Cyber Security - Spear Phishing





Have you ever received a strange email or phone call where the other person knew several key pieces of information about you but you could not place where you knew them from? Criminals will use information from social media sites, blogs, websites, and/or previous hacks to gain this information which makes them seem legitimate. The FBI published this short announcment that talks about what to look for:

The FBI has seen an increase in criminals who use spear-phishing attacks to target multiple industry sectors. These attacks allow criminals to access private computer networks. They exploit that access to create fake identities, steal intellectual property, and compromise financial credentials to steal money from victims’ accounts.

In spear-phishing attacks, cyber criminals target victims because of their involvement in an industry or organization they wish to compromise. Often, the e-mails contain accurate information about victims obtained via a previous intrusion, or from data posted on social networking sites, blogs, or other websites. This information adds a veneer of legitimacy to the message, increasing the chances the victims will open the e-mail and respond as directed.

Recent attacks have convinced victims that software or credentials they use to access specific websites needs to be updated. The e-mail contains a link for completing the update. If victims click the link, they are taken to a fraudulent website through which malicious software (malware) harvests details such as the victim’s usernames and passwords, bank account details, credit card numbers, and other personal information. The criminals can also gain access to private networks and cause disruptions, or steal intellectual property and trade secrets.

To avoid becoming a victim, keep in mind that online businesses, including banks and merchants, typically will not ask for personal information, such as usernames and passwords, via e-mail. When in doubt either call the company directly or open your computer’s Internet browser and type the known website’s address. Don’t use the telephone number contained in the e-mail, which is likely to be fraudulent as well.

In general, avoid following links sent in e-mails, especially when the sender is someone you do not know, or appears to be from a business advising that your account information needs updated.

Keep your computer’s anti-virus software and firewalls updated. Many of the latest browsers have a built-in phishing filter that should be enabled for additional protection.

Popular posts from this blog

Wanted Wednesday - Dequan Johnson

Image
Dequan O'Shay Jamal Johnson 1485 McAdams Court Mount Pleasant, SC 11/25/1994 5'05" / 140lbs Black Hair / Brown Eyes      The Mount Pleasant Police Department is seeking the public's help to find Dequan Johnson. Mr. Johnson is wanted for Simple Possession of Marijuana, Possession of Drug Paraphernalia, and Contempt of Court. He is known to frequent the Whitehall Community. If you have any information regarding the whereabouts of Mr. Johnson please contact Pfc. Lynch at 843-884-4176 or mlynch@tompsc.com . You can also send an anonymous tip from our blog or smartphone application.
Read more

Press Release- Armed Robbery Arrest

Image
  Contact Sergeant Ashley Croy Telephone 843.884.4176 Cell 843.872.8532 Email acroy@tompsc.com Website www.tompsc.com FOR IMMEDIATE RELEASE August 21, 2023   Armed Robbery Arrest Mount Pleasant, SC – On August 18, 2023 officers from the Mount Pleasant Police Department arrested Andre Myers along with one juvenile and charged both with one count of Armed Robbery and one count of Possession of a Weapon During the Commission of a Violent Crime stemming from the armed robberies at Circle K on Hwy 41 and Five Guys on Hwy 17. Both Myers and the juvenile were taken into custody without incident. Additional charges are pending with an updated press release to follow
Read more