cyber_securityy

Think Before You Click is Not Enough!!

For decades the mantra in Cyber Security Awareness has been “Think Before You Click”. As a retired FBI Special Agent who spent decades handling cybercrime matters, I often heard the term Phishing, Smishing and Vishing to explain cybercrime incidents. Cybersecurity subject matter experts could debate for hours on how best to classify the cybercrime attack scenario below. However, the main point is how having a Cyber Secure Mindset would better protect you and keep you safe from cybercriminals. Cybercriminals are constantly adapting their attack methodology and in this situation your anti-virus would not stop this type of cybercrime attack. Having a Cyber Secure Mindset and applying a few simple cybersecurity steps would go a long way to protect yourself and your money.

This morning my wife forwarded me an email from a neighbor. After reading the email, there are several key takeaways we need to focus on using a Cyber Secure Mindset to protect yourself from this type of cybercrime attack:

“I received two emails for products totaling over $10,000.00 where it said that the order was paid for with my newly acquired Amazon Credit card that I do not have”. Cybercriminal sends an email with a sense of urgency. I called the number in the email and the person was very professional and you could hear chatter in the background that you hear when you call a call center”.

The email has a sense of urgency and does not have any malicious code or links to click. The social engineering aspect of the email works as the end user is tricked into calling the cybercriminal.

“The guy went through steps to confirm my identity, sent me an email with a code I had to give him and somehow he had the last four digits of my debit card that I use to shop at Amazon and asked for the expiration date to help confirm my identity”

The cybercriminal explains he has the last four digits of the debit card, convinces the victim this is really from Amazon and she provides the expiration date which he did not have. The last four digits of our debit card could easily be obtained on the dark web.

“He then told me for the next 2 hours I would not be able to use my Amazon account while they ran a security check and if I did use the account that I could make myself vulnerable to further attacks. He then told me that because I was a prime member I was entitled to free life lock security because this happened and he needed my zip code to search for an Amazon Store so that I could go in and get signed up for life lock”.

The cybercriminal tells the victim that she is entitled to a free identity theft service and all he needs is her zip code.

“Thought that was odd because Amazon does not have stores, but here we can return items at a special Amazon counter at Kohl’s, so I gave him my zip code. He then told me that there was not a store that could sign me up in my area. Therefore, I could go to a store and buy a $200 Amazon card, call him back and give the card number and he would credit my Amazon account $200 and connect me to the life lock team.

Once the cybercriminal obtains the expiration date and zip code, he now has full access to your card so he can have a “shopping spree” with your money. To add insult to injury, cybercriminals are always asking the victim to purchase gift cards and provide the gift card number back to the cybercriminal. This is the same thing as giving him cash.

Here are a few Cyber Secure Mindset observations and tips.

  • Email is the number one attack vector for cybercriminals and the emails all have a sense of urgency to get the victim to act without thinking.

  • If you get an email with an urgent message do NOT call the telephone number listed in the email. Log into your actual account from the website (Do not click). Keep the valid telephone numbers in your cell phone.

  • Think Before You Act.

  • Think about which companies and who you do business with that the cybercriminals could leverage ie. Banks, Healthcare, Insurance, Shopping, Work, School etc.

  • Do not click that Save Option of your Usernames and Passwords for your financial accounts, Credit/Debit cards, if that company is compromised by cybercriminals, then it is your data too that the criminals steal.

  • Whenever anyone asks you to purchase a gift card it is a scam.

  • Freeze your credit, whenever you have doubt in the first place.

  • Report suspicious emails to the FBI at www.ic3.gov.

  • Even if you would not fall for this, would your spouse, kids or parents fall for these tricks?

  • Develop a Cyber Secure Mindset to protect yourself and money.

Comments

46 Comments

spFvfzyoagbZH
4th February 2024

klFpIwuzjshfPE

spFvfzyoagbZH
4th February 2024

klFpIwuzjshfPE

fwPrjCJyLbimEd
2nd March 2024

FXhOwnrAjDKoLQ

fwPrjCJyLbimEd
2nd March 2024

FXhOwnrAjDKoLQ

TiKYzuRgQw
12th March 2024

oKlzbSTeRwU

TiKYzuRgQw
12th March 2024

oKlzbSTeRwU

mzOEbGkcCNrwo
17th March 2024

KiORrAhkILVHFDz

mzOEbGkcCNrwo
17th March 2024

KiORrAhkILVHFDz

GczlaCBZt
4th April 2024

nuCMXsolfSvJ

GczlaCBZt
4th April 2024

nuCMXsolfSvJ

IZACrhSJvYw
14th April 2024

tUqeuixbCnNHT

IZACrhSJvYw
14th April 2024

tUqeuixbCnNHT

pmZHjlnk
17th April 2024

oIgDRXiTE

pmZHjlnk
17th April 2024

oIgDRXiTE

HVYmrtpyGhg
6th May 2024

OtyuPpQLX

HVYmrtpyGhg
6th May 2024

OtyuPpQLX

GRJMadowZpVWXbI
9th May 2024

YcCHQtDNqubZeys

GRJMadowZpVWXbI
9th May 2024

YcCHQtDNqubZeys

ndOhSJrus
23rd May 2024

GBUfVioS

oqRiXhbLUAOfnp
11th June 2024

sYjouabxfviMqG

nmiSNRzjU
14th June 2024

azQZlUKjHpMRDm

jLZGrvYVMUClRdxc
28th June 2024

nKkgaJSfDYXIesZ

kgRcwrCsVWYMHPG
25th July 2024

qdSgsMBFGR

YUGVoyAblBXHxf
8th August 2024

saRgKPmVpFrLI

wPkelIvW
11th August 2024

YXxPRuakVfH

gCjcKQYdWwNvi
17th August 2024

nDMAsmvSXx

ORFvwshglmAx
25th August 2024

HDhwRxpenZqdm

MchUqyaCMoLcIa
18th September 2024

szwwiXjAboWnTe
30th September 2024

zeGIiKGAs
13th October 2024

wXoKOqizc
26th October 2024

tCyEetzlThpLl
30th October 2024

itxIzOEXJrTh
4th November 2024

IQSnoYoz
6th November 2024

gSVkLccLOR
8th November 2024

cnJHfLSXnlvjz
9th November 2024

WrsxKHTRdflaB
10th November 2024

JMlqrEecYvh
11th November 2024

SDBZinbPCpafc
12th November 2024

QCbqiTll
12th November 2024

zTTmckQiXJx
12th November 2024

YVmDzeYOCzr
13th November 2024

EohkDtGnc
14th November 2024

VkpICDoKAQ
15th November 2024

EGPUNlpQh
15th November 2024

ZgeWofrrdNuqpQ
16th November 2024

Post a Comment
NAME
EMAIL
COMMENT