2021.05.26 07:58
I lately had an email hacking over the weekend on my one personal email address, which is my Comcast.net address; some of you already had its phishing letter.
So I spent umpteen hours to figure out how it happened with the Comcast team as well as my University team but didn’t get much help/understanding so far.
Since I have over 3,000 patients with vascular malformation-related problems throughout over 50 countries, I have been having numerous email communications with their physicians as well as the patients and their families so that I was keenly aware of my vulnerable situation but it happened despite my extreme caution.
So, if anyone wants to communicate with me for personal affairs, please use bblee38@gmail.com with preference to bblee38@comcast.net till we could figure it out more clearly.
BB
P.S. I copy the email letter from our University team with access to video training on this similar issue of phishing.
Hugo Lai
Wed 5/26/2021 9:03 AM
To: All Staff
Good afternoon,
The FBI has issued a Flash Alert and warned all healthcare entities to be on the lookout for the Conti ransomware. The Conti ransomware has impacted over 16 healthcare entities and 400 other organizations worldwide in the past 12 months. This malware is updated frequently by its operators and has the ability to stop enterprise-grade security tools. Attackers use a phishing email containing a link to Google Drive or other embedded links to infiltrate targets. Once the malware is downloaded, it moves through the organization quickly.
We ask all employees to remain diligent about suspicious emails and use the “Report Message” button in Outlook to report them to the Security Team. Do not forward suspicious emails to your colleagues. We also encourage MFA staff to watch a short 4 minute YouTube video training about phishing.
https://www.youtube.com/watch?v=sEMrBKmUTPE
Please contact securityassistance@mfa.gwu.edu should you have any security concerns!
2021.05.26 08:17
2021.05.26 14:19
Our IDs and Passwords get stolen when we type them under free public Wi-Fi
(such as airport, hospital, school, and other public places). The thieves can steal your keystroke
through the shared Wi-Fi. It is wise simply "not to type your login" into your e-mail or
other private websites when you are using free public Wi-Fi.
If you use already "book-marked sites with built-in ID and PW", you may be a bit safer
but, if you lose your laptop, you can be in big trouble.
On the free public Internet, you can assume that someone is watching your screen together.
But you can still use the Internet at any website where your personal login is not necessary,
such as airplane schedules, tour information, Wikipedia, non-personal Internet searches,
and any other non-personal public websites "only for a short duration".
Please don't leave your laptop "On" unattended for a long time because someone can get
into your laptop through the Internet connection. I have gotten into trouble many times.
2021.05.26 17:08
Thanks for such professional advice!!!
Despite all these precautions I tried my best, I helplessly got trapped and still don't know how much I got the damage.
Since I switched to Window 10 for my home PC a few years ago despite the advice against to change by our IT Dept - GW Hospital/office still uses Window 7 system for the security reasons as I know of-, I stopped using Norton and rely on Window Defender alone! Wonder whether I should add/reinforce with Norton?!
I was extremely careful but no vail!
BB
P.S. How about adding Malwarebytes rather than Norton as my staff recommended?
2021.05.26 18:58
Malwarebytes is a good one. I used it for a while.
I am using Norton now but they are all similar.
2021.05.27 06:08
Got you. Thanks, but I ordered Norton last night from Amazon.
Wonder it is safe(?) and logical to use BOTH to enhance the protection maximum, hopefully not fighting each other!
BB
2021.05.28 16:54
Very often I had two antivirus programs running together.
Norton was always one of them. It seems that Norton is compatible (meaning it does not
cause a problem) with other virus programs.
Right now, I have Norton and Total AV running together.
2021.05.29 07:07
Thanks for the reassurance, buddy.
Hope I don't get another attack helplessly.
BB
I still vividly remember that I almost lost my entire PC files/data by one virus attack I got through one email from the medical student with a venous malformation in Tripoli, Libya 10 some years ago. It cost over 3,000 dollars to retrieve all the lost data, etc, and had to buy a new PC.
So, I have been extremely cautious to deal with the emails in particular and always request to the colleagues and patients for the data stored at CD to be sent by mail rather than by an attached mail whenever possible. But I don't know how it did happen this time but the attacker got into my email lists to reach out/phishing over 250 peoples, so far I confirmed, not only in Korea but Japan, China, France, Belgium, Italy, Slovenia, Germany, Australia, Austria, Turkey, Sweden, and Swiss, etc.
Indeed, the hell broke loose with the first call through the telephone on 4:00 AM Sunday morning from Paris, and then I was further bombarded with numerous calls through the morning besides a few dozens of emails since then.
The only thing I could do now was the change my password and feel like 소잃고 오양간고쳐 !
I welcome any suggestion whatsoever to avoid the same attack.