Faith-Based Daily Awareness Post 13 March 2025

These updates are shared to help raise the situational awareness of Faith-Based organizations to best defend against and mitigate the impacts from all-hazards threats including physical security, cybersecurity, and natural disasters. 

Ramadan Scams on the Rise: Fake Giveaways, Crypto Traps & Fraudulent Donations | CloudSEK 

Ramadan is a time of reflection, charity, and community spirit, but cybercriminals are turning this season of giving into a playground for deception. From fraudulent donation campaigns to fake crypto giveaways, scammers are preying on goodwill, manipulating emotions, and using social proof to trick unsuspecting victims into parting with their digital assets. This advisory exposes the latest trends in Ramadan-themed scams, including wallet-draining schemes disguised as religious incentives, the rise of deceptive crypto tokens, and fake e-commerce sales targeting festive shoppers. With cybercriminals leveraging social media verification badges, AI-generated promotions, and complex psychological tricks, staying vigilant has never been more crucial. Learn how these scams work, who they target, and—most importantly—how to protect yourself and your loved ones from falling victim. Read the full report to uncover the hidden dangers lurking in your inbox, on your favorite social media platforms, and even in the name of charity. 

Analyst Comments: The rise of scams during Ramadan, shows increasing targeting of cybercriminals who are capitalizing on people’s goodwill and generosity. It is important to Take9 – Take 9 seconds before you click, download, or share. 

WaterISAC shares best practices for No-Cost/Low-Cost Physical Security Improvements 

In early 2020, a major drinking water utility, with over 70 locations spread across a large metropolitan area, saw a sharp increase in physical security incidents. These incidents resulted in financial losses, damage to utility property, and posed a risk of disrupting operations. In response, the utility introduced several cost-effective security incidents after the upgrades were implemented.  

Analyst Comments: The WaterISAC best practices shares 9 ways that you may learn. Starting with quick, low-cost security upgrades can help fix security weaknesses fast, clear security procedures should be documented and followed by all staff, regular vulnerability assessments should be done to identify how someone could access a facility, and layered security helps reduce risks, improve detection, slow down potential intruders, and improve response times. The following 5 lessons can be found and explored on Slack for further review.   

#StopRansomware: Medusa Ransomware | CISA 

The CISA advisory (AA25-071A addresses the Medusa ransomware, a ransomware-as-a-service (RaaS) variant first identified in June 2021. As of February 2025, it has affected over 300 victims across various critical sectors, including healthcare, education, and manufacturing. Medusa uses double extortion model, encrypting data and threatening to release it unless a ransom is paid. Initial access is typically gained through phishing and exploiting unpatched vulnerabilities. The advisory also provides detailed TTPs (Tactics, Techniques, and Procedures) and IOCs (Indicators of Compromise) for organizations to defend against this threat. 

Analyst Comments: The CISA advisory on Medusa ransomware underscores a rising and serious threat to critical industries, highlighting the changing tactics employed by ransomware attackers. The troubling trend of using the double extortion model, where attackers not only encrypt data but also threaten to expose sensitive information unless the ransom paid adds pressure on organizations to meet the demands. A recent data breach notice from United Faith Ministries on March 11 demonstrates the very real cybersecurity threat that faith-based organizations face. 

For a downloadable list of Medusa IOCs, see: 

• AA25-071A STIX XML 
• AA25-071A STIX JSON