The bad guys aren’t limiting their scams to just your email account - they’re attacking you via social media, too! They create a fake profile and request to be your friend, or send you a message. They come off as wanting to be friends (in some cases, maybe even more), but what they really want is your money or your friend list. With access to your friend list, the bad guys will have even more people to target.
KnowBe4 Scam of the Week: SharePoint Phishing Attack Impacts 10% of Office 365 Users
Be on alert! The bad guys have a new way of stealing your login credentials. They target you by sending you an invite via email to open a SharePoint document. The link takes you to an actual SharePoint page where you will see a OneDrive prompt. The prompt will have an “Access Document” link in it - don’t click this link!
This link is malicious and will take you to a fake Office 365 login screen. Any credentials you enter here will be sent to the bad guys. Don't be tricked!
The bad guys are sending you a package, but don’t fall for it - it’s a trap! What? That’s right, the bad guys have a new scam and it involves tracking your shipments.
Suppose you’re expecting a package from a well-known delivery company, and you receive a seemingly legitimate email from the company offering a way for you to track your delivery by clicking a link. You click on the link to check on your delivery, but instead, you unleash an unwanted package - an executable file that compromises your computer.
With the summer travel season in high gear, the FTC is warning drivers about skimming scams at the pump.
Skimmers are illegal card readers attached to payment terminals. These card readers grab data off a credit or debit card’s magnetic stripe without your knowledge. Criminals sell the stolen data or use it to buy things online. You won’t know your information has been stolen until you get your statement or an overdraft notice.
Here are a few tips to help you avoid a skimmer when you gas up:
The bad guys know you like free stuff, but this time it’s going to cost you! They lure you to a fake website for a “free” gift card in exchange for seemingly harmless information. Once on the site, you are asked a series of questions. If you make it through all of the questions, you’ll earn a unique code to redeem a gift card - this code and gift card are worthless!
The bad guys are tricking you into offering up your personal information. Don’t be the victim!
Tech support scams, which get people to pay for fake computer help or steal their personal information, are convincing. You might already know the signs of a tech support scam, but do your friends and family? Here’s what they need to know now:
Companies like Microsoft don’t call and ask for access to your computer. If you get a call like that, it’s a scam.
To kids, piggybacking is when someone jumps on your back and you carry them around for a while. In the business world, piggybacking is when you let someone that you do not know enter a door that you just opened.
A lot of organizations rely on biometrics, key cards, or even regular keys to open locked doors. These could be doors to get into the building, parking garage, a particular office.
Piggybacking is when someone you do not know, waits for you to open a locked door, and enters in behind you.
You lose if you reuse! The bad guys are using your breached passwords to access your online accounts. Even if a data breach happened years ago, the bad guys will attempt to use your breached passwords across all of your online accounts to see if they will still work - scary!
KnowBe4 Scam of the Week: Be Warned! New Hybrid Cyber Attack on Banks and Credit Unions
The bad guys are using a new hybrid cyber attack to steal your private banking information. They place a Banking Trojan on your computer (most likely through email), and once you try to visit your bank’s website, it will redirect you to a malicious, look-alike page - this site is NOT your actual bank!
You've probably never heard of the marketing and data aggregation firm Exactis. But it may well have heard of you. And now there's also a good chance that whatever information the company has about you, it recently leaked onto the public internet, available to any hacker who simply knew where to look.