Re-posted: This article is in the New York Times today.
By Nicole Perlroth, MAY 3, 2017

Google said it was investigating an email scam winding its way through inboxes across the country and had disabled the accounts responsible for the spam.

The scheme emerged Wednesday afternoon, when spammers dispatched malicious email, appearing to come from people the recipients knew, beckoning them to click on what appeared to be a shared Google document.

Recipients who clicked on the links were prompted to give the sender access to their Google contact lists and Google Drive. In the process, victims allowed spammers to raid their contact lists and send even more email.

“We are investigating a phishing email that appears as Google Docs,” Google said statement posted on Twitter. “We encourage you to not click through and report as phishing within Gmail.”

It is not clear who created the spam email or how many people it has affected.

In a second statement, on Wednesday evening, Google said that it had disabled the accounts responsible for the spam, updated its systems to block it and was working on ways to prevent such an attack from recurring.

A screen shot of an email received by a New York Times reporter on Wednesday that included a link that appeared to be for a Google document. (Identifying information has been redacted.)

If you receive suspicious email, here are some tips:

1. Do not click, even when the email is from your mother.

Even when you receive links from trusted contacts, be careful what you click. Spammers, cybercriminals and, increasingly, nation-state spies are resorting to basic email attacks, known as spear phishing, which bait victims into clicking on links that download malicious software, or lure them into turning over their user names and passwords.

A quarter of phishing attacks studied last year by Verizon were found to be nation-state spies trying to gain entry into their target’s inboxes, up from the 9 percent of attacks reported in 2016.

In this case, the malicious emails all appeared to come from a contact, but were actually from the address “hhhhhhhhhhhhhhhh@mailinator.com” with recipients BCCed.

2. Turn on multifactor authentication.

Google and most other email, social media and banking services offer customers the ability to turn on multifactor authentication. Use it. When you log in from an unrecognized computer, the service will prompt you to enter a one-time code texted to your phone. It is the most basic way to prevent hackers from breaking into your accounts with a stolen password.

3. Shut it down.

If you accidentally clicked on the Google phishing attack and gave spammers third-party access to your Google account, you can revoke their access by following these steps:

Go to https://myaccount.google.com/permissions

Revoke access to “Google Docs” (the app will have access to contacts and drive).

4. Change your passwords … again.

If you’ve been phished, change your passwords to something you have never used before. Ideally, your passwords should be long and should not be words that could be found in a dictionary. The first things hackers do when breaking into a site is use computer programs that will try every word in the dictionary. Your email account is a ripe target for hackers because your inbox is the key to resetting the passwords of, and potentially breaking into, dozens of other accounts.

Make your password long and distinctive. Security specialists advise creating anagrams based on song lyrics, movie quotations or sayings. For example, “The Godfather” movie quotation “Leave the gun. Take the cannoli,” becomes LtG,tTcannol1.

5. Report it.

Report any phishing attacks to Google by clicking the downward arrow at the top right of your inbox and selecting “Report Phishing.” Companies count on those reports to investigate such scams and stop them.

If you need help or think you may have this Google Attack, call us immediately.

When sending emails to customers, employees, or business partners, your business has to ensure that any sensitive information you send is completely secure.

Every industry in today’s marketplace has a need for encrypted email communications – simply hoping that no unwelcome eyes are viewing your information is not enough. Keep your emails completely confidential with The Computer Company’s encrypted email services.

Encrypting Your Emails is Easy.

Once our email encryption services are implemented, securing your emails is simple. With a click of a button, your emails can be encrypted and decrypted. Receivers of your encrypted email only have to go to a secure site and create an account to view your email. Once your email receiver has an account, they just login to view any of your subsequent encrypted emails. Your email encryption is easy, simple, and fast thanks to The Computer Company. Best of all, it’s guaranteed to be secure. While other companies may have to worry about hacking, phishing, and other digital threats, your company can rest easy knowing your communications are under lock and key.

Email Encryption Is Especially Important For…

Finance

Whether you’re in the finance industry, or simply handle a lot of money in your day-to-day business dealings, email encryption is key to ensure financial information is secure.

Government

Government entities need to be more concerned than the average organization about security and privacy of information. Our email encryption services can handle thousands upon thousands of encrypted emails and receiver accounts. The public trusts you – and you can trust us.

Healthcare

Patient information is one of the most sensitive issues in the medical field. This is true whether you are a hospital, a clinic, or an insurance company. Allowing this sensitive information to fall in the wrong hands can lead to legal troubles, emotional harm, and even patient illness or death.

Law Firms

Email is the staple of a law firm’s internal and external communications. We provide you with the security you need, the ease of use your partners, associates and staff want, and robust support to keep everything running flawlessly so you can concentrate on running your practice.

Your company can’t afford to have your private and confidential information hijacked by a hacker or a competitor. Don’t risk your security – call ( 800) 418 2358 today to learn more about our secure email encryption service.

Get both Spam and email Encryption for $4/per user.

info@computercompany.net

Hundreds of various sized businesses and organizations in 30+ industries utilize our services in MA, CT, RI, NY, NJ.

Email is the most used communication tool in business. It is the greatest asset in enabling organizations to collaborate and share valuable information inside and outside their network. However, email can also be your greatest threat – leaking customer information, intellectual property and other sensitive data that should not leave your network.

Whether it is customer data, partner data or intellectual property, no industry is exempt from the need to maintain the confidentiality and security of sensitive information. In addition, no industry can deny that email continues to be the preferred application driving business communication. Based on these factors, it is no surprise then to see the increase in government regulations calling for the need to encrypt sensitive information in email.

As the market leader in email encryption services, The Computer Company’s encryption solutions mitigate the risk associated with sending sensitive information in email and assist organizations in achieving regulatory compliance by providing email encryption.

• Healthcare – The burden of complying with HIPAA, the HITECH Act and other federal and state regulations is stressful, but the cost of one breach of electronic protected health information (ePHI) is too high to ignore
• Finance – With the critical role of email in day-to-day operations and the increasing pressure of federal and state
  regulations, such as the Gramm-Leach-Bliley Act (GLBA), to protect consumer privacy, email encryption is the solution for securing the exchange of sensitive information for financial institutions.
• Government – To manage the stress of government oversight and maintain public trust, government organization look to email encryption to assist in the protection of sensitive information.

With increasing federal and state regulations governing the security of personal information, many companies outside of these industries are also compelled to secure customer data and protect their businesses from reputation damage, government fines and other costs associated with a data breach.

To learn more about factors impacting your need for email encryption, please contact The Computer Company today for a free demonstration of how simple the product is to use.

The Computer Company, Inc.

Toll Free: 800-418-2358 x 127

Website: www.computercompany.net

Email: INFO@computercompany.net

Researchers identified the top 12 spam-relaying countries in its “Dirty Dozen” report that analyzed spam volume between April and June of 2013. The analysis determined the extent to which computers in a given country are used for delivering spam.

Three new countries entered the top 12 while several other countries — France, Peru and South Korea — fell off the list. Spam volume in countries sometimes mirrors population.

Spam messages, which are often viewed as unwanted messages pitching pharmaceuticals and pornography, also pose a serious threat. The unwanted messages can include phishing schemes and malware, and spammers have been seen pushing investment scams and other fraudulent activities,.

This season, Germany came in 12th overall for being responsible for relaying 2.5 percent of spam globally. The country is also known for receiving the most malicious spam messages, often laden with malware or links directing users to phishing attack pages. A report issued last year had Germany at the top of the list for pushing backdoor Trojans and other malware linked to the Zeus family of banking Trojans.

Russia is known for being the home of many financially motivated cybercriminal organizations, but it came in 11th overall on the Dirty Dozen list for pushing only 2.6 percent of spam globally. Law enforcement believe it also hosts major money laundering operations associated with credit card theft and malware attacks designed to drain bank accounts. Interestingly, the Republic of Belarus, which borders Russia to the northeast, has the title of having the most spam relayed by proportion to its population.

Italy came in 10th on the Dirty Dozen list for pushing about 2.9 percent of spam globally. Spammers have been quick to jump on news headlines in Italy to get people to open their messages. In 2009, a 6.3-magnitude quake was used as bait in a phishing campaign. Spammers have also used ongoing controversies surrounding Italian Prime Minister Silvio Berlusconi to lure people into clicking on links in the messages.

Argentina is a newly listed member of the Dirty Dozen list, earning the No. 9 spot for pushing 3.1 percent of spam globally. Despite being newly added, the country has aggressive spam laws. The South American country has a government agency that investigates spam incidents and has the power to levy stiff fines against spammers.

Kazakhstan, a Russian speaking country in central Asia, is also a newly listed member. It earned the eighth place title on the Dirty Dozen list for pushing 3.3 percent of spam globally. Malware and phishing are common in spam messages in Kazakhstan and several other top countries, with a correlation between the spam messages and incidents of piracy. Pirated copies of Windows and other un-updated software often contain vulnerabilities that can be exploited by malware attachments in spam messages. Pirated software also often contains malware that can make the system part of a global botnet that spreads spam.

Spain earned the No. 7 spot on the Dirty Dozen list. It pushed 3.4 percent of spam globally. Spain also earns credit for having a large amount of attack messages, spreading worms, ransomware and spyware, according to security experts.

India earned the sixth spot on the Dirty Dozen list for pushing about 3.6 percent of spam globally. Attackers often rent out spam servers for their campaigns and can even design a specific campaign for a region. We recommend users keep their systems patched, including their browser and its components. Antivirus software should also be receiving regular updates.

Taiwan earned the No. 5 spot on the Dirty Dozen List for pushing slightly more than 3.6 percent of spam globally. The list doesn’t explain where the spam originates, only how it gets relayed from spammers to their victims. Systems that are infected with malware are often turned into spam relay systems as part of a global botnet operated by a cybercriminal abroad.

Ukraine is a new entrant on the Dirty Dozen list. The eastern European country peddled 5.5 percent of spam globally, earning it the fourth spot on the list. Ukraine is believed to be the home of a long-running pharmacy spam operation. The spammer behind the operation, known for sending 10 million or more messages daily, uses Chinese Web hosting for the operations and botnets to spread the messages,

China earned third place on the Dirty Dozen list for relaying 5.9 percent of spam globally. China is home to the Vincent Chan gang, an organization ofChinese partners that have been sending spam for years.The Vincent Chan gang, which mainly spreads messages touting online pharmacies, is listed at the top of the list of worst spammers, according to a list maintained by spam-fighting organizations.

The eastern European country of Belarus earned second place on the Dirty Dozen ist. The country has pushed 11.7 percent of spam globally. The country has been at the top of similar lists in the past. The country is responsible for relaying more than 3 million spam messages per day.

The United States retained the spamming crown on the Dirty Dozen list, sending 13.8 percent of spam globally. The U.S. population and its robust Internet connectivity help it retain the leadership position. Three spammers that are on the worst spammer list: Quick Cart Pro, Yair Shalev and iMedia Networks. Quick Cart Pro, an operation with ties to Russia and Canada, promotes fake pharmaceuticals. Yair Shalev, a high-volume spammer, uses the showshoe method to send messages, spreading out spam across many IPs and domains, in order to dilute reputation metrics and evade filters, and iMedia Networks, operated by Michael Lindsay, is a spam-hosting operation serving bulletproof hosting at high premiums to well-known spam gangs.

If you want to protect your network from Spam please contact The Computer Company at

800 418 2358

To learn more please go to our website

http://www.computercompany.net/Networking_Security.htm

By Robert Westervelt, CRN