At Total Digital Security (TDS,) we’ve consistently avoided the tactic of ‘selling fear.’ Our approach has always emphasized:
- Self-empowerment,
- Adaptability,
- Resilience,
- Essential life-skills for the Digital Age, and
- Achieving a balance of digital autonomy from the influences of Big Tech, Big Business, and Big Government.
Reflect on our CyberAdvisor Letters over the past decade. While recognizing the importance of understanding risks and potential consequences—and indeed, we’ve outlined various cyber threats that could make anyone vulnerable—our primary focus has always been empowering individuals to safeguard against loss and inconvenience from cybercrimes and digital fraud.
✓ However, this month’s CyberAdvisor Letter shifts slightly to discuss recent headlines that underscore cyber risks and consequences in a very human context.
Risk Reset
The news stories highlighted below reflect the challenges we confront daily at TDS in our cybersecurity endeavors. These stories underscore the tangible risks and high stakes involved in our field. While our clients at TDS enjoy robust protection and have significantly mitigated their cybersecurity risks, it's crucial to remember the "why," the fundamental reasons behind our relentless efforts.
✓ TDS clients choose to be strategic and step aside from today's chaos by protecting today and positioning for future challenges that are sure to come.
In the News and from the Field of Cybersecurity
First, from our recent experiences in the field:
March/April - TDS from the field - One of our latest cases is typical of others over the last 60 days. It involves a Zelle scam at Wells Fargo, where fraudsters impersonated bank employees to deceive customers. Using the bank’s system of instant, irreversible transactions, these scammers have effectively drained customer accounts in a matter of seconds.
- Beyond Wells Fargo, TDS has handled numerous other cases across various banks in the U.S., with victims suffering substantial financial losses, often running into tens of thousands of dollars and more, alongside significant stress and inconvenience.
✓ Now, read the headlines below for a snapshot of what’s happening more broadly with current news stories, each reflecting our real-world experiences in cybersecurity.
March 17th – Email Scam - Innocent dad loses entire life savings in sophisticated email scam: ‘Nothing left.’ "A father who was looking forward to retirement is now struggling to make ends meet after losing his life savings in a cruel scam." https://nypost.com/2024/03/17/world-news/innocent-father-scammed-out-of-life-savings-over-email-by-con-artist
March 26th – Apple - Recent ‘MFA Bombing’ Attacks Targeting Apple Users. "Apple customers recently reported being targeted in elaborate phishing attacks that involve what appears to be a bug in Apple’s password reset feature."
https://krebsonsecurity.com/2024/03/recent-mfa-bombing-attacks-targeting-apple-users/
March 31st – The FBI reports a 22% spike in losses for 2023 compared to 2022, the 2023 IC3 report said. https://www.ic3.gov/Media/PDF/AnnualReport/2023_IC3Report.pdf
✓ The chart below illustrates the FBI's statistics on cybercrime damages, including a 22% increase in 2023. This pace of increase reflects our experience at TDS for the past five years.
- April 6th—Bank of America—$2,000,000 was stolen from an Elderly Woman’s Bank of America Account in a Devastating Scam. She says the scam started when she received emails and phone calls from people pretending to be Federal Trade Commission (FTC) investigators. https://dailyhodl.com/2024/04/06/2000000-stolen-from-bank-of-america-account-in-devastating-scam-triggering-lawsuit-for-alleged-negligence-breach-of-contract-and-violation-of-federal-law-report/
- April 7th - JPMorgan Chase - $4,500 Drained from JPMorgan Chase Account in a Matter of Hours – Now the Bank Blames Its Own Customer and Refuses to Reimburse. https://dailyhodl.com/2024/04/06/4500-drained-from-jpmorgan-chase-account-in-matter-of-hours-now-the-bank-blames-its-own-customer-and-refuses-to-reimburse-report/
- April 7th - Bank of America - A frustrated bank customer has alleged their bank account was hacked twice, and Bank of America made no attempt to notify her. https://www.the-sun.com/money/11000686/bank-of-america-account-hacked-money
- April 8th - Chase Bank customer was scammed out of $17,500 after a scam text message, and now her bank won't help get her money back. https://www.the-sun.com/news/11019090/chase-bank-customer-lost-17k-scam-fraud
- April 12th - FBI warns of a massive wave of road toll SMS phishing attacks.https://www.bleepingcomputer.com/news/security/fbi-warns-of-massive-wave-of-road-toll-sms-phishing-attacks/
- April 13th - Citibank Allows Fraudulent Wire Transfers to Proceed After Customers Report Scams, Ask Bank to Freeze Accounts: New York Attorney General.https://dailyhodl.com/2024/04/13/citibank-allows-fraudulent-wire-transfers-to-proceed-after-customers-report-scams-ask-bank-to-freeze-transactions-new-york-attorney-general/
- April 13th - LastPass - Hackers Voice Cloned the CEO of LastPass for Attack. The company says someone used AI voice-cloning tech to spoof the voice of its CEO in an attempt to trick one of its employees. https://futurism.com/the-byte/hackers-cloned-lastpass-ceo-voice
- April 15th - SIM Swap - Man lost $21,000 in a SIM swap scam. Crooks hijacked his cellphone number and then stole money from his bank account using two-factor authentication in a scam the FBI says is taking millions from people. https://www.nbclosangeles.com/investigations/phone-sim-swapping-scam/3388687/
- April 16th - Toll Road Fraud -SunPass and FBI alert users of possible 'smishing' scams from text messages. The FBI issued a similar public service announcement after receiving more than 2,000 complaints about "smishing" texts. The term "smishing" comes from a combination of SMS and phishing.https://www.cbsnews.com/miami/news/consumer-alert-sunpass-warns-of-text-scam/
- April 16th - South Carolina - Who Stole 3.6M Tax Records from South Carolina? or nearly a dozen years, residents of South Carolina have been kept in the dark by state and federal investigators over who was responsible for hacking into the state’s revenue department.https://krebsonsecurity.com/2024/04/who-stole-3-6m-tax-records-from-south-carolina/
- April 19th - FBI - Chinese hackers preparing to ‘physically wreak havoc’ on US critical infrastructure: FBI Director Christopher Wray said that the hackers want to 'induce panic.https://www.foxnews.com/politics/chinese-hackers-preparing-physically-wreak-havoc-us-critical-infrastructure-fbi-director.
- April 21st - JPMorgan Chase - $30,000 in JPMorgan Chase Account Disappears in One Day, Customer Says Bank’s Refusal to Reimburse Is Blowing His Mind: Report – https://dailyhodl.com/2024/04/21/30000-in-jpmorgan-chase-account-disappears-in-one-day-customer-says-banks-refusal-to-reimburse-is-blowing-his-mind-report/
These scams are not only becoming more frequent but also increasingly sophisticated. With the use of AI, deep fakes, and self-optimizing smart exploits, it is becoming ever more challenging to distinguish fact from fiction.
✓ At TDS, we are encountering a rising number of fraud victims across various U.S. banks and are prepared to see many more with increasing sophistication, including AI and Deep Fakes.
Rule #1 - Do Not Engage
To protect yourself from falling victim to a sophisticated scam, our best practice recommendation is simple: do not engage.
Ignore the text, email, or phone call.
Instead, take proactive steps by making an outgoing call directly to the company or institution that supposedly attempted to contact you. This allows you to verify the legitimacy—or expose the falsehood—of their inquiry.
✓ To protect yourself from falling victim to a sophisticated scam, our best practice recommendation is simple: do not engage.
Getting Up to Speed
We assist our clients in building a robust ecosystem of privacy and cybersecurity that provides continuous protection across all environments and devices. We do this by protecting "The Primary Attack Surfaces."
- Email - Private Email
- Devices - Device Protection/anti-malware
- Internet Networks - Home and Office, and the new software "agent" for computers, iPhones, and iPads.
If you are missing any of the above and would like to know more, you can contact us here:
Also, we provide a "Computer Coaching" service for TDS clients that demystifies technology, rapidly enhancing customer resilience and computer skills. This service features no technical jargon or opaque fixes. Instead, a dedicated coach works directly with you, using plain English and focusing on essential skills such as:
- Scan and Remove malware
- Uninstall remote control software
- Remove malicious extensions from browsers
- Install popup ads and configure ad blockers
- Scan and clean your computer, remove temporary files, and clean the system registry
- Check system startup files
- Onboard to a password manager
- Email configuration and optimization
- Migrating from Rackspace email to Microsoft Exchange, as we recommend
✓ The charge for computer coaching is $150/hr. and we bill in 15-minute increments.
- If you are a client, you can schedule yourself with one of our awesome coaches here: https://share.hsforms.com/1LRQ12Y3JTvyihFiRqESkjQ7azm?utm_referrer=https%3A%2F%2Fwww.totaldigitalsecurity.com%2F
- If you are not yet a client but are interested in our services, please click this link to contact us: https://www.totaldigitalsecurity.com/contact-us
Thanks for reading,
