How to Recognize and Avoid Phishing Scams

How to Recognize and Avoid Phishing Scams

by | Nov 24, 2020 | Security, Technology, Tips and Tricks

Scammers use email or text messages to trick you into giving them your personal information. But there are several things you can do to protect yourself.

How to Recognize Phishing

Scammers use email or text messages to trick you into giving them your personal information. They may try to steal your passwords, account numbers, or Social Security numbers. If they get that information, they could gain access to your email, bank, or other accounts. Scammers launch thousands of phishing attacks like these every day — and they’re often successful. The FBI’s Internet Crime Complaint Center reported that people lost $57 million to phishing schemes in one year.

Scammers often update their tactics, but there are some signs that will help you recognize a phishing email or text message.

Phishing emails and text messages may look like they’re from a company you know or trust. They may look like they’re from a bank, a credit card company, a social networking site, an online payment website or app, or an online store.

Phishing emails and text messages often tell a story to trick you into clicking on a link or opening an attachment. They may

  • say they’ve noticed some suspicious activity or log-in attempts
  • claim there’s a problem with your account or your payment information
  • say you must confirm some personal information
  • include a fake invoice
  • want you to click on a link to make a payment
  • say you’re eligible to register for a government refund
  • offer a coupon for free stuff

Here’s a real world example of a phishing email.

Netflix phishing scam screenshot

Imagine you saw this in your inbox. Do you see any signs that it’s a scam? Let’s take a look.

  • The email looks like it’s from a company you may know and trust: Netflix. It even uses a Netflix logo and header.
  • The email says your account is on hold because of a billing problem.
  • The email has a generic greeting, “Hi Dear.” If you have an account with the business, it probably wouldn’t use a generic greeting like this.
  • The email invites you to click on a link to update your payment details.

While, at a glance, this email might look real, it’s not. The scammers who send emails like this one do not have anything to do with the companies they pretend to be. Phishing emails can have real consequences for people who give scammers their information. And they can harm the reputation of the companies they’re spoofing.

How to Protect Yourself From Phishing Attacks

Your email spam filters may keep many phishing emails out of your inbox. But scammers are always trying to outsmart spam filters, so it’s a good idea to add extra layers of protection. Here are four steps you can take today to protect yourself from phishing attacks.

Four Steps to Protect Yourself From Phishing

1. Protect your computer by using security software. Set the software to update automatically so it can deal with any new security threats.

2. Protect your mobile phone by setting software to update automatically. These updates could give you critical protection against security threats.

3. Protect your accounts by using multi-factor authentication. Some accounts offer extra security by requiring two or more credentials to log in to your account. This is called multi-factor authentication. The additional credentials you need to log in to your account fall into two categories:

  • Something you have — like a passcode you get via text message or an authentication app.
  • Something you are — like a scan of your fingerprint, your retina, or your face.

Multi-factor authentication makes it harder for scammers to log in to your accounts if they do get your username and password.

4. Protect your data by backing it up. Back up your data and make sure those backups aren’t connected to your home network. You can copy your computer files to an external hard drive or cloud storage. Back up the data on your phone, too.

What to Do If You Suspect a Phishing Attack

If you get an email or a text message that asks you to click on a link or open an attachment, answer this question: Do I have an account with the company or know the person that contacted me?

If the answer is “No,” it could be a phishing scam. Go back and review the tips in How to recognize phishing and look for signs of a phishing scam. If you see them, report the message and then delete it.

If the answer is “Yes,” contact the company using a phone number or website you know is real. Not the information in the email. Attachments and links can install harmful malware.

What to Do If You Responded to a Phishing Email

If you think a scammer has your information, like your Social Security, credit card, or bank account number, go to IdentityTheft.gov. There you’ll see the specific steps to take based on the information that you lost.

If you think you clicked on a link or opened an attachment that downloaded harmful software, update your computer’s security software. Then run a scan.

How to Report Phishing

If you got a phishing email or text message, report it. The information you give can help fight the scammers.

Step 1. If you got a phishing email, forward it to the Anti-Phishing Working Group at reportphishing@apwg.org. If you got a phishing text message, forward it to SPAM (7726).

Step 2. Report the phishing attack to the FTC at ftc.gov/complaint.

Bonus

The FTC’s new infographic (below) offers tips to help you recognize the bait, avoid the hook, and report phishing scams. Please share this information with your school or family, friends, and co-workers.

Download the PDF

Phishing Don't Take the Bait

Online Holiday Shopping Scams

by | Nov 24, 2020 | Security, Technology

This article is contributed. See the original author and article here.

Original release date: November 24, 2020

With more commerce occurring online this year, and with the holiday season upon us, the Cybersecurity and Infrastructure Security Agency (CISA) reminds shoppers to remain vigilant. Be especially cautious of fraudulent sites spoofing reputable businesses, unsolicited emails purporting to be from charities, and unencrypted financial transactions.

CISA encourages online holiday shoppers to review the following resources.

If you believe you are a victim of a scam, consider the following actions.

This product is provided subject to this Notification and this Privacy & Use policy.

Cross Service Query – Azure Monitor and Azure Data Explorer

Cross Service Query – Azure Monitor and Azure Data Explorer

by | Nov 24, 2020 | Azure, Microsoft, Technology

This article is contributed. See the original author and article here.

Azure Monitor<->Azure Data Explorer cross-service querying


This experience enables you to query Azure Data Explorer in Azure Log Analytics/Application Insights tools (See more info here),


and the ability to query Log Analytics/Application Insights from Azure Data Explorer tools to make cross resource queries. (See more info here.),


adx-proxy-workflow.png


 


For example (querying Azure Data Explorer from Log Analytics):


2020-11-24_10-24-28.png


 



Where the outer query is querying a table in the workspace, and then joining with another table in an Azure Data Explorer cluster (in this case, clustername=help, databasename=samples) by using a new “adx()” function, like how you can do the same to query another workspace from inside query text.


 


Both experiences are in Private Preview.


The ability to query Azure Monitor from Azure Data Explorer is open for everyone to use – no need to be allowlisted,


The ability to query Azure Data Explorer from Log Analytics/Application Insights requires to be allowlistedWe need the following to get you enrolled (you can send the info to me):



  1. Tenant ID

  2. List of the Azure Data Explorer clusters (the list is required to enable the team to modify the callout policy of that cluster, that will allow them to communicate with the proxy)

  3. Email address


 


We started a private preview program, and we are happy to add early adopters to experience the new functionality.


Please note that the product is new with limited SLA, and we estimate that we will be able to move to pubic preview with production level SLA within ~2-4 months.

Cross Service Query – Azure Monitor and Azure Data Explorer

Cross Service Query – Azure Monitor (LA/AI) and Azure Data Explorer (ADX)

by | Nov 24, 2020 | Azure, Microsoft, Technology

This article is contributed. See the original author and article here.

Azure Monitor<->Azure Data Explorer cross-service querying (join between LA/AI and ADX!)


 


This experience enables you to query Azure Data Explorer in Azure Log Analytics/Application Insights tools (See more info here),


and the ability to query Log Analytics/Application Insights from Azure Data Explorer tools to make cross resource queries. (See more info here.),


adx-proxy-workflow.png


 


For example (querying Azure Data Explorer from Log Analytics):


2020-11-24_10-24-28.png


 



Where the outer query is querying a table in the workspace, and then joining with another table in an Azure Data Explorer cluster (in this case, clustername=help, databasename=samples) by using a new “adx()” function, like how you can do the same to query another workspace from inside query text.


 


Both experiences are in Private Preview.


The ability to query Azure Monitor from Azure Data Explorer is open for everyone to use – no need to be allowlisted,


The ability to query Azure Data Explorer from Log Analytics/Application Insights requires to be allowlistedWe need the following to get you enrolled (you can send the info to me):



  1. Tenant ID

  2. List of the Azure Data Explorer clusters (the list is required to enable the team to modify the callout policy of that cluster, that will allow them to communicate with the proxy)

  3. Email address


 


We started a private preview program, and we are happy to add early adopters to experience the new functionality.


Please note that the product is new with limited SLA, and we estimate that we will be able to move to pubic preview with production level SLA within ~2-4 months.

How to design secure and convenient access to AKS clusters

How to design secure and convenient access to AKS clusters

by | Nov 24, 2020 | Technology

This article is contributed. See the original author and article here.

API Server is a crucial component of Kubernetes that allows cluster configuration, workload management and a lot more. While this endpoint is incredibly important to secure; developers and engineers typically require regular and convenient access to that API. Striking a balance between security and convenience is quite desirable here.


 


Azure Kubernetes Service (AKS) provides two robust mechanisms to restrict access to the API Server: namely through restricting authorized source IP addresses or disabling public access to the API endpoint.
 


While the above two controls ensure additional security for the API endpoint, developers and engineers do face a few challenges here:
 



  1. With the rise of remote work, many users could be unable to keep a static source IP address that has been whitelisted by AKS.
     

  2. Although VPN solutions are increasingly deployed, many users could find that always on VPN becomes a challenge sometimes; especially if it affects an already low internet bandwidth at home.
     

  3. While some users get access to a jump box or an Azure Bastion host, it lacks many notable features like AD authentication or a true desktop experience.


Recommendations


One good approach to overcome the above challenges is to allow remote access to a fixed cloud endpoint, which has sole access to the AKS Cluster. Being more specific, Visual Studio Code Remote Development and Windows Virtual Desktop are two solutions that can provide a secure yet convenient access to restricted AKS cluster.


 


blog-secure-development.png


 


Visual Studio Code Remote Development (SSH)


VS Code Remote Development (SSH) can allow developers and engineers access from within Visual Studio Code to hardened and right-sized per-user virtual machines. The solution has the following benefits:
 



  • The virtual machines could use automation to start up and shutdown during regular work hours.

  • Users leverage their local VS Code to run code and terminal commands that are in fact running on a remote machine that has access to a restricted AKS cluster.

  • Linux users would leverage SSH keys to get access to those machines but could also evaluate the preview feature of Linux AD authentication.

  • Remote VM can be in a VNET with access to a private AKS cluster or can have an outbound IP whitelisted by AKS.


 


Windows Virtual Desktop


While the above solution has some great benefits, it requires SSH access from at least a wide array of IP ranges owned by developers or engineers. It might also require additional GUI access to the Azure virtual machines to run some Kubernetes tools such as Lens, a Kubernetes IDE. Windows Virtual Desktop on the contrary requires no open SSH ports and provides desktop access. It just requires TCP port 443 access to a defined Microsoft endpoint. Other benefits from this solution include:
 



  • Use various clients such as Windows, macOS, Android, iOS, or Web.

  • Desktop discovery based on AD Authentication. No IP or host name distribution required.

  • Full desktop experience with Windows 10 or Windows 7.

  • Users might be able to leverage existing licenses to assign desktops.

  • Desktop host can be in a VNET with access to a private AKS cluster or can use a Load Balancer outbound IP whitelisted by AKS.


 


Whichever solution you choose to provide access to an AKS cluster, it’s quite important to try strike a balance between meeting security requirements and ensuring teams productivity. VS Code Remote Development and Windows Virtual Desktop are two options worth considering.