Multiple agencies including the Humboldt County Office of Emergency Services this past week have been warning residents of multiple phishing scams and email hacking incidents attempting to access or damage a computer or network system.
In a Facebook post on Monday, Humboldt County OES said they had received numerous reports of cybersecurity-related incidents targeting local government agencies and organizations.
Fortuna City manager Merritt Perry said his office had heard some emails were sent using past employees' email addresses but deferred to the city's IT partner, Nylex, for further answers. Calls to Nylex about the hacking situation have yet to be returned.
"Cyberattacks can lead to loss of money or the theft of personal, financial and/or medical information. These attacks can damage your reputation and safety and can jeopardize the critical functions of your organization, business, or day-to-day life," the Humboldt OES Facebook post read.
On Wednesday, the Ferndale Chamber of Commerce also sent a release warning Ferndale businesses and residents to not open attachments or links to suspicious emails that had the potential to infect electronic devices with malware that could steal credentials and access to any accounts used on the same devices and any others on the same network.
“You can only get infected if you open the message attachment,” the email reads.
“Millions of emails like these are sent around the world every day. Your email service provider blocks the vast majority of them, but the threat actors are constantly looking for ways around those blocks, so some inevitably will get through.”
Signs of a malicious Emotet email include file attachments that require you to enter a password to open, for example, “ACH Form.zip, Password: cmnpt72b80”; sender email address that doesn't match the sender's name, for example, "Judy Smithers" ”; and telephone numbers that aren't in a U.S. format like “Tel 044-563-4168 Fax 044-800-0251, Mobile 090-5498-7994”
To protect yourself from phishing scams Humboldt OES suggests to:
- Watch for suspicious activity that asks you to do something right away, offers something that sounds too good to be true, or needs your personal information. Think before you click. When in doubt, do NOT click.
- Limit the personal information you share online. Change privacy settings and do not use location features.
- Keep software applications and operating systems up to date.
- Create strong passwords using upper- and lower-case letters, numbers and special characters. Use a password manager and two methods of verification.
For more information on cybersecurity and how to prepare and/or prevent cyberattacks, please visit www.ready.gov/cybersecurity