More than 90% of cyberattacks start with a single phishing email, but different modalities for phishing have been on the rise. We must be prepared for email scam attempts, as well as those that leverage text messaging and phone calls.
Jessie Pudelek
Recently, there has been a notable increase in spam communications, including phishing emails, SMS phishing (text messages) and voice phishing (robocalls). Attackers are taking advantage of this time of change and stress to trick people. Keep reading for tried-and-true methods to support you in identifying and avoiding all spam messages.
Cyber attackers are sending emails claiming to be from a voicemail or phone service stating that you missed a call and that you can retrieve the voicemail message by clicking on a link or viewing an attachment. However, instead of taking you to an actual voicemail, the link or attachment will take you to a form to steal your credentials or will launch malicious code on your computer.
One effective phishing method is crafting a message that appears to be coming from a popular cloud service and contains a link you click on to view the document. Clicking on the link will take you to a web form to steal your username and password instead of taking you to the cloud service. Since document-sharing scams are one of the trickier forms of phishing to identify, it is important to be extra careful when handling these types of messages. Add these tips to your anti-phishing toolbox to help you avoid these scams.
Avoid making yourself vulnerable to cyber attackers by practicing good cyber hygiene. Read on for everyday tips you can apply to keep you safe and provide peace of mind in our increasingly technologically connected world.
Most of the Fermilab community is settling into a new telecommuting routine and adjusting to different ways of accomplishing our work. Working remotely brings a separate set of cybersecurity concerns, as being away from the on-site lab network creates a different computing environment than you may normally use. As such, the Cybersecurity Team has compiled a list of reminders and instructions to help you stay safe online during this time.
When it comes to social engineering tactics, email scammers will use any means necessary to trick you into giving up your credentials or launching malware on your computer. Most recently, their efforts have been spent capitalizing on the widespread concern and confusion surrounding the coronavirus outbreak. Security researchers have already identified several different types of phishing scams specific to coronavirus, and it is likely there will be variations to these emails coming as the crisis continues.
Phishing emails come in a variety of formats, including different levels of sophistication and trickery. Most phishing emails are common garden-variety scams used to directly solicit financial and personal information from you. Garden-variety scams are a little different from other phishing emails that try to steal your credentials to get into your personal and financial accounts. The good news about these scams is that they are easy to spot due to the outlandish stories pushed to the recipient.
This crayfish looks a little out of place in the grass by the walking path across from FCC!
In July, the FermiMail Team, in conjunction with the Cybersecurity Team, deployed ProofPoint Targeted Attack Protection, a tool intended to protect the lab against the increasing threat of phishing.