Cyber Security Awareness
Clean and safe computers
Can’t view the pdf? Download it here.
Protect Your Loved Ones From Romance Scams This Valentine’s Day
When you hear “romance scam” you may think of a little old lady falling for the classic “Nigerian Prince” scam. But romance scams have become far more complex and difficult to recognize, adapting to today’s online dating landscape. With the popularity of platforms like Match.com, Tinder, and Bumble, scammers have set their sights on these popular apps and even social media.
In fact in the United States, consumers have lost $770 million to fraud scams started on social media in 2021, according to the Federal Trade Commission (FTC). In the first half of 2021, the FBI Internet Crime Complaint Center (IC3) received over 1,800 complaints related to online romance scams, resulting in losses of approximately $133.4 million.
In Canada, based on fraud reports to the Canadian Anti-Fraud Centre (CAFC), romance scams were responsible for the second highest amount of fraud-related dollar loss in 2021. These scammers are using advanced methods to appear legitimate and trick people into trusting them.
Romance scams can be part of a much larger cybercriminal ecosystem. International cyber gangs will even use dating sites to recruit victims as “money mules” and use them to unknowingly launder funds, according to AARP.
Often, scammers prey on victims experiencing loneliness, which has not been uncommon during COVID-19 pandemic lockdowns. If your friend or relative has started a new online relationship, or even if they’ve been in one for several months, it’s important to check in and look for any red flags.
Some red flags may include:
- A request for money. A request for money is a major red flag of a scam. Scammers may pressure you into sending money for “urgent” matters, such as medical expenses. They may also say it’s for a plane ticket to visit you. Never send money to someone you haven’t met in person. Scammers may also ask for payment in the form of pre-loaded gift cards or wire transfers.
- They may often make and break promises to come see you in person. The person claims to live far away, overseas, or be in the military.
- The relationship is moving fast and the person professes love quickly.
- There’s pressure to move the conversation off the platform to a different site or want to continue the conversation through text. Dating platforms search for scammers on their sites. Scammers will want to move their victim off-platform to avoid any detection.
If you believe a loved one is the victim of a scam, it is important for them to take the following steps:
- Cease communications with the scammer immediately and take note of any identifiable information you may have on them, such as their email address.
- Contact your bank or credit card company if you’ve given them money.
- Report the scammer if in the United States to the FTC and the FBI.
- Report the scammer if in Canada to your local police and also the CAFC.
- Notify the website or app where you met the scammer.
Remember that romance scams can happen to anyone at any age and falling for a scam is nothing to be ashamed of. By speaking out, reporting scams, and encouraging others to do the same, you can help protect others from becoming victims. While you’re at it, watch the Tinder Swindler, which is about a guy that scammed Woman out of millions of dollars, it’s a NEW Documentary on Netflix. For more information, please feel free to Contact Us.
#StaySafeOnline
Ring in the new year cyber-safely!
Can’t view the pdf? Download it here.
2022 In Review: An Eventful Cybersecurity Year
Furniture and home goods giant IKEA announced that it had experienced a data breach in its Canadian operations that impacted an estimated 95,000 customers. The company said that sensitive customer information was mistakenly provided to an employee in an internal search between March 1 and March 3, 2022.
No specifics about the compromise data were offered beyond confirmation that no financial or banking information was accessed. IKEA says that it has notified any customers that were impacted by the breach and the Office of the Privacy Commissioner of Canada.
One of the largest healthcare systems in the US is experiencing outages impacting patient care after a suspected ransomware attack knocked some hospital systems offline. Subsidiaries of CommonSpirit have reported being affected by the attack including CHI Health facilities in Nebraska and Tennessee, Seattle-based Virginia Mason Franciscan Health providers, MercyOne Des Moines Medical Center, Houston-based St. Luke’s Health and Michigan-based Trinity Health System. The U.S. Department of Health data breach portal — where all healthcare organizations are legally obligated to report data breaches impacting more than 500 individuals — has confirmed that the threat actors accessed the personal data of 623,774 patients during the CommonSpirit ransomware attack.
School website services provider FinalSite has suffered a ransomware attack that disrupted access to websites for thousands of schools worldwide. FinalSite provides solutions for over 8,000 K – 12 schools and universities in 115 countries. School districts that hosted their websites with FinalSite found that they were no longer reachable or were displaying errors. Bleeping Computer reports that in addition to the website outages the attack prevented schools from sending closure notifications due to weather or COVID-19. FinalSite says that approximately 5,000 school websites went offline as a result of the ransomware attack and no data was stolen. An investigation is ongoing.
The International Committee of the Red Cross has revealed that hackers have stolen data from a Swiss contractor that stores it for them. The stolen data includes information about over 515,000 highly vulnerable people that it has served, recipients of aid and services from at least 60 affiliates of the organization worldwide. The Red Cross says it typically reunites 12 missing people with their families every day through that program. As a result of this cyberattack, The International Red Cross has been forced to temporarily halt a program that reunites families torn apart by violence, migration or other tragedies. A spokesperson for the ICRC told news outlets that there have been no demands from the hackers in exchange for stolen data and that they were working with specialized firms to recover.
A school system in the greater Toronto area has experienced a major technical outage after a hacking incident in late November 2022. The cyberattack impacted at-home schooling, phone and email systems at the board and forced the postponement of the literacy test (OSSLT). The district the board oversees is responsible for public education across 136 elementary and secondary schools in the eastern Toronto area serving an estimated 74,000 students with over 7,000 teaching and educational services staff.
The Lapsus$ gang has released 37GB of source code that they snatched in a hit on Microsoft’s Azure DevOps server. Microsoft confirmed the incident, saying that the threat actors gained access through a compromised employee account.
The source code looks to pertain to various internal Microsoft projects, including for Bing, Cortana and Bing Maps. Microsoft made a blog post about its recent operations to track and potentially interfere with Lapsus$ last week. The company was quick to state, “Microsoft does not rely on the secrecy of code as a security measure and viewing source code does not lead to elevation of risk.” Lapsus$ is known to be a ransomware outfit, but no ransom activity was disclosed in this incident.
No information about consumer/employee PII, PHI or financial data exposure was available at press time.
Verizon has announced that hackers obtained access to a database. The hacked database includes the full name, email address, corporate ID numbers, and phone number of hundreds of Verizon employees. According to reports, the hacker contacted Verizon to ask for an extortion payment of $250,000 to prevent the release of the stolen data. Verizon has said that they do not plan to pay.
Information exposed in the database includes employee names, email addresses, corporate ID numbers, and phone numbers. Verizon says that the database does not include Social Security Numbers, passwords or credit card numbers.
Sunwing Airlines passengers were finding themselves delayed or stranded in airports in Canada and across the Caribbean after a cyberattack brought down boarding and check-in services maintained by Illinois-based service provider Airline Choice. The airline had been forced to manually check in passengers and handwrite boarding passes, causing massive delays for several days, with passengers stranded in the Caribbean, Mexico and Central America. The company in-turn had to subcontract flights with other airline carriers just to get some of its stranded passengers home.
The new ransomware group Stormous claims they’ve pulled off a ransomware attack against The Coca-Cola Company, claiming that it snatched 161 gigabytes of data. The hacking group has been linked with Russian nationalist cybercrime following its public statement vowing to take action against companies that pulled out of Russia in the wake of Russia’s invasion of Ukraine. Financial data, passwords and commercial account records are said to be among the stolen data. Coca-Cola says that it is investigating the matter.
Toronto healthcare provider Scarborough Health Network has disclosed that it has experienced a data breach. Officials say that an unauthorized actor gained access to the organization’s systems around January 25, 2022. The attacker was shut out of the system by February 1, 2022. The information of anyone treated before February 1, 2022, may have been compromised.
The organization says that patients who received care prior to the amalgamation of SHN Centenary Hospital (also known as Scarborough Centenary Hospital), SHN General (also known as Scarborough General), and Birchmount Hospital (also known as Scarborough Grace) under one network in 2016 might be impacted as well as patients who received care at hospitals that were part of the former Rouge Valley Hospital Network, including RVHS Ajax and Pickering Campus or Ajax-Pickering Hospital.
The health network says a big pool of information may have been accessed, including patients’ names, dates of birth, marital statuses, home addresses, phone numbers, email addresses, OHIP numbers, insurance policy numbers, lab results, diagnosis information, COVID-19 immunization records. Staff names and numbers may have also been accessed.
The Hospital for Sick Children (SickKids) is currently responding to a cybersecurity incident affecting several network systems and has called a Code Grey – system failure. The code went into effect at 9:30 p.m. on Sunday, December 18, and is ongoing. While the attack only encrypted a few systems, SickKids stated that the incident caused delays in receiving lab and imaging results and resulted in longer patient wait times. On December 29th, SickKids announced that it had restored 50% of its priority systems, including those causing diagnostic or treatment delays. the LockBit ransomware gang apologized for the attack on the hospital and released a decryptor for free. “We formally apologize for the attack on sikkids.ca and give back the decryptor for free, the partner who attacked this hospital violated our rules, is blocked and is no longer in our affiliate program,” stated the ransomware gang.
General Motors (GM) has announced that it was hit by a credential stuffing attack last month that exposed customer information. GM said that they detected the malicious login activity between April 11-29, 2022, and that hackers obtained access through credential stuffing. GM said in a statement “We believe that unauthorized parties gained access to customer login credentials that were previously compromised on other non-GM sites and then reused those credentials on the customer’s GM account.” The bad actors also redeemed loyalty points from some customers’ accounts for gift cards.
Customer data that was exposed in this incident includes first and last names, personal email addresses, home addresses, usernames and phone numbers for registered family members tied to the account, last known and saved favorite location information, currently subscribed OnStar package (if applicable), family members’ avatars and photos (if uploaded), profile pictures and search and destination information, car mileage history, service history, emergency contacts and Wi-Fi hotspot settings (including passwords).
The Conti ransomware group has claimed responsibility for an attack on Panasonic’s Canadian operations in February 2022. Panasonic confirmed that it had been the victim of a ransomware attack that impacted its systems, processes and networks. The company says that it has contracted with outside experts to investigate the attack as well as clean and restore servers and rebuild applications. No word was available about what if any data was stolen by the attackers. Panasonic says that relevant authorities have been informed.
Chicago Public Schools is facing a big breach of student data after a technology vendor experienced a data security incident. CPS has disclosed that it was recently informed that an unauthorized access incident took place at Battelle for Kids in December 2021. In that incident, a server that housed four years’ worth of personal information about students and staff from the 2015-16 through 2018-2019 school years was breached. Officials say that no Social Security numbers, no financial information, no health data, no current course or schedule information, no home addresses and no course grades, standardized test scores, or teacher evaluation scores were exposed in this incident.
The improperly accessed data included students’ names, schools, dates of birth, gender, CPS identification numbers, state student identification numbers, class schedule information and scores on course-specific assessments used for teacher evaluations. Employee data included names, employee identification numbers, school and course information and emails and usernames.
Hacked for the Holidays 2022
Can’t view the pdf? Download it here.
