Other ways to search: Events Calendar | UTHSC

Cybersecurity – SCAM of the Week – Protecting Charities from Cybercriminals

|

With a total annual income of over sixty-nine billion, charities are hugely vulnerable to attach and proving to be a lucrative target for cybercriminals. Data breaches could damage the charity’s reputation and discourage people from donating money. It could also have more serious ramifications if confidential patient data is leaked.

Cybercriminals don’t care about the good causes that charities support, they simply view them as soft targets with lots of attractive weak points to exploit.

According to the Cyber Security Breaches Survey 2020, over a quarter of charities (26%) experienced a cyber attack in the last 12 months. The most common attack method was phishing (85%), followed by impersonation (39%) and then viruses or other malware (22%).

Recommendations for charities are the same for other types of organizations, educate the staff, have secure backups, use strong passwords and restrict who has access to sensitive data.

Also reported to abuse@uthsc.edu this week:

  • [Ext] Re: – not too much information in that subject line. A spoofed name was asking a targeted employee for credentials to log into a sensitive system.
  • [Ext] Assistant Needed – another targeted email from a spoofed name, wanting help changing direct deposit information. The email was from Russia.
  • Vishing – a report from called ID that started with 901-448 said they were from Apple and the user’s icloud account was hacked.
  • [Ext] Required-Notification – “Thursday, October 29, 2020” – one of those “you need to do something urgently” phishes, using the phrase “Password Expiry” which we wouldn’t use here in the United States.
  • [Ext] Subscription Auto-Renewal Alert – phish stating that a users subscription to the network firewall will be auto-renewed and to contact them if this is in error.

Stay safe everyone, and remember to report anything suspicious to abuse@uthsc.edu or contact the Office of Cybersecurity at 901.448.1880 or itsecurity@uthsc.edu.