BTS HelpDesk: 503-823-5199
1120 SW 5th Avenue, Suite 1111, Portland, OR 97204
Welcome to our blog. Here we will let you know the latest happenings in the information security world.
If you see any of these malware strains on your enterprise networks, stop everything you're doing and audit all systems.
In this ZDNet article, the author describes various major malware families that are catastrophic to organizations. If these malware strains are found on our network, we need to clean quickly and scan the rest of the network for additional infections:
Microsoft's Director of Identity Services wrote an article urging customers to move away from phone (call or SMS) uses for Multifactor authentication.
On November 10th, 2020, Microsoft wrote an article outlining the dangers of using Phone-based Multi-Factor Authentication (MFA). They include both phone calls and SMS messages as dangerous due to the lack of security in the global phone system.
This is the latest in a series of changes recommending and now urging organizations like the City to move away from phone calls and text messages. The recommendation is to move to no-cost authentication applications like Microsoft Authenticator and Google Authenticator.
New Outlook Phishing Alert Button (PAB)
We are releasing a Phishing Alert Button (PAB) to both Outlook and the Office 365 web client. This feature will make it easier to report suspicious emails to BTS for review and take necessary action. Clicking on this button will report the suspicious email to BTS and delete the email from your mailbox. No further action is required from the user, like forwarding the email or opening a helpdesk ticket to report the suspicious email.
The below pictures show this feature option in different email clients.
Key Takeaways:
The button does not replace the reporting requirement if you click the link or open the suspicious email's attachment
Please be aware of fraud during this new normal. Fraudsters are looking for any way to trick us
The content below is directed at state agencies, however is relevant to City of Portland employees. Some of our co-workers, friends and colleagues are on unemployment. Some of our co-workers, friends and colleagues are in Washington State and may be affected.
Also, this is an example of how fraudsters will find ways to exploit any process where they can steal money or information. Are there City of Portland processes that could be similarly attacked? If you have a concern, please contact BTS Information Security so we can provide security expertise and tools.
The United States Secret Service has received reporting of a well-organized Nigerian fraud ring exploiting the COVID-19 crisis to commit large-scale fraud against state unemployment insurance programs. The primary state targeted so far is Washington, while there is also evidence of attacks in North Carolina, Massachusetts, Rhode Island, Oklahoma, Wyoming and Florida. It is extremely likely every state is vulnerable to this scheme and will be targeted if they have not been already.
In the state of Washington, individuals residing out-of-state are receiving multiple ACH deposits from the State of Washington Unemployment Benefit Program, all in different individuals’ names with no connection to the account holder. A substantial amount of the fraudulent benefits submitted have used PII from first responders, government personnel and school employees. It is assumed the fraud ring behind this possess a substantial PII database to submit the volume of applications observed thus far.
This fraud network is believed to consist of hundreds, if not thousands, of mules with potential losses in the hundreds of millions of dollars. The banks targeted have been at all levels including local banks, credit unions, and large national banks.