Female cyber pros group targeted in phishing scam

Share post:

A threat actor is trying to con female cybersecurity pros into downloading malware.

The warning comes from the Canadian-based Women CyberSecurity Society (WCS2), which says someone is targeting members of the leadership team, members, and volunteers, trying to trick them into clicking on malicious links in text-based phishing messages, which is also called smishing.

“A volunteer recently reported receiving a text message claiming to be from founder Lisa Kearney citing an urgent need for help,” the warning says.

“We believe others will be targeted in such a manner and we urge you to exercise caution when interacting with emails, messages and online links from someone who you don’t know.”

The text message asked the volunteer to buy some Google certificate back codes.

One key this is a scam: The sender said they were in a meeting, could only text and asked the volunteer “to run a task urgently.”

Experts say a message asking a person to do something quickly — such as spend money, send money, or send a copy of sensitive information — should be seen as suspicious.

WCS2 believes the threat actor used LinkedIn and open-source intelligence to gather information about the organization, members, and volunteers to target them.

The group asks members to

– Verify caller identity: If you receive a call claiming to be from the Women CyberSecurity Society, ask for the caller’s name and contact information. Hang up, independently verify the information through official channels, and call back using a published contact number;

– Do not click on suspicious links: Avoid clicking on any links received through phone calls, voicemails, or text messages, especially if the communication seems unexpected or unusual;

– Report suspicious activity: If you receive any communication that seems suspicious or if you believe you have been targeted, please report it immediately to WCS2’s security team;

– Use security software: Install and regularly update security software on your mobile device, desktop, laptops and tablets to help detect and prevent smishing attacks.

– Educate yourself: Stay informed about common phishing tactics and be cautious when receiving unexpected messages, even if they appear to be from familiar sources.

WCS2’s next event is Jan. 30, when it will host a two-hour webinar on how to start a new career in cybersecurity.

The post Female cyber pros group targeted in phishing scam first appeared on IT World Canada.
Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

Russian threat actor expanding its target list, warns Five Eyes report

APT29 is increasingly going after cloud services in mo

Canada’s privacy watchdog investigating hack at Global Affairs

Inquiry will look into adequacy of data safeguards at the federal

Sidebar: The powerful Digital Safety Commission

A look at the powers of the proposed five-person body charged with overseeing the Online

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways