•  

    Combined Industries Theft Solutions

February 2022

CYBER SECURITY RISK - UNEXPECTED PACKAGE THROUGH THE POST

Information received from a CITS Member has made us aware that some individuals in the water industry have recently received an unexpected package through the post like the one above. These parcels contain a fraudulent thank you letter, an Amazon gift card and a USB device.

If you or anyone you know are recipients of such a parcel, report it to faye@cits.uk.com or to your companies in-house security team. DO NOT INSERT THE USB DEVICE INTO ANY ELECTRONIC DEVICE!

If the device is plugged in it will automatically install and run a malicious programme (malware) that may compromise your laptop / computer.

Clearly the level of sophistication we are now seeing in relation to cyber attacks and cyber frauds is unprecedented. It is not known whether this is a criminally orchestrated attempt or worse. Unfortunately given the incidents currently occurring in Ukraine it is anticipated that these will become more frequent. The National Cyber Security Centre (NCSC) is reporting a significant increase in state sponsored attacks on UK utilities trying to undermine essential services. As a large number of our staff have access to client systems can we please remind you to be alert to all possibilities.

Be Cyber safe:

  • Never plug in an unknown device - if you weren‘t expecting it don’t use it.
  • Privacy is key - Beware who you trust and what you share online including personal social media.
  • Exercise care on email links / attachments even those which come from people you know!
  • Don’t forget the basics - Use complex passwords and don’t use the same password for different accounts.
  • Only use your work email address for work activities!

If in any doubt of the authenticity of an email, report to faye@cits.uk.com or to a companies in house security team.

For further information and advice on Cyber Crime see:
https://www.cits.uk.com/cyber_security.php

Cyber Security Advice
CYBER SECURITY RISK - UNEXPECTED PACKAGE THROUGH THE POST