In support of Cybersecurity Awareness Month, the IT Division is highlighting phone scams and offering tips on how to avoid attacks. Scammers often take advantage of busy times throughout the year when people are distracted or vulnerable, such as during holidays, tax season, back-to-school, and global events like coronavirus. Every year, Americans report billions of dollars in total losses to scam callers. In addition to practicing proactive defensive security measures, education and outreach remain an integral component to avoiding and preventing phone scams. Continue reading to learn more, view examples, and recommendations.
The 2021 Truecaller report indicates a 22% increase over the past year in the number of Americans who lost funds due to phone scams and 59% who received scam calls related to COVID-19. Of those who lost money to phone scams, 60% were due to calls made using automated dialing technology, i.e. robocalls. About 3 in 5 Americans reported an overall increase in spam calls and/or text messages (see SMS phishing).
Illegal and unwanted calls comprise the largest source of consumer complaints according to a 2021 Federal Communications Commission (FCC) report. Voice service providers continue to make advancements in analytic call blocking and labeling tools to protect consumers. Companies report few false positives and no public safety issues.
A survey of local consumer data from the Federal Trade Commission (FTC) reveals the top 5 fraud categories in the San Francisco, Oakland, Berkeley metro area to be imposter scams, online shopping, internet services, prizes or sweepstakes, and telephone and mobile services.
In the examples below, a scammer uses local numbers and an automated message to contact you regarding a fake expired vehicle warranty. Auto warranty scams were the top unwanted call complaint filed with the FCC in 2020. If you accidentally answer a robocall or press a button in response to a recording, simply hang up immediately. Be sure to report the message as spam and block the number.
The examples below are provided by the FCC and focus on COVID-19 robocall scams. The audio transcripts both reference coronavirus and a critical and urgent need for your attention. These scammers prey on victims during emergencies and may offer free home testing kits, fake health insurance, vaccine appointments, loan repayment offers or other financial assistance.
Do not respond to calls from unknown numbers. The Department of Justice has a hotline for consumers who believe they have been a victim of a scam or fraud related to COVID-19. The National Center for Disaster Fraud Hotline is 1-866-720-5721.
Social Security Scam: Hello this is a call from the Social Security Administration. During these difficult times of the coronavirus, we regret to inform you that we have got an order to suspend your socials immediately within 24 hours due to suspicious and fraudulent activities found on your socials. We are contacting you as this case is critical and needs your urgent attention. To get more information about this case please call immediately on our department number 888-991-2325. I repeat 888-991-2325.
Listen to sample audio. (Source: Nomorobo)
Diabetic Test Kit Scam: If you are diabetic and using insulin, we can qualify you to get a free diabetic monitor and a complimentary testing kit for coronavirus. To learn more, please press 1, otherwise please press 2.
Listen to sample audio. (Source: YouMail)
Tech support scams are a common scheme for criminals to gain remote access to your computer. They may call you and identify themselves as Microsoft or Apple employees and claim your computer is infected with a virus or has a technical problem only they can fix.
Tech Support Scam: In this example, an FTC investigator records a scammer who insists her computer is infected and guides her to purchasing antivirus software. Listen to an FTC undercover call with a tech support scammer.
Keep in mind that real tech companies will not contact you to let you know there’s a problem with your computer. Real computer security warnings will not instruct you to call a phone number or purchase a product. If you are concerned about your computer security, contact [email protected].
Tips for Recognizing Phone Scammers
Familiar entities: Scammers often impersonate representatives of a well-known organization, e.g., IRS, Medicare, Social Security, a utility or tech company, e.g. PG&E, Microsoft, and Apple, or even nonprofits and charitable groups.
Spoofed numbers: Scammers might use technology to spoof or mimic fake phone numbers appearing on your caller ID. The phone number may have a local area code or appear related to a government or work agency.
Critical Timeline: Scammers will indicate there is an urgent, time-sensitive problem you need to resolve or perhaps a prize or investment to claim quickly. The emphasis is on guiding you to act as fast as possible under threat or duress.
Payment Method: Scammers frequently demand specific methods for payment which are difficult to reverse, such as via money order, prepaid cards, gift cards, use of a money transfer company, a bank wire transfer, or depositing a fake check.
Recommended Actions to Stay Safe
Be aware of the attack methodology, remain vigilant, and report anything suspicious. Exercise caution with unexpected requests, offers, or phone calls not initiated by you. View the social engineering page for more tips on how to recognize scams.
Do not share your private login or financial information. If you are unsure, verify the request with the organization directly through the official website or phone number.
Do not grant access to your devices to an unknown caller unless you initiated the request and can verify they are a legitimate representative of your support group.
Ensure your equipment meets Berkeley Lab Minimum Security Requirements.
How to Block and Report Spam Calls
Block the caller on your mobile and locate the option to label the call as spam.
Federal Communications Commission (FCC)
Federal Trade Commission (FTC)
Did you know that October is national Cybersecurity Awareness Month? The IT Division is releasing a series of educational tips and reminders to promote the importance of cybersecurity across Berkeley Lab. Be sure to also check out events and learning opportunities hosted by UC Berkeley and UCOP at https://security.berkeley.edu/cybersecurity-awareness-month-2021.
Recently, the IT Division Cyber Security team noticed an increase in phishing attacks via SMS text message. Attackers are able to avoid email filtering by phishing via SMS messages Phishing typically involves attempts to acquire or disclose personally identifiable information (PII) such as your username, password, and other sensitive information. The phishers would then steal your username and password to use on the real website or sell your information to other scammers. Real examples are provided below followed by recommended actions to take and instructions for reporting spam messages.
In this example, the attacker sends a text from a fake address mimicking the name of a financial institution and alerts the user to log in with personal account information.
Notice the domain of the sender and link do not match the institution’s official address. If you logged into this lnk, your bank credentials would be stolen. Legitimate companies will not ask for information about an account via SMS. Some links may point to a spoofed website which closely emulates the authentic version. Do not click the links. Contact the institution directly from their official website to verify the validity of messages.
In the following examples, the attacker sends an SMS message from an unknown number and asks the user to follow a link to schedule or confirm a change in a delivery.
Scammers craft these messages to trick you into clicking a malicious link which then sends you to a fake portal or may install harmful malware on your phone. Do not click the links and report such messages as spam.
This example is similar to Example 2 but indicates the user receives a small gift for paying a bill.
Attackers may make claims of problems with an account or promises of free gifts. It is common for scammers to send fake messages asking a user to take some action before claiming a package or a prize. Be skeptical of unexpected opportunities which sound too good to be true. Do not trust requests to share or confirm personal information via text.
Take steps to ensure devices meet Minimum Security Requirements.
Follow IT guidance to help secure computers: Tips to Secure Your Computer.
Stay up to date with Cyber Security Training requirements.
The best defense for these attacks is to be aware of the attack methodology, remain vigilant, and report anything suspicious. See the social engineering page for more tips on how to avoid phishing and other scams.
How To Report Spam Text Messages
Report it on the messaging app you use. Look for the option to report junk or spam.
Copy the message and forward it to 7726 (SPAM).
Report it to the Federal Trade Commission at ReportFraud.ftc.gov.
Windows has recently released their newest operating system, Windows 11. LBNL IT does not recommend upgrading to Windows 11 at this time. We would like to caution our users to be careful before deciding to upgrade or install.
You need to ask yourself the following questions before choosing to upgrade:
Is your computer hardware compatible?
Are all your peripheral devices compatible?
Is all your installed software compatible?
Do you have the installers and installation keys for that software, if you need to reinstall?
If you do upgrade, make sure to backup your computer before upgrading/installing.
Feel free to reach out to IT if you have any questions. You can contact our support staff by:
Please take action to update to iOS 14.8, macOS Big Sur 11.6, and watchOS 7.6.2 on Berkeley Lab and personal Apple systems immediately.
Last week, The Citizen Lab informed Apple about a new zero-click iMessage exploit targeting Apple's image rendering library. This vulnerability allows your Apple device to be compromised with no interaction from you nor any visibility indicators to you. Called FORCEDENTRY, the exploit can infect iPhone, iPad, Apple Watch, or Mac systems with the Pegasus spyware, providing access to the camera and microphone in addition to allowing access to text messages, phone calls, and emails.
"This spyware can do everything an iPhone user can do on their device and more," said Citizen Lab senior researcher John-Scott Railton. You can read more details about this issue in the Citizen Lab writeup.
On September 13, Apple released a suite of new updates for iOS, macOS, and watchOS to fix this bug.
Given the severity of the exploit, you should update to iOS 14.8, macOS Big Sur 11.6, and watchOS 7.6.2 on Berkeley Lab and personal systems you control as soon as you can.
Thank you in advance for helping to Protect Science, it’s greatly appreciated.
conferences.lbl.gov (Indico) underwent maintenance starting at 2:00 PM on Friday, August 6. The maintenance was completed at 2:45pm.
Please contact the [email protected] with questions or concerns regarding this maintenance.
If you receive a message because Druva inSync is reporting that device(s) linked to your account have not been backed up in at least 14 days, it is likely that there is a problem which could result in data loss in the event that you need to restore a file.
Possible causes for this email:
Computer was powered off
Computer was not connected to the internet
Computer needs to be restarted
You no longer have this device and it should be removed from your Druva inSync account
If you no longer have the device or are unsure as to why your device is not backing up, please forward the email you received to [email protected] along with the DOE number of your current computer that should be backing up.
As a reminder, devices which have not backed up in over 90 days will be removed from Druva inSync. Avoid data loss and address this request.
More information regarding Druva inSync can be found in our FAQ.
All Windows system users,
Microsoft releases Monthly Updates (patches) to keep your computer as secure as possible. As onerous as it may seem, keeping your Windows system up to date is a very important part of using any modern operating system with Internet access.
While you have received this update to address current issues, there are always new ones being reported. Our recommendation is to run Windows Update NOW, including REBOOTING if required, and please keep an eye out for future Windows Update communications from IT.
If BigFix is not currently installed on your system, we recommend you install BigFix as soon as possible so we can keep your system safe and you informed. It also helps with DOE property tracking. You never need to barcode scan your computer again.
In order to minimize disruption, when checking for updates, you may get more than one update that requires a restart. Please wait until all updates are completed before restarting your computer or you may have to restart more than once. In addition, if the BigFix restart notification appears, double check your Windows Updates application to ensure all updates have been completed before you restart.
Please run Windows Update at least monthly, to check if your system requires any patches.
Please consider rebooting your Windows system weekly or at least monthly.
Here is How to run Windows Update for Windows 10. Please REBOOT your computer if required by the Windows Update.
To all Windows system users, Microsoft has recently released some critical security updates regarding PrintNightmare. Please run Windows Update and check if your system requires any patches. It is strongly recommended to do this NOW and monitor any future communications from IT regarding this recent security threat.
While Microsoft has released updates to address this current issue, there have been reports that the first round of updates are insufficient. Our recommendation at this time is to run Windows Updates, including rebooting if necessary, and keep an eye out for future Windows Update communications from IT. If BigFix is not currently installed on your system, we recommend you install BigFix as soon as possible so we can keep your system safe and you informed.
In order to minimize disruption, when checking for updates, you may get more than one update that requires a restart. Please wait until all updates are completed before restarting your computer or you may have to reboot more than once. In addition, if the BigFix reboot notification appears, double check your Windows Updates application to ensure all updates have been completed before you reboot.
Keeping your Windows system up to date is important
Here is How to run Windows Update for Windows 10. Reboot your computer if required by the Windows Update.
Apple has announced a new operating system, macOS Monterey. They have released a beta version for consumers to download. The first final release is expected in Fall 2021.
However, we would like to caution our users to be careful before upgrading to the beta or first final release of macOS Monterey. These are the questions you need to ask yourself before proceeding with the install of macOS Monterey:
Is your computer compatible? See list below:
iMac late 2015 and later
iMac Pro 2017 and later
MacBook Air early 2015 and later
MacBook Pro early 2015 and later
Mac Pro late 2013 and later
Mac mini late 2014 and later
MacBook early 2016 and later
Note: if your hardware is not compatible, macOS Monterey should warn you and not install/upgrade. But it doesn’t hurt to double check to make sure.
Are all your peripheral devices compatible?
Is all your installed software compatible?
Do you have the installation files for that software, if you need to reinstall or revert your Operating System to the previous version?
BACKUP your computer before installing/upgrading to macOS Monterey
IT recommends not upgrading or installing macOS Monterey at this time.
Note that all 32-bit applications are incompatible with macOS Monterey.
If you decide to upgrade regardless of this warning, ensure you backup your computer before installing/upgrading or you may lose your data in the event of a corrupt installation or if you find you need to revert to the previous operating system due to incompatibility.
Feel free to reach out to IT if you have any questions.
You can contact our support staff by:
To all users that have Google Chrome and Microsoft Edge installed on the computer.
Google has released a new version of Google Chrome that addresses vulnerabilities that attackers in the wild could exploit to take control of affected systems.
The new Microsoft Edge is now based on Chrome which is why it needs to be updated as well.
Protect yourself! Update immediately!
Here is How to Update Google Chrome
Here is How to Update Microsoft Edge
IT has revised and created new FAQ to help you with:
Your password management sidekick!
Google Drives How-tos and fixes
Make sure to be protected, do a second reboot after the update!
Apple released the macOS Big Sur update 11.3 on April 28, 2021. If Sophos is installed on an M1 (ARM) based system prior to the update, the first time the system boots after the update, protection will be compromised. Restarting the system again resolves this issue.
The issue can be observed when the following conditions are met:
1. macOS 11 had Sophos installed prior to updating to 11.3
2. Upgrading to macOS 11.3
3. M1 chip (ARM) based hardware only (Intel hardware is not impacted)
4. This also applies to the 10.1.0 M1 (ARM) Optimized EAP.
Systems that are not impacted by this:
1. Systems with Intel chip macs
2. New Sophos installs on macOS 11.3
3. Systems with macOS 10.15.7 Catalina and below
Restart the computer once again after upgrading to macOS 11.3!
The original article is linked here!
IT Workstation Support has catalogued the recent issues users have encountered when upgrading their system to the latest macOS Catalina. They are:
32-bit applications will not run on Catalina, see table below
Top 10 32-bit Applications in-use
Microsoft Word, what version?
Microsoft Excel, what version?
Microsoft Powerpoint, what version?
mdworker32 (Office365 process)
Adobe Acrobat XI Pro (This software is out of compliance and must be upgraded to the subscription version, see Adobe Acrobat Pro DC)
Carbonite (This software is no longer the Lab’s enterprise backup software, see Druva inSync)
Adobe Application Manager
Applications will request proper permissions to run
Chrome Remote Desktop
Download and install latest driver (beta release), https://www.displaylink.com/downloads/macos
Toshiba copiers fail to print with a “filter failed” error message
On Mac OS 10.15 Catalina, you need to allow Zoom access to Screen Recording to share your screen.
As with any major operating system upgrade, users should always do the following:
Perform a hardware assessment and check for compatibility
Mac compatibility list - see https://support.apple.com/en-us/HT210222
User must check with the hardware vendor for any external equipment
Perform a software assessment and check for compatibility - users can check https://roaringapps.com/ for software compatibility
Ensure you have all software licensing information if you need to reinstall software
Perform a data assessment and backup all data
Perform upgrade in place or from scratch
Choose a topic from the list on the left, or search for a topic.
If you need to contribute to the IT FAQ's and find you do not have permission, contact the Help Desk and ask that you be added to the Commons faq editors group