Cybersecurity Blog

Protecting Yourself from Scams During Tax Season – 03/14/17

 

Every tax season the cyber criminals try to take advantage of tax payers eager to get their refunds.  What do you need to know to protect yourself?

  • The CRA will never communicate with you via email unless you have signed up for online mail.
  • The CRA will never ask for personal or financial information via email.
  • The only time the CRA will send you an email with a link in it, is when you are on the phone with them and are requesting information be sent via email.

If you unexpectedly receive an email from the CRA containing links, delete the email. If you receive an email from the CRA asking for personal or financial information, delete the email. If you are uncertain as to the legitimacy of an email received from the CRA, call them directly using a phone number you have found on the CRA website.  For more information on how to protect yourself from scams, identify theft and fraud, check out the CRA website.

 

Alert – Mount Royal Targeted by Phishing Emails – 01/19/17

Members of the Mount Royal community are receiving emails that look an awful lot like they come from the ITS Service Desk.  Problem is, they aren’t.  The clever criminals are even shameless enough to hide their malicious link in an email that looks like it is trying to prevent cyber crime.  Here is what to look for:

Of course if you click on the link, some nice nasty malware gets loaded onto your system. If this email shows up in  your inbox, do not click on any of the links and delete it immediately.

The criminals are getting smarter and smarter and are starting to make fewer and fewer mistakes. Remember, before you click on a link in an email, or open an email attachment contact the sender and verify that the email is legitimate.

Latest Phishing Scam – 01/06/17

 

There is a phishing attack going on you need to know about. This latest attack is an email with the subject Assessment document. The email states that the attachment is  locked and asks you to click on the link PDF Secure File UNLOCK to Access File Content to unlock it. If you click the link to unlock the document, a dialog box comes up that asks you to enter your email address and password. Of course, if you do the information is sent to the hackers.

If an email like that makes it into your inbox, do not click on anything, and definitely do not enter your email address and password. If you are at work, contact the Service Desk at 403-440-6000.  If you are at home, delete the email.
Remember, Stop and Think Before You Click!

Watch out for George Michael scams – 1/3/17

Over the holidays pop star George Michael was found dead in his home in Oxfordshire, England. He was 53. Internet scum are going to exploit this celebrity death in a number of ways, so be careful with anything related to George Michael’s death: emails, attachments, any social media (especially Facebook), texts on your phone, anything. There will be a number of scams related to this, so Think Before You Click!

Phishing Scam Alert: OneClass Chrome Extension – 12/12/16

oneclass_graphic

 

As mentioned in a previous post, you should only download apps, browser extensions and the like from reputable sources. The latest alert is for the OneClass Chrome Extension.  It is a phishing scam that will attempt to send an email to everyone in your Blackboard courses and steal your usernames and passwords. Several Mount Royal students have already been affected by this scam.

How the phishing scam works:

  1. Students receive an email with a link to install the OneClass Chrome Extension.
  2. During the installation, the user will be prompted to accept its permission of “Read and change all your data on the websites you visit.”
  3. When the user accepts, a button will be created within Blackboard pages to “Invite your Classmates to OneClass”.
  4. The extension attempts to email everyone in the user’s Blackboard classes to promote the OneClass extension.
  5. The extension also attempts to collect user credentials (usernames and passwords).

If you receive the following phishing email, do not install the extension or click on any links on the email.  Please delete the email.

“Hey guys, I just found some really helpful notes for the upcoming exams for <University Name> courses at <URL removed>.  I highly recommend signing up for an account now that way your first download is free!”

If you have installed the OneClass Chrome extension, you should immediately remove it and change the password of any site you logged into while it was installed.

To remove the extension:

  1. Open your Chrome Browser.
  2. Select the 3 vertical dots in the upper right-hand corner. A menu appears.
  3. Select Settings. The settings page appears.
  4. From the menu on the left, select Extensions.
  5. Scroll down until you locate the OneClass Easy Invite extension.
  6. Select the Trashcan icon beside the “OneClass Easy Invite” extension. A dialog box appears.
  7. Select Remove.
  8. Close all Chrome windows and return to the Extensions page to verify the extension has been removed.

Remember to use the link on the MyMRU log in page to change your password, and to change your password on any other sites you used while the extension was installed.

Any students who need assistance can contact START http://www.mtroyal.ca/AboutMountRoyal/TeachingLearning/AcademicDevelopmentCentre/START/index.htm and any staff who need assistance can contact the Service Desk at 6000.

Banking App Locks your Phone While your Account is Emptied – 12/2/16

 

Here is the latest malware scam. Cyber criminals are sending out phishing emails that appear to come from your bank and include a link to download a new banking app on your phone. The email notifies you that for the app to work, you will have to give it administrative privileges. When you download the app, everything works fine. You can make transactions just as you did with your old app.  However, after after you have completed several transactions, your phone will not recognize your unlock password. While you are distracted with your locked phone, the criminals are busy emptying your bank accounts using all the information that you entered earlier into their fake app.

Sound scary? It is. How do you protect yourself? Easy, don’t download apps from unsolicited emails. Only download apps from reputable sources such as iTunes, the Google Play Store or vendors/banks legitimate websites. When downloading from a store, make sure you check reviews before you download. Safe apps have millions of downloads and good reviews.

What do you do if you become a victim? Call your bank immediately and do a factory reset on your phone.

How to Avoid ATM Fraud – 11/28/16

As the Christmas shopping season goes into full swing, cyber criminals are upping efforts to steal your hard earned cash. Most people have heard the horror stories of devices called card skimmers being placed on ATM card slots. These devices scan the magnetic strip on your card while tiny cameras capture your finger movements as you enter your pin.  The majority of you have been educated enough to not use ATMs that have large plastic thingy’s sitting over the  card slot.

However, the latest card skimmers are so thin they are inserted inside the card slot and are impossible to detect.  Check out this video.

How do you protect yourself from such ingenious technology? Simple, cover the pin pad as you enter your pin number. The information that a skimmer scans from your card is useless without the pin. If you cover the pin pad, the criminals camera is unable to record your pin regardless of where it is placed.

Want to reduce your chances of encountering skimmers at all? Only use ATMs that are physically installed in a bank, they are harder to hack. Also, try and avoid using ATMs on weekends. Thieves tend to install these devices on a Friday when they know the bank won’t be open for a while.

Technology is every changing and so are the criminals methods. As careful as we may be, a breach may still happen. Reduce the damage by keeping an eye on your bank statements and disputing any unauthorized charges immediately.

Happy Shopping!!

 

Alert – Phishing Email Targeting the Mount Royal Community – 11/24/16

Here is the latest phishing email pretending to come from the IT Service Desk.  How do you know it is a fake? It contains an email address that is not found on the Mount Royal network and it uses poor grammar. Other things that are suspicious but not clear giveaways are, it is addressed to account user instead of a person and the link takes you outside of the Mount Royal website.

If the following email shows up in your inbox, please do not click on any of the links or reply to the email. Please delete it immediately.

Looking for a handy desk reference to print off and refer to when trying to determine if an email is legitimate? Print out this one created by KnowBe4.

New Tech Support Scam – 11/07/16

 

The latest tech support scam pushes malicious code through a compromised webpage ad. When you visit a site instead of seeing a regular ad, you get a large pop that appears to be from Microsoft warning you that your system has been infected and asking you to call tech support to resolve the issue. No matter how your try you cannot get rid of the pop up.  The malicious code uses up all your computer resources freezing your computer.

The pop up looks just like it comes from Microsoft…how do you know for sure that it is a scam and not a legitimate warning from Microsoft? There are several tells that indicate this is not a legitimate warning:

  1. Anti-virus/malware warnings do not appear from within a web page or browser.
  2. Microsoft does not send  warnings of systems being infected.
  3. Legitimate anti-virus/malware warnings from your anti-virus software do not ask you to call tech support.
  4. You cannot get rid of the pop up.

If you encounter this annoying scam, what do you do? The good news is all the code is doing is using up computer resources, it isn’t actually harming your computer. To get rid of the pop up and free up your computer, just launch your Task Manager and shut down the browser. If you cannot launch the Task Manager, turn the computer off.  Whatever you do, do not call the tech support number. They are scammers and will simply rob you of hundreds of dollars.