Holiday Scams and Malware Alert
December 18th, 2019 by admin
The Department of Homeland Security’s Cyber Infrastructure (CISA) division released an alert on currently circulating online browsing/shopping scams and malware campaigns you should be aware of. The alert warns about fake ads or shipping notifications, which may include attachments infected with malware. So, if you do not recognize the sender or have not ordered something recently from that retailer, do not open any attachments! Additionally, the alert warns about spoofed email messages and phony social media posts that may request support for fraudulent causes. So please notify your customer service teams to be aware of these possible phishing attempts and to verify each social media post or email inquiry against your known customers. The CISA alert suggests the following steps to avoid security breaches, identify theft, or financial loss during this busy holiday season.
- Avoid following unsolicited links or downloading attachments from unknown sources.
- Refer to our Tips to learn more about Shopping Safely Online and Avoiding Social Engineering and Phishing Attacks.
- Visit the Federal Trade Commission's Consumer Information page on Charity Scams.
If you believe you are a victim of a holiday phishing scam or malware campaign, consider the following actions:
- File a complaint with the FBI's Internet Crime Complaint Center (IC3).
- Report the attack to the police and file a report with the Federal Trade Commission.
- Contact your financial institution immediately and close any accounts that may have been compromised. Watch for any unexplainable charges to your account.
- Immediately change any passwords you might have revealed and do not use that password in the future. Avoid reusing passwords on multiple sites. See Choosing and Protecting Passwords for more information.
And as always, if you suspect a phishing attempt or malware installation has made it through your firewall and security software, please contact firstname.lastname@example.org immediately so we can mitigate the damage and alert and protect others on your network. We are here to help!
Posted in: Security