Hackers Are Using Compromised Personal Information to Further Hacking Schemes
In talking to friends and clients, we are seeing a recent upsurge in attacks by hackers who appear to have access to compromised personal information and are using that information to further hacking schemes. We are sharing the facts of two recent attacks so that you can be on the lookout for these hacking techniques.
1. An individual reported receiving an authentic looking email from his credit card company showing his account information. The email warned of a disruption in his charging privileges and instructed him to: "Click here to resolve this important computer security issue." The link appeared to be a valid link to his credit card company's official web site, but was not. Links are easy to "spoof" -- which refers to hiding a link to a malicious web site behind text that appears to be a link to a legitimate web site. In this case, if this individual had clicked the link, he would have been sent to a web site created for the purpose of identity theft. Banks, credit cards, and financial institutions do not report fraud or abuse/misuse via email. Whenever you receive an email like this, you should do exactly what this individual did:
A: Report the suspicious email to your Information Services Team.
B. Call the financial institution that was spoofed to check on the status of your account and make a report to their fraud department.
2. We also received another report from an individual who received an email that appeared to be from a major national retailer. The email included his contact information and frequent shopper number. The link, however, was spoofed and actually pointed to a malicious Internet address. This appears to be another case where an individual's personal information was compromised and is now be used for a further attempt at identity theft. If you have an interest in some offer being shared via email - do not click the link in the email. Launch your browser and go to the actual web page for the business. It's worth the extra time to not put yourself or you company at risk.
Never open a link that is not from a trusted source. But the fact that the link appears to be from a trusted source is not enough. It is critical to be aware of hacking tactics. Smart computing habits (especially handling email and web activity) remain among our best defenses to hackers. Feel free to share this information among your friends and co-workers.