Last week we had a disturbing cyber crime attempt from a client’s compromised email and wanted to share the events with you for your possible security assistance. The bottom line, we ask you please change your email and other passwords regularly and have a symbol included.
Here is why:
A client’s email was compromised (gmail account) which we have seen many times, but what made this unique was the hacker stepped into the conversation during a normal communication. The initial conversation by the hacker was a reply to an earlier email, making the response seem very real. The possible assumption is that prior emails were read in order to understand the conversation. We have been aware of this before and recently had a company meeting discussing just this topic, as such, we were immediately suspicious due to improper grammar and after a request for information and eventually funds, turned this information over to the FBI and notified our back office of the client’s breach.
No specific information was given, lost, or disclosed, however here is what we have learned:
- Home machines are particularly susceptible to these breaches
- AOL users are very commonly breached, however we have seen hotmail and now gmail users breached as well
- Change your passwords regularly and make sure you have a symbol included
- Run and keep malware or antivirus programs on your home machines
- Turn your home machines off during non use times, the open static port for home use makes your machine more vulnerable when left on constantly
Coincidentally, with the Wednesday announcement last week of LinkedIn reporting they may have lost 60% of their passwords, we would expect this type of cyber crime to continue.
Have a Great Day!
PS I will be out of town tomorrow on a quick turn around trip.
The following information is from the Cyber crime division of the FBI and also offers some valuable tips:
How to Protect Your Computer
The same advice parents might deliver to young drivers on their first solo journey applies to everyone who wants to navigate safely online. A special agent in our Cyber Division offered the following:
– “Don’t drive in bad neighborhoods.”- “If you don’t lock your car, it’s vulnerable; if you don’t secure your computer, it’s vulnerable.” – “Reduce your vulnerability, and you reduce the threat.”
Below are some key steps to protecting your computer from intrusion:
– Keep Your Firewall Turned On: A firewall helps protect your computer from hackers who might try to gain access to crash it, delete information, or even steal passwords or other sensitive information. Software firewalls are widely recommended for single computers. The software is prepackaged on some operating systems or can be purchased for individual computers. For multiple networked computers, hardware routers typically provide firewall protection.
– Install or Update Your Antivirus Software: Antivirus software is designed to prevent malicious software programs from embedding on your computer. If it detects malicious code, like a virus or a worm, it works to disarm or remove it. Viruses can infect computers without users’ knowledge. Most types of antivirus software can be set up to update automatically.
– Install or Update Your Antispyware Technology: Spyware is just what it sounds like—software that is surreptitiously installed on your computer to let others peer into your activities on the computer. Some spyware collects information about you without your consent or produces unwanted pop-up ads on your web browser. Some operating systems offer free spyware protection, and inexpensive software is readily available for download on the Internet or at your local computer store. Be wary of ads on the Internet offering downloadable antispyware—in some cases these products may be fake and may actually contain spyware or other malicious code. It’s like buying groceries—shop where you trust.
– Keep Your Operating System Up to Date: Computer operating systems are periodically updated to stay in tune with technology requirements and to fix security holes. Be sure to install the updates to ensure your computer has the latest protection.
– Be Careful What You Download: Carelessly downloading e-mail attachments can circumvent even the most vigilant anti-virus software. Never open an e-mail attachment from someone you don’t know, and be wary of forwarded attachments from people you do know. They may have unwittingly advanced malicious code.
– Turn Off Your Computer: With the growth of high-speed Internet connections, many opt to leave their computers on and ready for action. The downside is that being “always on” renders computers more susceptible. Beyond firewall protection, which is designed to fend off unwanted attacks, turning the computer off effectively severs an attacker’s connection—be it spyware or a botnet that employs your computer’s resources to reach out to other unwitting users.
For more information on Internet schemes and how to protect yourself online, see the following areas: