Public Enemy Number One: Data Breach

Public Enemy Number One: Data Breach

By Krista Lockhart
Cybersecurity
Security
Be prepared to stop hackers from taking your information.

Written By: Smart City Security Operations

Recently, an underground hacking group claimed to have successfully stolen the data of millions of TicketMaster customers in North America. Live Nation, Ticketmaster’s parent company, issued a statement alleging the group threatened to share the information on the dark web. This incident is developing; however, it reflects a concerning trend. Ticketmaster is not alone; small, medium, and large organizations remain prime targets for hackers.  Said another way, this could happen to any organization. Here are some other growing cyber security concerns:   

Account Takeover Threats occur when unauthorized users access your accounts, leading to potential data loss, financial damage, and reputational harm. Recovering from such an event is often a time-consuming and challenging ordeal. These typically occur due to weak passwords and the lack of Two-Factor Authentication (2FA). 

Weak passwords significantly increase the risk of data breaches. Establishing strong and unique passwords consisting of at least one uppercase character, one number, and one symbol is crucial.  

Also, minimal layers of security make it easier for threat actors to gain control of your accounts.  

However, while the trend line continues to trend up, there are some actionable steps we can all take: 

Create strong passwords. Use a complex mix of letters, numbers, and symbols. Avoid predictable patterns and never use personal information like birthdays or anniversaries. Where possible, activate two-factor verification on all platforms that support it, including social media, email services, and banking websites. Next, protect your mobile number from being transferred without authorization by setting up a port-out PIN with your carrier. Finally, monitor third-party applications regularly. Inspect your email accounts for unrecognized third-party applications. Research your email provider’s security settings and take proactive steps to update security permissions. 

In closing, data breaches serve as a stark reminder that no one is exempt from the threat of cyber-attacks. Do not assume you are immune if you have not been affected yet. Adopting a proactive stance is far more effective than a reactive one. Take steps to secure your accounts today.  

Don’t Trust, Verify

By Krista Lockhart
Cybersecurity
phishing
Security
Cyber security tips and tricks.

Written By: Smart City Security Operations

Americans lost more than $12.5 billion due to cyber scams, according to the FBI’s Internet Crime Complaint Center (IC3) 2023 annual report (PDF). Unfortunately, hacking is a full-contact sport. Scammers reach out by email or even on the phone. They often use bits of relevant information to reel you in. They then layer on fear and urgency. They want you to act without thinking.  A cybercriminal could send what may look like an invoice or service renewal. They may call and pretend to be a customer service representative, alerting you to a security breach. In both instances, they convey a sense of urgency that grabs your attention. 

For example, you receive an email from a colleague at work asking you to review some information. In this scenario, within seconds, this communication lets you open an attached file, and then a pop-up window instructs you to “Enable Editing” by clicking a button. Unfortunately, clicking this button seems harmless but it initiates malware on your computer. This advanced malware can steal your user credentials on your work computer and other personal information on your personal device. It is designed to evade detection by antivirus software. Once installed, it is very difficult to remove. Similar attacks can also occur via standard software like Microsoft Word or PowerPoint. Here are some tips to help you avoid malware scams: 

  1. Be cautious and proactive when reading emails. Scammers often use phrases like “as soon as possible” and “penalties” to create a sense of urgency.
  2. Do NOT click anything, especially buttons labeled “enable editing” or “enable content” on attachments from unknown or unexpected sources. This is a common method for malware installation especially through Microsoft Word and Excel.
  3. Log into your accounts directly to verify invoices or payment requests. You can also contact the company’s customer service department for information.

In closing, cyber scams are evolving rapidly, and cyber security solutions are being developed just as quickly. However, it all comes down to each of us making smart decisions every day. So, can you read that email from your boss? Yes, of course, but don’t just trust. Take steps to verify whether this and all emails asking you to do something are legitimate.   

Protecting Yourself While Online Shopping

By Debbie Burke
Cybersecurity
Internet
Security

Shopping has never been more convenient or easier with online shopping.  The selection is endless. Shipping is fast. Returns are easy. But it’s important that you’re not giving up security for convenience. Keeping your information secure is essential when buying online to avoid a stolen identity or wiped-out bank account.

The next time you shop online, follow these tips to ensure your online information is protected, and your purchases are safe.

  1. Shop with merchants you know and trust. Know who you are shopping with and to whom giving your personal information.
  2. Look for “https” in the URL/web address when making an online purchase. This means the website is secure, allowing you to enter your personal and credit card information and complete a purchase without being hacked.
  3. Don’t fall for phishing attacks. Be very careful before clicking on a link, even if it appears to be from a legitimate site, asking you to log in, change your password, or provide any other personal information. When in doubt, manually type the site’s URL in your browser window.
  4. Create a unique username and password for each account you have. This reduces your risk should a hacker crack your login to get access to every account that you use that login for. Vary them by adding unique letters, numbers, or symbols for each account.
  5. Don’t give too much personal information. Retailers don’t need to know your social security number or your birthday. If you feel they are asking for more than you are comfortable sharing, cancel the transaction.
  6. Never use free public Wi-Fi when shopping online. Your data is usually not encrypted. Hackers can create fake Wi-Fi networks, and as soon as you connect to their password-free network, they have complete access to your device.
  7. Don’t use debit online. Use a credit card as there are more consumer protections than using debit cards. Use third-party services like Apple Pay, Google Pay, or PayPal instead of using your credit card so that you are not giving the retailer your credit card information directly.
  8. Check your statements regularly. Continuously check your credit card and banking accounts for unauthorized activity, especially during the holiday season. Set up email or text message alerts to receive transaction details every time your credit card is used.
  9. Use Multi-Factor Authentication where possible. We recommend using both multi-factor authentication and a strong password whenever possible.
  10. Protect your computer. Keep your devices and software up to date, especially your web browser. Secure your device with anti-virus/anti-malware software and a Virtual Private Network (VPN).

Protecting yourself begins with your home network.  Ensure your privacy and security settings are configured, set up a strong password, and turn off any unnecessary features. For more information on 1 Gig Fiber to the Home and data protection, contact Smart City Telecom at 407-828-6700 or visit https://fibersignup.smartcitytelecom.com/

How to Protect Yourself from Robocalls and Texts

By Debbie Burke
Phones
Security
Technology
Person using phone with Laptop

You answer the phone only to hear the recorded message, “We’ve been trying to reach you about your car’s extended warranty.” You’ve just experienced a robocall.

A robocall is an automated telephone call that uses a computerized auto dialer to deliver a pre-recorded message as if from a robot. It is estimated that there have already been 28.7 billion robocalls in 2022, and spam texts jumped from 1 billion sent per month in July 2021 to more than 12 billion in June.  Most common types of spam calls are related to credit card debt, financial customer call, health insurance and medical tests, “You won!” contest calls and IRS tax fraud.

The Federal Communication Commission (FCC.gov) states that unwanted calls are their top consumer complaints. As part of their consumer protection efforts, the FCC has begun cracking down on illegal calls by:

  • Issuing hundreds of millions of dollars in enforcement actions against illegal robocallers.
  • Empowering phone companies to block by default illegal or unwanted calls based on reasonable call analytics before the calls reach consumers.
  • Allowing consumer options on tools to block calls from any number that doesn’t appear on their contact list or other “safe list”.
  • Requiring phone companies to implement Caller ID Authentication to help reduce illegal spoofing.
  • Making consumer complaint data available to enable better call blocking and labeling solutions.

While you may have noticed receiving fewer robocalls over the past year, scammers are increasingly using text messages, which are not as strictly regulated. Some scammers may be after your money, but others may be simply trying to collect personal information or confirm that a number is active for use in future scams.

How to Protect Yourself

  • Don’t answer calls from unknown numbers. Let them go to voicemail.
  • If the caller claims to be from a legitimate company, hang up and call them back using a valid number found on their website.
  • If you answer and the caller (often a recording) asks you to press a button to stop receiving calls or asks you to say “yes” in response to a question, just hang up. Scammers often use these tricks to identify and target live respondents, or to use your “yes” to apply unauthorized charges on your bill.
  • Be aware that Caller ID showing a “local” number no longer means it is necessarily a local caller.
  • If you answer and the caller asks for payment using a gift card, it’s likely a scam.
  • If you have lost money because of a scam call, contact your local law enforcement agency.
  • Never share sensitive personal or financial information by text or phone.
  • Do not respond to texts from unknown numbers, even if the message requests that you “text STOP”. Delete all suspicious texts.
  • Be on the lookout for misspellings or texts that originate with an email address.
  • Think twice before clicking any links in a text message.
  • Remember that government agencies rarely initiate contact by phone or text.
  • Consider registering your phone number with the National Do Not Call Registry.
  • File a complaint with the FCC at https://consumercomplaints.fcc.gov.

 

If you think a caller is trying to scam you, hang up.  If you get suspicious email or text, do not reply.  If you think that you’re the victim of a texting scam, report it immediately to your local law enforcement agency and notify your wireless service provider and financial institutions where you have accounts.

To help reduce the number of illegal robocalls that may originate from their network, Smart City Telecom has implemented robocall mitigation efforts to monitor the network and verify legitimate calls.  Find out more about what Smart City Telecom is doing to protect its customers at https://smartcitytelecom.com/legal/robocalls/.

 

Source: https://www.fcc.gov/consumers/guides/stop-unwanted-robocalls-and-texts