To spread viruses on a wider level, cybercriminals look for famous online sites or services to exploit, like Google or Yahoo Mail. As per news report from Bleeping Computer, a realistic but phony Office 365 website is one of the latest. The main motive of this is to trick you into downloading malware. When you get to that fake site, a pop-up message is shown after few seconds regarding updates of any browser like Firefox. And, you are asked to click here which upon installing steal login usernames, passwords and more.
Thus, to avoid such situations, there are two options:-
- Never install update of any browser from anywhere other than the browser itself which can be done usually from the Settings or Help menu.
- Turn on the auto-update feature.
If you’re using an Office 365 and are worried about being victimized then scan your system at least once a week anyway.
We always hear from our parents that never trust the strangers. The same philosophy goes with the Internet. This is one of the golden rules of cybersecurity.
In a recent activity, security company FireEye has detected a resume attack scheme using LinkedIn. A person named “Rebecca” who claims to be a researcher at the University of Cambridge, replied to an organization’s requests for resumes. At one point “Rebecca” posted a link to a document that she wanted the target to read. Anyone who is going to click that link would be downloading the malware. FireEye says that these kinds of cybercrimes are seen against governments and the energy sector.
What lesson does this attack give to us?
- Initially, you must be careful about strangers who try to connect with you via any social media or email.
- Secondly, organizations who seek hiring must be careful with the resumes. The IT security of that firm might not be detecting all threats. Therefore, if you are requesting resumes, white papers, research, and so on, confirm with your IT security if it is a safe way to do it.
The U.S. Department of Education found several fake accounts of students which might have been created by attackers with a motive of exploiting Ellician website software. This software is used by approximately 62 universities or colleges. Some of those accounts were used for various criminal activities and to access admissions and enrolment information. It is advisable that institutes must use the latest versions of software from Ellician Company.
For more great content like this, subscribe to our monthly newsletter:
[newsletter]