FBI and Cybersecurity Agency issue urgent Thanksgiving warning after ransomware attacks on Independence & Mother’s Day

THE FBI and Cybersecurity Agency have issued an urgent Thanksgiving warning after "serious" ransomware attacks were launched on Independence Day and Mother’s Day.

The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI released an important message to Americans on Monday as many are preparing to travel for Thanksgiving.


The notice urges executives, leaders, and workers in any organization to take proactive measures to avoid being a victim of cyberattacks, including potential ransomware attacks.

According to the alert, no specific threats have been identified by the two agencies.

However, "recent 2021 trends show malicious cyber actors launching serious and impactful ransomware attacks during holidays and weekends, including Independence Day and Mother’s Day weekends."

Both agencies are urging "all entities — especially critical infrastructure partners — to examine their current cybersecurity posture and implement best practices and mitigations to manage the risk posed by cyber threats."

Organizations and individuals are advised to have IT security employees available to work when needed in the event of an incident or ransomware attack. 

Other ways to prevent attacks are by using "multi-factor authentication remote access and administrative accounts" and strong passwords.

Additionally, "remote desktop protocol (RDP)" should be secure and monitored and employees should understand it's dangerous to click on "suspicious links."

The actions urged by the CISA and the FBI should be done "immediately to protect against this threat."

The agencies conclude: "For a comprehensive overview, see the joint Cybersecurity Advisory Ransomware Awareness for Holidays and Weekends."

Meanwhile, Americans are being urged to avoid phishing schemes, look out for credit card skimming attacks, and research charities' authenticity before giving donations.

When shopping online, it's also important to double-check product prices and avoid "too good to be true" deals from unknown websites.

Black Friday, which occurs on the Friday after Thanksgiving annually, will take place on November 26, 2021, so online shoppers still have a few days to learn about scams to avoid.

PHISHING EMAILS & TEXTS

According to CNET, hackers will try to obtain personal information like credit card numbers, social security numbers, or account passwords by sending out emails and texts linking to non-legitimate websites.

Fake websites trick shoppers into thinking they are getting contacted by a company, ultimately leading them to provide their card information.

Shoppers may be fooled by emails showing an incorrect order, so it's important to look out for attacks like this that will likely appear to come from big retailers like Amazon, Best Buy, Target and Walmart.

It's best to be wary of emails requesting payment method updates or other personal information.

StaySafeOnline.org also suggests checking to see if web and email addresses look don't look genuine and if the emails are poorly written.

A suspicious attachment or emails that spark panic are all something to be cautious about.

CREDIT CARD SKIMMING

People are also being advised to beware of digital credit card skimming scams.

Tim Mackey, the principal security strategist for Synopsis, said: "There isn't an obvious way for the average person to be able to identify if or when a website has been compromised.

"The only potential tell-tale sign might be that the website itself doesn't quite look 'right.'"

CNET explained some of the ways Mackey suggests shoppers. protect themselves

He warns consumers not to save credit card info on retail sites, use third-party payment methods like Apple Pay, Google Wallet or PayPal, and allow for purchase alerts on all credit cards.

Mackey warns against making purchases on public Wi-Fi.

GOOGLE'S WARNING

Meanwhile, Google released a new report last month — which reviewed 80 million ransomware samples from 140 countries.

It listed the UK as one of the countries most affected by cybercriminal attacks that involve hackers threatening to release private information if money is not paid.

Google commissioned cybersecurity experts VirusTotal to conduct the report.

It states that: "Israel, South Korea, Vietnam, China, Singapore, India, Kazakhstan, Philippines, Iran and the UK are the 10 most affected territories based on the number of submissions to VirusTotal."

Ransomware activity was said to peak during the first two quarters of 2020.

Another peak happened in July 2021 and this has been attributed to the "Babuk ransomware gang."

We pay for your stories!

Do you have a story for The US Sun team?

Email us at [email protected] or call 212 416 4552.

Like us on Facebook at www.facebook.com/TheSunUS and follow us from our main Twitter account at @TheSunUS

    Source: Read Full Article