According to INKY, there is a new phishing scheme that you should be vigilant about. It is a very dangerous one.
An email template was created by the attackers to imitate the US Department of Labor's look and feel.
These emails are sent to recipients to request that they submit bids for an ongoing DOL Project. The details of the project vary from one email to another.
These emails are professional and well-organized. They appear to be from an actual Department of Labor server thanks to clever spoofing. They are not from the DOL and they don't come from ongoing projects that require the Department of Labor blindly to spam emails with bid requests.
Unwary recipients could be easily taken in by the scam and click on the "Bid” button embedded in the email. This button masks a malicious link that will redirect the email recipient to a phishing site controlled by scammers.
These spoof sites, just like the emails, look perfectly legitimate. Comparing the HTML and CSS of these scam websites with the official Department of Labor shows that they share the same code. This is clear evidence of how the scammers took the code and created their own copy.
The scam website includes a pop up message to help the recipient navigate the bidding process. It's actually moving potential victims closer to giving up their Office 365 credentials.
It is worth noting that victims will be prompted to confirm their credentials again after they have entered them. This is to reduce the chance of scammers harvesting incorrect credentials. They seem to have considered everything!
This is a very serious problem and there's no way to protect yourself except by being vigilant and mindful. Please make sure that your friends and family are also aware of this ongoing campaign.
The best way to prepare yourself against phishing attacks is to keep your employees fully informed. Integrated Technology Systems has the resources to keep you free from cyber attacks.
Beware of Voice Message Phishing Attacks called Vishing
In recent months, scammers and hackers have experimented with "vishing" as a subset in phishing.
Conventional phishing uses emails that use a variety social engineering tricks to persuade recipients to give over sensitive information, including login credentials.
Vishing adds an additional angle to the conversation: Voice. This can be either a prerecorded message, or an email with a number that includes a person on the other end. They will attempt to get the information the caller needs live.
Scammers may use a scattershot approach to generate thousands or even tens and thousands of emails by incorporating prerecorded messages. These emails are based on a convincingly recorded message. They even pretend to be calling from legitimate numbers.
Armorblox, an internet security company, has been researching the problem and released two case studies. The purpose of the studies is to impersonate Amazon in order to convince unsuspecting customers to give their credit card details.
Armorblox's initial case study was a campaign targeting more than 9000 email addresses. It was sent from a Gmail address with the subject "Invoice ID", followed by an invoice number, and content that made it seem like the message came from Amazon.
The email stated that the recipient placed an order for a piece of tech (television or computer, gaming console, etc.). The recipient placed an order for a piece of tech and asked that the recipient contact the company at this number if they have any questions. The "payload" or the gateway to the payload is in this instance.
Although the second campaign was functionally identical, it was sent to approximately 4,000 mailboxes. The spam filters of email systems can flag both the first and second campaigns as there aren't any poisoned attachments. Vishing is a very dangerous phenomenon. Be vigilant.
We know you have better things to do with your time than scrutinize every email. Why not partner with Integrated Technology Systems for your managed IT services. Give us a call today to see how we can keep your company secure.
