Tag: New Jersey Cybersecurity and Communications Integration Cell

Posted on

We Have All Seen Them: Social Media Scam Uses Lost Animals and People to Target Users

191636540 3904682609610183 2406704683885432436 n

the staff of the Ridgewood blog

Upper Saddle River NJ, it is common to see social media posts claiming someone’s lost pet or family member was found, with the intent to reunite them with their family. Users frequently share these posts in hopes of assisting others. Scammers are using these same lures to circulate what starts as an innocuous post. Once the post is shared with a sizable audience, the scammer changes the original link to direct users to a malicious or fraudulent website. In at least one case, the malicious URL led users to a fraudulent advertisement for a rental property. These schemes are referred to as “bait and switch” posts and are often successful as they tug on the heartstrings of social media users with good intentions of supporting efforts to reunite loved ones. Users who share these posts are often unaware that they have been subsequently altered and are unknowingly putting their friends and family at risk of visiting a fraudulent or malicious website and divulging sensitive information.

Continue reading We Have All Seen Them: Social Media Scam Uses Lost Animals and People to Target Users

Posted on

The New Jersey Office of Homeland Security and Preparedness Cautions, ‘Tis the Season to Stay Alert

All Clear at Ridgewood Train Station

file photo by Boyd Loving

the staff of the Ridgewood blog

Ridgewood NJ, the New Jersey Office of Homeland Security and Preparedness and its cybersecurity division, the New Jersey Cybersecurity and Communications Integration Cell, are cautioning the public to stay alert for signs of physical and cyber threats targeting individuals, organizations and businesses across the state during the upcoming holiday season.

Continue reading The New Jersey Office of Homeland Security and Preparedness Cautions, ‘Tis the Season to Stay Alert

Posted on

Ransomware attacks continue to plague the education sector across the United States

external content.duckduckgo 2

the staff of the Ridgewood blog

Tenafly NJ, Ransomware attacks continue to plague the education sector across the United States, including in New Jersey. Tenafly Public Schools were hit with a ransomware attack that crippled the district’s computer system. Final exams have been canceled for all of the district’s high school students as the Bergen County school district tries to get its system back online with the help of cybersecurity consultants.

Continue reading Ransomware attacks continue to plague the education sector across the United States

Posted on

Concerns Grow Over Phishing Campaigns launched from Compromised Email Accounts in Education Sector

external content.duckduckgo 37 scaled

the staff of the Ridgewood blog

Ridgewood NJ, so far we have not heard about this from any of our local school districts , including Ridgewood but its something to keep an eye on . The New Jersey Cybersecurity and Communications Integration Cell (NJCCIC) continues to observe efforts by cyber threat actors to compromise email accounts in the education sector in order to launch phishing campaigns with the intent to steal sensitive information, compromise account credentials, or conduct subsequent cyber operations against others in the education sector.

Continue reading Concerns Grow Over Phishing Campaigns launched from Compromised Email Accounts in Education Sector

Posted on

UPDATE : The Surveillance State: The Nefarious Use of Bluetooth Tracking Devices

bluetoothtracker 2048px 3233 2x1 1

Image Source: New York Times

the staff of the Ridgewood blog

Ridgewood NJ, a swimsuit model says she was stalked by a stranger who slipped an Apple AirTag tracker into her coat pocket before following her for five hours.

Brooks Nader, 26, claims the disturbing incident occurred Wednesday night while she was out in New York City, and she only realized it when her iPhone alerted her to the fact that an “unknown accessory” was moving with her.

it is inevitable that items—such as keys, wallets, purses, and bags—may be lost or misplaced. To help prevent this, users can attach tracking devices to everyday items and connect them to a smart device via Bluetooth. Then, if items are lost or misplaced, users can use an app to search for them and determine their location with impressive accuracy. If the tracking devices are within Bluetooth range, the app can easily trigger an audible alert to help locate them. If the tracking devices are not within range, the app leverages nearby smart devices to transmit their location and send alert notifications to the owner and/or finder. There are multiple Bluetooth tracking devices to choose from, such as Apple AirTags and Tile tracker tags. Although their use can be a positive, legitimate, and convenient way to keep track of items, tracking devices have the potential for intentional misuse and abuse. We explore how perpetrators may use these tracking devices for nefarious purposes—committing malicious cyber activity, impacting personal safety, and enabling auto theft.

Continue reading UPDATE : The Surveillance State: The Nefarious Use of Bluetooth Tracking Devices

Posted on

Be Safe Online Shopping this Holiday Season

external content.duckduckgo 15 scaled

the staff of the Ridgewood blog

Ridgewood NJ, according to the New Jersey Cybersecurity and Communications Integration Cell , Cyber Monday 2020 set a record for e-commerce spending in one day, totaling $10.8 billion. With the pandemic raging on, many customers took to online stores to do their holiday shopping. While NJ COVID-19 cases have declined in recent weeks and vaccinations continue, we can still expect many customers to choose to conduct their shopping online and potentially start shopping earlier than usual given concerns for supply chain issues and shipping delays. Adobe predicts that online shopping spending will total over $200 billion for the first time ever by the end of the holiday season. Given the volume of e-commerce shopping, cybercriminals will continue their efforts to target online shoppers and marketplaces for financial gain. Therefore, it is vital to maintain awareness of the many cyber threats posed by these individuals and groups. Threat actors may target victims through a variety of methods, including compromised or spoofed websites, phishing emails, social media ads and messages, or unsecured Wi-Fi networks. Reviewing the following list of common attack vectors, along with tips and best practices, will help to combat the threats posed by cybercriminals this holiday season.

Continue reading Be Safe Online Shopping this Holiday Season

Posted on

Beware of Tax Season Cyber Scams

IRS Scam Warning Sign

New Jersey Cybersecurity and Communications Integration Cell

Ridgewood NJ, During tax season, threat actors target taxpayers and their data in order to file fraudulent tax returns, collect refunds, and engage in other identity theft schemes. Threat actors seek out tax information, including W-2 information and personally identifiable information (PII) – such as Social Security numbers (SSNs), dates of birth, bank account or credit card numbers, and drivers’ license numbers. They heavily rely on social engineering tactics conducted through email, phone, and text messages. These social engineering scams attempt to appear or sound convincing and authentic in order to trick recipients into disclosing sensitive information or credentials for online accounts. If they can steal a target’s data and identity, they can also steal their tax refund. We share some common tax scams and recommendations to help protect your identity, data, and tax refunds.

Continue reading Beware of Tax Season Cyber Scams

Posted on

Cyber Threats Continue to Capitalize on Global Interest Surrounding the COVID-virus to Target Users

external content.duckduckgo 6

the staff of the Ridgewood blog

Ridgewood NJ, according to the New Jersey Cybersecurity and Communications Integration Cell,  throughout the COVID-19 pandemic, cyber threat actors have capitalized on global interest surrounding the virus to target users. Early in 2020, thousands of website domains related to COVID-19 were registered, and many of these websites were subsequently used to host malware and for other fraudulent activity. Phishing emails using COVID-19 lures have also been sent to users in an attempt to convince the recipient to divulge sensitive or financial information, or open malicious links or attachments. These same tactics continue to be employed, now with COVID-19 vaccine themes and lures. COVID-19 vaccine-themed phishing emails may include subject lines that make reference to vaccine registration, information about vaccine coverage, locations to receive the vaccine, ways to reserve a vaccine, and vaccine requirements. Links and attachments included in various phishing campaigns may employ brand spoofing and impersonate well-known and trusted entities, such as government agencies, healthcare providers, or pharmaceutical companies.

Continue reading Cyber Threats Continue to Capitalize on Global Interest Surrounding the COVID-virus to Target Users

Posted on

New Jersey Department of Homeland Security Says best to Pay Cash At the Pump

gas station new jersey1

the staff of the Ridgewood blog

Ridgewod NJ, the New Jersey Department of Homeland Security has issued a new warning about the safety and security of gas station card readers that could change the way gas stations in the state deal with fraud and stolen card information.

Continue reading New Jersey Department of Homeland Security Says best to Pay Cash At the Pump

Posted on

Instagram Phishing Scam

instagram e commerce integration1

Phishers are casting lines—Don’t take the bait!

Ridgewood NJ, Over the last several months, we’ve received reports that some people have been receiving somewhat alarming emails claiming to represent Instagram. By somewhat alarming, we mean these emails indicated that the person’s account made copyright violations, which would result in its permanent deletion in 12 or 24 hours. As it turns out, these emails were most certainly not from Instagram. No, they were phishing attempts.

According to the New Jersey Cybersecurity and Communications Integration Cell (NJCCIC pronounced NJ Kick), “phishing” is a form of social engineering in which a threat actor attempts to trick victims into visiting a malicious site and disclosing sensitive information such as account login credentials, financial information, personally identifiable information, or opening a malicious attachment that installs malware onto their system. Phishing attacks can be conducted through email, social media platforms such as Facebook and Twitter, SMS text messages, or over the phone.

Now, there are all types of phishing strategies, which sport clever monikers such as spear-phishing, whaling, smishing, vishing, etc. that target different victims from banks, businesses and individuals to law enforcement agencies.

What you need to know is that you should never click on links or open attachments delivered with unexpected and unsolicited emails, social media messages or text messages. If something doesn’t seem right, it probably isn’t. Forward any suspicious emails to the company or person it’s claiming to be from in order to verify its authenticity or simply delete the message if you are certain it’s bogus. The addresses used in the fraudulent emails were clearly not from Instagram, but at a glance, some can were deceiving.

If you would like more in-depth information about phishing, we strongly recommend you check out New Jersey Cybersecurity and Communications Integration Cell