Lots of phishing going on: Stop, think, click - Jewish Community Relations Council

How do you stop phishers? Look for these clues. Click to enlarge.

OK, you’ve heard it over and over…don’t click on unknown links. Well, people, even smart people, don’t listen. You get an email from someone that you know, click on what is said to be a “secure” link and your adventure begins.

googledocs - Secure Login — Here’s the bait. It looks official. People click and type in their password, giving their email account and contacts to hackers.

Now the phisher has you lured in. You’re asked to sign in. A nasty bot takes control of your computer, steals your contact list and sends everyone on your list an invitation to become infected.

Recommendations:

- Look at the illustration at the top of this email. Be aware.
- Do not follow unsolicited web links in email messages or submit any email account or password information to unknown webpages in links.
- Use caution when opening email attachments. Refer to Using Caution with Email Attachments for more information on safely handling email attachments.
- Maintain up-to-date anti-virus software.
- Perform regular backups of all systems to limit the impact of data and/or system loss.
- Apply changes to your Intrusion Detection/Prevention Systems and Firewalls to detect any known malicious activity.
- Secure open-share drives by only allowing connections from authorized users.
- Keep your operating system and software up-to-date with the latest patches.
- Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
- Refer to the Security Tip Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.

US-CERT and DHS encourage users and administrators experiencing a ransomware infection NOT to respond to extortion attempts by attempting payment and instead to report the incident to the FBI at the Internet Crime Complaint Center (IC3).

Here are some free resources to see if your computer is infected (from STOP. THINK. CONNECT.™ the global cybersecurity awareness campaign to help all digital citizens stay safer and more secure online. – See more at: http://www.stopthinkconnect.org/)

AOL Computer Checkup
Audit My PC
Bitdefender
Kaspersky Virus Scanner
McAfee Security Scan
Microsoft Safety Scanner
nCircle Pure Cloud Vulnerability Scanner
Neustar SiteProtect
Norton Security Scan
Panda Security Antivirus Scan
Qualys Browser Check
QualysGuard Malware Protection
Secunia Personal Software Inspector (PSI)
Sophos Free Security Tools
Symantec Security Scan
Trend Micro HouseCall Virus Scan
Webroot Secure Anywhere Antivirus

For more tips about cybersecurity, check out the following non-technical publications:

General Cyber Tips
Stop.Think.Connect. Toolkit
Mobile Safety Tips
FCC’s Smartphone Security Checker
Tips for Undergraduates entering the workforce
Information on Cyber Careers
Cybersecurity 101
Law Enforcement Resources
Information on Critical Infrastructure