Say NO to Stealing Sensitive Information by Phishing
Cybersecurity Data breach Insider threat

Say NO to Stealing Sensitive Information by PhishingJust a few days after the IRS released it’s warning about W-2 phishing, it appears the College of Southern Idaho (CSI) reported that 3,000 employees’ personal information may have been compromised by a phishing scam.

The attackers are now expanding their sights into higher education according to a recent article by Paul Greene, an attorney at Harter Secrest & Emery.  Given the large number of employees, including seasonal employees, community education instructors and people who work for auxiliary agencies, these institutions are great sources of sensitive information and money.  In this case, someone impersonating a CSI administrator sent an email to an employee requesting W-2 information for all school employees over the past two years.

How to Fight the Latest Phishing Scams
Cybersecurity Data breach Insider threat

How to Fight the Latest Phishing ScamsThe more things change, the more they stay the same, unfortunately.  Paul Greene, an attorney at Harter Secrest & Emery, in a recent blog post mentioned a new IRS warning about the reappearance of phishing scams targeting W-2 information.  Companies have lost thousands of dollars in email compromise attacks that first steal W-2s and then attempt wire transfer frauds.

This is nothing new, of course, with the IRS having issued the same form of warning around this time last year.  But it is tax season and the scammers, fraudsters and hackers decided to get a jump on things this year.

In recent years, the criminals targeted corporations, but this year they are casting a wider net, potentially affecting schools, non-profits, restaurants, healthcare providers, and tribal organizations.  This is a classic case of targeting organizations that may not have the best security, since they have not been victims in the past.  Those organizations affected in recent years have hardened their defenses, but now the scammers are going after the next tier.  They also may be going after the supply chain of some of the companies targeted in the past.  After all it’s easier to attack a small service provider than to attack a large bank or manufacturing company.

Protect Your Privacy and Data During Online Holiday Shopping
Data security Privacy

Protect Your Privacy and Data During Online Holiday ShoppingToday is the last shopping day before Christmas, although I would bet a few of you will somehow buy something on Christmas morning; thank goodness for 24-hour minimarts.  A lot of us are doing more of our shopping online, which is both convenient and prone to abuse.  Protect your privacy by taking precautions and only shopping at retailers you trust.

If you shop at a trusted website, your credit card information should be safe and you are protected from someone stealing your personal information.  Reliable retailers take a lot of precautions to protect your data from hackers and insiders who might snoop.  The last thing a retailer wants is a black eye from a data breach.  You can probably think of a few sites that might be suspect.

In a recent article by Sue Marquette Poremba, “Better Security Habits Started During Holidays Should Continue All Year Long”, Sue talks about precautions ecommerce sites need to take to ensure they are trustworthy and can guarantee that all of us have a safe shopping experience now and into the new year.  While most of us may not think about the other side of the transaction, it’s important to understand how it works and what you need to know before shopping.

10 Tips To Make You A Cyber Smart Holiday Shopper
Cybersecurity Mobile security Privacy

10 Tips To Make You A Cyber Smart Holiday ShopperAs we move into the week of Thanksgiving in the US, some of us start thinking about eating, family and football; not necessarily in that order.  Others start thinking about shopping for the holidays.

Next week is Cyber Monday and I think it’s a little easier on the feet and constitution than Black Friday.  I would rather go online and go after all the bargains, rather than waiting in line and fighting all the crazy people out there trying to get $50 off a television.  But to each his or her own.

As with anything online, you need to take the good with the bad.  There will be a lot of great deals from reputable sites, but watch out for scams.  Online scammers try to game the search engines with “legitimate” bargains.  You search for a bargain and the link takes you to a site that looks legitimate. Check to see that it is a legitimate merchant before you buy anything.  Some are just sites with malware that could wreak havoc on your computer.