Europol Arrests SIM Swappers in Spain, Austria and Romania

Police across Europe have been ramping up operations against two new SIM swapping operations, resulting in the arrest of 26 individuals accused of stealing more than $3 million from unsuspecting victims.

In January, investigators from the Spanish National Police, together with the Civil Guard and Europol, began targeting suspects believed to be part of a hacking ring that stole over €3 million in a series of SIM swapping attacks.

The gang, with members from Italy, Romania, Colombia and Spain, aged 22-52 years of age, allegedly made numerous strikes, stealing up to €137,000 from victims’ bank accounts. The smallest amount stolen, as per the Europol press release, was €6,000.

In a typical SIM hijacking scheme, criminals used social engineering and malware to obtain online banking credentials from victims at different banks.

“Once they had these credentials, the suspects would apply for a duplicate of the SIM cards of the victims, providing fake documents to the mobile service providers,” Europol explains. “With these duplicates in their possession, they would receive directly to their phones the second factor authentication codes the banks would send to confirm transfers.”

With everything they needed to make fraudulent payments, the criminals proceeded to empty the victims’ accounts. They then used ‘money mules’ to hide the trail of the stolen money. Every strike took between one and two hours, “which is the time it would take for the victim to realise that his/her phone number was no longer working,” investigators said.

A second operation came to fruition after an eight-month investigation by the Romanian National Police and the Austrian Criminal intelligence Service with the support of Europol. Authorities arrested 14 members of a gang accused of emptying bank accounts in Austria through a similar method – by gaining control of their victims’ phone numbers. This time, however, the suspects used the hijacked SIM cards to withdraw cash at cardless ATMs. Europol explains:

“Once having gained control over a victim’s phone number, this particular gang would then use stolen banking credentials to log onto a mobile banking application to generate a withdraw transaction which they then validated with a one-time password sent by the bank via SMS allowing them to withdraw money at cardless ATMs.”

The gang allegedly stole an estimated half a million euros this way.

Europol offers tips on how to keep fraudsters from hijacking your SIM card, including keeping SMS out of your two-factor authentication across different online services. Europol also recommends to avoid associating your phone number with sensitive online accounts, where possible.

Phishing Email Aims to Trick Hospital Staff with ‘Coronavirus Seminar’

A new phishing scam is capitalizing on the COVID-19 pandemic, seeking to steal credentials of healthcare workers with the promise of a “coronavirus awareness” seminar.

An email purporting to come from the organization’s IT department urges employees to access a link and enter their username and password. If duped by the malicious website rigged to look like the Outlook Web App, an unwary employee would give their login credentials to the attackers. A screen capture of the email scam was obtained by Sky News.

The COVID-19 scare has prven lucrative for cybercriminals in recent weeks as healthcare institutions scramble to test patients, treat the infected and protect their own staff from the contagion. Healthcare infrastructures are highly susceptible to hacker attacks because of lax cybersecurity skills and safeguards.

With the COVID-19 pandemic in full swing, these weaknesses are becoming more obvious than ever. A Czech medical facility, the Brno University Hospital, was forced to cancel urgent surgery and divert patients to a nearby hospital as it dealt with a contagion itself – the ransomware kind. The Czech hospital was also one of the country’s largest COVID-19 testing labs.

As is always the case with phishing campaigns against targeted institutions, the scam is riddled with clues that give it away. These include typos, an overly urgent tone, and the threat that “disciplinary measure will be taken” if recipients don’t follow the instructions.

If any such urgent notices make it into your inbox, regardless of your profession or the latest trending news, contact your IT department on a separate channel, or just give them a call to make sure the notice came from them and not elsewhere.

Stay safe out there!

Coronavirus Phishing Scams Exploit Misinformation

Coronavirus Phishing Scams Exploit Misinformation

A series of phishing scams have exploited the ongoing Coronavirus (COVID-19) pandemic to either spread malware, trick victims into giving away sensitive information, or raise funds that they falsely claim will help find a vaccine.

While working from home might seem like a respite from office life, staying indoors means we’ll all be spending more time online reading news, shopping, and going through emails. Whether it’s through our company laptop or personal device, more time spent online means more exposure to fraud, phishing, and malware. They all attempt to exploit our curiosity and basic necessities, such as the need to buy medical or personal hygiene equipment or other goods.

Preying on the common desire to learn more about the signs and dangers, or even how to survive potential exposure to COVID0-19, cybercriminals have started sending phishing emails that promise exclusive information in the form of attachments and links to protection gear at highly discounted prices. Many even ask for Bitcoin donations that they say will support research for a Coronavirus vaccine.

Most online scams occur through spam emails that entice with amazing discounts for medical supplies that have long since flown off the shelves of pharmacies and stores.

Did you say, WHO?

No, it’s not the infamous Doctor Who from the popular TV series, but someone claiming to be a doctor working for the World Health Organization (WHO). It’s one of the most popular email scams and it claims to have new and exclusive information on how to prevent and protect against Coronavirus infection. All you have to do is open the attached document to read more.

Preying on our concerns, fraudsters are impersonating institutions affiliated with or linked to the Centers for Disease Control and Prevention (CDC) and the World Health Organisation (WHO). Their tactic includes deploying malicious links or attachments claiming to give you a list of infected people in your area.

As seen in the image below, the attached document seems to be a .rar archive, according to the extension. However, the actual file has a .pdf or .exe extension. Once you try to open it, you will only execute the malware.

To view the actual file extension of files, tick the “File name extension” checkbox under the View menu in your File Explorer window. This can help you spot files that are misleadingly named to seem benign.

Namedropping Global Organizations

Another series of messages that allegedly offer new updates in the Coronavirus outbreak use logos from the World Health Organization to appear legitimate. They entice readers with grants and donations sponsored by the “World Bank Group, United Nations Organisations, World Health Organisation, Asian Development Bank, World Trade Organization, International Monetary Fund, European Central Bank, Organisation for Economic Co-operation and Development, International Finance Corporation and many more.”

As the image below points out, the message also encourages you to open the “HEALTHCARE.PDF” file attached. Like in the previous example, the actual file is nothing if not malicious.

Needless to say, just because an email uses the logos and starts namedropping known organizations and financial institutions doesn’t mean it’s legitimate. Pay attention to the file extension for attachments above all else.

An Email Thread With…NATO

Another phishing scam in circulation claims to come from the United Nations and instructs recipients to read the instructions in the attachment (in this case, a Microsoft Excel document) on how to prevent the spread of Coronavirus.

What the email lacks in detail it makes up in seriousness, as it appears to be signed by someone working at the “Directorate of Diplomatic and Consular Personnel.” It also seems to be forwarded, and has the overall tone of an internal business message you’d receive in the regular course of work.

Of course, opening the attached document will bring you a world of trouble, as the document is tainted with malware intended to infiltrate your computer and enable attackers to compromise your personal and financial data.

The Old “Donate to Fight Coronavirus” Scam

It’s not unusual for fraudulent charities and donation websites and emails to appear after a natural disaster or a worldwide health emergency. In this scenario, the fraudsters will craft charity emails and ask for donations for Coronavirus victims, medical staff or even COVID-19 studies.

Another scam involves posing as an “Ophthalmologist“ in an attempt to lure victims into donating in order to treat “families and children in China” with the Coronavirus vaccine. Of course, all donations need to be made in Bitcoin, and a Bitcoin wallet is made available.

To help sell the idea of a Coronavirus vaccine, the email also contains two images: one with alleged doctors wearing protection gear and doing some “sciencey” stuff, and the other with a vaccine bottle labeled “Coronavirus Vaccine.”

The next time you have the urge to lend a hand to any relief or health organizations, make sure that the website, email address, or the cause itself is real, or try ringing an emergency hotline for additional information.

An offshoot of the donation scam is the funds transfer scam, which basically asks you to help a victim of the Coronavirus wire transfer funds to a foundation that helps the suffering. Of course, while you’re not instructed to click any link or open any attachment, you’re given an email address to contact the “benefactor” to learn how to receive and transfer the funds.

This is the type of scam where, if you answer, you’ll get suckered into performing wire fraud with the promise that you’ll receive some sort of commission.

And if you happen not to fall for this one, there’s another scam that encourages you to get back to the scammer, except this time it claims that you can purchase “as many [experimented pure confirmed “coronavirus vaccine”] for people badly in need.” Simply contact the good doctor Zaks (ahem) and he’ll fix you up with the latest, newest, and guaranteed-to-work Coronavirus vaccine.

The (hyper)link Trick

Some Coronavirus-related email scams might even go the extra mile and give you information that you already know, such as official numbers of victims infected or even details about existing health problems that could complicate a potential COVID-19 infection.

However, that information is twisted with a bit of paranoia. Either implying that the government knows more about the outbreak than they let on, or that in you will “die in agony from pneumonia” in case of infection, these messages try at some point to get you to click on something. And it can be the most benign something, such as an apparent YouTube video that promises more information.

Of course, what’s embedded is not a YouTube video but an image. Even more interesting is that, while it looks like a YouTube preview thumbnail, it’s just an image that, once clicked, points you to a phishing, fraudulent, or malicious website, depending on what the cybercriminal has planned next.

As a general rule, don’t click on images, text or links, even if they seem to point to a legitimate source. You can use the pointer to hover over the text to see the real link that it points too (check the image above) or simply manually type the address in the browser.

In fact, messages from legitimate organizations and companies rarely ask you to click on an embedded link. Instead, they ask you to check out their official webpage for more information and details (even if it really is all about conspiracy theories and government plots).

Check out the gallery bellow for more scams that might show up in your inbox:

How to Protect Yourself?

If you’ve read all of the above, you’re probably more skilled at spotting phishing and scams than before. That’s because it’s all about paying attention to details and knowing what’s real and what’s not. Looking for typos, for amazing discounts, for misspelled email addresses and domains, and even suspicious links and hyperlinks can prevent you from becoming a victim.

  • Just because the contents of an email has legitimate logos doesn’t mean the email address is legitimate;
  • Just because an attachment looks like a PDF or document, doesn’t mean that it actually is;
  • Even if the email only asks you to reply to the message, why should you? If you don’t know the person, if the offer is too good to be true, and if the reward far outweighs your effort, it’s definitely a scam;
  • Stay informed and check any information across multiple official and legitimate sources;

If you want the best protection, use a security solution for all your devices, — one that can protect you from phishing, fraud, and malware so that you can focus on what matters: keeping your family safe!

Coronavirus Medical Supply Scams Prey on Fear

Coronavirus Medical Supply Scams Prey on Fear

As headlines buzz with the latest news and developments on the Coronavirus outbreak, scammers and threat actors are piggybacking on the fears of consumers everywhere.

They are becoming more resourceful in their schemes and are constantly monitoring the web, preying on our fears and relying on the fact that we’ve let down our guard while we watch world events.

The fact that the physical world is slowly quarantining itself does not mean the dangers of the cyber world are fading. It’s tough to juggle both your work and your family’s safety, so in an effort to make your online interactions safer, we’ve listed a few of the tricks scammers might deploy during this period.

Looking to buy a mask that offers up to 99.99% percent protection against Coronavirus? Ran out of hand sanitizer and you’re looking to buy a whole lot more but can’t find any? These are the types of offers we get either through email or bogus ads.

While these websites may seem legitimate, as they abuse popular logos, they’re mostly just trying to draw on your fear of a COVID-19 infection. The products are not real, nor are those online vendors. They are just scammers interested in getting your credit card details or even getting you to purchase and pay with Bitcoin (which in itself should raise suspicion).

Exploiting Supply Shortage

While medical supplies may be scarce and in constant demand in the age of the Coronavirus, don’t be fooled by these websites.

In the example above, the “Company specializes in providing a wide range of medical equipment” and seems to be “well stocked with items that are highly on demand, due to COVID-19 virus.” It seems a bit strange that it basically only offers four products on its webpage. If that weren’t a warning sign, the fact that it only has about eight products in their catalog is dodgy at best.

While payment options seem to include both PayPal and direct credit card, it’s probably the credit card details the scammers are mostly after, as they provide the best return on investment.

The “Amazing Discount” Routine

Other scams simply entice by offering discounts of 20% (or more) on Coronavirus masks and claim to have already sold more than 1 million worldwide. As a bonus, shipping claims to be free “for the next 2 days only” and payment is “secured and trusted”.

While the website may not be forcing you to pay or and it may not be stealing any information from you without your consent, purchasing those medical supplies will likely result in receiving squat while giving away your credit card data.

Fear of Being Infected? Pick a Mask, Pay with Bitcoin

Other alleged online vendors go the extra mile and even pack a wide variety of masks, each with different colors, features, and even properties. From procedure masks to surgical masks and isolation masks, they’re all in stock, they’re all affordable, and you can purchase them in Bitcoin.

Sure, it’s not fishy at all that when no one can find masks these guys are in full stock and offer to accept Bitcoin when no one else can find masks anywhere (sense the sarcasm). Confused as to what Bitcoin is and how to get it? Instructions are handed out right before you submit your order so the purchase can go along smoothly.

Fear of Missing Out? Get it now, before it expires!

Last, but not least, now that you know from where you can get sanitizer and masks at reasonable prices, how about getting that infrared thermometer? Although the website may be in French, shipping doesn’t seem to be a problem for them as they deliver anywhere in the world, provided you add your credit card details. And don’t forget to hurry with your order, because you only have ONE HOUR before the 40% discount expires (or before you hit refresh on the webpage).

Of course they’re not the most ingenious scams nor the most sophisticated, but when your back is against the wall, when the threat of infection from Coronavirus is real, when medical stocks are low and you can’t find a single mask or sanitizer, or when the discount simply sounds truly awesome, that’s when people make mistakes.

How to Protect Yourself?

If you’ve read up to here, you’re probably more skilled at spotting online scams than before. And that’s because it’s all about paying attention to details and knowing what’s real and what’s not.

Here’s what you need to do to stay away from these online scams:

  • Read reviews about the vendor and listed products
  • If the deal is too good to be true, it probably is
  • Ideally, buy from online vendors you’ve previously done business with

If you want the best protection, use a security solution for all your devices — one that can protect you from phishing, fraud, and malware so that you can focus on what matters: keeping your family safe!

Mysterious cyberattack cripples Czech hospital amid COVID-19 outbreak

Mysterious cyberattack cripples Czech hospital amid COVID-19 outbreak

A cyberattack hits the second-biggest hospital in Czech Republic in the midst of the Coronavirus outbreak last Friday. The incident was confirmed by the Czech National Office for Cyber and Information Security (NÚKIB), which is working alongside police and hospital staff to recover from the damages and secure their network.

The report doesn’t detail the nature of the attack on the University Hospital Brno, but the medical care facility was required to shut down its IT network.

In a statement to Czech media, the hospital director said some systems were still working, but the ability to transfer information between its facility systems and database was compromised.

Medical staff was taken by storm, forced to delay scheduled surgeries and transfer some patients to a nearby hospital. The attack was made more severe due to the COVID-19 pandemic in Europe, and local authorities are working around the clock to get the systems back online. The hospital is also a one of the country’s largest Coronavirus testing laboratories, and the recent cyberattack may have disrupted its testing capabilities.

We’re once again emphasizing the ruthlessness of cybercriminals who try to capitalize on the public health crisis. The opportunistic nature of threat actors proves that no one is spared from their schemes, and not even the backdrop of this crisis is stopping them.

This unprecedented global event has also laid its mark on the evolving threat landscape, and other health institutions and hospitals should raise their awareness following this troublesome event.

Locking down a hospital’s IT infrastructure due to a cyberattack can only postpone medical care or further burden the doctors and nurses on the front lines fighting the disease.

UK intelligence agency warns of cybercriminals exploiting the Coronavirus outbreak

UK intelligence agency warns of cybercriminals exploiting the Coronavirus outbreak

A division of GCHQ (Britain’s equivalent to the NSA) has warned the public to be on their guard against cybercriminals exploiting the Coronavirus outbreak.

The National Cyber Security Centre (NCSC) has described on its blog how criminals have spread malware via emails purporting to contain important updates about the COVID-19 outbreak, and that attempts have also been made to scam unsuspecting users and phish passwords and sensitive information.

In response to the Coronavirus-related cybercrime threat, the NCSC says it has taken steps to automatically discover and take down malicious sites exploiting the Coronavirus outbreak to serve up phishing attacks and malware.

The techniques being used by the criminals are no different from those seen in many past attacks, but the fact that they exploit the current Coronavirus pandemic means that there is a great chance that unsuspecting computer users will be tricked into falling for them.

In short, you might be more tempted right now to click on a link claiming to contain important information about Coronavirus than you would to click on a link in an email purporting to come from your bank.

In an attempt to strengthen the security of internet users, the NCSC is recommending that the public follow existing advice on how to spot and deal with suspicious emails, and how to protect against malware threats such as ransomware.

As many computer users are likely to be finding themselves in the unusual position of working remotely, perhaps without direct access to IT support teams who would normally be directly available to advise them on security, it’s particularly important that users are reminded of basic security practices.

Paul Chichester, Director of Operations at the NCSC reminded users to report cybercrime attacks to the authorities:

“We know that cyber criminals are opportunistic and will look to exploit people’s fears, and this has undoubtedly been the case with the Coronavirus outbreak. “Our advice to the public is to follow our guidance, which includes everything from password advice to spotting suspect emails. “In the event that someone does fall victim to a phishing attempt, they should look to report this to Action Fraud as soon as possible.”

In recent weeks there has clearly been an increase in cybercriminal exploitation of the Coronavirus crisis, with attempts to dupe users with malicious Coronavirus maps, phishing attacks which purport to come from the Center of Disease Control, and Coronavirus-related Android ransomware, amongst much much more.

It’s sadly easy to predict that things are going to get much worse before they get better. Get clued up about how best to protect yourself, your friends, and your colleagues.

IT Admins Allegedly Offer Hackers ‘Naked Photos of Boss’s Secretary’ in Exchange for Ransomware Decryption Keys

The infamous ransomware operatives known as the Maze Team have issued a “press release” condemning IT administrators who tried to use bribery to cover up their failure to protect their employers from hackers.
In an interesting twist, ransomware operators have not only turned to leaking victims’ data if they refuse to pay, they are now humiliating their victims, adding more insult to an already massive injury.

Known for pioneering tactics such as coercing victims to pay by threatening to leak their data, the Maze Team are now upping their game by literally shaming their victims. A so called “press release” posted on the hackers’ website reveals that IT administrators at various firms hit by the Maze ransomware failed to identify the hackers’ entry point.

In one example, the team addresses media reports quoting security experts as saying Maze operatives used social engineering when in fact (the team suggests) they attacked their supply channel partners. An excerpt from the group’s post, complete with original typos, is reproduced below, courtesy of DataBreaches.net:

“One more word about the Security ‘Experts’ discussing our activity and our team. We are greatly disappointed with those so called Professionals who can’t tell the difference between phishing and lateral movement. We don’t need to use phishing attacks and slowly move from one target to another as we have the access to the to the hosting provider. As long as such so called Professional will work in IT and Security we will have a lot of work.”

Some administrators contacted the team directly in an effort to reach an agreement and cover up the incident. Maze claims these IT reps made hackers the cowardly offer of access to other companies’ infrastructures, likely their employers’ partners. In one instance, the team claims, network administrators even offered to send them indecent photos of the boss’s secretary:

“Another word for the IT specialist and network administrators who are tring to hide the information of the data leak from the company’s executives. They are making everything just the worst. We were really shoked by the fact that some network administrators were trying to hide the leak by offering us the access to the data of other companys, access to private laptops of the company’s president or even the naked photos of their boss’es secreteary. Funny but it’s true.”

The Maze Team clarifies that ransomware is what they do and that such offers, like access to different accounts or bitcoin wallets belonging to company executives, simply won’t do:

“We are not interested in accesing accounts or bitcoin wallets of the company’s executives. We are doing what we are doing and no other proposals are accepted,” the Maze Team said.

Public Health Agency Shut Down by Ransomware Amid Coronavirus Outbreak

The
Champaign Urbana Public Health District (CHUPD) in Illinois, which serves hundreds
of thousands of Americans, has had its official website taken down by
ransomware operatives.

CHUPD serves
210,000 people, including the University of Illinois, with advice and
information on the biological virus outbreak that is COVID-19.

On March 12,
the agency set up an alternative website as it dealt with a ransomware
infection that took its primary website offline, The Register reports.
It also maintains a Facebook page that reportedly acts as its preferred outlet.

“We are
working to get our website up and running,” CHUPD said.

The outage
began Tuesday morning and the cause was soon confirmed as the Netwalker
ransomware, also known as MailTo.

Netwalker
operators mainly target large organizations, including government agencies.
This attack, however, doesn’t seem targeted. Rather, the malware simply caught
the health agency off guard, possibly due to lax safeguards.

This issue
is common among institutions across the United States, as evidenced by the spate
of ransomware infections across education, healthcare and government
institutions throughout 2019 and into 2020.

The
University of Illinois is also affected by the Netwalker outbreak. The school
said it will resume classes online after Spring Break.

Latest Firefox Version Unveils and Fixes an AirPod Vulnerability

Latest Firefox Version Unveils and Fixes an AirPod Vulnerability

The latest Firefox version fixes quite a few problems, but one of the more interesting fixes was for a vulnerability that affected people using AirPods connected to an iPhone, which is not something you’d expect to find in a browser release.

While new versions of Firefox generally bring new features and a handful of security fixes, most are related to the browser itself. Rarely does it impact other devices. It’s not impossible, though, as the latest Firefox 74 update has shown.

The bug, designated CVE-2020-6812, is not as straightforward as you might think, but it shows just how interconnected devices are, even when they seem to have no apparent connection with one another.

“The first time AirPods are connected to an iPhone, they become named after the user’s name by default (e.g. Jane Doe’s AirPods.)” reads the description of the bug. “Websites with camera or microphone permission are able to enumerate device names, disclosing the user’s name. To resolve this issue, Firefox added a special case that renames devices containing the substring ‘AirPods’ to simply ‘AirPods’.”

This particular vulnerability doesn’t appear to have been used in the wild, but that doesn’t mean that it won’t be exploited once the patch is released. It takes a while for hackers to figure out how this works, from a technical point of view, and to develop tools that take advantage.

It’s important to keep your browser up to date, along with any other hardware device you might have. Interestingly enough, the details of the CVE are not public, but that’s not entirely unusual.

5 Safety Tips for Working Remotely

Amid the Coronavirus scare, employees everywhere are packing their laptops and working remotely. Different organizations have different remote-working policies. While some mandate strict security protocols, others are more permissive, and even careless in some regards.

Employees must nonetheless be cautious when connecting to the company infrastructure from home, protecting not only their employers, but also themselves from cyber malice. Today, we outline five golden rules every employee should abide by when working from the confines of their home.

Prep your PC

In most cases, remote workers can’t renew their access data from outside the company’s infrastructure. Before taking your company-issued laptop home, change your password. If your operating system has been nagging you to renew your login credentials, be sure to do so while you’re still at the office and avoid being locked out of the infrastructure while working remotely. Also, check if your organization’s VPN is installed and properly configured.

Use VPN

Before starting work, connect to your company’s VPN. Don’t use anything other than your company-sanctioned VPN client and avoid using any other means of connecting to your infrastructure. Remember that any other Remote Desktop Client is likely to be in violation of policies you have in place at work. Also, it is usually a good idea not to enable Remote Desktop Protocol and expose it over the Internet on any company computer.

Don’t mix business with pleasure

Don’t use personal gadgets for work, and don’t use your work laptop for personal affairs (like social networking or online shopping). Using personal services on your work devices can generate conflicts with your work environment, apps and services. A single unintended copy-paste of work material can violate data protection laws, like the GDPR. The same goes if you accidentally send a work file containing confidential information to someone in your Facebook chat window.

Your IT department has equipped your work laptop with safeguards and trip wires that sound alarms in case of human error. So you should use your company-issued equipment strictly for work. Keep your personal affairs on your personal gizmos.

Also, remember to keep your work devices away from family members, especially the youngsters. Children are easily tricked into downloading malicious content on a device, which can compromise the device and, by extension, the company network.

Spot scams

Even your work laptop can end up on an uncharted website or receive a malicious email meant to trick you into divulging passwords or to install malware. Remote workers must be vigilant. For instance, we already havereported cases of scams capitalizing on the Coronavirus outbreak in an attempt to trick users into downloading malware on their computer.
Report any suspicious activity to your IT department. This way, you’re not only protecting yourself, but also any less-wary colleagues who may be targeted by the same scam.

Be particularly skeptical of emails purporting to come from your IT department. Cybercriminals often take advantage of remote-work policies to trick employees into following IT-issued instructions, such as to change their password – when, in fact, they are being tricked into giving their password to the attacker. If you have any reason to believe the message doesn’t come from a legitimate source, contact your IT guys on a different channel, like instant messaging. Or just give them a call.

Respect standard remote-work procedures

Don’t stray from your IT department’s security policies while working remotely. Use the trusty VPN to patch into your company’s infrastructure and don’t tinker with the endpoint security tools installed on your work computer. If you’re unsure what a certain setting does, consult your IT guys first. For example, never disable multi-factor authentication (MFA), also known as two-factor authentication (2FA) for work apps and services. MFA/2FA is a strong blockade against potential hacks.

Posts navigation

1 2 3 4 5 6
Scroll to top