Cyber Safety Tip of the Week (July 2, 2018)
KnowBe4 Tip of the Week: Malvertising
Visit any website these days and it’s very likely that you will be viewing ads as well. Sometimes these ads can be tempting, with many offering sales, promotions, or freebies to attract more clicks. Ads on certain websites can even be targeted specifically to you based on past browsing history, making you even more likely to click!
Remember this: just because you are on a reputable, well-known website, it does not mean that the ads on the website are safe to click as well.
How adspace can become infected: Advertisers do not sell their ads to websites one at a time. Websites that want to make money sell their advertising space to an ad network. Advertisers sign contracts with that ad network which then displays the ads on the participating websites. The ad network sits in the middle between the advertisers and the websites and manages the traffic and the payments.
So there can be a problem because of this. Cybercriminals can fool the ad network into thinking they are a legit advertiser, but the ads which are displayed on major websites can be poisoned. If you browse to a page with a poisoned ad on it, that is enough to run the risk your PC will be encrypted with ransomware, which can hold your computer or your entire network hostage until you pay the cybercriminal a ransom.
Tips to prevent the effect of harmful ads:
- Disable Adobe Flash on your computer – or at least set the Adobe Flash plug-in to “click-to-play” mode – which can block the automatic infections.
- Keep up-to-date with all the security patches and install them as soon as they come out.
- Download and install a reputable ad blocker plug-in for your browser. These prevent the ads from being displayed in your browser to start with. These ad blockers are getting very popular with hundreds of millions of people using them.
The tips included in this message are meant to remind you to keep sensitive information secure. Remember, your organization’s privacy, security, and compliance policies for handling sensitive information should be followed first and foremost.
Stop Look Think – Don’t be fooled!
How to Protect Yourself from Phishing Attacks
Note: teachers and staff are strongly urged to stay off of shopping sites and social networks while using District supplied laptops or desktops (this is especially true when using devices outside of the District). These types of sites promote computer viruses, along with types of malware, spyware,and ransomeware that could negatively impact your computer and jeopardize your data.
The tax and vacation seasons are a prime time for phishing attacks. Scammers will attempt to gain access to your personal information, eg., credit/debit card information, bank account information, your social security number, etc., by posing as legitimate companies or sites, emails, or even telephone contacts. Scammers can even hold your data hostage, i.e., “ransomeware”; in this case, the user’s data is encrypted and held hostage. In order to decrypt the data, a ransome is demanded by the scammers.
The attached post lists nine tips from Kapersky Labs, a leading anti-virus company, to protect yourself from phishing attacks.
Symantec Corp., manufacturer of Norton Antivirus, has a lot of useful information concerning cyber security, virus protection, and child internet safety on their Internet Security website.
Microsoft also has a very good tutorial and FAQ on ransomeware.
Google has found a way to keep their employees from getting phished. Check out:
How to Avoid Being Scammed
To avoid being scammed or — perhaps, worse — having your phone number added to additional robocall lists, follow these tips from the BBB:
- Do not answer calls from numbers you do not recognize (duh).
- If you do answer and are asked questions that seem to be fishing for a “yes” or “no” answer, do not respond and hang up immediately.
- Never give out any personal information over the phone when you are unsure of the caller (also obvious but worth repeating).
- Make a note of the number and report it to BBB Scam Tracker to help warn others.
- As always, check your bank and credit card statements regularly for unauthorized charges.
You can also report suspicious or unwanted calls to the FTC’s National Do Not Call Registry and register your home and mobile numbers for free to avoid or at least lessen the frequency with which you receive unsolicited calls.