Welcome to the latest Savvy Cybersecurity newsletter. This month, as always, brought a wave of cybersecurity news. Read on to learn more about:
- How your retirement accounts are at risk
- A new sophisticated mail scam
- Holiday frauds to be on the lookout for
- And much more
Your retirement account: the latest goldmine for scammers
Steven Voss, a Utah-based CSX engineer was nearing retirement and decided to check on his 401(k) account. He was shocked when he logged in and his account balance was zero, according to the Atlanta-Journal Constitution. Voss had moved most of his money out of the Prudential Financial account a few months earlier but left about $50,000 in there.
According to reports, a scammer called Prudential Financial and pretended to be Voss. He provided his name, address, date of birth, and Social Security number and was able to cash out the 401(k). Prudential Financial had planned on sending the check to Voss’s home address but the caller asked that it be delivered to a UPS store instead.
Luckily, Voss discovered the missing money before the thieves picked up the check and…
Welcome to the Fall 2018 Savvy Cybersecurity newsletter. We hope that you were able to do something cybersecurity-related for National Cybersecurity Awareness Month. Read on to learn more about:
- The latest Facebook hack
- Are Chinese microchips spying on us?
- How hackers are targeting your direct deposit
- And much more
The latest Facebook hack: What you need to know and do
Thirty million Facebook users may have been affected by a recent hack of the social media platform, according to the company. Late last month, Facebook discovered a security vulnerability that they then believed to affect 50 million accounts. In fact, you may have been one of 90 million people who were forced to log back into their account and were notified of the security issue via Facebook notification.
What exactly happened?
Facebook engineers discovered a security vulnerability in the “View As” feature of the social media platform. This tool allows users to see how their Facebook profile appears to friends and non-friends on the website. It has been a very helpful tool in allowing users to understand their security settings.
Imagine having trouble with your smartphone. You contact your carrier for help, but they say you’re no longer a customer, and that you recently transferred your phone account to another carrier! Welcome to the central act in a growing cybersecurity threat-mobile account takeover. Consider the story of Tiffany and Kevin Bennett, who suffered this new form of identity theft.
One day, Tiffany received an email from her mobile phone company saying the password on the mobile account had been changed. She shares the account with her husband, Kevin, and figured that he must have changed the password, so she ignored the email alert.
A few hours later, however, Tiffany could no longer send or receive any messages. When Kevin tried to call her phone number it rang-but not on Tiffany’s phone. What happened? Someone hacked into the Bennett’s mobile phone account and forwarded Tiffany’s number to a new phone. All of her calls and texts were being forwarded to this number, too. The hacker was then able to enroll one of the Bennett’s credit cards, bought on the black market, in Apple Pay. When the credit card company texted the verification code to Tiffany’s number, the hacker received it instead. With access to their credit card, the impostor was able to spend hundreds of the Bennett’s dollars.Read More