Today the Security team at DoIT received reports of a phishing scam targeted at the Physics Department. We have decided to make this a campus-wide announcement, as hackers could potentially send this email out to students, or other faculty and staff; compromising their safety.
This phishing email content is as follows:
“From: heperezufl.edu@gmail.com>
Hello. Are you available?
Please, I need your assistance urgently
Dr. Theodosia Gougousi
Professor
Graduate Program Director
Department of Physics
University of Maryland, Baltimore County
Office:
Physics”
There are many characteristics that lend to this email being considered a phishing email; for example, the vague nature of the email content, coupled with the unknown and suspicious sender.
However, the biggest red flag here is the hacker posing as a trusted entity. Here the hacker uses a specific form of phishing known as spear phishing to target specific members of the Physics Department. Hackers often gather information about organizations in order to make their phishing scams more personal and believable. Here, the hacker impersonates the Graduate Program Director in order to target staff within this department with the intention that they’d reveal confidential information.
If you receive this email, please be aware of its malicious nature and do NOT reply to it. Replying to this email could further engage the hacker in hopes that you’ll reveal sensitive information such as your location; which will compromise your safety.
The DoIT security group is fully aware of this phishing email and is currently working on fixing the issue.
If you receive this email or one with related content, please forward it to security@umbc.edu with full headers (directions here: https://wiki.umbc.edu/pages/viewpage.action?pageId=1867970) delete the email immediately. If you feel your information or safety has been violated in any way, you are encouraged to call UMBC Police at (410) 455-5555.
For more information regarding phishing and spam FAQs, please see the
PHISHING/SPAM FAQS section of itsecurity.umbc.edu.
]]>This past week, UMBC users have reported an increase in the occurrence of a particular phishing attack from a specific domain. This phishing email content is as follows:
“From: UMBC noreply@umbc.edu ctirrell@tds.net <ctirrell@tds.net>
Date: Thu, Jun 13, 2019 at 6:35 PM
Subject: UMBC
To:
Greetings.
A private message has been sent to you by the Admin department. Click hxxps://www.umbc.edu/ and view your message.
Sign.
HEAD of the department”
(This link has been edited so that in longer points to the suspicious web page)
There are many characteristics that lend to this email being considered a phishing email; for example, the vague nature of the email content, coupled with the suspicious source domain and ambiguous signature are red flags when receiving unsolicited emails. In addition to this, hackers often gather information about organizations in order to make their phishing scams more personal and believable. This phishing email in particular was targeted at UMBC faculty and staff where the content of the email presented as being from a trusted entity (head of the department); something phishers often do to scam victims into offering sensitive information, or clicking on malicious links.
If you receive this email, please be aware of its malicious nature and do not click on the link as it points to an unverified web page. The DoIT security group is fully aware of this phishing email and is currently working on fixing the issue.
If you receive this email or one with related content, please forward it to security@umbc.eduand delete the email immediately. If you feel your information has been violated in any way, you are encouraged to call UMBC Police at (410) 455-5555.
For more information regarding phishing and spam FAQs, please see the
PHISHING/SPAM FAQS section of itsecurity.umbc.edu.
]]>Recently, UMBC users have reported the increased receipt of a specific phishing attack stemming from a particular domain. The phishing email content is as follows:
“From: Guthrie, Melinna <Melinna.Guthrie@stonybrookmedicine.edu>
Date: Fri, May 24, 2019 at 8:48 AM
Subject: EARN MORE /PART TIIME JOB OPPORTUNITY
To:
Customer Impact Services, secret survey company is currently hiring people from all over USA/CANADA to visit local stores as a shopper and test customer service professionalism while you earn commission of $300 flat on each visit which does not take more than an hour.
You will be given funds to visit a store and pretend as a normal customer while you make purchases and take note of the quality of service as well as environment after which you will give a short report or feed back to the company for business development and customer service improvement decisions via email and earn your commission of $300 per visit.Usually, you will have 2 visits in a week and make $600 or more in a week. I am giving assurance over the legitimacy of this company.
Note:
Only local stores are given, no traveling required
You do not have to pay any money to begin, you'll rather be making money from home
No rigorous process in registering and commencement of assignment(s)
1) Shopper take personal satisfaction in watching service levels rise knowing that they played an instrumental part in that improvement.
2) Shopper know the importance of following directions, they read and follow each client's evaluation criteria to the letter.
**To register
[<hxxps://docs[.]google[.]com/forms/d/1wab3UlNppQepch_ApuXxGYyJWIa6mwCrOthbe0nThnI>;]”
This phishing email is a particularly malicious one owing to number of factors; these include the professional format and grammar, the believable content of the email, as well as the presence of apparently legitimate links and source address. The DoIT security group is aware of the phishing scam and is currently investigating the issue.
Due to the fact that the links contained within the email are google docs, we are unable to block or report them to google as malicious content. With that in mind, we ask that if you receive this email, please forward it to security@umbc.edu, and to treat it as a malicious phishing attack. In order to mitigate potential damages, under no circumstances are users encouraged to click on the link or follow any instructions contained within it; upon receipt of the email please delete it immediately. If you have already done so and feel your personal information has been compromised in any way, please contact UMBC Police at (410) 455-5555.
For more information regarding phishing and spam FAQs, please see the
PHISHING/SPAM FAQS section of itsecurity.umbc.edu.
**This link has been altered so that it is unable to be clicked and directed to a malicious website or download any malicious software to your machine.
]]>Whether you are a student, teacher, or any other faculty member, we all have different goals and aspirations in our everyday lives at UMBC. What we all have in common in this community is making sure our personal information stays secure. One issue you must be aware of is the phishing that many accounts have encountered.
Phishing is the use of deception to acquire sensitive information from a person. One strategy of this is where hackers create fake emails to connect to a number of users. This strategy is very common, and surprisingly many users fall into this trap simply for lack of knowledge. Phishing is very threatening because when it is successful, cybercriminals may gain access to your personal information and potentially stealing money. This could result in financial loss.
DoIT has recently been notified by several users that they have received what appear to be phishing attempts. These messages may demand the user to pay a ransom to prevent the release of potentially damaging information (a process known as sexploitation, from sexual exploitation), purchase illegitimate computer software to ensure system stability, or ask if the user is available to purchase gift cards. These messages are coming from fake email accounts pretending to be supervisors, admins, staff members, or other well-known people. If you receive an email that is from a high-profile or an authoritative person at UMBC, please be alert and make sure the email is from an authentic source.
If you receive an email that is not from a umbc.edu account, please be aware that this email can potentially be a phishing attempt. You can verify whether or not the message is authentic by checking the email address. Some of the phishing emails that have been reported came from “my.com” and “umbc.edu@gmail.com” accounts. Another strategy is seeing what they are asking for. Phishing messages tend to demand for money in unusual circumstances. Also, it is valuable to analyze the “from,” “to,” “date,” and “subject” line of the email. If some or all of these components seem to be illogical, you can send a message to security@umbc.edu and they will assist you to finalize the emails legitimacy.
DoIT is currently working on this issue and has notified the site owner whenever a phishing email has been reported. If you see an email that does not seem to be authentic, take a step back, slow down, stay focused, and think before you go any further with the suspicious email and respond accordingly.
What is Backup?
Backup is for recovery from hardware failure or recent data corruption or loss.
Why Backup is needed?
A Backup is copy of your data that is made in order to protect against loss of that data. Typically, backups are made on a regular basis to a time schedule or when the original data should be updated. Usually original data is not deleted, but older backups are often deleted in favor of newer ones.
There are various ways to backing up data
1.Keep it in the cloud
2. Save it to an external Hard Drive
3.Burn it at a CD, DVD, or Blue- ray Disc
4. Put it on a USB Flash Drive
Usually Desktop computers, VMs, and mobile devices are all commonly backed up. Backups can include data, OS and application files, or a combination of these according to the backup methodology and purpose.
The goal of a backup is to make a copy of anything in current use that can’t afford to be lost. A backup of a desktop or mobile device might include just the user data so that a previous version of a data can be recovered if necessary.
In the case of a ransomware attack, a solid backup strategy can mean the difference between being able to restore a compromised system and having to pay a ransom in the vague hopes of getting a decryption key to obtain access to files that are no longer available because they were encrypted by the attacker.
Backups can have additional uses. A user might go to a backup to retrieve an earlier version of a file because it contains something no longer in the current file, or, as is possible with some backup services such as Backblaze Backup, to share a file with a colleague or other person.
In my opinion, Cloud storage is considered as most convenient and flexible data backup.
There are some versions of cloud storage: iCloud, Google Drive, One Drive and Dropbox.
]]>Public Wi Fi is famous with its easily availability and free access. Any person with their computer or other devices can access Public Wi -Fi. Public Wi -Fi could be found in convenient places such as universities, libraries, airports, coffee shops and hotels. In the case when you connect to Public Wi -Fi there is a threat that someone might access the data you are sending to your colleague or boss.
To protect your data while we are using Public Wi-Fi, send your information to only to sites that are trusted and fully encrypted, and avoid using mobile apps that require personal and financial information.
Regardless what we are doing connecting to Public Wi -Fi considered incredibly dangerous. There are some suggestions while you are connected to Public Wi – Fi.
·
Be aware
Public Wi-Fi is inherently insecure — so be cautious.
·
Remember —
any device could be at risk
Laptops, smartphones and
tablets are all susceptible to the wireless security risks.
·
Treat all
Wi-Fi links with suspicion
Don’t just assume that the Wi-Fi link is legitimate. It could
be a bogus link that has been set
up by a cybercriminal that’s trying to capture valuable,
personal information from unsuspecting users. Question everything — and
don’t connect to an unknown or unrecognised wireless access
point.
·
Try
to verify it’s a legitimate wireless connection
Some bogus links — that have been set up by malicious
users — will have a connection name that’s deliberately similar
to the coffee shop, hotel or venue that’s offering free Wi-Fi.
If you can speak with an employee at the location that’s providing
the public Wi-Fi connection, ask for information about their legitimate Wi-Fi
access point — such as the connection’s name and IP
address.
·
Use a VPN
(virtual private network)
By using a VPN when you connect to a public Wi-Fi network,
you’ll effectively be using a ‘private tunnel’ that encrypts all
of your data that passes through the network. This can help
to prevent cybercriminals — that are lurking on the
network — from intercepting your data.
·
Avoid using
specific types of website
It’s a good idea to avoid logging into websites where there’s
a chance that cybercriminals could capture your identity, passwords
or personal information — such as social networking sites,
online banking services or any websites that store your credit card
information.
·
Consider using
your mobile phone
If you need to access any websites that store or require the
input of any sensitive information — including social
networking, online shopping and
online banking sites — it may be worthwhile accessing them via
your mobile phone network, instead of the public Wi-Fi connection.
·
Protect your
device against cyberattacks
Make sure all of your devices are protected by a rigorous anti-malware and security solution — and ensure
that it’s updated as regularly as possible.
]]>
Definition of Social Engineering.
In social engineering, a cybercriminal is basically relying on social activities (and interactions) of human beings to collect information by tricking them. For example, asking people to open a phishing email (with attached malware) and thus breaking standard practice of an organization related to the best practices for minimizing risks. Social engineering often involves human socialization and interaction rather than hacking a network. The criminals are basically con artists. Criminals are interested in gaining “confidence” of a person so that he/she might share confidential information of a business for further exploitation or hacking activities in the future.
Types of Social engineering.
There are several types of social engineering attacks. Such as, baiting; phishing; pretexting; quid-pro-quo; spear phishing; and tailgating.
In baiting, criminals leave a malware infected device to be opened by an innocent person.
In phishing, criminals make fraudulent communication (appearing to be legitimate). Victims are tricked to opening an email with an appearance of a legitimate sender. Charity to help poor (but has malware).
In pretexting, criminals are scammers interested in victims to disclose confidential information.
In quid pro quo, criminals are offering a gift item to attract a victim for obtaining personal data.
In spear phishing, criminals are collecting data from social network (Facebook) and customizing this data to gain confidence of a victim in order to reveal personal information or trade secrets.
In tailgating, criminals actually follow victims to his office or home. Example asking a victim to hold a door open while criminal installs a bug (secretly) capable of transmitting data about victim’s activities.
Solution
How to avoid social engineering risks. It is best to educate people and remind them constantly about dangers. Constant reminder is a must. Otherwise, people forget and tend to overlook cyber risks.
]]>The topic is about pros and cons for leaving a digital device unattended, such as a cell phone, a laptop or a desktop computer. It does not matter whether devices are personally owned or business owned.
CONS:
1. This situation of leaving a device unattended is like leaving a car unlocked. The biggest risk is about the loss of a device itself (i.e. stolen). Thieves would be able to sell parts of a device if not an entire device. True, stolen devices could be tracked. But, only when a device is unassembled.
2. Loss of privacy. Intruders might be able to see (and read) confidential matters. Doesn’t matter whether the stored information is personal (e.g. family photos) or business (e.g. contracts). Thus, putting a business or an employer at a risk when sensitive information is left unguarded.
3. Spies could install malware on an unattended device and download stored information remotely at their convenience. (Sometime, government spies including manufacturers from China install malware devices on laptops sold to a country for monitoring daily activities).[1]
4. Waste of electric power or discharging battery if left unlocked and running (while a device is also left unattended). If left running 24/7 then internal parts of device would wear quickly (because every part has a limited life based on number of operating hours).
5. Children may visit unauthorized webpages in case a personal laptop or a cell phone is left unattended. Children might be exposed to inappropriate materials. Children may be targeted by predators. Children may post something on line (and it is difficult to delete almost anything once something is posted on line). Children may play for hours and hours and exposed to health risk (i.e. weight gain, watching games on a device left unattended). Children distracted from studies.
PROS:
Almost none. Except, a minor convenience of not turning ON. We see that in offices desktops are left running at night. Monitors get burned. Parts get worn (limited life). And, security guards are annoyed.
Introduction - pros and cons of security cameras.
We are living in an age of an Internet-Of-Things (IOT). We know that cyber risk exists whenever a device is connected to an Internet. And, today countless devices are connected via an Internet. Transportation department has installed cameras on highways to monitor traffic jam during rush hours and to evaluate driving conditions of roads during a bad weather (e.g. an excessive snow accumulation and rain-flood). Police department has installed cameras on streets to minimize street crimes. Local governments have installed cameras to monitor a car violating an authorized speed-limit near a school zone. Corporations have installed security cameras to monitor people entering and leaving a building for safety reasons. [1] In short, security cameras are a necessity (and not a luxury) because of the safety concerns of citizens.
However, the disadvantage is that security cameras can be breached (i.e. hacked). Information could be stolen. Photos of individuals (including celebrity movie stars) entering or leaving an area (such as a gym or a restaurant or a shopping mall) could be published in a magazine for a profit. Moreover, a breach of a security camera system could lead to hacking of other departments, such as: finance, payroll or HR. So, it is important to protect security cameras as much as we protect traditional IT systems from hackers.
In Jan 2017, President Trump’s oath taking inauguration ceremony, the cameras installed by the police department of Washington DC were infected with malware. 70% of all cameras in Washington DC were bugged with ransomware.[2] Cyber criminals were demanding money. Luckily, police department turned OFF all city street cameras, removed all installed software, cleaned all videos and restarted/rebooted the entire system. City police had to pay lot of money for repairing infected cameras in Washington DC.
How to know if a security camera is hacked?
Often it is difficult to know that a security camera has been hacked in a timely fashion. Months pass by and people don’t know that the security camera system has been breached. [3]
If a security camera is working slow (than its normal speed) then it implies that something is wrong with a camera. Connection will be poor. Signal could be weak. System would be frozen (or locked).[4] More investigations would show that camera is breached. Infected virus slows camera’s overall performance.
How to protect security cameras from hackers.[5]
1. Often cameras come with a password. Users are lazy to change manufacturer’s password. Change temporary password issued by camera manufacturers. Reset passwords.
2. Use a strong password instead of “name123”. Use a complex hard to guess password. Strong two factor authentication is needed (like for other IT systems).
3. Prefer, not to put security camera on a main network. But, if you do, then use an advanced firewall software to prevent an intruder.
4. Ideally, install and place a security camera on a separate network rather than using the main network. This is because in case of a breach a hacker cannot penetrate the main network.
5. Cameras come with an operating system software. Such as Linus and Windows. Thus, update or patch operating system software regularly.
6. An administrator should not share his /her password with staff even in an emergency.
7. Use encryption techniques to transmit a camera’s (or a video’s) images.
8. Store cameras in a safe place because people will steal an entire camera (to sell stored data).
[1] Web cameras installed on a laptop are subject to cyber risks. However, this article is limited to security cameras installed for monitoring an area. Similarly, cyber risks associated with smartphone cameras are not discussed.
Today we are relying on our devices more and more. Cyber risks associated with smartphones are increasing day by day.
Here is the summary of cyber risks related to smartphones: Covering following topics: a) pros and cons of smartphones, b) basic operating system used in smartphones, c) why an Android operating system software is riskier than any other operating system software, and d) how to minimize cyber risks associated with smartphone.
Smartphones are now a part of our daily life. On average Americans are spending 5 hours per day on a smartphone. Moreover, very few of us can live without a cell phone because landlines are disappearing fast. Pros and cons associated with the use of a cell phone are listed below.
Pros: High level of portability, easy access to web, savings, constant communication between parents and children, tracking location of a family member or a friend in a distress or an emergency, convenience of taking photos including videos and so on.
Cons: Texting while driving has increased risk of car accidents, a desire to purchase the newest model introduced in market and above all loss of family time and human interaction (people are constantly playing games on cell phone instead of engaging in meaningful socialization to build lasting friendship). Cell phones (or smart phones) are also subject to cyber risk losing valuable personal and financial data.
Three basic operating system platforms used in smartphones.
There are several firms manufacturing cell phones. Too many to list. However, one thing that is common in all cell phones is that it is either based on Apple’s Operating system platform, Android’s operating system platform, Window's operating system platform or Blackberry’s operating system platform. In short, all cell manufacturers must adhere to any one of four platforms. Of course, each operating system platform installed in a cell phone has its pros and cons. Consumers chose a cell phone based on technical features (i.e. bells and whistles) along with price and customer services.
Main source of smartphone’s cyber risk (i.e. an open source platform).
Often, consumers purchase a cell phone without evaluating cyber risks associated with its operating system. Some operating system platforms are easily hacked where as some operating system are not. In general, we would like to install any application written in any language. For example, we would like to install an application software for controlling a security system of a cell phone using a software sold by any vendor. This is called an open source system. Apple does not offer this flexibility. Apple phones do not have an open source operating platform. The public must install only Apple’s application software. Apple’s operating system is proprietary, closed-source and more secure. This is good, because, a closed-source platform has less cyber risk compared to an open-source. Malware can easily penetrate an application’s software written by an outsider (i.e. a third-party firm). TIMES report says that in Apple’s smartphone, “Everything is encrypted, and more importantly, the key to that encryption is extraordinarily difficult to extract.”
On the other hand, Android’s operating platform system is an open-source platform. Software writers are selling phone-applications at a cheaper price compared to applications installed on Apple phones. To summarize, an internet research suggests that Android operating systems are more vulnerable to cyber risks. And main reason for this cyber risk is an open source operating platform.
How to minimize cyber risks while using a smartphone?
No smartphone is completely 100% safe from cyber risks including an Apple phone which has a closed-source operating system. However, consumers can take a few basic steps to minimize cyber risks.
1. Lock your screen (possibly after every 30 seconds when cell phone is left unattended).
2. Wipe out all information from cell phone after 10 failed login attempts.
3. Don’t use a pin code for locking screen. Instead, use a complex password with alphabets, numbers and symbols.
4. Use biometric (i.e. finger print scanner) for waking up a cell phone. Apple is now using face ID for waking up a cell phone. Facial recognition technology is available on iPhone X
5. Be careful when downloading an application-software on a smartphone. Malware risk is high. Install an application software only from a reputable store instead of clicking an install button.
7. Get rid of application-software installed on a smartphone that are unused (and outdated).
8. Log out from all of your accounts.
9. Be careful when browsing a web. It’s even better to install an advertisement blocker.
10. Be careful about your co-workers and friends overlooking over your shoulder when logging into a smartphone. Often, onlookers are trying to steal login password.
11. Be careful about phishing. Don’t click on every link that you see on a screen.
12. Yes, don’t forget to activate your device locator to trace a stolen or a lost phone.
13. Use a two-factor authentication for password verification.
14. Turn on the antivirus system installed on a smartphone.
15. Use a secure wireless network (instead of logging at Starbucks or McDonald and so on).
16. Don’t sell or exchange a smartphone without resetting the entire device to an original factory setting (to be sure that data stored on smartphone are completely wiped out).
Conclusion.
We can benefit from modern technologies and devices. However, we must learn how to minimize cyber threats by undertaking a few basic precautionary steps because no operating system is 100% safe from cyber criminals regardless of Apple’s system or Android’s system or Window’s system.