…it is a SCAM!
DO NOT GIVE SCAMMERS MONEY OR PERSONAL INFORMATION – IGNORE THEM!
Protect yourself and others from Social Security-related scams
|
Michael Cripps,
President and CEO
Over 300,000 Android users have downloaded banking malware apps
Cybersecurity researchers report that password-stealing banking trojans were disguised as QR code readers, fitness monitors, cryptocurrency apps and more.
Here is the article : Over 300,000 Android users have downloaded these banking trojan malware apps, say security researchers | ZDNet
This article lists the apps that are on google play that should not be downloaded or installed : ‘Banking’ Trojan Malware Hits Over 300,000 Android Users | List of Apps to Avoid on Google Play App Store | Tech Times
I just wanted to share some information to help better protect you and your family as the holidays approach.
Researchers at Tessian (an email security company) caution that people should be wary of scams as Black Friday approaches. The researchers found that 30% of people in the US reported receiving a phishing message around Black Friday in 2020.
“Nearly a third of U.S. consumers (30%) said they received a phishing email around Black Friday last year, either by email or SMS to their personal email or cell,” the researchers write. “The thing is that consumers expect to receive more marketing and advertising emails from retailers during this time, touting their deals, along with updates about their orders and notifications about deliveries.
Inboxes are noisier-than-usual and this makes it easier for cybercriminals to ‘hide’ their malicious messages. What’s more, attackers can leverage the ‘too-good-to-be-true’ deals people are expecting to receive, using them as lures to successfully deceive their victims. When the email looks like it has come from a legitimate brand and email address, people are more likely to click on malicious links that lead to fake websites or download harmful attachments.”
Tessian also notes that employees at retailers should be vigilant for phishing attacks as they approach the busiest time of the year.
“And it’s not just consumers that need to be wary,” Tessian says. “Employees in the retail industry will be busier and more distracted than ever during this time, faced with hundreds of orders, thousands of customer queries to respond to, and overwhelming sales targets to hit. Cybercriminals will use this to their advantage, crafting sophisticated phishing emails and cleverly worded social engineering messages in the hope that a stressed worker will miss the cues and comply with their requests.”
Remember: The bad actors are out in force, and you need to remember to implement good cybersecurity and cyber-hygiene practices – especially over the next couple of months. Be extra cautious of any emails invoking an emotional response or asking for your account information. Feel free to review the October National Cybersecurity Awareness emails and forward them to your family members.
Michael Cripps,
President and CEO
The threat of ransomware has been growing exponentially over the last year. Strengthening your ransomware defenses should be at the forefront of everyone’s mind, including individuals and businesses.
The following arcticle from The Hacker News website gives a few tips and steps to help combat this threat.
The Federal Trade Commission has issued a new Consumer Protection Data Spotlight that reports consumers have lost more than $80 million to cryptocurrency investment scams, an increase of more than ten-fold year-over-year, according to a new data analysis from the Commission.
For more information on this topic, visit www.bankersonline.com
Banking has overtaken retail as the No. 3 most likely industry target for hackers seeking to acquire and misuse customers’ personal information. These bad actors often pose as representatives of your financial institution in their attempts to get at your login information or account data.
Only technology and shipping companies are more susceptible to being targeted by phishing scammers, as reported by Check Point Research in its Brand Phishing Report for Q1 2021. (Check Point Research is the threat intelligence arm of Check Point Software Technologies Ltd., a leading provider of cybersecurity solutions globally.)
Microsoft continued to be the brand most targeted by brand phishing, representing 39% of all global brand phishing attempts. International shipper DHL came in second, with 18% of such attempts. Rounding out the top 10 brands were: Google (9%), Roblox (6%), Amazon (5%), Wells Fargo (4%), Chase (2%), LinkedIn (2%), Apple (2%) and Dropbox (2%).
“Criminals increased their attempts in Q1 2021 to steal people’s personal data by impersonating leading brands, and our data clearly shows how they change their phishing tactics to increase their chances of success,” said Omer Dembinsky, Data Research Manager at Check Point Research, in a press release. “The change seen this past quarter was in the industry of banking.”
Read more here www.forbes.com
Synthetic identity fraud is reported to be the fastest-growing type of financial crime (Off-site) in the United States, accounting for billions in losses annually. Moreover, the use of multiple definitions for synthetic identity fraud throughout the industry poses a fundamental problem – inconsistent categorization and reporting, making it difficult to identify and mitigate this type of fraud.
To respond to this challenge, the Federal Reserve convened a cross-industry focus group of 12 fraud experts in the fall of 2020 to develop a recommended definition of synthetic identity fraud.
“A shared understanding of what constitutes synthetic identity fraud is expected to improve its detection, measurement and mitigation in the payments industry,” said Jim Cunha, senior vice president at the Federal Reserve Bank of Boston. “Consistent use of this definition within and across organizations can enable us to discuss, identify and classify synthetic identity fraud in a similar manner.”
This spring, the focus group concluded their work with the recommendation that the following definition be used by the payments industry as it relates to synthetic identity fraud:
Synthetic identity fraud (SIF) is the use of a combination of personally identifiable information (PII) (Off-site) to fabricate a person or entity in order to commit a dishonest act for personal or financial gain.
To supplement the definition and further educate the industry, the group also outlined identity elements that may be used to create a synthetic identity, common uses of synthetics and the potential applications of the definition. Learn more about the focus group’s efforts and the development of this definition.
At least 30,000 U.S. organizations have been hacked by newly created holes in Microsoft’s Email Software.
The following link is to a krebsonsecurity article that details the how and why, along with some things you can do to help safeguard yourself and your small business.
Working in the banking world today, this is a question we get a lot.
The following article was written by Kate Ashford for Forbes, and can answer questions for our customers that may not have much exposure to cryptocurrency.
https://www.forbes.com/advisor/investing/what-is-cryptocurrency/
-Troy Cripps
AVP
The following link will take you to a blog written by Steve Sanders.
https://www.csiweb.com/what-to-know/content-hub/blog/the-solarwinds-cyberattack
CSI continues to monitor and access the situation.
Reports about the release of COVID-19 vaccines by the end of the year are promising, but plans for distribution are still being worked out.
Here’s what we know right now: Two vaccine manufacturers (Pfizer/BioNTech and Moderna) have submitted applications for Emergency Use Authorization to the Food and Drug Administration (FDA). The FDA could complete its review of these applications by the third or fourth week of December 2020. Additional vaccine manufacturers are expected to apply for FDA authorization in 2021. The Advisory Committee on Immunization Practices (ACIP), an independent group of experts convened by the Centers for Disease Control and Prevention (CDC), has already recommended that health care workers and residents of long-term care facilities should receive the first available doses. As additional data is available, more vaccines are authorized by the FDA, and vaccine production increases, ACIP will continue to update its recommendations.
Once the FDA authorizes one or more vaccines from pharmaceutical manufacturers, vaccines will be distributed to federal- and state-approved locations. For most people living in the U.S., states and territories will make the final decisions on who will get the vaccines and when. States are also working on their own specific vaccination plans. You may want to check with your state for specific information regarding distribution plans in your state. More information on where and how to get a COVID-19 vaccine will be available once vaccines are authorized and/or being shipped out.
While we wait for a timeline and more information, there’s no doubt scammers will be scheming. Here’s what you need to know to avoid a vaccine-related scam:
If you get a call, text, email — or even someone knocking on your door — claiming they can get you early access to the vaccine, STOP. That’s a scam. Don’t pay for a promise of vaccine access or share personal information. Instead, report it to the FTC at ReportFraud.ftc.gov or file a complaint with your state or territory attorney general through consumerresources.org, the consumer website of the National Association of Attorneys General.
Stay connected to stay informed. Subscribe to consumer alerts from the FTC. When you do, you’ll get updates delivered right to your email inbox. You may also want to check your state or territory attorney general’s website for consumer alerts and other helpful information.
https://www.consumer.ftc.gov/blog/2020/12/covid-19-vaccines-are-pipeline-scammers-wont-be-far-behind