Cyber Security News & Tips by Glenda R. Snodgrass for The Net Effect
[ View this email in your web browser ] [ Visit our archives ] [ Sign Up for this Newsletter ]

January 9, 2024

Good morning, everyone!

This week’s critical vulnerabilities:
  • Google Chrome has released its first update of 2024
  • 3CX is warning customers to disable SQL integration due to a security flaw in its programming
  • ESET has released a critical fix for multiple security products
  • Ivanti has released critical security patches for its Avalanche mobile device management product

    Did your "automatic" updates get installed?

    Patch All the Things!

  • Online Job Scams

    A young woman I know recently told me with great enthusiasm that she had applied for a new job, making a ton of money for hardly any work, and all online! As you can imagine, my spidey senses started to tingle, so I asked what kind of work was it? Her reply was "travel agent." Hmmm, okay, so I told her that there were a lot of job scams online, and asked if she wanted me to investigate this job for her? She said sure, and sent me this screen capture of the ad:

    Does anything about this look odd to you? The whole thing struck me just a bit off. Daily payroll isn't very commoni, is it? Also, my friend said the job was travel agent but the ad says online assistant. She sent me the URL for the travel company supposedly hiring. It had a popup box requiring you to log in to see anything on the site. Even the menu wouldn't come out without logging in. I'm glad my friend decided not to follow through with the job after responding to the ad.

    I had only recently read about the Russian "reshipping service" that was exposed:

    Among the most common ways that thieves extract cash from stolen credit card accounts is through purchasing pricey consumer goods online and reselling them on the black market. Most online retailers grew wise to these scams years ago and stopped shipping to regions of the world most frequently associated with credit card fraud, including Eastern Europe, North Africa, and Russia.

    But such restrictions have created a burgeoning underground market for reshipping scams, which rely on willing or unwitting residents in the United States and Europe to receive stolen goods and relay them to crooks living in the embargoed areas.

    Services like SWAT are known as “Drops for stuff” on cybercrime forums. The “drops” are people who have responded to work-at-home package reshipping jobs advertised on and job search sites. Most reshipping scams promise employees a monthly salary and even cash bonuses. In reality, the crooks in charge almost always stop communicating with drops just before the first payday, usually about a month after the drop ships their first package.

    Wow. Crooks just keep getting more clever all the time, don't they? It reminded me of an elaborate ID theft scheme that was going on in 2022, also related to online job offers.

    Phishing isn't the only danger on the Internet. Make sure that the young folks in your life understand that job scams abound, and help them develop the skepticism they need to protect themselves. Teach them to ask hard questions, to check references, to ask for opinions from other people.

    Remember, you can read past editions of this newsletter on our website, along with tons more information under the Resources tab.

    Have a great week!

    Glenda R. Snodgrass

    Glenda R. Snodgrass
    (251) 433-0196 x107
    For information security news & tips, follow me!

    Security Awareness Training Available Here, There, Everywhere!

    Thanks to COVID-19, lots of things went virtual, including my employee Security Awareness Training. Live training made a comeback a few months ago, but many organizations are retreating. No worries. Wherever you and your employees may be, I can deliver an interesting and informative training session in whatever format you prefer.

    Contact me to schedule your employee training sessions. They're fun! ☺

    TNE. Cybersecurity. Possible.

    Speak with an Expert


    The Net Effect, L.L.C.
    Post Office Box 885
    Mobile, Alabama 36601-0885 (US)
    phone: (251) 433-0196
    fax: (251) 433-5371
    email: sales at theneteffect dot com
    Secure Payment Center

    The Net Effect, LLC

    Copyright 1996-2024 The Net Effect, L.L.C. All rights reserved. Read our privacy policy