E-Mail Safety Tips

Posted by John Shannon | Uncategorized

Tips for avoiding E-Mail viruses:

1. Unless you’ve sent yourself an e-mail, delete any messages that list you as the sender and recipient. There is nothing ever useful or good in these e-mails. It’s either SPAM or possibly a Trojan Horse Malware.

2. Never click on a hyperlink in an e-mail. Manually go to the website in question. If it is for tracking purposes such as UPS, Fedex, etc., copy the tracking number and paste the it into the appropriate section of the shipper’s website.

3. Don’t open attachments unless you are expecting them, know the sender, and that they were sending an e-mail with an attachment to you. If you weren’t expecting a message with an attachment from them, it is a good idea to reply to them asking if they sent you the message with attachment prior to opening it (verify their e-mail address in the To field prior to sending a reply as an e-mail address can be spoofed in the original message, the actual sender will show up in the reply message). Wait for their answer before you open any attachments.

4. We strongly recommend that fiscal transfers NOT be processed by e-mail. If it is a necessity for your organization to do so, come up with a safe word that changes from time to time included in the e-mail so you know it is from whom it is supposed to be. If you hit reply on such a message, you’ll notice that it will be that of the person trying to scam you.

5. Banks won’t typically send you e-mail asking you to update your information. If you do get such an e-mail, go to the banks website manually (See rule #2) and try logging in. If they want information, they’ll ask for it then. Make sure you use the correct URL and look for the Secure Socket Layer Lock!

6. Don’t reply to SPAM. You’ll just verify you’re an actual person and it will likely increase the amount you receive.

7. Don’t unsubscribe from SPAM e-mail that aren’t from legitimate sources (stores, etc.), this is also a tactic to verify there is a real person at the other end of an e-mail address.

Be Vigilant. Look at any messages with attachments or hyperlinks as suspicious. Use E-Mail Safely!

Zoom Bombing

Posted by John Shannon | Uncategorized

Some of you may have heard about Zoom Bombing. Where bad actors have been taking advantage of the platform and hijacking meetings. These disruptions have ranged from shouting profanities at the participants, to screen sharing pornography to the group.

In order to prohibit this here are some suggested recommendations:

• Do not make meetings or classrooms public. In Zoom, there are two options to make a meeting private: require a meeting password or use the waiting room feature and control the admittance of guests.

• Do not share a link to a teleconference or classroom on an unrestricted publicly available social media post. Provide the link directly to specific people.

• Manage screensharing options. In Zoom, change screensharing to “Host Only.”

• Ensure users are using the updated version of remote access/meeting applications. In January 2020, Zoom updated their software. In their security update, the teleconference software provider added passwords by default for meetings and disabled the ability to randomly scan for meetings to join.

The FBI Warns Against Data Breach Extortion
The number of data breaches keeps going up. Last week it was more than a 1,000 Wendy’s where credit card records got ripped off. Fraudsters quickly use the news release of a high-profile data breach to kick an extortion campaign into gear.

The public at large suffers from data breach fatigue and does not really care that much anymore, despite the two risks that can cause victims a lot of hassle and lost time, both for private and sometimes corporate credit cards:

  • Fresh credit card data can be used for illegal purchases for good that can be sold on the black market and turned into cash.
  • Enough personal information could be stolen to allow the bad guys identity theft, which can cause significant trouble and years to correct these records.

The FBI warned that internet lowlifes are exploiting these data breaches by threatening to expose the victim’s personal information to their employer, friends and family using social media unless the targeted person agrees to pay a ransom in Bitcoin. The recipients are typically given a short deadline. The ransom amount ranges from 2 to 5 bitcoins or approximately 250 to 1,200 dollars.

Lists of “fraud suckers” get sold online, and employees that fall for these attacks are going to be a future risk for themselves, their personal- and work environments as they can be blackmailed by other internet criminals. The FBI released some examples of extortion emails:

“Unfortunately your data was leaked in a recent corporate hack and I now have your information. I have also used your user profile to find your social media accounts. Using this I can now message all of your friends and family members.”

“If you would like to prevent me from sharing this information with your friends and family members (and perhaps even your employers too) then you need to send the specified bitcoin payment to the following address.”

“If you think this amount is too high, consider how expensive a divorce lawyer is. If you are already divorced then I suggest you think about how this information may impact any ongoing court proceedings. If you are no longer in a committed relationship then think about how this information may affect your social standing amongst family and friends.”

“We have access to your Facebook page as well. If you would like to prevent me from sharing this dirt with all of your friends, family members, and spouse, then you need to send exactly 5 bitcoins to the following address.”

“We have some bad news and good news for you. First, the bad news, we have prepared a letter to be mailed to the following address that details all of your activities including your profile information, your login activity, and credit card transactions. Now for the good news, You can easily stop this letter from being mailed by sending 2 bitcoins to the following address.”

As part of your ongoing security awareness campaign, I suggest you send the following to your employees, friends and family. You’re welcome to copy/paste/edit:

“Internet Criminals are using fresh news of big data breaches (like Wendy’s last week) to send people threatening emails. These emails claim the criminals have confidential information about you that they will send to your employer, friends and family using social media. They threaten with possible divorce, court proceedings, losing your job, or worse.

If you get emails like this, delete them immediately. Do not click on any links in the email, do not open attachments that claim to show your confidential information, do not reply to them, and definitely do not send any money in any form, whether they want checks, wire transfers or payment in a new e-currency like Bitcoin.”

The FBI published some very helpful tips to protect yourself online:

  • Do not open e-mail or attachments from unknown individuals.
  • Monitor your bank account statements regularly, as well and as your credit report at least once a year for any fraudulent activity.
  • Do not communicate with the cyber criminals.
  • Do not store sensitive or embarrassing photos of yourself online or on your mobile devices.
  • Use strong passwords and do not use the same password for multiple websites.
  • Never provide personal information of any sort via e-mail. Be aware, many e-mails requesting your personal information appear to be legitimate.
  • Ensure security settings for social media accounts are turned on and set at the highest level of protection.
  • When providing personally identifiable information, credit card information, or other sensitive information to a website, ensure the transmission is secure by verifying the URL prefix includes https, or the status bar displays a “lock” icon.

Now, if an employee replies that they have been a victim of this scam, tell them to reach out to their local FBI field office, and file a complaint with the IC3 at www.ic3.gov. Tell them to include the keyword “Extortion E-mail Scheme” in their complaint, and provide any relevant information including the extortion e-mail with header information and Bitcoin address if available. It’s also a very good idea to get HR involved to help the employee cope with this new type of extortion.

Please be aware of the new RansomWare Strain called “Santana” which is a blend between classic file encryption malware and the Petya strain which locks the Master Boot Record (MBR).


It looks like a Petya copycat, but for each encrypted file, Satana prepends their email address to each file like this: “email@domain.com_filename.extension”. Satana then encrypts the MBR and replaces it with its own. The first time when a user reboots their workstation, Satana’s MBR boot code will load and the only thing the machine will show is Satana’s ransom note in red on black.


This strain looks like a work-in-progress, as its developers are still adding “new features”.  Please be very careful as this is going to cause some damage when they start pumping it out.


As with most RansomWare infections, Santana is spread primarily by e-mail attachment but also by malicious or compromised websites.  Remind your employees to be wary of any e-mail with attachments (especially ZIP files which should be blocked by the SPAM appliance) and remember to be careful in what websites you and your employees visit!