1. Do you have an account on Dunkin Donuts' site? Change all your passwords! 2. THINK BEFORE YOU CLICK !! 3. "Sway" from Microsoft, and more!
I have been really busy the past several weeks so have not been able to update the Blog...
So here are a few new things I have heard about.
As always, be careful! Protect yourself first and foremost!
1. Dunkin Donuts' site was compromised back in 2015, but news of that did not hit the mainstream media for a long time (this year, I believe).
https://www.zdnet.com/article/dunkin-donuts-accounts-compromised-in-second-credential-stuffing-attack-in-three-months/
The hackers stole email addresses, login credentials, and other miscellaneous info... They will use those same login credentials to attempt to log in to other sites as you and wreak havoc or perhaps just steal your money... So, don't use the same login credentials (username/password combination) across multiple sites.. You can use a password generator that will help keep you secure.. AND, you can use something like KeePass, which will encrypt your passwords on your phone, tablet or computer, which you can then use to log in securely.
I used to think it was just too much of a hassle, until I learned about what these bad guys are doing..
2. "Think Before You Click":
ALERT: Internet criminals are now sending phishing attacks related to benefits enrollment and potential pay raises. So, when you get any email or perhaps even a robo-call from "HR" about your "2020 benefits" or "next year pay raise", do not click or open any attachments, but report these suspects email to the IT department. In case you have questions about your benefits or pay, pick up the phone call the HR department using the regular, correct extension.
NEVER click on any link in these emails, or "reply" and attach personal information because both the "From" and the "Reply" email address may be spoofed and you would send confidential information to criminals. Think Before You Click.
3. "Sway" from Microsoft..
The Wikipedia page on Sway usefully summarizes it like this:
Let's take a look at the screenshots on the KnowBe4 Blog:
https://blog.knowbe4.com/the-
So, remember:
So here are a few new things I have heard about.
As always, be careful! Protect yourself first and foremost!
1. Dunkin Donuts' site was compromised back in 2015, but news of that did not hit the mainstream media for a long time (this year, I believe).
https://www.zdnet.com/article/dunkin-donuts-accounts-compromised-in-second-credential-stuffing-attack-in-three-months/
The hackers stole email addresses, login credentials, and other miscellaneous info... They will use those same login credentials to attempt to log in to other sites as you and wreak havoc or perhaps just steal your money... So, don't use the same login credentials (username/password combination) across multiple sites.. You can use a password generator that will help keep you secure.. AND, you can use something like KeePass, which will encrypt your passwords on your phone, tablet or computer, which you can then use to log in securely.
I used to think it was just too much of a hassle, until I learned about what these bad guys are doing..
2. "Think Before You Click":
ALERT: Internet criminals are now sending phishing attacks related to benefits enrollment and potential pay raises. So, when you get any email or perhaps even a robo-call from "HR" about your "2020 benefits" or "next year pay raise", do not click or open any attachments, but report these suspects email to the IT department. In case you have questions about your benefits or pay, pick up the phone call the HR department using the regular, correct extension.
NEVER click on any link in these emails, or "reply" and attach personal information because both the "From" and the "Reply" email address may be spoofed and you would send confidential information to criminals. Think Before You Click.
3. "Sway" from Microsoft..
The Wikipedia page on Sway usefully summarizes it like this:
"Office Sway is a presentation program and is part of the Microsoft Office family of products. Sway was offered for general release by Microsoft in August 2015. It allows users who have a Microsoft account to combine text and media to create a presentable website. Users can pull content locally from the device in use, or from internet sources such as Bing, Facebook, OneDrive, and YouTube."A link from my pals as KnowBe4:
Let's take a look at the screenshots on the KnowBe4 Blog:
https://blog.knowbe4.com/the-
So, remember:
- Enable the ability to see the "File Extension" in Windows, as well as Outlook. KNOW what that file is before opening it... In Microsoft Outlook, it could APPEAR to be "Jim_File.html" when in fact it is "Jim_File.html.exe", an executable file which can infect your computer.
- Don't click anything without carefully examining that link. If not sure, don't click...
- Have a GOOD Antivirus software, and set the Sensitivity (aka "heuristics") to as high a level as you can and scan your computer REGULARLY.. You may have a couple false positives (aka, alerts) but at least you can be protected
- Periodically use an Online Scanner to ensure your machine is safe
- https://www.f-secure.com/en/home/free-tools/online-scanner is my favorite
- Backup your computer (and phone, and tablet!) regularly ! I back up all my pictures from my tablet and phone to my computer, then use Carbonite to constantly back up changed files on my computer so I am never risking losing more than an hour worth of information..
0 Comments:
Post a Comment
<< Home