No, it is not safe to accept Zelle payments from strangers because there is always the possibility of the stranger being a scammer. If the stranger is a scammer, then you could end up losing money by accepting a Zelle payment from them. It’s best to only use Zelle to send and receive payments from people you know and trust.
The US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have released a joint Cybersecurity Advisory describing the Scattered Spider cybercriminal gang’s activities. The group, believed to be unusual both for the relative youth of its members and their native proficiency in English, was responsible for this summer’s compromises of MGM Resorts and Caesars Entertainment. It also excels at social engineering.
If increases in cyberattacks this year are any indication of what to expect in the next six weeks of holiday shopping, we should expect a massive uptick in holiday-related scams. The expectation by the National Retail Foundation for this year’s holiday shopping is that we will see 4% more spending than last year. This is a slight year over year decrease (as last year saw a 5.4% increase over 2021), but still indicates increases in spending.
When complying with regulations and frameworks, it’s hard to keep up when the rules keep evolving. Auditors are no longer just seeking reports on what your identities can access – they now require proof that you have controls for securing those identities (like a math assignment, you have to show your work). And if a framework or regulation’s requirements previously focused on highly privileged IT users’ access … that’s evolving too.
Digital startup PostMeds Inc., operating as TruePill, is an online pharmacy service based in California. The company allows patients to compare copay pricing, get status notifications on pill orders, and request refills. However, all this may change soon; at the end of October, TruePill endured a severe data breach, landing them in hot water with patients and courts.
Adversaries are becoming more sophisticated and faster with their attacks. According to the CrowdStrike 2023 Threat Hunting Report, the average eCrime breakout time is just 79 minutes. This is partly due to adversaries taking advantage of tools that leverage automation like password-cracking tools, exploit kits for web browser vulnerabilities, and marketplaces that sell stolen data.
Perry Johnson & Associates (PJ&A) is a medical transcription service assisting providers like Cook County Health and Northwell Health. In mid-October, Chicago’s Cook County Health announced a data breach from PJ&A with a limited impact figure. However, the Department of Health and Human Services (DHS) has confirmed a more significant number than PJ&A initially determined.
