Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.

Scam Of The Week: It's Not A WhatsApp Voice Mail! 

You probably know that the Eastern European cyber mafia does their beta testing in the U.K., before they "export" their criminal campaigns to America. Here is a heads-up of a social engineering phish that was spotted in Ireland, and that your users may receive in their inbox in the near future. Warn them ahead of time!

Scam Of The Week: Mystery Shopper Email

Steven Weisman, Esq. warned against this scam and wrote March 5th: 

"Mystery shoppers are people hired to shop at a particular store and report on the shopping experience for purposes of quality control.  Unlike many scams, there actually are legitimate mystery shopper companies, but they never advertise or recruit through emails."

Scam Of The Week Blends CEO Fraud And W-2 Phishing

I have talked about CEO fraud here many times — e-mail attacks spoofing the boss and social engineering a high-risk employee into wiring funds to a bank account controlled by the bad guys.

And I probably also warned you against W-2 phishing, where scammers impersonate the boss and ask a PDF with all employee tax forms. Per a new “urgent alert” issued by the U.S. Internal Revenue Service, internet criminals have now combined both schemes and at the same time are targeting a much wider range of organizations than ever before.

Scam Of The Week: IRS Issues Warning On New Tax Phishing Attack

It's unbelievable, but the new tax season is around the corner and the bad guys are already at it. This is a two-phase phishing scam of the week you need to watch out for: 

PHASE 1: Cybercriminals are sending emails, posing as potential clients, and interested in services from tax professionals. Something with the innocent subject "I need a preparer to file my taxes."

The tax preparer responds, and the bad guys send a second email with a malicious attachment claiming to contain the client tax information. The tax preparer falls for this social engineering attack and opens the attachment (likely enables macros) and that compromises the machine and now the bad guys own the tax preparer's computer.

Scam Of The Week: Locked PDF Phishing Attack

Wednesday Jan 4th, the SANS Internet Storm Center warned about an active phishing campaign that has malicious PDF attachments in a new scam to steal email credentials.

The SANS bulletin said that the email has the subject line “Assessment document” and the body contains a single PDF attachment that claims to be locked. A message reads: “PDF Secure File UNLOCK to Access File Content.”

John Bambenek, handler at SANS Internet Storm Center said: “This is an untargeted phishing campaign. They are not going after the most sophisticated users. They are going after Joe Cubicle that may not think twice about entering credentials to unlock a PDF,”

This is a large spray-and-pray campaign that hopes to get a small foothold into your org via an email account and then compromise, tunnel in or send spear-phishing attacks. Here is how it looks:

Scam Of The Week: Watch Out For Fake Apps

The shoe retailer Foot Locker Inc. has three iPhone apps. But that did not stop an entity calling itself Footlocke Sports Co., Ltd. from offering 16 shoe and clothing apps in the App Store.

Tech support scammers abuse bug in HTML5 to freeze computers

Malwarebytes Researcher Jerome Segura reported on a new Tech Support scam that uses a known HTML5 bug to freeze the system and trick people to call a fake support number. Note, it does not crash the system, it just takes all CPU and almost all memory resources. See the Task Manager stats top right.

Scam Of The Week: Tech Support Claims Your Hard Disk Will Be Deleted

Symantec warns that tech support scams are getting more sophisticated by the month: "These scams remain one of the major and evolving forces in the computer security landscape. Between January 1 and April 30 this year, the Internet Crime  Complaint Center (IC3) received 3,668 complaints related to tech support scams, which amounted to adjusted losses of almost US$2.27m."

Recently, Symantec has observed a new feature in the tech support scams it is detecting – the use of code obfuscators. Early tech support scams had their entire malicious code clearly visible. Now code obfuscation, which was mostly seen with Exploit Kits, has made its way to tech support scams.

[ALERT] Scam Of The Week: Brad Pitt Found Dead (Suicide)

The divorce between Brad Pitt and Angelina Jolie has been used by the bad guys for a "celebrity death hoax" which unfortunately is high-grade click bait.

It's the most recent one to hit social media and your employee's inbox, and will not be the last. Snopes, a debunking site that usually gets it right, confirmed that this bogus news has been around since the 21st of September.

Scam Of The Week: Insidious New IRS Social Engineering Attack

There is a new insidious IRS scam that you need to warn your employees, friends and family about, and inform your HR department to start with.

Seasoned internet criminals are sending bogus emails with attachments, text messages and even snail mail claiming to be from the IRS and using a phony Form CP 2000.

Subscribe To Our Blog

Phish Your Users

Get the latest about social engineering

Subscribe to CyberheistNews