Ring is a popular brand of security cameras designed for home safety. Unfortunately, Ring customers were the latest victims of a phishing attack. Cybercriminals sent phishing emails spoofed as Ring in an attempt to steal customers’ sensitive information.

Cybercriminals start this attack by sending you a phishing email with an HTML file attached. The email looks like it’s from Ring and instructs you to open the file to update your Ring membership. If you click on the attached file, you will be redirected to a malicious website that spoofs Ring’s login page. The fake website prompts you to enter sensitive information, such as your credit card and social security numbers. If you enter your information, you will be redirected to Ring’s legitimate website, making the email appear more authentic.

Follow the tips below to stay safe from similar scams:

• Never click a link or download an attachment in an email that you aren’t expecting. 
• If you receive an email claiming that you need to make changes to your account, always log in to the organization’s website directly.
• This type of attack isn’t exclusive to Ring. Cybercriminals could use this technique to impersonate any kind of service. This technique can also be used to “spoof” a university website. If you don’t see the 2FA prompt, think twice!
• Never use the SAME password twice. Resist the urge to reuse your UT business password simply because you can remember it!