The Curation 403 series will be an issue in my newsletter where I try to curate interesting articles, blog posts, podcasts, and videos on different topics, that could help inform and educate people on being internet aware. While not every post in this series, would necessarily be the most recent resource, they would nevertheless, be pertinent and applicable to your day-to-day internet life.
1) Magecart (Darknet Diaries)
Credit/debit card skimming is a problem that is not going to die soon. In fact, it is an ever persisting issue, with isolated ATMs (without proper security) having these covert skimmers attached to them, reading and recording your credit/debit card data. Well, if this was not enough, we have web skimming problems too. Snippets of code added by malicious actors on innocent e-commerce websites may be stealing your credit/debit card data.
Hackers have noticed how effective it is (credit/debit card skimming) and have began skimming credit cards from websites.
- Darknet Diaries
2) When in Doubt: Hang Up, Look Up, & Call Back (KrebsonSecurity)
If you think you are “tech-savvy” enough, to not fall for fraud phone calls trying to scam you out of your money in your bank, think again. This article narrates how a “Security Professional” was conned, a real-life example of “voice phishing” or “vishing”.
Here’s how one security and tech-savvy reader got taken for more than $10,000 in an elaborate, weeks-long ruse.
3) Email Strategies (Intel Techniques)
While there is always “press” for password safety, email strategies for privacy and security is under-estimated and very often neglected.
I am not comfortable with my email being public information. The content of your email account is really important to protect. If you are primarily using one email provider, its probably the reset mechanism for your amazon account, netflix account, your bank account…and protecting it becomes really really important!
- Intel Techniques, Privacy and Security Podcast
Listen to this podcast, anchored/hosted by Michael Bazzell, on his recommendations for Email strategies for Privacy & Security.
4) Corona virus scams
There is always a flurry of scams and fraudulent activities during times of crisis. The COVID-19 pandemic has been no exception. With rising anxiety, stress, unemployment and uncertainty, both the corporate sector and individuals alike, have been the brunt of cyber attacks and online scams.
Threat actors are flooding cyberspace with emailed promises of health tips, protective diets, and, most dangerously, cures. Attached to threat actors’ emails are a variety of fraudulent e-books, informational packets, and missed invoices that hide a series of keyloggers, ransomware, and data stealers.
While this article was published in 2018, it nevertheless provides immense value in explaining the nuances of how and why it is easier to be phished/conned via your mobile device.
In a report published in 2011, IBM revealed that mobile users are three times more likely to fall for phishing scams compared to desktop users. While many users are quite familiar with what phishing looks like on the desktop, these same users are not as familiar with smishing or vishing—and other types of phish one might encounter on the mobile—as they are with email phishing.