Be on guard against email fraud and cyber crime say security experts

By Michael Regenstreif, Editor

Organizations and individuals always need to be on guard against cyber-threats and online fraud schemes – but particularly now during the COVID-19 pandemic when so many people are working from home – according to experts participating in a recent webinar presented by the Secure Community Network (SCN), the security agency of Jewish Federations of North America.

“The nature of our new environment, with the majority of our workforce now teleworking, has put this at the forefront of concern in a way that is not necessarily been and it needs to be,” noted SCN CEO Michael Masters in his introductory remarks. “[It is] imperative that we make cyber security awareness prevention and best practices, a part of our daily routine and our culture.”

Although the webinar was specifically focused on the United States, cyber crime does respect international borders and much of what was discussed applies to Canada as well.

Federal Bureau of Investigation (FBI) Supervisory Special Agent Michael McKeown discussed issues surrounding “business email compromise” and ransomware and provided an overview of cyber crime noting activities including “phishing,” an email scam aimed at eliciting information that will make users’ computers and computer networks vulnerable to cyber attacks.

A phishing email, McKeown explained, might try to trick the recipient into revealing their password noting, “Fraudsters have become very good at crafting their emails. They’re getting to the point of focusing in on individuals within an organization that can help move money.”

McKeown said that email recipients need to be on guard against emails that are not from who they appear to be explaining that a common trick is to spoof email accounts to make them look like they are coming from what might otherwise be a trusted source asking the recipient to act “urgently” on something, such as an immediate money transfer.

He also said passwords should be secure, not guessable, and should be changed regularly, and said data should be backed up often to alternate drives which are more secure than “cloud” backups in order to help mitigate data loss or even ransom should a computer or network breach occur.

The other main presenter was Shawn Brokos, a retired FBI agent who is now director of community security at the Jewish Federation of Greater Pittsburgh, who said cyber criminals are actively targeting Jewish organizations, much of it “related to us all teleworking.”

Brokos advised filing reports with law enforcement agencies and notifying banks whenever any suspicious activity has taken place, “even if there’s no dollar loss.”

She cited an example of a recent cyber attack on several synagogues where the fraudsters had spoofed the rabbis’ email accounts in attempts to trick recipients into transferring funds.

The main takeaway from the webinar was that recipients should always be wary of unexpected emails that seem unusual, which make unusual requests, or are out of character for the person who seems to have sent the email. People should not click on links which they cannot verify came from a trusted source.

Photo: Secure Community Network CEO Michael Masters speaks from home during a webinar on cyber crime.