The Intrinium Review, March 2021

The Intrinium Review, March 2021
March has carried us into spring here in the Inland Northwest. While the flowers may be blooming and the birds returning – there are still hidden threats online that take no notice of the sunshine.

The DOJ has reported hackers using fake COVID surveys to gain information.

The Ubiquiti hack may be much worse than initially reported.

A North Korean hacking group is targeting Google and its information by posing as an offensive security firm.

Beating COVID – Losing Information

The US Department of Justice warns of phishing attacks using fake post-vaccine surveys to steal money from people or tricking them into handing over their personal information. Attackers promise potential victims cash or prizes for filling out fake surveys. Instead, they only harvest the filled-out personally identifiable information to fuel fraud schemes involving identity theft.

According to the DOJ – “Victims also are exposing their personally identifiable information (PII) to scammers, thereby increasing the probability of identity theft.”

The DOJ Office of Public Affairs recommends avoiding clicking on links received via text messages or emails claiming to be a vaccine survey if they come from unknown and unverified sources.

Ubiquiti Hack – Larger Than Known.

Ubiquiti suffered a data breach in January of this year that was reported right away. However, recent claims note that that data breach report may have been covering up an even larger incident that put customer data devices deployed across both corporate and home networks at risk. The company originally encouraged customers to change their login and password, but we now know that they cannot guarantee that user details were not exposed in the hack.

Google Research in Danger.

A North Korean hacking collective known to have targeted Google security researchers has recently been discovered to have created a fake security firm. Per Google’s Threat Analysis Group (TAG), North Korean hackers had created a slue of fake profiles on social media platforms. These would then reach out to Google asking for collaboration on cybersecurity research. If accepted, malicious code would be sent to the target.

Google commented: “In order to build credibility and connect with security researchers, the actors established a research blog and multiple Twitter profiles to interact with potential targets. They’ve used these Twitter profiles for posting links to their blog, posting videos of their claimed exploits, and for amplifying and retweeting posts from other accounts that they control.”

These high-level attacks may have you worried about your own security, and questioning the best route to take to keep yourself and your information safe.

Intrinium is here to help.

Please reach out to us here with any concerns about your network or security. Our team operates 365 days a year to ensure your cybersecurity is solved!

To keep you up to date on some of the latest cybersecurity news, we’ve linked some of our recent blogs for you below. You can also follow us on Facebook, LinkedIn and Twitter.

Pin It on Pinterest

Share This