Cybersecurity Digest 4.12.22

12 Apr Cybersecurity Digest 4.12.22

Posted at 06:48h in Cybersecurity Weekly by

Security Digest – 4.12.22

 

Thieves Hit on a New Scam: Synthetic Identity Fraud 

“They combined real Social Security numbers with mismatched or phony names to create new identities, according to investigators. Prosecutors began the investigation in 2018 and charged them with 108 counts of illegal financial activity, mostly borrowing huge amounts of money they never intended to pay back, according to investigators.” READ MOREhttps://www.pewtrusts.org/en/research-and-analysis/blogs/stateline/2022/04/07/thieves-hit-on-a-new-scam-synthetic-identity-fraud  

5 Dangerous Cybersecurity Mistakes You’re Probably Making 

  1. You think free means safe 
  2. You skip updates 
  3. You pick up when a scammer calls 
  4. You have a bunch of old unused accounts 
  5. You click agree. 
  6. READ MORE https://www.usatoday.com/story/tech/columnist/komando/2022/04/10/avoid-these-5-cybersecurity-mistakes-keep-your-digital-life-safe/9517155002/

Behold, a Password Phishing Site That Can Trick Even Savvy Users 

“When we teach people how to avoid falling victim to phishing sites, we usually advise closely inspecting the address bar to make sure it does contain HTTPS and that it doesn’t contain suspicious domains such as google.evildomain.com or substitute letters such as g00gle.com. But what if someone found a way to phish passwords using a malicious site that didn’t contain these telltale signs?” READ MORE https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/ 

WhatsApp Voice Message Phishing Emails Push Info-Stealing Malware 

“A new WhatsApp phishing campaign impersonating WhatsApp’s voice message feature has been discovered, attempting to spread information-stealing malware to at least 27,655 email addresses. This phishing campaign aims to lead the recipient through a series of steps that will ultimately end with the installation of an information-stealing malware infection, opening the way to credential theft.” READ MORE https://www.bleepingcomputer.com/news/security/whatsapp-voice-message-phishing-emails-push-info-stealing-malware/  

How Law Firms Can Avoid Data Breaches Using the Cloud 

“Results from the American Bar Association’s 2020 Cybersecurity report surveyed lawyers in private practice on a wide range of data-security topics including technology policies, security tools, breaches, malware, and data archiving. It particularly highlighted heightened concerns about security efficacy when law firms shut down offices and moved to a remote business model at the start of the Covid-19 pandemic.” READ MORE https://news.bloomberglaw.com/tech-and-telecom-law/how-law-firms-can-avoid-data-breaches-using-the-cloud