The NJCCIC received incident reports indicating that the well-known sextortion email scam is again circulating. Some reports noted that the threatening message was included in a PDF attachment named after the target rather than in the body of the email.
After the quick rise and fall of the Rockstar2FA Phishing-as-a-Service (PhaaS) platform, a new phishing platform, dubbed FlowerStorm, was observed filling in the gap left behind in Rockstar’s absence. Rockstar2FA platform had a simple interface that utilized adversary-in-the-middle.
Authentic notifications from financial institutions via email and text messaging can help inform users of account activity, such as balances and transactions. However, if a user has consented to receive such notifications, it may be challenging to determine if a notification is real.
The Federal Trade Commission (FTC) warned job seekers about the continued rise in online job scams. These scams, also known as “task scams,” request for repetitive tasks to be performed. These tasks are often completed in an app or a platform that tracks completed tasks...
Commodity phishing attacks, known as Phishing-as-a-Service (PhaaS) kits, remain prevalent due to their low cost, anonymity, and ease of execution. Advanced in-the-middle (AiTM) techniques allow attackers to bypass additional security measures such as MFA.
Researchers have discovered a new phishing campaign utilizing Microsoft’s Word file recovery feature. In this campaign, threat actors exploit the corrupted file state to disguise the file type and evade detection by security tools. These emails pretend to be sent from human resources...
In 2023, SpyCloud reported that 61 percent of data breaches were associated with infostealer malware. Cyber threat actors use infostealers to exfiltrate sensitive data on the systems they infect, such as saved browser passwords and cookies, cryptocurrency wallets, and more.
A recently observed phishing campaign impersonates Amazon and states that the recipient’s Prime membership is set to renew; however, their payment method needs updating. The email includes a link that leads to a webpage with a Google Docs URL, claiming to be from Amazon.
The holiday season presents an attractive target for financially motivated cybercriminals who seek to exploit online retailers and shoppers. Despite the challenges posed by high inflation rates, the National Retail Federation (NRF) predicts a three to four percent increase in retail sales...
Consistent with open-source reporting, the NJCCIC detected increased attempts to exploit DocuSign APIs to deliver fraudulent invoices. Unlike traditional phishing scams, which rely on misleading emails and links, these attacks use real DocuSign accounts and templates to mimic companies.
