ personalized recommendations from including any locations that would otherwise be irrelevant. Android and iOS users are expected to have this feature available to their Maps application this month.

Image Source: Google | https://www.blog.google/technology/safety-security/keeping-privacy-and-security-simple-you/

 

YouTube is receiving an update as well, with users now able to choose when the app will automatically delete accumulated history. You can choose to keep your watch history for three or 18 months, or just choose to keep the data until you delete it manually.

Google Assistant is also getting an update that allows users to delete any saved voice data. By saying phrases like “Hey Google, delete the last thing I said to you,” or “Hey Google, delete everything I said to you last week,” to your device, Google Assistant will delete its “Assistant Activity”. Deleting voice data from a while back would require you to go into account settings.

After it was revealed that actual people could listen to voice recordings for the purposes of improving voice assistants, Google, Amazon, and Apple all took action to remedy the privacy situation. Alexa, for instance, was implemented with the option for consumers to choose whether recordings will be reviewed. Two months ago, Apple also stated the suspension of its Siri grading program which similarly recorded user audio. The company commented on how they would incorporate consumer participation choice in the grading program with a future update. 

Image Source: Google | https://www.blog.google/technology/safety-security/keeping-privacy-and-security-simple-you/

 

This Google Assistant feature is expected to be released in all languages by next month. The English commands will be available this month. 

Lastly, Google had released Password Checkup within its Password Manager tool. The Checkup feature notifies its users if their passwords have been compromised from a data breach, weak and need to be strengthened, or whether a password has been reused. Google will be adding this tool to Chrome soon, but users can still take advantage of the feature at passwords.google.com.

Cybercriminals Impersonate These Well-Known Companies in Phishing Emails

Suspicious emails coming through to your mailbox? Does the email claim to be from Microsoft and need your login information to fix an unfounded issue? Cybercriminals increasingly send victims emails such as these, impersonating large-scale companies to appear legitimate, and it’s not only Microsoft impersonations. From Facebook to Amazon, to Paypal and Netflix, it’s a good idea to double check where those emails are actually coming from.

Cybersecurity company Vade Secure conducted an analysis of companies that were most impersonated and found that Microsoft was one of the most used brands in phishing schemes, with an increase of 15.5% since the previous year. Due to the popularity in Outlook mail and Office365, Microsoft is a widely popular impersonation target. With businesses and corporations relying on Office365 for keeping restricted and sensitive files, hackers look for any means necessary to get their hands on such valuable information. Access to Office365 accounts can also open more doors for targeting other users to gain access to more accounts. 

Illegitimate emails claiming to be from Microsoft ask users to log in via a link provided by the hacker and open up a spoof page that mirrors the actual website, prompting users to input their login credentials and submitting it to the cybercriminal.

Paypal comes out as the second most common company to be used in phishing schemes, as the brand is easily recognizable by many. While Paypal still remains a popular choice in targeting victims with fake emails, malicious URL targeting has been declining.

The third most popular company to be used in a phishing attack is Facebook, as Vade Secure tracked a 176% increase in fake URL use to target users’ social media accounts. The social network acts as a perfect opportunity for hackers to send phishing messages to victims’ friends. Facebook access can particularly be harmful if victims have third party applications connected, to which cybercriminals can also access. 

The report further lists other brands like Netflix, Bank of America, and Apple that are also used in these emails. Amazon is now the eighth most popular brand for phishing use by hackers, and its use has grown over 400% in just a year, this likely due to the popularity in Amazon Prime Day and the extensive number of shoppers on the site. 

Phishing attacks are continuously utilized by hackers due to the cheap and easy way it reaches a mass of users. If you receive any such suspicious emails in your inbox, mark it as spam immediately. If you are ever unsure about your account, log in through the company’s official site instead of clicking on malicious email links.

Hackers Gained Access to Sprint Customer Accounts via Samsung Site

Image Source: iStock.com/TennesseePhotographer

As reported on Tuesday, July 16, Sprint has confirmed that a data breach took place through  Samsung’s website, in which hackers were able to access customers’ accounts. There is no detail on how many of such accounts were breached through this occurrence.

The data breach took place on June 22nd, to which Sprint had notified consumers that information such as first and last names, billing addresses, phone numbers, account numbers and more were compromised. According to a statement provided through their website, Sprint stated how the information collected by hackers does not allot for the possibility of fraud or identity theft to occur. After the breach, Sprint had “taken appropriate action” in securing customer accounts to avoid another mishap such as this from happening again. The carrier company also noted how fraudulent activity has yet to be detected. 

On June 25th, Sprint had reset its customers’ Personal Identification Numbers (PINs) in case hackers had breached consumer accounts through PIN. Hackers could have likely gained access to account PINs via a Boost Mobile breach that occurred back in March (Boost Mobile uses Sprint’s network). 

Sprint’s spokesperson emailed CNET stating that “credit card and social security numbers are encrypted and were not compromised” when the data breach happened. Another spokesperson from Samsung had stated that fraudulent activity was detected through hackers using Sprint account information on Samsung’s main website. The spokesperson continues: “We deployed measures to prevent further attempts of this kind on Samsung.com and no Samsung user account information was accessed as part of these attempts.”