Insightful &
Helpful Articles

Here is what we're working on and
thinking at Hedgehog security.

Online Social engineering threats are commonplace these days and even the most experienced IT professionals fall victim to them. Online scams basically trick users into letting their computers become infected with viruses, or tricking them into revealing their personal information. Even though there?s no guaranteed way to protect yourself against online scams, half the battle is being aware of how they're used. Following are some of the most common online scams in addition to some tips on how to protect yourself from them.
RansomwareThis is online scam is a form of malicious software, a process that feels like it came right out of a high tech spy or science fiction movie. Ransomware involves cyber criminals remotely stealing an individual?s personal information via word documents, images, etc., using encryption to scramble up the information they stole. Next, they hold the information for ransom, hence the name, exchanging it for the remote key that is necessary to unlock the encryption. Payment for the key typically starts at a minimum of $500 and escalates from there. These cyber terrorists generally use sites like Bitcoin to handle the payment transactions because they can't be traced.
Social Media Company Group ScamsOnline con artists have been scanning through social sites like LinkedIn and Facebook, searching for employees of a selected company (or companies) and creating groups. The end goal of this online scam is to gather information that they can use to enter a company?s website and/or facility. Once the groups are set up, these scammers pose a series of seemingly innocent questions, start engaging discussions that make group members feel at ease. Eventually the scammers direct the discussions, causing member?s to leak small pieces of data, allowing cyber criminals to enter a company using a stolen identity and contacting employees in the group who are thought to have advanced access to the company's computer systems in the hopes of obtaining usernames and passwords.
Legitimate Looking Phishing EmailsPhishing emails, while at times looking amateurish due to poorly written content, are looking a lot more legitimate these days. Today's phishing scammers typically add an attention getting subject line in an effort to lure the recipient into opening it. Within the message (usually as alluring) of the email there's usually a link and when someone clicks on it a virus is instantly downloaded or from the site the link takes them to. In many cases, phishing emails are made to look like they're being sent by the company the end user works for, frequently going to workplace computers, tricking the employees receiving them.
There's no lack of believable scams that supposedly come from human resource departments, credit card companies and insurance companies today. Unfortunately, it only takes one mistake by a distracted employee to put a company's local network in jeopardy. In order to defend yourself and your business against phishing emails, it's important that you avoid divulging information based on an email you receive and to never click on a provided link.
Medical Record ScamsThese scams usually involve an employee receiving an email at work that looks like it?s from the healthcare company provided by the employer but can also be received on your home computer. The email can appear to be an announcement of an important change regarding your healthcare plan or being sent for another purpose. In addition, the email message might refer to something personal about you like the number of dependents you have, your income or marital status. These medical scams are sent out in such high numbers, using automated software, meaning that eventually the personal information has a good chance of matching that of some of the recipients. Then, when the recipient clicks the link in the email, damaging malware is released.
Funeral FraudulenceEven though you would think that the announcement as important as letting people know that someone has passed on would come in the form of a phone call or face to face interaction, more and more people are being scammed these days by fraudulent emails regarding a death. Keep this in mind of you receive an email from a funeral home conveying the news that someone close to you has passed away. If you fall for this scam and click the funeral home website link, you?ll end up with a virus being downloaded onto your computer. This is a particularly heinous online scam although they are nasty.
Bogus Windows Tech Support CallsThe broadly reported fraudulent tech support calls from Windows continue to deceive users. Basically, these online con artists call their victims and pretend to be employed by Microsoft, calling to investigate a malware infiltration. These scammers then attempt to convince end users to grant them remote access to their computer's desktop. Once they're in they act like they've discovered a critical case of malware invasion, usually by the installation of scrareware, malevolent computer programs intended to trick an end user into purchasing, then downloading, potentially dangerous software, like fraudulent protection. Once you've made the purchase, they continue to extort fees under the premise of resolving problems. You can avoid this issue by keeping in mind that Microsoft doesn't call people about potential malware problems.
It's remarkable how ingenious online scammers are today. Even so, you don't need to become a victim of their tricks if you avoid falling for their ruses.