Enabling two-factor authentication (2FA) is one of the best things you can do to improve the security of your email and cloud accounts.  2FA is sometimes called multi-factor authentication (MFA) but for this discussion the terms will be synonymous.

As knowledge of scams plays a significant role in avoiding becoming a victim, I thought I would show you how these crooks go about stealing your credentials via a phishing scam.  This is actually very similar to how John Podesta got his emails stolen during the 2016 Presidential Election.

Eric received an email notice that his company’s domain name is expiring.  The email appeared to be an offer to renew his company domain name via a ‘Secure Online Payment’ for $64. He sensed a scam.

“I recalled renewing it just over a year ago for a 5-year term,” recalled Eric.

A zero-day ransomware virus is currently targeting Microsoft Office 365 users. The virus arrives as an attached .ZIP or .DOTM file. Do not open the attachment as it will activate the virus which encrypts your data then demainds a $500 ransom.

The attachment may be a .DOTM or .ZIP file.

A new ransomware virus arrives as a ZIP file attached to email.  The ZIP file has an javascript file which, when run, will encrypt files on your hard drive and network drives.  The ZIP file attachment will has one of the following or similar names:

photo.