Recently, the Federal Bureau of Investigation (FBI) has warned banks of a serious hacking threat that could result in millions of dollars being taken from ATMs. The hackers hack into the banks, obtain consumers' ATM card and PIN information, then create cloned ATM cards and conduct an "ATM cash-out" around the globe.
Ultimately, the banks are responsible, but the impact to consumers is real, as the money will come from their account which can cause checks to bounce and money not to be available for individual needs.
Here are a few steps you can take:
- Go to your bank and see if they have posted any information about this potential risk.
- Sign up for fraud alerts on your ATM and credit cards.
- Monitor your accounts closely for unauthorized activity.
- If you see and suspicious activity, contact your bank immediately.
- Change your passwords and if possible change your ATM PIN number.
8/15/2018 9:27 AM|
You may have noticed in the news, or perhaps even in your own inbox, that a "sextortion" scam is picking up traction. This scam is not a new one, but it is adapting and starting to target victims of recent security breaches that have occurred off-campus. If you see the scam in your Auburn email account, then the data came from a site where you registered with that address. Some recent breaches of note have been Facebook, Reddit, LinkedIn, Target, and Equifax, but we do not know where this data originated.
The exact wording may vary, but you can recognize this scam because the subject line and introduction will most likely contain a legitimate password that you may or may not still be using. The body of the email typically claims that someone has hacked your webcam and recorded videos of you while watching pornography. In exchange for deleting the video, the sender asks for a bitcoin transfer or some other form of payment.
So what does this mean for you? Here are some Dos & Don'ts for handling email scams like this one:
- Change any account that still uses the password.
- Send the original email as an attachment to firstname.lastname@example.org before deleting it.
- Plan to change your passwords frequently; Auburn Policy requires changing them every 6 months.
- Click on any link in the email.
- Send any bitcoin, gift card, money transfer, etc.
- Use the same password across multiple accounts.
If you have any questions, please contact your IT service provider, contact the IT Service Desk at 844-4944 or email@example.com, or send an email to our information security team at firstname.lastname@example.org.
8/7/2018 1:14 PM|
Everyone on campus has something that's protected by a password. Bank account, email inbox, social media profile – or most likely, a combination of these and many more! Setting a password is a good step, but are you really doing all you can to keep your information and identity safe? To be able to answer 'yes' to that question, you should answer 'no' to all of these:
- Do you have anything that still uses a default password?
- Do you use the same password for multiple accounts?
- Does your password include your name, your pet's name, your birthday, your anniversary, or any other publicly known information?
- Is your password all lowercase or all uppercase?
- Is your password a word that's in the dictionary?
- Do you have your passwords written on post-it notes or in other various locations?
- Does your password hint contain the actual password?
- Have you opted out of two-factor authentication?
- Do you save your passwords in your browser?
If you answered yes to any of these questions, consider looking into changing that practice to help secure your data. Use as many mixed characters as possible, enable two-factor when it's available, use nonsense words or patterns that only make sense to you, and look into a password vault to help you keep everything organized. There's no such thing as 100% secure, but these steps will certainly help you get closer!
3/28/2018 1:12 PM|