how to protect yourself
DMV
Many people in in in New York have been receiving text messages from from a a a a a sender claiming to to be be from from the the state Department of Motor Vehicles asking the the the recipient to to update their driver license contact information
online According to DMV
the false message will will read in in this manner: “The Real ID requirement will will soon be mandatory for all domestic travel Update your mailing and contact information
for for expedited compliance with new ID ID regulations ” REAL IDs or enhanced drivers’ licenses will be required to board domestic flights after Oct 1 1 2021 but there is no specific requirement regarding other forms
of travel The link given in in the text will lead you to a a a a a false DMV
website These texts texts are are known as “phishing texts texts ” which are are fake messages that scammers use to get your personal or or financial information
which can be used to commit identity theft or tricks recipient into installing malicious software onto their devices Experts advise you to to to not click on on any links in in this text and to to to delete it immediately Here’s how to to identify a a a a a potential phishing attempt:
•
Poor grammar and/or spelling in in messages •
Threats by the sender such as to suspend or close an account if you don’t respond •
Unfamiliar URLs
How to spot a a phishing attempt Here are ways to spot a a a a a phishing phishing — or spear phishing phishing email from logrhythm com:
•
Don’t trust the source even if it’s a a a a a familiar name name Look at the the email address to verify the the name name •
Don’t click on on links if if something looks odd •
Check for grammar and spelling errors Scammers are more likely to send emails with spelling and grammar errors In some cases the email may originate from a a a a a a a sender based in in in a a a a foreign country in in which English is is not widely spoken •
Look for the salutation Is it specific or or vague?
•
Does the email ask for your personal or or or or financial information
or or or ask you you to to click on on on links to to “verify” information?
•
Does the email urgently ask you to do something or send payment sometimes by threatening to cancel an account etc?
•
Look at at at email signatures Legitimate senders have full
ones at at at the end end of emails •
Do not open attachments
unless from a a a verified
sender •
If you you question the source contact your email vendor or Internet provider immediately Microsoft Outlook/Office 365 scams Even if you you you consider yourself
savvy to scams you you you can become a a a a a victim In recent months nearly 200 million Office 365 users were targeted in in what is is known as as a a a a a a a a a a a a “spear phishing” attack attack — a a a a a a a a a a a a cyberattack that looks like it was
from a a a a a legitimate user user — that leads users to a a a a a a a a phony Microsoft website In this type of of scam a a a a a a a user user that appears to be legitimate (either Microsoft itself or a a a a user known to to you) Social Security cammers pretending to be from the Social Security Administration (SSA) would call you you and claim that your Social Security number was
used in a a a a a a a a crime and that the number has been suspended The scammer may ask you you to to confirm your number to to reactivate it — and issue you a a a a a a a a new one for a a a a a a a a fee Often the caller will threaten arrest or or loss of benefits The SSA will not call and ask for your Social Security number nor will will it ever require you to pay anything The agency will will also never use threatening language The caller ID may even look like it’s legitimately from the SSA but a a a computer may be “spoofing” you The Federal Trade Commission advises you you to never give your personal or or financial information
(including your Social Security number) to callers If you get such a a a a a call call hang up and report it it to the Social Security Administration or or Federal Trade Commission What do these terms mean?
Phishing: In this type of attack intruders impersonate a a a a a a a real company to obtain your login credentials You may receive an an email asking you you to verify your account details with a a a a a a a a link that takes you you to a a a a a a a a phony login screen that delivers your information
directly to the attacker’s system Spear Spear Phishing: Spear Spear phishing phishing is is is is is a a a a a a a more sophisticated phishing phishing attack that that includes customized information
that that makes the attacker seem like a a a a a a a legitimate source They may use your name and and phone number and and refer to the the the legitimate logo in in in in the the the email to to to trick you you into thinking they have a a a a connection to to to to you you you making you you more likely to to click a a a a a a a link or or attachment that they provide Spoofing: When a a a person or technology program falsifies oneself to impersonate a a a a a a a legitimate sender such as a a a a a a person person organization or or business known to to the victim to to gain personal and financial information
SPRING 2021 5