Re: Public Service Announcement
toggle quoted messageShow quoted text
Thanks for the info!
From: Jim Stutsman via groups.io <onlinesewing@...>
Sent: Sat, May 22, 2021 4:13 pm
Subject: [onlinesewing-janome] Public Service Announcement
In my neighborhood I am "that guy" that people go to with technical problems. I don't usually mind, and if I get pulled in early enough I can usually avoid protracted efforts to help. Recently my next door neighbor called. She had been searching for a recipe and suddenly got a window popping up on her computer that said it was from Microsoft. The pop-up claimed that a terrible virus had been detected on the computer, and it also included audio reiterating that. Instructions said to call Microsoft at the included 800 number, but NOT to turn off the computer. She could not close the browser or the pop up, and she could not do anything else. This is just another one of the myriad ways for the bad guys to scam people out of money. I've even gotten a similar thing on a Mac, warning me that my Windows was infected, even though I'm not using Windows!
We now live in an age where technology is the preferred tool for crime. You probably heard about the pipeline that got shut down by cyber criminals, causing gas shortages all over the east coast. You may even have experienced the long lines and staggering prices that resulted. The attack that caused this was a ransom-ware attack. Using the Internet, the perpetrators infected one of the Windows computers used by the company, and encrypted everything on it. This type of attack works by reading every file, coding it with a special key, and rewriting the encrypted data. The computer is essentially locked without the key and software to unlock it. To get that the owner of the computer is asked to pay a large ransom in BitCoin. That form of payment is untraceable, so it is preferred by criminals. In this case the ransom request was $100 million dollars. However investigators were able to determine that the perps were in Russia, though the attack had nothing to do with the Russian government. They settled for $5 million and quickly left the country. Even when the ransom is paid, the trouble is not over. Before encrypting the data, the thieves will copy massive amounts of data - things like account numbers, addresses, credit card numbers, anything that you would not want public. They then say if they are not paid they will publish it on the Dark Web, where you can buy a credit card number for as little as 25 cents. Large companies don't want the word to get out that they were hacked, so they will pay to prevent that. Of course that only works with "honest thieves" who will keep their word and not publish the facts of the hack or the stolen data.
Most attacks like this happen because access is gained through links in emails. In what's called a "spear-phishing" attack, emails will be sent to various people in a company that may have high level access. The emails will look completely official, and will direct the recipient to log in, for some urgent purpose, by clicking a link in the email. This will take them to a website that looks exactly like the one they expect, but it will capture the login credentials, send them to the bad guys, and then log the person into the real website. Nothing will appear to be wrong. The lesson here is that you must be vigilant. When you get an email that appears to be from your bank, your credit card company, Social Security, or some other "official" source, don't just blindly click on any links within the email. Most organizations will not ask you to do that, although some of my credit cards will tell me to click a link to go to their "Secure Message Center" to view a document. This is bad form on their part, and I'm extra careful about that. In most email programs you can hover the mouse over a link and see where it is going to take you. If the link says https://www.chase.com, it might look like you're going to Chase Bank. But if you hover over the link and it says https://chase.somerandomsite.com that's a giant red flag.
It has been several years since an email was sent to this list that caused infection. I wasn't moderating then, and implemented moderation immediately after that happened. More than once I've thought about turning off moderation, because it's a burden to me, reviewing every post before publishing, and you, having to wait to see your post. Newbies usually think something went wrong, and post again, creating additional overhead. Because the threats keep coming, I will keep moderating, even though 99.99999% of the posts are safe. It only takes one to ruin your day! Be safe out there.