Author: Leila Sharma

Scammers are Targeting Teleworking Employees with Fraudulent Termination and VTC Phishing Messages

Leila Sharma

Scammers are using the COVID-19 pandemic to target teleworking employees with phishing termination emails and VTC (virtual teleconference) invitations. These messages cite COVID-19 as the reason for termination, and attempt to trick victims into clicking on embedded malicious links that purportedly provide more information on online conferences related to their termination or information on their […]

Zero-click Vulnerability in Samsung Phones; Update Now

Leila Sharma

A critical vulnerability has been discovered in Samsung mobile phones, which requires no user interaction, and impacts Samsung mobile phones running Android version 4.4.4 or later (which is in phones sold from 2014 onward). This vulnerability has been patched and users are advised to update now. If exploited, this vulnerability could allow a malicious actor […]

Protecting Yourself from COVID-19 Related Scams

Leila Sharma

There are currently numerous reports of targeted phishing attempts, a/k/a  spear phishing, which seek to exploit anxieties around the COVID-19 outbreak. Phishing may take place over email, phone calls, SMS text messages, social media updates, and web pop-ups. Scammers will likely use familiar/expected language and branding to make their messages appear legitimate. These phishing messages […]

COVID-19 Scams Update

Leila Sharma

Please be advised that scammers seeking to steal your sensitive information or your stimulus relief may pose as Treasury, IRS or CDC officials and may request confirmation of your personal identifying information (PII) in connection with an update or the receipt of your benefits. These communications are commonly delivered via phone calls (robocalls and person […]

Cybersecurity Resources for Online Safety & Security

Leila Sharma

SANS has created the following free resources designed to help you in your remote work life and to help families with creating a safe and secure online experience and learning environment for their kids. For Individuals: Top 5 Steps to Securely Work From Home For Parents:  Secure Your Home and Your Family (videos) SANS Webcast, […]

COVID-19 Phishing Attempt Targeting NYU Students

Leila Sharma

Please be advised of the following phishing message sent out by someone purporting to be an NYU alumni:   From: Sales Manager <n95nyc@gmail.com> Date: Mon, Mar 16, 2020, 12:43 PM Subject: Re: N95 Masks (Boxes: $250 | Pairs: $30) To: Attached is the FDA approval. Sorry it did not go through! On Mon, Mar 16, […]

Phishing Email to NYU Global Students

Leila Sharma

NYU students enrolled in Global Programs have reported receiving phishing emails from “NYU Global Programs NYU” when it is actually an imposter Gmail address external to NYU. If you have received a phish similar to the sample below, do not reply to the message.  Although the phishing email may appear to be signed by people […]

Attacks on WordPress Sites via Vulnerable Plug-ins

Leila Sharma

Administrators or site owners are advised to update the following WordPress plug-ins to the latest versions as all associated vulnerabilities are under active exploit and could provide scammers with the ability to hijack sites:  Duplicator Profile Builder Plug-In  Themegrill Demo Plug-In  Flexible Checkout Fields for WooCommerce Async, JavaScript 10Web Map Builder for Google Maps Modern […]

Coronavirus (COVID-19) Scams Alert

Leila Sharma

Please exercise caution with any communications you receive regarding Coronavirus (COVID- 19). Scammers commonly use widespread health alerts and natural disasters as opportunities to trick victims into revealing sensitive information or making “charitable” contributions. These scams may occur via email, phone calls, social media updates, text messages, web pop-ups or by in-person contact.  With respect […]

Dell SupportAssist Bug Fix

Leila Sharma

Dell recently released a software update that fixes a privilege elevation vulnerability in SupportAssist 2.0. SupportAssist is software that is preinstalled on most of its Windows endpoints. SupportAssist performs diagnostics and streamlines the creation of support tickets by reporting data back to Dell. This vulnerability, could lead to arbitrary code execution, so Dell users, who […]