TA17-318B : HIDDEN COBRA – North Korean Trojan: Volgmer
TA17-181A : Petya Ransomware
TA17-163A : CrashOverride Malware
TA17-156A : Reducing the Risk of SNMP Abuse
TA17-132A : Indicators Associated With WannaCry Ransomware
TA17-075A : HTTPS Interception Weakens TLS Security
December: Lock Down Your Login
November: Shopping Online Securely
October: Helping Others Secure Themselves
September: Password Managers
August: Backup & Recovery
June: Lessons From WannaCry
March: Securely Using Mobile Apps
February: Staying Secure on the Road
January: Social Engineering
December: Avoiding Holiday Scams
November: Shopping Safely Online
September: Staying secure on Social Media
April: Digital Spring Cleaning
February: Staying Safe From Tax Season Scams
Security tips of the week
Cyber Criminals Don't Just Target Your Phone
Technology is only half the story. When cyber crooks launch their assault on your devices and data they don't target just the security holes on your system. They also aim to prey on your weaknesses.
For more information: The Hackable Human - 6 Psychological Biases That Make Us Vulnerable
This week the U.S. Department of Homeland security reported an increase in cybercrime attempts directed to government agencies.
Sadly, just yeasterday we were apprised by the Georgia Technology Authority (GTA) that a state agency was also the target of an attack.
To address these increases in cybercrime, additional measures to protect against attack include the following:
· Be wary of unsolicited phone calls, visits or email messages from unknown individuals who are inquiring about internal information or information about you or other employees.
· Do not disclose information about our organization to individuals who are not authorized to have the information.
· Do not disclose personal or financial information through email, nor respond to requests for this information via email.
Always remember PURLS when evaluating emails for their legitimacy:
Pretend - Scams may use real logos or appear to originate from people we know and pose as legitimate messages.
Urgency - Scams often convey a sense of urgency or a threat of action if ignored.
Resemblance - Many scams use email addresses resembling familiar legitimate businesses.
Links - By resting your mouse pointer over but not clicking on a link, you can determine if the link matches the text.
Spelling - Many scam emails contain spelling and grammar errors.
Monday, December 4th - Is our CSU Critical Document Shredding Campaign on Main Campus
Faculty & Staff we need you to start gathering your outdated sensitive documents and submitting an eQuest for pick up.
For safety precautions it is best to have outdated official university records destroyed based on the University Records Disposal Guidelines.
Please review your documents and participate in the campaign!
Cyber Tips for Holiday Shopping
Cheers to a cybersecure holiday season! Cyber Monday 2017 – less than two weeks away – is expected to be the biggest shopping day in U.S. history, and roughly 80 percent of adults purchase products online. Mobile has taken over holiday gift giving: last year, half of website visits and 30 percent of online sales were conducted via mobile devices. And technology ranks high on shopping lists, too – from new laptops and gaming systems to tablets, the latest phones and Internet of Things devices like video cameras, toys and appliances.
Whether you are giving the gift of connectivity or using it yourself, don't let hackers mess with the merriment. The National Cyber Security Alliance reminds everyone that all devices connected to the internet must be protected. Read more on Holiday Shopping Tips by StaySafeOnline.
NSCAM: The Internet of Things Wants You!
A career in Cybersecurity is about protecting the internet, a critical resource we all depend on.
If you haven't thought about a cybersecurity career, you'll be happy to know that you are probably more interested than you think.
There are job everywhere for Cybersecurity and not all positions require extensive technical skills
You can learn about Cybersecurity Careers by checking out this: Infographic provided by StaySafeOnline
NSCAM: Inside Your Connected Home
Every day, your house connects to the internet in ways you might not even realize – today's appliances, toys, lighting, TVs, cameras are rapidly advancing in technology. And outside your home, there's so much more that's connected – from your car to the roads you travel on to your whole city.
You can learn about how to protect your connected home by
checking out this: Infographic provided by StaySafeOnline!(PDF)
How Do I Detect an "ADP" Phishing Email?
The University System of Georgia Shared Services Center (SSC) wants to help you protect yourself from
possible "ADP" phishing attempts where people pose as a reputable entity with the purpose
of obtaining your sensitive information.
What Can Happen if My ADP Account is Compromised?
• Your direct deposit account information can be changed to a fraudulent account.
• If the pre-note option is not in place, funds may disperse to the fraudulent account.
• The fraudulent information has the potential to flow into other systems, such as PS Financials and could possibly effect expense reimbursements. Read More (PDF)
Wise giving in the wake of Hurricane Harvey
Consider these tips when asked to give:
Donate to charities you know and trust.
Be alert for charities that seem to have sprung up overnight in connection with current events.
Designate the disaster.
Never click on links or open attachments in e-mails unless you know who sent it.
Don't assume that charity messages posted on social media are legitimate.
When texting to donate, confirm the number with the source before you donate.
Find out if the charity or fundraiser must be registered in your state.
Read more about Scam Harvey Charities (PDF)
Credit: Federal Trade Commission
A Costly Low-Cost Trial Offer
You've probably seen online ads with offers to let you try a product – or a service – for a very low cost, or even for free. Sometimes they're tempting: I mean, who doesn't want whiter teeth for a dollar plus
shipping? Until the great deal turns into a rip-off. That's what the FTC says happened in a case it announced
The defendants sold tooth-whitening products under various names, and hired other companies to help them market the products. These affiliate marketers created online surveys, as well as ads for free or
low-cost trials – all to drive people to the product's website. Read more about this scam (PDF)
Sources: Federal Trade Commission
"Free" Computer Scans
Messages telling you to install and update security software for your computer seem to be everywhere. So you might be tempted by an offer of a "free security scan," especially when faced with a pop-up, an email, or an ad that claims "malicious software" has already been found on your machine. Unfortunately, it's likely that the scary message is a come-on for a rip-off.
The free scan claims to find a host of problems, and within seconds, you're getting urgent pop-ups to buy security software. After you agree to spend $40 or more on the software, the program tells you that your problems are fixed. The reality: there was nothing to fix. And what's worse, the program now installed on your computer could be harmful.
Criminals use undetectable "Shimmers" in new credit card scam
Shimmers are thin skimmers that fit inside where you swipe your Credit Card. These devices scan your Credit Cards chip and stores its data
Remember these tips to try and avoid them
Use the contactless tap-and-go feature on your credit or debit card in stead of swiping or inserting your card.
Use contactless mobile services such as Apple Pay or
Samsung Pay to tap and pay.
If you're withdrawing cash at a bank, go inside to a teller.
Use ATMs in banks rather than a more vulnerable standalone machine.
Cover the keypad with your hand when entering your PIN.
Don't proceed with a transaction if your card encounters resistance when it is inserted.
Contact the bank, merchant and your card issuer is you suspect your card has been compromised.
References: Fox19 , Themerkle, WTVM, CBS