New Cybersecurity Threats and How to Protect Yourself: October 2018

New cybersecurity threats like phishing attacks, ransomware, and scams are always popping up. Stay up to date on the latest widespread threats and protection methods in our recurring series.

 

HEALTHCARE.GOV PORTAL BREACHED

healthcaregov_logo

A portal intended for agents and brokers to complete applications for healthcare coverage was breached and user data taken, announced October 19th. While no consumer data has been used maliciously that we know of yet, the personal information of about 75,000 people was accessed.

The Centers for Medicare and Medicaid Services who manage the portal stated in a press release that “the agent and broker accounts that were associated with the anomalous activity were deactivated, and – out of an abundance of caution – the Direct Enrollment pathway for agents and brokers was disabled”. The agency also notified the FBI.

What to do: There isn’t much to be done yet on the user end, unfortunately. The CMS is working to contain the breach and work with law enforcement. They will be notifying those affected, so keep an eye out and take advantage of credit monitoring services if needed.

 

APPLE PHISHING SCAMS

ddab5845-89e0-44c8-9aac-3abd5a718f83

There are two new scams making the rounds targeted at Apple users. One comes in the form of an email stating there was a recent purchase made associated with your Apple ID. The fake email asks you to open an attachment to cancel the purchase, which the attackers will use to steal your personal/financial information. At first glance the email seems genuine, but giveaways include spelling and grammar errors, a fake Apple sender address, it is generic in nature and doesn’t include your information, and it asks you to open an attachment.

The second scam is similar, claiming that you purchased a year of Spotify Premium. It includes a link to “review your subscription”, where you’re taken to a page with a fake Apple ID login area. Logging in on that page will send the hackers your information.

What to do: If you receive an email for something you know you did not purchase, think before you click on anything! These are common scams that hope to alarm you and keep you from using your good judgment. When in doubt, log into the service in question from the website itself, not through clicking a link in an email. Or call the company directly as they are usually aware of these scams.

 

CRYPTOJACKING MALWARE IN FAKE ADOBE FLASH UPDATE

Cryptojacking consists of using a computer’s processing power to mine for cryptocurrency such as bitcoin. In the form of malware, users are unaware this is happening and the funds are sent to the malware’s creator. This can cause issues with the victim’s computer and cause it to run poorly as their computer’s power is hijacked for this purpose.

This malware is installed on your computer under the guide of an Adobe Flash update. It’s extra sneaky as the malware will actually update your Flash while it installs the malware!

What to do: Beware of any website popups! If you get a notification that Adobe Flash, Java, or any software needs to be updated, we recommend downloading it from the manufacturer’s website directly. Better safe than sorry!

 

FORTNITE CHEATERS TARGETED WITH MALWARE

39943037982_cfc6bfd3c2_b

Fortnite is one of the most popular video games currently, and its popularity makes it a prime target for scammers.

Various scams are promising free in-game currency or cheats. Some take users in an endless loop of ads and surveys without ever delivering on their promises.

One scam led users to a fake cheat program that, once installed, bundled information about their browsing history, bitcoin wallets, and Steam sessions and sent it to a server in Russia.

Yet more scams promised to send cheats to users for $80 in bitcoin.

These are only the latest in a massive wave of malware and scams targeting Fortnite players.

What to do: Obviously, don’t try to cheat at Fortnite! Don’t believe anyone claiming to allow you to cheat or gain in-game rewards. Only purchase items for the game from its publisher and reputable sources. This game is especially popular with kids and teens – so parents warn your children about these scams and to always check with you before making a game purchase.

 

If you need some extra help identifying or protecting against any of these or other cybersecurity threats, let us know!

Take charge of 2025

IT is no longer a back-office function—it’s a driver of growth and innovation. By tackling this checklist, you can ensure your business is ready to thrive in the face of challenges and opportunities alike.

Ready to transform your IT strategy? Schedule a free consultation with Techvera today.

Techvera icon

Written by Team Techvera

l

October 23, 2018

You May Also Like…

IT Checklist: What Small Businesses Need To Prioritize in 2025

IT Checklist: What Small Businesses Need To Prioritize in 2025

Now is the perfect time to revisit your IT structure, processes, and strategy to ensure your small business operates at its fullest potential. From defending against evolving cyber threats to supporting hybrid teams and boosting productivity, a robust IT strategy is essential to staying ahead in today’s competitive market.

Here’s a refreshed IT checklist to set your business up for success in the year ahead.

Skip to content