Major FBI Website Warning


June 20, 2019

According to Cyber Heist News, the FBI’s Internet Crime Complaint Center (IC3) released a PSA warning that attackers are exploiting people’s trust in sites that use HTTPS. Cybersecurity training has in the past rightly encouraged users to look for the lock icon next to the URL in the browser, but many users still believe this icon is proof that the site they’re on is legitimate. While the lock is important, it only means that traffic to and from the site is private; it doesn’t ensure that the site’s operator is trustworthy.

The lock icon did carry more weight years ago, when getting an SSL/TLS certificate was a more difficult process, but these certificates are now free and can be acquired by anyone. Attackers are increasingly making sure that their phishing sites have authentic certificates to mimic legitimate websites.

The FBI advises users to be wary of requests in emails, even if they appear to come from known contacts. Scrutinize links carefully and “question the intent of the email content,” rather than taking emails at face value. If you receive a suspicious request, “confirm the email is legitimate by calling or emailing the contact.”

This type of diligence may add a few minutes to your day, but it’s trivial compared to the damage that can be caused by falling for a phishing attack. New-school security awareness training can build a culture of security within your organization, so that your employees will recognize potential red flags out of habit.

IC3 has the alert, which is good ammo to share, and remind your peers about the importance of THINK BEFORE YOU CLICK. For more details visit – and don’t worry, this link is safe to click.

If you have any questions, we’re more than happy to help.

We're Integris. We're always working to empower people through technology.

Keep reading

Top 10 IT Best Practices To Adopt Right Now

Top 10 IT Best Practices To Adopt Right Now

Welcome to the Top 10 IT Best Practices To Adopt Right Now. This simple, non-technical “listicle” (slightly updated since December of 2021) covers some of the most valuable technology tips we can assemble into a five-minute read. Some of the recommendations are a...

The Three Social Engineering Hacks your Company Should Prevent Now

The Three Social Engineering Hacks your Company Should Prevent Now

Since 2020, Google has identified and delisted 2 million websites for launching phishing attacks—an army of nefarious websites that Cisco says have hit 86 percent of all global companies. But it’s the social engineering behind those attacks that’s the scary part,...