your passport to all things web
Security Warnings 02/12/20
We do not usually push these bulletins during the week, however there are two items that require the staff’s attention. Also, on a standard bulletin, we do not ask you to acknowledge having read the bulletin. Please note this bulletin, at the bottom, requires you to acknowledge that you have read this message.
First, there is a convincing scam going around and it is very active. Basically, the scammers are contacting people who have credit cards and telling them that there are unauthorized charges that they need to verify. They are then directing them to a website to verify the charges. The website collects private information, and, in some instances, even verifies or denies the charges. That way the credit card holder is not aware they were even scammed. The websites that are being used almost exactly mimic the credit card company’s web site, like Chase, Well Fargo, etc., making it next to impossible to tell that a scam is in the works. For the short term, until the credit card companies figure a better way, if you get notified that there are possible fraudulent charges on your credit card, call the credit card company. Do not verify anything electronically. This goes double if you are a staff member with a P-card. You can read more about this scam here.
Second, we have been getting phishing Emails to staff stating that a password needs changed or verified and providing a link to do so. These are obviously bogus, however, each one we have seen in the last 24 hours is slightly different. That means our efforts to block them are akin to playing whack-a-mole and the attackers are most definitely targeting PSAB staff and using tactics that are able to slip through our spam filters. Remember, we would never send you an Email requesting you to change or alter a password since IT assigns passwords. Further, we are right down the hall, so if you do have any doubts, ASK. In addition, if you get any of these Emails, please send them to firstname.lastname@example.org. We were able to stop an attack against a staff member last week because Email messages were coming from a specific group of overseas servers. It took 3-5 Emails for us to determine that, but, once we did, we were able to black list those foreign servers and the attack stopped. Here is an example of one of the password change messages being sent to staff:
Your password will expire in the near future.
This will require you to reset the password to be able to log back in.
Please login to the Portal to change or keep the current password to avoid the possible future inconvenience.
The link is provided below:
Again, the attackers are changing the Email from staff member to staff member, so this is just an example.
One more word of caution about this attack, IMIS does require a password change. Remember, IMIS does NOT send an Email but rather makes you change the password when you next log in. It is very possible that the attackers could/will use an IMIS phishing Email to attempt to gain access to that system. If you are in doubt please ask IT!
PSAB staff is one of the best when it comes to security within a small organization and we thank you for your vigilance and continued support of IT while we do our best to keep everything buttoned down and safe!
Ready to get started?
"Your passport to all things web."
To contact us after hours please use the panic button.
Fees may be incurred depending on reason for support.