-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Recently, a number of UCAR employees have received suspicious phone calls from an outside number. In these, the caller has threatened to remove our user's Meeting Maker account unless the caller is provided with account and email information by our user [1]. This is similar to the email phishing messages many of us have received over the past month. Since email is becoming less effective for this kind of attack, as we get smarter about it, you'll increasingly hear about (and may experience) similar phone calls. The most dangerous will be those where the attacker claims to be from your bank, and tells you a scare story (there's been a phantom withdrawal, etc.), but they can fix it with your help if you'll give them your account number and bank-by-web password. Less dangerous to you, but still dangerous to UCAR, will be those where the attacker wants your UCAR logins. Luckily, it's simple to defend yourself against this kind of thing: If they called you, don't give out any information. Don't confirm, and don't deny. Yes, this holds even if you have Caller ID, and the number or name reported looks reasonable--Caller ID is easily forged. Instead, simply thank the caller for their notification, tell them you'll call them back when you're on a safer line, and hang up. Then call your bank or your sysadmin on a number you already know goes to them (on the back of your credit card, on your bank statement, or on your staff directory), and report the attempt at social engineering. That way, you'll protect your accounts, for bank and work logins, both. You'll also potentially help others, by helping get the attackers shut down or blocked. - ------- [1] This kind of thing is called by various names, the most common of which are "con", "social engineering" and "pretexting." The adversary is attempting to get information or logins to which they're not entitled by lying, posing as trusted personnel, etc. - -- /\ Richard Johnson \ security administrator, UCAR \_][ rjohnson@ucar.edu, +1 303 497-1844 \________________________________________ -----BEGIN PGP SIGNATURE----- iEYEARECAAYFAkgQnYgACgkQY9qw9I4JLL1hYACaAqGfFgZeHUmhhIDiqQ1WVXca 3S8AniwcbjmO7qeNHZ3s7rcoIrvwhXO/ =NtWm -----END PGP SIGNATURE-----