The NJCCIC continues to receive reports of romance scams targeting New Jersey residents to steal funds. Threat actors typically create fake accounts on social media platforms or dating apps to pose as potential new friends or love interests. They increasingly use AI as disguise...
The NJCCIC observed a phishing campaign imitating the US National Highway Traffic Safety Administration. In this campaign, threat actors send a phishing email containing a PDF file that looks legitimate and appears to be benign. To add credibility to the email, the threat actors use...
A new wave of SMS text phishing messages (SMiShing) is being sent to NJ residents and those in other states nationwide. Like previous SMiShing campaigns referencing motor vehicle violations and toll fees, these text messages impersonate the Division of Taxation and claim that a refund...
The NJCCIC has observed threat actors continuing to exploit remote monitoring and management (RMM) tools such as PDQ Connect, ScreenConnect, ITarian, and Atera to remotely access target environments. The use of RMM software enables threat actors to gain initial access...
Gift cards are popular gift ideas year-round and a favorite for scammers. Threat actors request them in social engineering schemes as they can be used as easily as cash, work as a payment method not linked to a specific person, and do not have the same protections as credit cards.
The NJCCIC observed a new adversary-in-the-middle (AiTM) phishing campaign aimed at harvesting credentials. This campaign starts with an email claiming to be from the help desk, with a link provided to reset or retain the current password.
The NJCCIC received reports of a phishing scam sent to New Jersey State employees, abusing the legitimate and trusted Google AppSheet, a no-code application development platform for mobile, tablet, and web applications. In this phishing scam, threat actors...
Over the past several weeks, the NJCCIC observed an uptick in investment schemes, resulting in losses between $900 and $1.8 million. Threat actors pose as experienced investment advisors or registered professionals as part of an investment group.
The NJCCIC received reports of a phishing scam abusing the legitimate Docusign platform and impersonating a New Jersey organization. In the Docusign envelope email notification, the impersonated organization’s name appears in the sender’s display name and the body of the email.
The NJCCIC observed multiple campaigns in which threat actors attempted to trick users into downloading the PDQ Connect Agent. PDQ Connect is a platform that allows agent-based device management for both remote and local devices. Once installed, threat actors can utilize...
