COVID-19 AND RELIEF CHECK SCAMS

The rollout of COVID-19 relief checks in the US has created a new open door for cybercriminals. 

An estimated 4,300 malicious web domains related to COVID-19 relief have popped up in the last month, and Google reports that they’re stopping 18 million suspicious COVID-19 related emails per day.

-IDAGENT

With “Where’s my stimulus check?” a top query on Google, many of these domains are being used to snare unsuspecting users into giving away their personal information. There’s a huge onslaught of phishing attacks that aim to capture personal information or deliver malware using COVID-19 money as a hook.

With most working remotely, warn your staffers to be on the lookout and be very wary of downloading any type of guide that helps them claim their stimulus check or other items of that nature. If a staffer checks their personal email on their work computer and downloads a guide that is malware, it’s now a business problem.

STAY AWARE AND SKEPTICAL WITH EVERY EMAIL THAT ARRIVES, BUSINESS OR PERSONAL.

Most of us understand what a phishing attempt is and how to protect yourself. The basics of protecting yourself from a phishing attack is not to open any emails you don’t recognize and specifically, don’t click on suspect links. 

PHISHING TRENDS

Today’s phishing attack happened last week to one of the world’s largest domain name registrars, GoDaddy.com. One of their customer service employees fell victim to a social engineering attack which led to the infiltration of GoDaddy.com’s clients, instead of just GoDaddy itself. 

The hackers used their infiltration to grab DNS records from one of GoDaddy’s clients, Escrow.com. Escrow.com, an online broker of sorts, was one of five clients that were comprised during this phishing attack. On Monday evening, Escrow.com’s website had its homepage hijacked with a profanity-laced message left by the hackers. Although no systems seemed to be compromised or customer data, the DNS records were redirected to a third-party web server in Malaysia.  

FUTURE TRENDS

The trend is that hackers are targeting more and more companies that are responsible for DNS records. Just last December 2019, another popular domain registrar based in The Netherlands, OpenProvider, was also attacked and, ultimately through a series of complicated acts, thieved another domain e-hawk.net whose service is to help websites detect and block fraud! An Iranian group successfully attacked major companies via DNS-based attacks where they stole countless passwords and VPN credentials leading to the coining of the term DNSpionage. 

 PROTECT YOUR DNS RECORDS

One way to protect your DNS records are to acquire a registrar lock. This service requires the registrar to confirm any requested changes with the domain owner through manual contact. It can help ensure that .com, .net, .tv, .cc and .name domain names do not get hijacked. Shockingly, a miniscule 22 percent of domain names tracked in Forbes’ list of the World’s Largest Public Companies have secured registry locks! Some services include Verisign, Nameshield and others. 

Source

https://krebsonsecurity.com/2020/03/phish-of-godaddy-employee-jeopardized-escrow-com-among-others/?web_view=true

ZOOM MEETINGS

Let’s face-it. We’re all on Zoom for our meetings and why not make our meetings a little more interesting. Most devices can use a different background with a simple click of the button. Visit Zoom for more information on how to use Zoom Backgrounds or to see if your device is compatible.

The virtual background feature on Zoom allows you to display an image or video as your background during a Zoom Meeting. Here is a few our favorite free Zoom backgrounds. Just right click and save on the following images. Or visit the hyperlinks listed below for more images.

FREE ZOOM BACKGROUNDS

Fox Backgrounds

What would be better than working in your favorite animated show? Fox created several Zoom backgrounds featuring our favorite shows including the Simpsons living room and a fan favorite from Bob's Burgers. You can also find some from Family Guy and other favorites here.

DC COMICS

DC Comics assembled a collection of virtual backgrounds representing some of your favorite places within the DC Universe. From the gates of Arkham Asylum to the jungles of Gorilla City to the iconic globe of the Daily Planet, your home is about to seem a whole lot bigger! (At least to the people on the other end of your call.) Visit their site for even more DC Comics magic now.

Walt Disney Studios

How about your favorite Pixar locations? Who doesn’t love Finding Nemo or Up? Find more of your favorites here…

POP CULTURE

Whether it’s a meme or a favorite Netflix series, here are several that are sure to entice you to update your background.

CLASSY HOME BACKGROUNDS

Home about just giving your home an upgrade? These chic backgrounds are from West Elm and can make it look like you’re working in an Industrial-Glam Loft to working in your Chic-Modern Kitchen. See? You didn’t have to move to NYC after all. Find more pads for your Zoom background here…

Attackers can use Zoom to steal users’ Windows credentials with no warning

An unpatched bug in Zoom running on Windows can allow hackers to join your meetings and post links that if clicked can yield unpleasant results. Be careful what you click and don’t open links you aren’t expecting. If the link seems out of context definitely do not click it and ask your team if they sent it.

Read the full article from Ars Technica here.

While this threat is specific to Zoom running on Windows computers, this is a great example of how attackers can shift their focus based upon current events. Hundreds of thousands of people just started using Zoom in the past few weeks, and are largely unfamiliar with it beyond starting or joining a meeting.

WHAT ZOOM SAYS… 

Zoom has acknowledged the vulnerability and state that they are working to address it, so watch for updates – but, please be wary if you start to receive emails with links to update your zoom software. Zoom will most likely prompt to update when you launch the application once they have this fixed, and not email you out a link to run the updates.

Have cybersecurity protection questions? Contact us now.

Forget email.

You can now communicate and collaborate with co-workers, colleagues, and other people for free with several different apps. As much of the workforce is working from home now or maybe even a self-quarantine has been established, it’s easy to start feeling isolated. Here are our three suggestions for staying connected even from your kitchen table, er, “home office”.  And, don’t forget, if you use your computer (over your cellular phone) then you will need a webcam with microphone.

MICROSOFT TEAMS

If you have a Microsoft Office 365 account, then you have access to use a Business Teams for free! You can install this on your computer as well as your phones making it accessible and easy to use from anywhere. This is a fantastic resource that allows you to do a multitude of things across your business with all of your team: 

• Chat in Groups: Create one for each department as well as a General one for everyone. 

• Start a Live Virtual Meeting: Normal Tuesday meeting? Setup a virtual one and invite everyone through Teams for a video meeting. 

• Start a Private Chat: Only want to talk to Karen? Send her a direct chat message.

• You can also attach files from your computer, send photos, post a gif.

• It also has integrated apps that you can install like Trello or Asana.

ZOOM

Zoom is the leader in modern enterprise video communications, with an easy, reliable cloud platform for video and audio conferencing, collaboration, chat, and webinars across mobile devices, desktops, telephones, and room systems. Zoom Rooms is the original software-based conference room solution used around the world in board, conference, huddle, and training rooms, as well as offices and classrooms. This is a great option for Medical Offices trying to get telemedicine started pretty quickly.

Zoom offers a full-featured Basic Plan for free with unlimited meetings; however, it’s online only with no options to dial in for the free version. Your Basic plan has a 40 minutes time limit on meetings with three or more total participants.

MARCO POLO

How about something fun on the personal side? Marco Polo is a call-and-response video messaging app made for your phones. This is great to group chat with all your cousins across the country. Send a video message and they watch it when they are available. Often referred to as the video walkie-talkie, it’s fun and super easy to use.  It does have silly filters to use and you can also sent likes and hearts as you watch others’ Polos.