Holiday Scams and Malware Campaigns

Print Document

Tweet

Like Me

Share

As the holidays approach, The National Cybersecurity and Communications Integration Center, (NCCIC) reminds users to be aware of seasonal scams and malware campaigns. Users should be cautious of unsolicited emails that contain malicious links or attachments with malware, advertisements infected with malware, and requests for donations from fraudulent charitable organizations, which could result in security breaches, identify theft, or financial loss.

NCCIC recommends the following actions:

• Use caution when browsing the internet, shopping online, and using email.
• Avoid clicking on links or opening attachments in unsolicited emails. See Avoiding Social Engineering and Phishing Attacks for more information.
• Be wary of fraudulent social media pleas, calls, texts, websites, and door-to-door solicitations for donations to charities. See How to Donate Wisely and Avoid Charity Scams for more information.

If you believe you are a victim of a scam or malware campaign, consider the following actions:

• Contact your financial institution immediately, and close any accounts that may have been compromised. Watch for any unexplainable charges to your account. See Preventing and Responding to Identity Theft for more information.
• Immediately change any passwords you might have revealed. Avoid reusing passwords. See Choosing and Protecting Passwords for more information.
• Report the attack to the police, and file reports with the Federal Trade Commission and the FBI's Internet Crime Complaint Center.

Partially reposted from: US-CERT (Computer Emergency Readiness Team) Holiday Scams and Malware Campaigns

Where is Your Student Data Stored and How is it Being Secured?

Best Practices to Guard against Cyber Threats, Especially from Third-Party Vendors

By John Ramsey
National Student Clearinghouse Chief Information Security Officer

The National Student Clearinghouse, EDUCAUSE and the Research and Education Networking Information Sharing and Analysis Center (REN-ISAC) released today the white paper, “Cybersecurity: Why It Matters to Registrars, Enrollment Managers and Higher Education,” to kick off October as National Cybersecurity Awareness Month.

Registrars and enrollment managers play central roles in an institution’s cybersecurity posture. The choices they make each day directly affect student data security. Yet there can be a disconnect between that data’s primary custodians and the information technology (IT) department that manages the systems on which the information is stored. It is imperative that both the registrar’s office and enrollment management office are in lockstep with the IT department with respect to the institution’s cybersecurity efforts, to guard against cyber threats, especially from third-party vendors.

Also, if administrators are using third-party vendors, where is student data stored and how is it being secured? If registrars and enrollment managers do not know, it’s time to find out. This is the only way they can fulfill their responsibility as a careful steward of student data.

The most important cost to keep in mind is the long-term cost that students face after they have had their personal information stolen, which can translate into lifelong negative effects if their data is used.

The white paper is based on the Clearinghouse’s 25-year record of maintaining the confidentiality and privacy of student records and frequent cybersecurity conversations with registrars, enrollment managers and other institution officials, EDUCAUSE and REN-ISAC’s cybersecurity work over many years, and current best practices expressed in two recent major reports.

To learn about other best practices to guard against cyber threats, especially from third-party vendors, review “Cybersecurity: Why It Matters to Registrars, Enrollment Managers and Higher Education” today for guidance from the Clearinghouse, EDUCAUSE and REN-ISAC.

If administrators are using third-party vendors, where is student data stored and how is it being secured? If registrars and enrollment managers do not know, it’s time to find out.

partially reposted from: National Student Clearinghouse Blog, Oct 1, 2018

Do You Have a Personal Backup Plan?

Most of us would like to say that we are extremely diligent about protecting our data and backing it up on a regular basis. However, we know that this is not always the case. 

Fortunately, backups are easier than ever before thanks to a plethora of options available to most end users. It is critical to create a backup plan for important files and make sure those backups are stored in a separate location (physically or in the cloud) so you can avoid losing valuable information if your computer is lost, stolen, compromised, or simply fails to turn on one day. 

When it comes to backups, just like security, you want to find a balance of being thorough but efficient. We have all heard disastrous stories of losing homework due to the blue screen of death or a misplaced cell phone that tragically stored the only copy of family photos. In addition, you could fall victim to ransomware or another malicious attack that leaves you with no choice but to reinstall your computer's operating system (OS). It never hurts to consider your backup strategy and come up with a plan that leaves you feeling safe and secure. Here are some tips to get you started.

• Data loss happens all the time, but it is entirely preventable. You just need to create a backup plan.
• Your critical data should never reside in a single place.
• The ideal backup strategy will typically include both an online backup service (Google Drive) to ensure your data is secure no matter what happens to your mobile device or computer.
• Running consistent, automatic backups is a straightforward process that will take little time to set up and will require even less to maintain.
• Backups can be configured to run in real time when files on your computer are changed.
• Routinely test your backup solution to ensure you can recover your data in the event that you do actually need to restore from a backup.

Manhattan College IT Services provides unlimited cloud storage with your JasperNet credentials to faculty, staff and students so you can back up your files. If you upload your files to Google Drive you can access them from anywhere. IT Services recommends Google Drive File Stream for storage and back up of files.

Source: STOP. THINK. CONNECT. 

Partially reposted from September 2018: Do You Have a Personal Backup Plan?

Avoiding Ransomware Attacks

Ransomware is a type of malware designed to encrypt users’ files or lock their operating systems so attackers can demand a ransom payment. According to a 2016 Symantec report, the average ransom demand is almost $700 and “consumers are the most likely victims of ransomware, accounting for 57 percent of all infections between January 2015 and April 2016.”

Similar to a phishing attack, ransomware executes when a user is lured to click on an infected link or e-mail attachment or to download a file or software drive while visiting a rogue website. Sophisticated social engineering techniques are used to entice users to take the desired action; examples include

• an embedded malicious link in an e-mail offers a cheap airfare ticket (see figure 1);
• an e-mail that appears to be from Google Chrome or Facebook invites recipients to click on an image to update their web browser (see figure 2); or
• a well-crafted website mimics a legitimate website and prompts users to download a file or install an update that locks their PC or laptop.

Figure 1. Phishing e-mail with ransomware embedded in a link

Figure 2. A fake Google Chrome e-mail

To avoid becoming a victim of ransomware, users can follow these tips:

• Delete any suspicious e-mail. Messages from unverified sources or from known sources that offer deals that sound too good to be true are most likely malicious (see figure 3). If in doubt, contact the alleged source by phone or by using a known, public e-mail address to verify the message’s authenticity.
• Avoid clicking on unverified e-mail links or attachments. Suspicious links might carry ransomware (such as the CryptoLocker Trojan).
• Use e-mail filtering options whenever possible. E-mail or spam filtering can stop a malicious message from reaching your inbox.
• Install and maintain up-to-date antivirus software. Keeping your operating system updated with the latest virus definitions will ensure that your security software can detect the latest malware variations.
• Update all devices, software, and plug-ins on a regular basis. Check for operating system, software, and plug-in updates often — or, if possible, set up automatic updates — to minimize the likelihood of someone holding your computer or files for ransom.
• Back up your files. Back up the files on your computer, laptop, or mobile devices frequently so you don’t have to pay the ransom to access locked files.

Figure 3. An example ransomware e-mail message

Holiday Weekend - Beware of Malware and Phishing Scams

Happy Easter from ITS!

As we enter this holiday weekend, ITS would like to remind you to beware of malware or phishing scams - especially via email.  It has become quite common for malware and phishing scam campaigns to be launched over holiday weekends to delay detection and remediation by IT staff.  ITS has already seen an increase in communications of phishing or malware scams that ask users to validate account information by clicking on a malicious link or reading a malicious attachment.  Below is a sample malicious message:

Typically, these messages will appear to come from a generic "IT" or "ITS" account.  Often times they will contain poor grammar or generic wording of technical terms (unlikely to mention Manhattan-specific terminology).

If you receive a message that asks you to click an unknown link or suspicious attachment, DO NOT OPEN the link or attachment.  Instead, please verify authenticity with ITS by forwarding the message to ITS@manhattan.edu

Attention Malmart Shoppers

Wondering how to protect against malware? Use an adblocker such as uBlock Origin (Firefox or Chrome).

What do ads have to do with malware? Spreading malware through ad networks is called malvertising. No need to pinch your arm. This nightmare is real.

Years ago, NSFW websites would normally infect computers. Eventually, an upwardly mobile malware author noticed that ad networks trusted by MSN, the New York Times, the BBC, Newsweek, etc. would be a more profitable.

Just this year, many trusted news sites[1][2] allowed malvertising to be offered to browsers running on top of the Windows OS. The result could be a ransomware installation, specifically TeslaCrypt, or a trojan horse installation, named Bedep Trojan, that would allow criminals to use all the infected computers as part of a botnet.

The tool that decides which malware to install is called the Angler Exploit Kit. It is the tool behind many computer crimes. Criminal gangs sell it on the Internet, hopefully you (dear reader) do not know where.

Be mindful of where you go and if random ads should execute on your devices.

---

References:

1. "BBC, MSN hit by malicious ad attack". BBC. Retrieved 2016-03-18.
2. "Big-name sites hit by rash of malicious ads spreading crypto ransomware". Ars Technica. Retrieved 2016-03-18.