Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


IC3 Releases Alert on Gift Card Scams

08/02/2017 10:08 PM EDT Original release date: August 02, 2017

The Internet Crime Complaint Center (IC3) has released an alert warning consumers of music gift card scams. This type of scam targets victims, gains their confidence, and tricks them into providing gift card information.

To stay safer online, review the IC3 alert on Online Scammers Require Payment via Music Application Gift Cards and the US-CERT Tip on Avoiding Social Engineering and Phishing Attacks.

IRS Warns Tax Professionals of New Scam to Steal Passwords

08/07/2017 03:30 PM EDT  Original release date: August 07, 2017

The Internal Revenue Service (IRS), acting in concert with state tax agencies and the tax industry, has issued an IRS Security Summit Alert for tax professionals to beware of a new phishing email scam. Scam operators often use fraudulent e-mails to entice their targets to reveal login credentials.

US-CERT encourages users and administrators to review the IRS Alert and US-CERT Security Tip ST04-014.

Microsoft issues out-of-band security updates for Outlook, Office

Naked Security – If you haven’t picked up these updates, now is a good time to do them.

There were a number of out-of-band updates released on July 27. This update applies to vulnerabilities specifically Outlook and Office Click-to-run.  Several of the vulnerability updates prevent remote code executions (RCE) in Outlook 2007, 2010, 2013 and 2016, as well as Office 2010 and 2016 Click-To-Run.

FTC Releases Alert on Government Grant Scams

08/08/2017 08:30 PM EDT  Original release date: August 08, 2017

The Federal Trade Commission (FTC) has released an alert on government grant scams. In these schemes, scammers pose as government officials to get consumers to send them money. Anytime someone asks you to pay money to get money, stop and think twice.

US-CERT encourages consumers to refer to the FTC Alert and the US-CERT Tip on Real-World Warnings Keep You Safe Online for more information.

Watch out for Emotet, the trojan that’s nearly a worm

Emotet arrives as a malicious email attachment and tries to steal your online banking credentials

Self-hosted search option is a new approach to bursting the filter bubble

Tired of being tracked by Google?  Here’s an open-source, self-hosted search aggregator might be a good way both of avoiding being tracked and getting away from the echo chamber


About the Author:

Cybersecurity guru to business owners in the St Paul, Minneapolis, and western Wisconsin area. Computer security and hacking have been a passion of mine since I entered the computer and networking business in 2000. In 2013 I completed a course of study and certification exam to become a Certified Ethical Hacker (CEH). In 2016 I was certified as a Certified Information Systems Security Professional (CISSP). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of computer security, network security, and web site security. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also provide Cybersecurity Awareness Training for clients and their employees. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. The views expressed on this Web site are mine alone and do not necessarily represent the views of my employer.

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.