Recently, investment advisors Saybrook Fund Advisors LLC suffered a major data breach in which a cybercriminal hacked into the email account of one of Saybrook’s employees and was able to access sensitive personal data contained in emails and attachments to emails from the account between March 18, 2021 and March 29, 2021. The stolen information included Social Security numbers, driver’s license numbers, credit and debit card information, health insurance information, login credentials and more, putting the affected clients of Saybrook in serious danger of identity theft. The compromise of their Social Security number is particularly threatening to the affected clients.
Personal information, such as the information contained in the data breach is used by cybercriminals not just to directly steal the identities of the affected people, but also to create specifically targeted spear phishing emails and text messages (called smishing) to lure people into clicking on malware infected links or providing personal information that will be used to make you a victim of identity theft. While many common phishing emails and text messages are easily recognized as phony, sophisticated spear phishing emails and text messages can be tailored by the criminals to our own interests using the information obtained through the data breach in order to appear to be trustworthy which makes them quite dangerous.
One important lesson is to limit the amount of personal information that you provide to companies and websites whenever possible. You are only as safe as the places with your information with the weakest security and it would appear that Saybrook did not have strong encryption and other protocols in place to protect the sensitive data. It is also critical that we all remember that whenever we get an email, text message or phone call, we can never be sure who is really contacting us so you should never click on links or provide personal information in response to such communications unless you have absolutely confirmed that the communication was legitimate. Trust me, you can’t trust anyone.
For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.” Scamicide has been cited by the New York Times as one of three top sources for information about Coronavirus related scams.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/