Search
Close this search box.

Topics: Security

June 7, 2024

AI is revolutionizing the way scams are conducted, drastically reducing operational costs while simultaneously enhancing the believability of fraudulent calls. In the 12 months since the launch of ChatGPT, AI-aided identity fraud surged nearly 1,800%, and phishing emails surged by nearly 1,300%, with their quality being the best we've ever seen. Additionally, AI-operated news sites, often used to push out misinformation, disinformation, and propaganda, grew from 40 sites to nearly 600.

Things to Know:

  • Content Farms: These platforms pump out low-quality, clickbait articles to earn ad revenue. Initially, humans edited AI-drafted articles for quality, but now, AI can produce vast amounts of content with little to no oversight.
  • Advertising Concerns: Reputable brands might unknowingly advertise on these spammy sites, which can mistakenly lend these articles credibility.
  • Disinformation Risk: Without human checks, AI can spread false information. This ranges from accidental “AI hallucinations” (fabricated facts) to deliberate disinformation, like fake celebrity obituaries designed to increase site traffic.

Tips for Navigating Content Safely:

  • Critical Thinking: Always question the authenticity of online articles.
  • Recognize AI Signs: Be cautious of sites with generic names or an overload of ads. Look out for errors and placeholders (e.g., “[date]”) that suggest AI-generated content.
  • Take Breaks: Regularly step away from the digital avalanche to avoid content fatigue and maintain cybersecurity awareness.
June 7, 2024

CryptoChameleon is a phishing-as-a-service kit that makes it easier than ever for cybercriminals to create convincing phishing campaigns. Criminals often use it to impersonate reputable companies to steal passwords, account information, and other sensitive data.

 

A recent scam using CryptoChameleon targets LastPass, a popular password manager. Scammers pretend to be from LastPass, starting with seemingly authentic support calls. They later send follow-up emails with links to fake login pages, designed to look like legitimate LastPass sites. Once victims enter their master passwords on these fraudulent pages, scammers can access their password vaults and potentially lock them out of their accounts.

 

Reputable companies will never ask for your master passwords through phone calls, emails, or text messages. To protect yourself from these scams, remember to:

 

  • Hang up immediately if you receive a suspicious call claiming to be from LastPass or another reputable company.
  • Do not press any options in automated messages or clicking on links in emails from unfamiliar sources.
  • Report suspicious activity to the reputable company, including screenshots of suspect text messages and forwarded emails.
July 28, 2023

Password managers are a key resource in maintaining your security. They allow you to keep track of your passwords and encrypt them before they leave your device. Some password vaults can also generate and change passwords for you in one click, as well as securely store other types of data like credit card information. Password managers may remind you to change passwords regularly, evaluate their strength, or scan the dark web to check if any of your logins appeared online. A password manager also makes sharing your data with family and friends safer.

When using a password manager, you’ll only need to remember one master password. Combine it with multi-factor authentication (MFA)and biometric authentication to increase your security.

While they can increase your security exponentially, even reliable password managers can’t keep you 100% safe online. Following are a list of possible risks and ways to mitigate them:

  1. Not all devices are secure enough. Password managers can be hacked if your device is infected with malware. Users should invest in a trustworthy antivirus that will secure all devices first and reduce risks.
  2. Not using biometric authentication. NordPass, RoboForm, and Keeper all offer a biometric authentication option, such as requiring a fingerprint or face scan which offers another level of protection.
  3. Utilizing a Bad password manager. Not all password managers are created equal. Make sure the software you use does not lack the necessary security features to effectively protect your credentials at all times.
  4. Forgetting your master password. Select a password manager that has a reset feature or store your master password in some physically secure place. Be sure to enable account recovery options.
  5. Know what data is in your password manager. Be sure to know which accounts are stored in your password manager so in the case of a breach, you know which accounts to take action on, thus leaving the attacker with less time to cause more harm.

In a digital landscape where cyber threats are on the rise, using a password manager is a proactive measure that can overall protect your personal information and maintain robust online security. It simplifies the process of managing passwords, strengthens your defenses against unauthorized access, and provides peace of mind in an increasingly interconnected world. If you don't already, consider integrating a reputable password manager into your digital routine to enjoy the benefits of streamlined and fortified password security.

 

July 26, 2023

Scammers are pretending to be bank customer service representatives reaching out regarding fraud prevention. Their goal is to get you to reset your login credentials and gain access to your account.

How it works
  1. Scammers, posing as customer service representatives, will call and keep the victim on the phone for multiple hours to “resolve” a fraud issue.
  2. The scammer urges quick action to prevent alleged hackers from draining the victim’s account.
  3. The victim is asked for sensitive information like login credentials and verification answers.
  4. The scammer logs in to the victim’s account to initiate unauthorized payments, bypassing security restrictions via a direct call to the real Fraud Support, all while the true customer is on hold.
Quick Tips
  • Check your account activity frequently and monitor for suspicious transactions.
  • When asked for information that seems unusual, hang up and call the phone number on the back of your bank card or account statement.
  • Read text and email communications fully and pause before responding.
  • Remember that banks and credit card companies will never ask you for your password or your card/account number over the phone.

 

Get Started on Your Financial Life Plan Today

Do not fill out the form below if you are an existing client. Please contact your Advisor directly.