DarkFiber Consulting – IT Managed Services

In the past, DarkFiber Consulting has received reports of an increased number of phishing scams that take advantage of the United States tax season. Due to the upcoming tax deadline, DarkFiber Consulting would like to remind users to remain cautious when receiving unsolicited email that could be a potential phishing scam.

Phishing scams may appear as a tax refund, an offer to assist in filing for a refund, or contain details about fake e-file websites. These messages may appear to be from the IRS and directly ask users for personal information. These messages may also contain a link and instruct the user to follow the link to a website that requests personal information or contains malicious code.

DarkFiber Consulting encourages users to take the following measures to protect themselves from this type of phishing scam:

• Do not follow unsolicited web links in email messages.
• Maintain up-to-date antivirus software.
• Refer to the IRS website related to phishing, email, and bogus website scams for scam samples and reporting information.
• Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
• Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.

DarkFiber Consulting is aware of public reports of a fraudulent email scam circulating via messages that falsely appear to be from the U.S. Federal Reserve. These email messages contain information about a phishing scam and links for users to follow to obtain additional information about the scam. If a user follows the links, they will be redirected to a malicious website where a PDF exploit is used to install malicious code on the affected system.

DarkFiber Consulting encourages users to do the following to help mitigate the risks:

• Do not follow unsolicited links.
• Use caution when visiting untrusted websites.
• Install antivirus software and keep the virus signatures up to date.
• Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
• Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.

DarkFiber Consulting is aware of an increase in public reports of phishing scams related to recent bank acquisitions. Due to an increase in this activity, DarkFiber Consulting would like to remind users to remain cautious when receiving unsolicited email that could be a potential phishing scam.

Phishing scams may appear as requests for users to verify personal and bank account information, enroll in additional bank services, or activate new security features. The email messages may contain a link that, when clicked, will take the user to a fraudulent web site that appears to be a legitimate bank web site. The users may be asked to provide personal information or that can further expose them to future compromises. Additionally, these fraudulent web sites may contain malicious code.

Users are encouraged to take the following measures to protect themselves from phishing scams:

• Do not follow unsolicited web links received in email messages..
• Install anti-virus software, and keep its virus signature files up-to-date.
• Review the Recognizing and Avoiding Email Scams (pdf) document.
• Review the Avoiding Social Engineering and Phishing Attacks document.

Throughout the United States presidential election campaigns, DarkFiber Consulting has received reports of phishing scams and email attacks related to the upcoming election. DarkFiber Consulting reminds users to remain cautious when receiving unsolicited email messages that are related to the presidential election and presidential candidates because the messages may be part of a phishing scam.

DarkFiber Consulting encourages users to do the following to help mitigate the risks:

• Use caution when opening unsolicited email messages.
• Do not follow unsolicited web links found in email messages.
• Use caution when entering sensitive information online.
• Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
• Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.

In the past, DarkFiber Consulting has received reports of an increased number of phishing scams that take advantage of natural disasters. Due to the current situation involving Hurricane Gustav, DarkFiber Consulting would like to remind users to remain cautious when receiving unsolicited email that could be a potential phishing scam.

Phishing scams may appear as requests for donations from a charitable organization asking users to click on a link that will take them to a fraudulent website that appears to be a legitimate charity. The users are then asked to provide personal information that can further expose them to future compromises.

Users are encouraged to take the following measures to protect themselves from this type of phishing scam:

• Do not follow unsolicited web links received in email messages.
• Review the Federal Trade Commission’s Charity Checklist.
• Verify the legitimacy of the email by contacting the organization directly through a trusted contact number. Trusted contact information can be found on the Better Business Bureau National Charity Report Index.

For additional information regarding phishing, DarkFiber Consulting recommends reading the following documents:

• Recognizing and Avoiding Email Scams (pdf)
• Avoiding Social Engineering and Phishing Attacks

DarkFiber Consulting is aware of public reports of a phishing attack circulating via email messages that appear to be targeting Apple MobileMe users. These messages claim that there is a problem with the user’s billing information and instruct the user to follow a web link to update personal information. Clicking on this link directs the user to a web page that contains a seemingly legetimate web form requesting personal and financial information. Any information entered in this form is not sent to Apple but rather, to a malicious attacker.

DarkFiber Consulting encourages users to do the following to help mitigate the risks:

• Do not follow unsolicited web links in email messages.
• Use caution when entering sensitive information online.
• Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
• Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.