Cybersecurity Tips - CrafTech Computer Solutions
Contact CrafTech Computer Solutions if you are unsure about clicking on any emails or texts. See our cybersecurity tips below, and read more about our cybersecurity services here.
LinkedIn Phishing Scam:
February 23, 2021
A new phishing campaign on LinkedIn uses compromised accounts to send messages through LinkedIn’s direct messaging system. This is an effort to get users to click on a “LinkedIn Private Shared Document.” A “LinkedIn Private Shared Document” does not exist as a LinkedIn feature, so this is a major indication of a phishing message.
If a user clicks on one of these phishing links, a fake LinkedIn login page will appear and attempt to collect their login information. If the login information is obtained, the user’s account may begin sending messages to their connections in an effort to get further account logins from other users. Attackers may then attempt to use this login information to log into other platforms.
February 10, 2021
Due to the pandemic, many of us have experienced job losses. Unfortunately, people are taking advantage of remote interviews becoming more common. Hackers/scammers are posting fake job ads to gain personal information on popular job-posting websites such as LinkedIn and Indeed. Beware of job ads and applications that:
When applying to jobs online, be sure that the company has a credible website and credible contact information. Because some scammers copy real job ads and impersonate real businesspeople, don’t be afraid to reach out to the company for confirmation. Never click on an email offering job information from an unfamiliar person. Lastly, never write a personal address on a resume; write a city name if a location is necessary. Scammers scan for this information to sell.
Apple Security Update:
February 3, 2021
Apple has recently announced that three security issues “may have been actively exploited.” The security issues allowed hackers to take over iPhones and iPads remotely. Hackers could read texts and emails, access the camera roll, and possibly even access the microphone and camera. Apple released a software update to protect these devices; it fixes two issues in the WebKit engine (which is used by Safari and other browsers) and another in Kernel (an Apple developer framework.) Apple has decided not to give any further details until their investigation is complete.
Be sure to update your iPhone or iPad to the newest software update to avoid this security risk.
Text Message Phishing:
January 26, 2021
Hackers are always coming up with new ways to gain personal information. A text message scam is going around, claiming that users need to update the payment information on their Netflix account. Although some brands communicate with their users through text, Netflix does not (except for sending login verification codes.) Never submit payment or login information through a link, even if it looks legitimate. Go directly to the main website instead. See the phishing message below:
Another variation of this scam is a USPS notification text, inviting the user to click a link for package updates. This is a tricky situation because USPS actually does send package updates through text. See the phishing message below:
Since it has become common for brands to communicate updates through text, it’s easy to fall for this. Here are examples of legitimate text updates from each mail service:
To tell if a package-related text is real, check for a tracking number, a specific date/time, and be sure that the link includes the real mail service website. Fake texts will include a link that doesn’t have the company’s name, or the text won’t any specific details about the shipment. Beware of suspicious text messages, as there are always new scams on the rise.
January 4, 2021
As companies try to restructure their security offers, hackers keep on hacking to keep them busy. Awareness, still your best defense!
If you have any Alexa enabled devices, you should turn this off. Seems like Amazon is trying to make things more connected to sell a product, but I’m sure hackers will start looking at this as another opportunity.
Go to your Alexa App -> Tap More -> Tap Settings -> Account Settings -> Amazon Sidewalk and turn it off.
Read more about it with a quick video here.