Halloween has passed, but there's plenty of spooky things lurking online where we live a good portion of our lives these days. The data cookies we create online may give bad actors access to our email and, as we all know, theft by way of business email compromise is on the rise. We can expect criminal activity to increase during the holiday season. Below is an FBI press release issued this week on this topic and recommendation on how to reduce the risk of you and your county/agency from falling victim. As always, please be safe and feel free to contact us regarding CORSA loss control services. Frank Cybercriminals Are Stealing Cookies to Bypass Multifactor Authentication The FBI Atlanta Division is warning the public that cybercriminals are gaining access to email accounts by stealing cookies from a victim's computer. A "cookie" is a small piece of data that a website sends to your computer, allowing the website to remember information about your session, such as login details, preferences, or items in your shopping cart. "Remember-Me cookies" are tied specifically to a user's login and often last for 30 days before expiring. This type of cookie helps a user login without having to keep putting in their username, password, or their multifactor authentication (MFA). Typically, this type of cookie is generated when a user clicks the "Remember this device" checkbox when logging in to a website: [Atlanta Remember This Device Screenshot] If a cybercriminal obtains the Remember-Me cookie from a user's recent login to their web email, they can use that cookie to sign-in as the user without needing their username, password, or multifactor authentication (MFA). For these reasons, cybercriminals are increasingly focused on stealing Remember-Me cookies and using them as their preferred way of accessing a victim's email. Victims unknowingly provide their cookies to cybercriminals when they visit suspicious websites or click on phishing links that download malicious software onto their computer Here are tips to protect yourself from putting yourself at risk: * Regularly clear your cookies from your Internet browser. * Recognize the risks of clicking the "Remember Me" checkbox when logging into a website. * Do not click on suspicious links or websites. Only visit sites with a secure connection (HTTPS) to protect your data from being intercepted during transmission. * Periodically monitor the recent device login history from your account settings. Anyone who is a victim of an account takeover or Internet scam should report it to the FBI Internet Crime Complaint Center (IC3) at www.ic3.gov<http://www.ic3.gov/>. https://www.fbi.gov/contact-us/field-offices/atlanta/news/cybercriminals-are... Frank Hatfield CORSA Assistant Director fhatfield@ccao.org<mailto:fhatfield@ccao.org> 614-560-1474 614-220-0209 Fax www.corsa.org<https://urldefense.com/v3/__http:/www.corsa.org/__;!!Op5JcThCjWm-UA!zzz1QnDE...> [cid:image002.png@01DB30DB.5D4A40C0] " The leader in providing Ohio Counties with exceptional value, service, and protection of assets." CONFIDENTIALITY NOTICE: This e-mail message (including any attachments) is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy this message and all attachments.