Buckle Up for Privacy and Cybersecurity in 2022
Total Digital Security provides privacy and cybersecurity solutions for private clients and their personal technology. We serve clients in over 40...
2 min read
Total Digital Security
:
November 11, 2021
We're seeing a rash of sophisticated phishing schemes ensnaring even those that are aware and alert to such scams. As we mentioned in November's CyberAdvisor letter, "Back it up," the holidays are always high season for hackers, and this year is no exception.
✓ The level of engineering and sophistication sets this season apart from phishing campaigns in years past.
This holiday season, hackers use combinations of email, SMS text messages, and telephone calls to engineer unusually sophisticated and effective schemes.
Some examples of the themes for this year's phishing campaigns include:
These are next-gen hybrid variants of phishing and the combination of precisely sequenced and timed emails, texts, and incoming phone calls can fool even the most astute of us.
There are even reports of vehicles marked up as FedEx and other trusted brands as part of the criminal scheme. Some of the more elaborate ruses are known to be weeks long before consummation.
✓ Hackers know the brands and services you use, and they may even see the timing of your activity and will insert themselves at the right time in the right way.
Images of screenshots from the field:
When a phishing email or text finds its way to your devices, it's because nothing evidences malicious intent that can be flagged and blocked. There isn't a virus involved (yet), and the email address or texting number hasn't yet been identified as an illegitimate actor. In cyber, it's whack-a-mole; once you find the bad guys they're gone and taken on their next gig.
Someday we will have smarter software that will contextualize and detect the threat. Still, for now, it is up to the individual and the ability to think critically about what the internet and our devices put in front of us every day.
“What’s interesting here is the entirety of the fraud was completed over the phone, and at no time did the scammers compromise my account online,” he said. “I absolutely should have hung up and initiated the call myself."
An IT tech security professional after losing $9,800 to a phishing scheme, as reported to Krebs on Security.
✓ Phishing is mostly about hacking humans versus hacking their technology.
Besides using security software and protection, take these practical measures to make a big difference in your state of vulnerability to cybercrime:
For TDS clients, as always, take screenshots and forward what you have to us, and we'll figure it out with you.
Thanks for reading.
Total Digital Security provides privacy and cybersecurity solutions for private clients and their personal technology. We serve clients in over 40...
The dog days of August 2020 start fittingly enough with a hurricane named Isais, which in Spanish means "God Is My Salvation." In turn, salvation...
Year-End Letter - 2024 Navigating Cybersecurity: Reflections on 2024 and Insights for 2025
Congrats! You've just become a magician. This is the do-it-all module where you can let your creativity run wild. The best part is that it's just going to keep getting more and more awesome over time.