January 2021 Savvy Cybersecurity
In this issue:
Phone scams aren't dead: How to protect yourself
Cybersecurity shorts
Software updates
Dear Sir or Madam:
Happy New Year! Welcome to your January Savvy Cybersecurity newsletter. For cybercriminals, there has been no break—we have already seen a handful of scams and hacks in the first month of the year. Read on to learn more about the cybersecurity happenings this month including:
Hacks affecting Covid-19 vaccine manufacturers
A Facebook Messenger scam making the rounds
Details on a new privacy feature from Apple
And much more
Phone scams aren't dead: How to protect yourself
While many think of cybersecurity and picture computers and complicated code, the truth is many scams still rely on human connection and fear. Countless scams begin with a phone call that tells the victim someone has made a fraudulent purchase with their account or that they need to verify personal information. The scammer poses as a helper to gain the trust of the victim and then defraud them. For example, here is a story I heard this week…
Elaine's phone rang one afternoon. She didn't recognize the number but she picked up. The voice on the other end said they were from Amazon and they wanted to confirm if she just purchased a $700 laptop. Elaine had not purchased a laptop and told the caller so.
The caller reassured her that it was no problem—he could help her resolve this issue. He asked her to go to her computer and type in a web address. The URL led her to a remote desktop download. Being savvy about her cybersecurity, Elaine stopped and told the caller she was not comfortable downloading any software onto her computer considering she did not know who he was. The caller tried to reassure her by directing her to search his name on Amazon. It listed him as a tech specialist but there was no way to confirm that he was truly the person he said he was.
Elaine did the right thing and told the caller she was not going to download the software and she would resolve the charge with her credit card company instead. She hung up the phone and successfully avoided a scam that could have done serious damage to her computer and bank account.
This story is a great reminder that many of the scams we see begin with a phone call and a conversation. If the caller had convinced her to download the remote desktop software, what could have happened? For one, the caller would have been able to see everything on Elaine's computer and access passwords and documents. He could have also easily installed malware that could have collected more information or done damage to the computer.
Here are some ways you can protect yourself from phone scams like this.
Be aware and alert
The first key to avoiding a scam like this is being aware that they exist and still occur frequently. Awareness allows you to think critically if you receive a call that may be fraudulent. If you receive a call from an unknown number, consider just sending it to voicemail. If you do decide to answer, be on alert for any warning signs of a scam. Some warning signs include asking you to divulge personal information or requiring you to download anything on your computer.
Verify the phone number and caller
If you are ever unsure about a phone call you receive, tell the caller that you are going to hang up and call the company number directly. When you do this, do not call back the number that called you. Instead, look up the phone number for the company online and call that number. When someone answers, you can verify that the person who called you is an employee or see if what they were saying is true.
Many scammers will "spoof" the phone number they call you from to look like a legitimate company. You cannot simply trust your caller ID because of this. Always hang up and call the correct number back directly.
Take your time