New cybersecurity threats like phishing attacks, ransomware, and scams are always popping up. Stay up to date on the latest widespread threats and protection methods in our recurring series.
TEXT MESSAGE DELIVERY TRACKING SCAM
People are receiving text messages, sometimes including their first name, that appear to come from FedEx. The message shows a phony tracking link and says to click the included link to set delivery preferences for the item. Clicking the link will lead you to a fake Amazon listing with a customer satisfaction survey, and after a few normal questions, will ask you for personal information and a credit card number to claim a free gift.
Luckily this scam isn't very well-crafted. Clicking a tracking number for a package would never take you to a survey that asks for personal and financial information in exchange for a gift! If you don't spot the scam from the text message, this should be a dead giveaway.
What to do: Always think for a moment before clicking links in a text message. If you haven't ordered anything, there's no reason you should be receiving a tracking code. If you have ordered something, check the tracking status from the website you ordered from and see if the codes match up. And always remember that clicking on a tracking code should take you to a tracking page and nothing else!
CITIBANK PHISHING SCAM
Through what appears to be emails and/or texts, recipients on the end of this campaign are being directed to a phony Citibank website at the URL "update-citi.com". The website then shows a duped login page. If you log in, you'll be asked to fill out various forms asking for personal and financial information.
If a victim fills out all that information, a page will come up showing that it is authenticating your information. In the background, the campaign will attempt to log you into the real Citibank website. This triggers a security code to be sent to your phone that will complete logging into the site. This tactic makes it appear that everything is fine and you didn't just give your information to scammers!
What to do: You should never have to confirm personal and financial details including your credit/debit card numbers and social security number for any service! If you ever receive a message asking you to fix something, confirm details, check out a notification, etc, go to the website yourself by typing the address in your internet browser. Do not follow any links from emails or text messages.
It's also important to always check out the URL of the website you're visiting. While update-citi.com looks legitimate, the hypen does not make this a subdomain of citi.com. Subdomains use periods (like ours for example - blog.techvera.com).
MAC 'SHLAYER' MALWARE IN FAKE ADOBE FLASH UPDATE
This malware was discovered in early 2018, but seems to have made a recent comeback, with reports showing it's attacked 1 in every 10 Mac computers.
"It’s seeded in links that promise pirated versions of commercial software, episodes of TV shows, or live feeds of sports matches. Once users click, they receive a notice that they should install a Flash update. Never mind that Flash has been effectively deprecated for years and that platforms offering warez and pirated content are a known breeding ground for malware." (Ars Technica)
It's surprising how prolific this malware has become - Flash is being phased out and almost nothing uses it anymore. Websites advertising pirated software and media should not be trusted. And it should be widely known to never install software from popups, especially outdated and insecure programs like Flash!
What to do: Never install software or updates from popups unless they're clearly coming from your computer, such as Windows Update notifications in your computer taskbar. Most people have no need for Adobe Flash anymore. It's also one of the most common ways for scammers to trick you into installing malware.
FAKE RETAILER REWARD PHISHING EMAILS AND TEXTS
Scammers are sending texts and emails pretending to be from retailers like Amazon, Costco, and Kohls. These messages tell the recipient that they have new rewards to claim, and even use the company's logo, colors, and branding. The emails/texts make it look as though you've earned these rewards after holiday shopping, so this well-timed campaign could fool someone easily after the shopping season.
Following the links in these emails could plant malware, steal your personal and financial information, and cause you all sorts of trouble!
What to do: Always be wary of emails promising rewards or gifts. To be safe, we recommend not following the links in emails unless you're 100% sure it's legitimate. If there's any question, head to the retailer's website directly, not from the link in the email or text.
If you need some extra help identifying or protecting against any of these or other cybersecurity threats, let us know!