Cybersecurity is an integral part of the online work set up that has taken over all sectors of the present world. Countless data breaches, phishing attacks, and scams happen every day, causing losses amounting to millions of dollars. Hence, taking necessary anti-phishing solutions is of utmost importance. Here is a list of the recent data breaches to enlighten on the level of phishing prevention needed today
Maze Ransomware Hits Aged Care Operator Regis
The ASX-listed aged care operator Regis is struggling internally with the COVID pandemic in its Brighton facility at Melbourne. So far, three deaths have occurred, and 19 residents and 23 staff have tested COVID positive. To add to their woes, the maze ransomware recently brought down their systems, compromising the residents’ sensitive information.
Although Regis has denied commenting on the nature of the attack or type of PII that was leaked, they notified that the breach hadn’t hindered their services. They are now adapting the phishing prevention best practices and are telling all affected people about the breach.
Kentucky’s Unemployment System Attacked For The Second Time
For the second time in four months, the Office of Unemployment Insurance (OUI), Kentucky, has undergone a cyberattack. The breach was reported by a claimant who could see another claimant’s former employer and health details while updating his unemployment application.
Muncie McNamara, the former director of OUI, comments on the incident and says that he had notified the IT department about a possible breach on 22nd April but received no response. However, J.T. Henderson denies McNamara’s statement.
From what is visible, the wisest thing for OUI would be to first address its internal miscommunication before hitting the road with a phishing attack prevention strategy.
Beware Of Zoom Meeting Invites
Yet again, Zoom has become the medium through which attackers try and extract sensitive user information. The recent phishing campaign involves sending very credible phishing emails to Zoom users, asking them to either review a meeting invitation or download an attachment to access meeting details.
Once users click on these links, they land on a spoofed Microsoft Office365 or Outlook login page. Falling for this trap puts the security of everyone associated with the victim at risk.
Hence, organizations must educate their employees on phishing email prevention measures and create an environment of vigilance before any of their employees become victims of malicious hacker schemes.
Data Breach At UberEats
The American online food ordering facility UberEats has been the recent target of hackers. The data breach exposed details belonging to the delivery drivers, delivery partners, and customers of Ubereats.
The compromised details included the login credentials, full name, contact number, trip details, bank card details, and account creation date of 579 UberEats customers and 100 delivery drivers.
Users are advised to use strong passwords and multi-factor authentication to avoid unauthorized account access or other losses.
Organizations Must Upgrade To Windows 10, Says FBI
While Microsoft has formally announced the end-of-life of its Windows 7 variant, several organizations continue to work on Windows 7, without having any security patches and updates. The FBI warns that the use of Windows 7 now increases an organization’s vulnerability to cyberattacks since the adversaries will be more likely to target those organizations that are still working on the older and unsecured operating system.
However, the FBI also acknowledges that certain limitations of budget refrain companies from upgrading their computer network infrastructure and installing Windows 10. The FBI suggests organizations make an investment in their existing infrastructure and take necessary anti-phishing protection measures before any attackers target them and demand a hefty ransom.
Get Your Updates Done Android Twitter Users
After the massive attack on celebrity Twitter accounts, the company has found a security flaw that affects millions of Android Twitter users. All those using android 8 and 9 versions are vulnerable to a security flaw that Twitter claims to have resolved now.
Twitter hasn’t disclosed how many users are vulnerable to this threat or how long they have been exposed to it. Hence, as a phishing protection measure, all users with older versions of Android will receive an update notification, which will let them know if they need to do anything.
Chartreuse Blur Campaign Used Fraudulent Photo Apps
A lot of fake apps have been active on Google Playstore because of which people began downloading apps from their official app store. But hackers never stop innovating, and they found a way to slip their malicious apps despite anti-phishing tools in place.
The Chartreuse Blur cyber scheme has been trying to hide malicious out-of-context (OOC) ads and apps into authentic app platforms. These apps operate in the background, making it very difficult for them to identify and uninstall them.
Thus, people must remain vigilant and follow phishing prevention tips before downloading and using any random application they find online.
Email Scanner Phishing Campaign
A new email phishing campaign has emerged in which the hackers try to create a fake hype about the deactivation of an email account. The adversaries send emails with subjects like “Virus Alert!!!” that notify users of immediate account deactivation if they do not get their email account scanned via an embedded link.
The hackers then spoofed an email scanner website, which was supposed to ‘scan’ for viruses in a user’s mailbox. But midway in the process, they asked for the email credentials of the users. This was allegedly done to confirm the email account and complete the scanning process.
However, such phishing schemes aren’t uncommon. Users need to guard against falling for such campaigns and take necessary email phishing prevention measures.
Cyber Attack At Colorado City
Colorado City was recently hit by a cyberattack, which disrupted its system functioning and compromised the details of many of the city’s citizens. The city is now redeveloping its entire online system and has also paid a ransom of $45,000 to the attackers.
The attack crippled the city’s emails, phones, online payments, and reservation systems to temporarily shut down because of which they had to reseek to temporary phone numbers and emails.
However, the city officials seem to have learned their lesson and are taking measures to ensure protection against phishing. They have installed crypto-safe backups and shall conduct regular vulnerability assessments from now on.