The cybersecurity news for this week starts off with the question, do you have a LinkedIn account? If so, please be aware that there are active spear-phishing campaigns posing as job offers that contain malicious attachments. Most of the targets are out-of-work professionals, so let any out-of-work friends know about this. The purpose of the attack appears to be for building lists of compromised machines that can be resold for later use.
Other cybersecurity news, Facebook data belonging to over 530,000,000 users has been leaked online and has now been released for free. Information includes names, phone numbers, birthdays, email addresses, and other identifiers. This appears to be data stolen in a 2019 breach, though much of the data is still accurate.
This data can be used for social engineering attacks, or SIM -swap campaigns which allow intercepting your text messages and phone calls. This is a good time to lock your credit reporting services if you have not already done so, and if you have identity monitoring make sure you have alerts setup upon use of your personal information.
Always be careful about what you post and share on social media platforms. This is a good time to review your security settings on these platforms. Additionally you should never participate in the posts for sharing things like your pets name, favorite color, favorite song, where you went to school, etc. Many times those lists will line up with password reset questions found online allowing anyone paying attention to be able to reset your passwords.
-Daniel Weatherly
Director of Security Services
Mainstream Technologies Inc
501-801-6706