Don’t Let a Romance Scam Break Your Heart or Empty Your Bank Account

Don’t Let a Romance Scam Break Your Heart or Empty Your Bank Account

With Valentine’s Day just around the corner, love is in the air and those who currently lack a significant other may decide to join a dating website to meet new relationship prospects. Unfortunately, there are plenty of scam artists who target dating site users and try to swindle money from them by exploiting their desire for companionship. The FBI calls these types of online encounters Romance Scams and reported that, in 2016, victims of this type of scam lost over $230 million.

Protect Your Mobile Phone Numbers from Porting Scams

Protect Your Mobile Phone Numbers from Porting Scams

In August 2017, the NJCCIC published the blog post Hackers Are Circumventing 2FA and Here's What You Can Do About It to alert members of emerging social engineering campaigns targeting mobile phone carriers. In these campaigns, hackers called the carriers and impersonated the targeted victim when speaking to customer service representatives. They would then try to convince the representatives to port the victim’s phone number to a new phone. If the scheme worked and the representative ported the number to a phone within the hacker’s possession, the hacker could then use it to circumvent SMS-based two-factor authentication (2FA) enabled on the targeted victim’s online accounts. Fortunately, major US mobile phone carriers have recently implemented an additional security control that their customers can use to secure their accounts. Read our blog to find out more.

Women in Cybersecurity

Women in Cybersecurity

According to the Women’s Society of Cyberjutsu (WSC), women comprise 50 percent of professional occupations in the U.S. and only 11 percent of the information security workforce. Here at the NJCCIC, women contribute to the success of all bureaus, including Partnerships, Cyber Threat Intelligence and Analysis, Security Engineering and Cyber Operations, and Governance Risk and Compliance through various roles including Cyber Threat Intelligence Analysts, Cyber Liaison Officers, and Incident Reporting and Response Specialists.

The NJCCIC 2017 Year in Review

The NJCCIC 2017 Year in Review

To say that 2017 has been a busy year for cybersecurity professionals would be an understatement. From devastating data breaches to crippling ransomware incidents, every week that passed revealed new threats, attack vectors, exploits, and vulnerabilities. It quickly became evident that no person, organization, or sector is immune to the impact of cyber threats. As we prepare for the challenges that 2018 will bring to network defense initiatives, it’s important to reflect on some of this year’s biggest cybersecurity incidents and highlight the lessons learned from each one.

DEFCON 25 – Celebrating 25 Years of Hacking with 25,000 People

DEFCON 25 – Celebrating 25 Years of Hacking with 25,000 People

“Our Uber driver told us to turn off the Bluetooth and WiFi on our phones while we’re out here this week. He said not to connect to anything or we’ll be hacked.” Two women shared this with me as the three of us waited to ride the SlotZilla Zipline in downtown Las Vegas late Friday night. I told them I was in town attending DEFCON and that their driver gave them good advice.

Tired of Receiving Scam Calls? Don’t Just Sit There. Do Something About It.

Tired of Receiving Scam Calls? Don’t Just Sit There. Do Something About It.

Americans are inundated daily with scam calls and many may not know there are options available that help reduce the chance of receiving or answering a fraudulent phone call. This blog highlights one analyst's frustrations in receiving several of these nuisance calls every day and her effort to stop them by exploring various options provided by major US cell phone carriers.

Time is of the Essence

Time synchronization is not something many people may consider to be a critical component of a properly functioning enterprise; however, it is vital for managing, securing, debugging, and investigating security incidents on a network. Desynchronized timekeeping across distributed servers in a corporate network can cause serious headaches for IT staff trying to diagnose network issues or investigators trying to get to the bottom of a data breach.

Cyber Tips for the Holiday Shopping Season

With Black Friday, Cyber Monday, and the rest of the holiday shopping season upon us, the NJCCIC compiled the following tips and best practices to help all of our members stay safe in stores and online. The holiday shopping season is one of the most attractive times of the year for money-hungry criminals and fraudsters to take advantage of eager shoppers and unsuspecting victims.

Researcher Helps Put a Stop to GO App Privacy Flaw

Over the weekend, an “augmented reality” game called Pokémon GO took America’s mobile phone users by storm and soared in popularity practically overnight. Created by video game giant, Nintendo, and mobile game developer, Niantic, the Pokémon GO game app became an instant hit on both the Android and iOS platforms as people downloaded it in record numbers. Its usage quickly surpassed that of the popular dating app, Tinder, and social media platforms such as Instagram, Facebook, and Snapchat.

One Year Ago Today

One year ago today, Governor Christie signed Executive Order 178 establishing our State’s Information Sharing and Analysis Organization (ISAO), the New Jersey Cybersecurity and Communications Integration Cell (NJCCIC). Our goal has always been to elevate the barriers to entry for those seeking to nefariously exploit New Jersey’s cyberspace. We do this by promoting statewide awareness of cyber threats and the adoption of best practices.

Backups: The Cure to Viral Cyber Infections

Given the steady uptick in ransomware across the country, and right here in our State, we simply cannot overstate the importance of maintaining good backups that are stored offline (physically off of the network) and regularly tested to ensure you can fully recover in the event of a data loss incident. But what, specifically, does that mean to you and how do you go about implementing a sound data backup and recovery strategy?

The Internet of Insecure Things

The US Government is currently drafting a 'green paper' in preparation of presenting a formal policy on the Internet of Things (IoT), acknowledging the highly insecure technologies that have hit the market in recent years. Demonstrating the growth of this market, the research and consulting firm Gartner, Inc. forecasts that 6.4 billion connected devices will be in use worldwide in 2016, increasing to 20.8 billion by 2020.