New cybersecurity threats like phishing attacks, ransomware, and scams are always popping up. Stay up to date on the latest widespread threats and protection methods in our recurring series.
FAKE LOGMEIN SECURITY UPDATE EMAILS
Image via HelpNetSecurity
Fake emails claiming to be from LogMeIn are showing up in users’ inboxes. They state that there is an important new update available and the recipient should follow a link within the email to apply the update to their account. Clicking the link leads to a fake login page and would send the credentials entered to the attacker, giving them access to the victim’s account.
Since LogMeIn is the parent company of password manager Lastpass, the attackers would likely also get access to any passwords the user has saved in Lastpass.
What to do: Never follow the links in emails like this, they are very rarely legitimate unless you specifically requested the email (for example if you forgot your password to an account or created a support ticket). By going to your web browser and logging into the service, you’ll be able to see if there are any needed updates or notifications.
BANK OF AMERICA PAYCHECK PROTECTION PROGRAM DATA BREACH
Bank of America stated that client information was exposed at the end of April, affecting those who had applied for Paycheck Protection Program (PPP) loans. This information was uploaded to the US Small Business Administration’s online platform, which gave lenders a chance to test submissions before new applications came in. Because of this, other lenders and vendors were able to view the information in these submissions, including details of the business owners.
Data may have included company addresses and tax ID numbers, the owner’s name, address, Social Security number, email addresses, phone number, and citizenship status.
The data that was uploaded to the online test platform was pulled from a range of applicants, so those affected may be spread out over the United States. Bank of America has stated that there was no indication of misuse by lenders and vendors with access to the information, and information was not visible to other businesses applying for loans or the public.
What to do: The information was taken down within one day of this mishap being discovered. While the information wasn’t exposed to malicious actors or the public, it’s still a smart idea to keep an eye on your loan status and financial accounts if you applied. Bank of America is also offering clients affected a free two-year membership in Experian’s identity theft protection program.
COVID-19 THEMED MALWARE DISGUISED WITHIN EXCEL SPREADSHEETS
Image via Microsoft Security Intelligence
Microsoft has warned about a few similar malware campaigns trying to bank on the COVID-19 panic. These attacks come as emails – some claim to be from John Hopkins University, others offer information about COVID testing and services. The attached Excel documents in these emails contain malicious code that will install a remote access tool onto your computer when opened.
The remote access tool, NetSupport Manager, is a legitimate and safe piece of software that is, unfortunately, being used for nefarious purposes. The attackers will be able to use it to take control of infected machines and access their programs and data and plant additional malware.
What to do: Avoid opening random emails you aren’t expecting, and never open attachments unless you’re 100% sure they’re legitimate. Many malicious campaigns use email attachments to distribute malware and viruses. If you have been a victim of this campaign, we recommend running an antivirus/malware scan on your PC, and if you’d like to be extra safe take your computer to a repair center to perform a deep scan and virus removal.
MEAL DELIVERY SERVICE HOME CHEF DATA BREACH
Home Chef customer names, email addresses, phone numbers, scrambled passwords, and the last four digits of payment methods were taken in this breach. It was discovered after a seller listed the database of information online on a dark web marketplace.
What to do: Home Chef stated that not all customers were affected and that it would notify those who were. Either way, it’s smart to change your login information for the website and keep an eye on your financial accounts. Criminals may purchase information like this to combine with other breached records and open accounts in your name or try and scam you by knowing your personal information.
If you need some extra help identifying or protecting against any of these or other cybersecurity threats, let us know!
