Oregon FBI Teen Academy - 2019

The Portland FBI Field Office has launched a new opportunity for high school students to engage with us during this time of physical distancing: the FBI Virtual Teen Series (FBI VTS). Students from various high schools within the state of Oregon joined in this virtual session to learn about how to avoid the risks of online sexual exploitation. Over the next three weeks, teens will have the chance to join us for more once-a-week online learning sessions designed to let them explore the world of law enforcement, build leadership skills, and become positive role models in our shared community. 

Space is limited. Registration is required. Email ajfabiankreamier@fbi.gov to register.

Oregon high school students who have a student email account are eligible to participate.

• Session Two: Chasing the Dragon - The Life of and Opiate Addict 
  • Date: Wednesday, July 15, 2020 
  • Time: 1 - 2 p.m. 
• Session Three: Life as an FBI Agent 
  • Date: Wednesday, July 22, 2020 
  • Time: 1 - 2 p.m. 
• Session Four: Intelligence - Identifying and Prioritizing Today's Threats 
  • Date: Wednesday, July 29, 2020 
  • Time: 1 - 2 p.m.

###

TT_-_Mobile_Banking_Apps_-_GRAPHIC_-_July_7_2020.png

Welcome to the Oregon FBI’s Tech Tuesday segment. This week: knowing your risks when using mobile banking apps. 

Mobile banking apps are popular: they make it easy to deposit funds, pay bills, and transfer money. In fact, U.S. financial technology providers estimate more than 75 percent of Americans used mobile banking in some form in 2019. Given stay-at-home orders and physical distancing requirements, even more Americans have become willing to use mobile banking as an alternative to physically visiting branch locations. To that point: One U.S. financial study has shown a 50% rise in mobile banking just since the beginning of the year.  

With increased use, though, comes increased risk. The FBI’s Internet Crime Complaint Center (IC3.gov) is warning consumers that mobile banking presents a prime opportunity for fraudsters to exploit customers. There are two primary concerns: app-based Trojans and fake banking apps. 

App-based banking trojans infect your smartphone or tablet when you download malware with what otherwise looks to be a legitimate game or tool. When you try to access the real banking app, the malware activates – giving you a false login page to capture your ID and password. You likely won’t even know that you have given the scammer your info because the malware then directs you to your legitimate banking site. 

The second concern is a little more straight forward: fake banking apps created to look like your bank’s real app. Once you enter your ID and password, you will see an error message and the app will work to bypass security codes sent to you. Fraudulent banking apps are one of the fastest growing smartphone-based scams. In 2018, U.S. security research organizations found an estimated 65,000 fake apps on major app stores. 

What can you do to stay safe? 

• Go to your bank’s website to download the app directly. 

• Use a trusted, official app store if you otherwise need to download apps. 

• Enable multi-factor authentication on devices and accounts. Use biometrics, hardware tokens, or authentication apps whenever possible. Layering different authentication standards is a stronger security option. 

• Monitor where your Personal Identifiable Information (PII) is stored and only share the most necessary information with financial institutions. 

• Use the strongest password possible and create unique passwords for all financial accounts. 

• Don’t ever click on attachments or links in emails, texts, or social media posts. Don’t give your password to anyone. Financial institutions will not ask you for this information over the phone or by text message. 

If you encounter what you believe to be a suspicious banking app, call your bank using contact information publicly available on its webpage. 

If you have fallen victim to mobile banking app exploitation or any other online fraud, report it to the FBI’s Internet Crime Complaint Center (IC3.gov) at www.IC3.gov or call your local FBI office. 

###

TT - C-19 Antibody Tests - GRAPHIC - June 20, 2020

Welcome to the Oregon FBI’s Tech Tuesday segment. This week: fraud related to COVID-19 antibody testing.  

Scammers are marketing fraudulent or unapproved COVID-19 antibody tests, potentially leading consumers to receive false results. In addition, fraudsters are trying to gain access to victims’ personal information, including names, dates of birth, and Social Security numbers. They are also seeking personal health data, including Medicare and private health insurance information, which can be used in future insurance or identity theft schemes.

Researchers are trying to develop testing methods that can quickly and easily test large numbers of people for COVID-19 antibodies. However, the FDA has not approved all COVID-19 antibody tests nor has it determined the efficacy of all tests. 

Here are some indicators of fraudulent activity:

• Claims of FDA approval for antibody testing that you can’t verify
• Ads for antibody testing through social media platforms, email, telephone calls, online, or from unsolicited or unknown sources
• Marketers offering “free” COVID-19 antibody tests or providers offering incentives – including cash – if you undergo testing
• Individuals contacting you in person or by phone or email to tell you the government or government officials require you to take a COVID-19 antibody test

Here’s what you can do to protect yourself:

• Check the FDA’s website (fda.gov) for an updated list of approved antibody tests and testing companies
• Consult your primary care physician before undergoing any at-home antibody tests
• Use a known laboratory approved by your health insurance company to provide the antibody testing
• Don’t share your personal or health information with anyone other than known and trusted medical professionals
• Check your medical bills and the “explanation of benefits” (EOBs) that your insurance company sends you for any suspicious claims and promptly report any errors to your insurance provider
• Follow guidance and recommendations from the U.S. Centers for Disease Control and Prevention (CDC) and other trusted medical professionals

If you believe you have been the victim of a COVID-19 fraud, report it to the FBI’s Internet Crime Complaint Center (IC3.gov) at www.IC3.gov or call your local FBI office.

###

TT - C19 Shipping Scams - June 23, 2020

Welcome to the Oregon FBI’s Tech Tuesday segment. This week: a warning about frauds involving COVID-19 shipping and insurance fee scams.

The FBI’s Internet Crime Complaint Center has issued a warning about individuals or companies that reference alleged "newly enacted" COVID-19 shipping laws, regulations, or insurance requirements with the purpose of charging additional fees before the delivery of a product. Examples of this criminal activity include demanding fraudulent COVID-19 insurance fees after the purchase for the delivery of live pets from online U.S. websites. There are also reports of criminal actors fraudulently collecting "refundable" maritime insurance fees, citing fake COVID-19 laws.

The following are indicators of possible scams or fraudulent activity:

• The reference to "new" laws or regulations resulting from the COVID-19 pandemic and refusal to provide additional information;
• Requiring additional charges or fees before delivery of a product;
• Repeatedly providing excuses for delivery delays, including citing COVID-19 laws, regulations, or requirements;
• Requesting money be paid to an unknown third party (e.g., warehouse, insurance company, or shipping company);
• Stating that any required fees, payments, or deposits will be refunded or reimbursed later; and
• Inability to make direct contact with shipper or manufacturer by phone or email (disconnected lines, lack of response, etc.).

Here’s how to protect yourself:

• Never give out personal or financial information to a person or company you do not know and trust;
• Always verify the information of manufacturers, shipping companies, and service providers before making payments;
• Be wary of unsolicited messages claiming that a delivery is being held until payment is received, especially if you or your business have not placed any orders or expect to receive any deliveries; and
• Research and verify that any laws or shipping requirements related to COVID-19 are legitimate before sending payment.

If you believe you are the victim of an Internet scam or cybercrime, or to report suspicious activity, please visit the FBI's Internet Crime Complaint Center at www.ic3.gov or call your local FBI office.

###

TT - Patch - GRAPHIC - June 16, 2020

The FBI has launched the “Protected Voices” initiative to help 2020 political campaigns and American voters protect against online foreign influence operations and cyber security threats. The Protected Voices campaign includes information and guidance from the FBI, the Department of Homeland Security, and the Office of the Director of National Intelligence. 

This FBI Portland Tech Tuesday report is adapted from the Protected Voices initiative with a focus on providing cyber security information to political campaigns as well as businesses and individuals in Oregon. More information on all aspects of the initiative, including video downloads, can be found at www.FBI.gov/ProtectedVoices. 

(Audio) 

Welcome to the Oregon FBI’s Tech Tuesday segment. This week: building a digital defense patch by patch. 

Whether you are working for a business, a non-profit or a political campaign, it’s critical that you protect your organization’s network environment. Today, we are going to talk about three specific ways to do just that: patching, anti-virus software, and firewalls.  

Patching is the installation of software updates on computers, routers, and other devices. That includes so-called Internet of Things (IoT) devices like wireless printers, cameras and even thermostats. 

A manufacturer issues a patch to fix known vulnerabilities—and quickly applying patches is critical. If your systems are not patched, that’s like leaving all of your sensitive business documents in an unlocked car accessible to anyone willing to check if the door is open. 

You can install patches manually, or you can set up your systems to automatically install patches whenever the manufacturer releases them.? 

It's worth noting that, sometimes, implementing a patch can open new vulnerabilities in your systems. For that reason, it’s important to monitor patching activity to make sure it’s done correctly. If you can, take an image of your servers before you install the patches. Have a good rollback plan in case you find significant problems. 

Another tool for protecting your network is the use of anti-virus software. This tool continuously scans your systems looking for malicious software. Anti-virus programs are not perfect, but they are good at identifying and quarantining known malware. 

Your anti-virus software needs regular updates to identify the most recent kinds of malware.?One best practice: set up your anti-virus software to update automatically—that’s faster, easier, and less problematic than manually installing updates. Even better is network-monitoring technology installed at the router level. This will monitor all traffic on your network and can identify potential malware and threats that anti-virus software sometimes misses.? 

The last tool we want to talk about is a firewall.?? 

A firewall is a set of rules that block or allow connections to your environment.?Firewalls shield your computer or network from malicious or unnecessary traffic. You can configure your firewall to block data from certain locations or apps while still allowing relevant and necessary traffic to pass through.? 

If you’re protecting a single computer, you’ll probably use a software-based firewall, which may even come as part of your operating system software. If you’re protecting a network of computers, you will probably use a hardware-based firewall. For example, some routers come with built-in firewall protection. 

Whichever kind you use, make sure you enable regular firewall updates, preferably automatic updates. 

Even if you install or set up your patches, anti-virus software and firewalls perfectly, there’s no guarantee that your computers won’t be attacked or infected. Because no single tool can give you perfect protection, continue to monitor your networks for malware and anomalies and remove any infected devices immediately.? 

Remember your voice matters, so protect it. Go to www.FBI.gov/ProtectedVoices for more information. 

###