Welcome to Cyber Insights with Mercury IT. At this time of year , it’s easy to be caught off guard and fall for a scam with Black Friday and Cyber Monday deals coming in thick and fast, view our tips to stay safe and secure. Latest breaches this month include a hacking incident and credential compromise.
CURRENT SCAM
Customer retention and satisfaction are vital to most organisations’ success. Knowing how important this is, cybercriminals send fake customer complaints in hopes of catching you off guard.
In a new phishing email, cybercriminals impersonate a member of your organisation’s human resources or management team. The email addresses you by name, states “It is urgent request,” and tells you to call the sender immediately in regards to a customer complaint. Additionally, a PDF of the complaint appears to be linked within the email. If you click on the link, a webpage opens where you can download the customer complaint. Unfortunately, the file isn’t actually a PDF. Instead, it’s a dangerous piece of malware.
Here’s how you can stay safe from similar scams:
- Think before you click. Cybercriminals exploit emotions, such as the fear or guilt of upsetting a customer, to trick you into clicking on malicious links.
- Watch for poor grammar and unusual phrasing in emails, such as “It is urgent request.” Emails from legitimate sources are more likely to use correct and natural language, such as “This is urgent” or “This is an urgent request.”
- Never click a link in an email that you weren’t expecting. If you’re not sure, reach out to the sender by phone to confirm the legitimacy of the email.
LATEST BREACH
Exploit: Hacking | South Australia’s Department for Infrastructure and Transport confirmed that mySA Gov accounts were compromised through a cyber attack. Officials went on to say that the hackers gained access to several mySA Gov accounts that were secured with recycled passwords. The department went on to say that there was no evidence of any unauthorised transactions on the impacted accounts while encouraging users to update their passwords. |
CYBERSECURITY TIPS
It’s Thanksgiving week in the United States, which means Black Friday and Cyber Monday are finally here! To celebrate, cybercriminals have created a record number of malicious online stores to trick unsuspecting shoppers. Cybercriminals create online stores that claim to sell hard-to-find items, such as trending makeup products or this year’s hottest toys. To lure in customers, cybercriminals run ads on other websites, on social media platforms, and even within Google search results. If you click one of these ads, you’ll be taken to the malicious online store. These stores can be very convincing because they include real product images, descriptions, reviews, and a functional shopping cart and checkout process. Unfortunately, if you try to purchase something from one of these malicious stores, your money, mailing address, payment data |
Follow the tips below to avoid these malicious online stores:
|
Find out more about cybersecurity for your business here or book a complimentary consultation with our Chief Information Security Officer, Chris Haigh here
