HiWAAY Information Services, a local network service provider, has issued a warning to all its users considering recent phishing attempts on the @hiwaay.net server. HiWAAY Information Services has been an ISP and Network Services provider in Alabama since 1995. Currently, the company has posted the following alert on their email sign in page:
“BEWARE! There is a current phishing attempt to convince you to click a link in email in order to steal your username and password. Be sure your browser address bar shows the correct address for webmail. If it looks odd, do not put in your information – delete any emails that ask you to click a link to verify your username and password – we do NOT need it. Call if you have already submitted your information. Beware phishing scams. HiWAAY will NEVER ask for your password in email, nor will we ask you to click a LINK to go to our webpage.”
HiWAAY also wants to reiterate to customers that if they need to verify your account, they do that through billing. Coincidently, if your method of billing doesn’t work, the company will call you. Should any account info be out of date, the account will be blocked until the information is updated.
- “Don’t click on linksfrom unfamiliar sources. Even if you think you know the sender, be cautious about clicking on email links. When in doubt, delete it. Be especially wary of messages requiring you to act quickly, asking for personal information, or threatening you in any way.
- Keep clean machines: Prevent infections by updating critical software as soon as patches or new operating system versions are available. This includes mobile and other internet-connected devices.
- Use strong authentication,requiring more than a username and password to access accounts, especially critical networks, to prevent access through stolen or hacked credentials. Check out Lock down your login for more information.
- Conduct regular backups of systems:Systems can be restored in cases of ransomware and having current backup of all data speeds the recovery process.
- Make better passwords:In cases where passwords are still used, require long, strong and unique passwords to better harden accounts against intrusions.”
The company urges customers who receive a phishing email to immediately forward it to email@example.com.
Source: Better Business Bureau, HiWAAY and National Cyber Security Alliance