Hamas is targeting the hearts of Israeli soldiers using social engineering attacks that are triggered with a simple friend request.
Israel Defense Forces reported the group is scrolling through Facebook for Israeli soldiers to “catfish” using fake accounts created from photos and identities stolen from attractive unsuspecting users, according to a blog post.
Hamas operatives will then add the Israeli soldiers on social media and chat with them before sending a few pictures, in an effort to disarm suspicious and prove they are real before inviting them to a video chat using an app sent to the soldier from the operative.
The app is actually a trojan capable of gleaning contacts, locations, apps, pictures, and any files as well as access the camera and microphone.
Soldiers are advised to not accept friend requests from strangers, keep GPS features off when not in use, and to not side load apps to their device.
SOURCE: Robert Abel | SC Magazine
Research by Proofpoint has identified a phishing attack on twitter targeting brand managers and influencers. The attack is carried out by means of a legitimate twitter ad offering account verification.
The ads are from @SupportForAll6 account and uses twitter branding, logos and colours making it look authentic. Users who follow the link are directed to a domain twitterhelp[.]info where users are required to provide their twitter username, email address, phone number and account password in a form. In the next step, the user is asked to provide a credit card number and security code for “verification purposes”
User education and technical processes like ad blocking are a must in the fight against phishing and other cyber attacks.
A report by a security advisor for IBM, Limor Kessem showed how cyber criminals are employing a new tactic of using live chats to extract banking and personal information directly from victims in Brazil.
The report describes how the attack begins by sending an email with a link to the target victim. The link takes the victim to a fake webpage that emulates the victim’s bank website. The victim is then social engineered into divulging critical information through a live chat on the fake website.
The criminals can check the information provided since they are online and push an error message to the target if the information provided is not correct.
In the end, the victim is notified that the update was successful but should wait for 24 hours before login into their account. This gives them time for their fraudulent transactions to clear before the user realizes.
It’s officially an epidemic: More than 50 organizations have been successfully targeted by W-2 spear phishing attacks since January—and the list continues to grow, with Pivotal Software and Kentucky State University as the latest victims.
Companies in a wide range of industries from healthcare to storage manufacturing have been fooled by attackers into leaking their employees’ tax forms, including Snapchat, Nation’s Lending Corporation, Care.com and Sprouts grocery stores. Some attacks have exposed the confidential information of tens of thousands of people. Overall, the IRS said that it has seen a 400% surge in phishing and malware incidents so far this year, bent on stealing tax information.
In the Pivotal case, an unknown third party last week sent a fraudulent email message impersonating CEO Rob Mee to an employee requesting tax information about Pivotal employees. The company said in a notice [PDF] that the employee bought the ruse and responded to the request. No word on how many were affected, but Pivotal, a joint venture of EMC and VMWare, has less than 2,000 employees. Continue reading
Messaging service Snapchat has admitted that sensitive financial information about some of its employees was phished after a member of staff fell for an email scam.
In a blog post on Sunday, the firm claimed that the phishing attack managed to con one of its employees into revealing payroll information about their colleagues.
“Last Friday, Snapchat’s payroll department was targeted by an isolated email phishing scam in which a scammer impersonated our Chief Executive Officer and asked for employee payroll information,” it revealed.
“Unfortunately, the phishing email wasn’t recognized for what it was–a scam–and payroll information about some current and former employees was disclosed externally. To be perfectly clear though: None of our internal systems were breached, and no user information was accessed.” Continue reading
A Dark Web experiment shows just how dangerous stolen email credentials can be. With a stolen Gmail username and password combo, hackers showed that they could access bank accounts and more.
In Bitglass’ second annual Where’s Your Data experiment, researchers created a digital identity for an employee of a fictitious bank, a functional web portal for the bank and a Google Drive account. The team then leaked “phished” Google Apps credentials to the Dark Web and tracked activity across the fictitious employee’s online accounts.
Hackers on the Dark Web found they could gain access to the employee’s Google Drive account, and with a little more digging, access the employee’s bank accounts with login credentials that were stolen. Continue reading