New cybersecurity threats like phishing attacks, ransomware, and scams are always popping up. Stay up to date on the latest widespread threats and protection methods in our recurring series.
SMALL BUSINESS ADMINISTRATION EMERGENCY INJURY DISASTER LOAN PROGRAM DATA BREACH
The SBA released a statement confirming that around 8,000 small businesses who applied for the emergency loans may have had their information compromised. This information is thought to include email addresses, insurance information, birth dates, phone numbers, postal addresses, social security numbers, and citizenship status. The vulnerable section of the application website that led to the breach was disabled and then relaunched by the administration.
It's thought that the earliest applicants for the loan were affected in the breach. While the information doesn't appear to have been used for malicious purposes yet, it's plenty of information for a scammer to fool the businesses on the list by impersonating the Small Business Administration or their banks.
What to do: Unfortunately, with how busy the government programs are currently, it's unlikely you'll be able to find out if you and your business were affected. It's a good idea to keep an eye on your bank and financial accounts. Also be extremely wary of any emails, calls, or other messages you receive about the loan if you applied. Ensure that any communication is coming from the official government source, and never click links or download files from emails you're unsure about.
FAKE ZOOM MEETING PHISHING EMAILS
Zoom users are being targeted by a new phishing campaign that comes in the form of fake meeting reminder emails. These emails look similar to the official meeting reminder emails, and tell the recipient that a meeting with their Human Resources and Payroll departments is about to start. The intent is for the recipient to panic, thinking they aren't prepared for an urgent meeting, and click on the link to join without doing their due diligence in confirming the email's legitimacy.
Clicking the link will bring up a page to log in with your Zoom credentials to get into the "meeting", which are the stolen by the attacker.
What to do: If you don't recall setting up a meeting and receive an email like this, take the time to confirm it. Check your calendar, contact the other people who are purported to be in the meeting by phone, email, or in person. If it is legitimate and you simply forgot, I'm sure they will understand that you were trying to avoid scams like these!
NINTENDO SWITCH ACCOUNT BREACH
Nintendo confirmed that up to 160,000 accounts that did not have two-factor authentication enabled were compromised in a data breach. Nintendo noted in their public statement that the attackers have been impersonating the Nintendo Network ID process, which allowed them to login to these accounts. While no payment details were accessed as they could not be viewed in full from the account, attackers were able to make purchases to some. The data that could be accessed is the user nickname, birth date, gender, country/region, and email address.
What to do: Nintendo has now disabled the ability to log into accounts using a Nintendo Network ID. They have also recommended that users change their password and re-login to their accounts. It's also highly recommended to add two-factor authentication to this and every account that supports it. Accounts that use this extra security step were not affected, as the attacker would also need access to their phone or email to get in. If your account was fraudulently charged in this, Nintendo support will help get that money refunded.
PHISHING EMAILS IMPERSONATING THE U.S. FEDERAL RESERVE
Scammers have been preying on victims using phishing emails around the Payment Protection Program. These emails appear to come from the Federal Reserve and ask the recipient to click on a link within to complete their request for payment in the program.
Clicking the link will land you on a well-designed webpage that looks to be a part of FEMA and the CDC's efforts around COVID-19 awareness and support. On the page is a button that says "Get Economic Impact Payment Now", which then shows a dropdown of around two dozen banks. Select your bank and this scam will take you to a duped login page for it, which will then transfer your banking login credentials to the scammer if entered. To take the scam even further, typing in your credentials will throw an error stating that you provided the wrong login information, but those details are actually sent to the attacker.
What to do: Don't follow any links or downloads in emails you receive about COVID-19 or financial relief associated with it. Instead, always open your web browser and go directly to the official websites that you need - whether that's your bank or a government website. Scammers are taking advantage of this global situation to fool as many people as they can.
If you need some extra help identifying or protecting against any of these or other cybersecurity threats, let us know!