The NJCCIC has observed threat actor TA584, also known as Storm-0900 and UNC4122, sending phishing emails that mimic login.gov and Medicare.gov. In both campaigns, the messages include unique AWS URLs that likely lead to a landing page with a slide CAPTCHA.
Have you received a text message regarding an unpaid toll or package misdelivery lately? You are not the only one. Researchers discovered a SMiShing (SMS text phishing) campaign attributed to the "Smishing Triad" that has been circulating since April 2024.
Account compromises typically occur due to phishing emails, credential compromise, a lack of multi-factor authentication (MFA), exploited vulnerabilities, and data breaches. The NJCCIC recently received a report of a compromised account due to MFA fatigue (or MFA prompt bombing) .
A mysterious email arrives in your inbox, promising treasures beyond your dreams if you visit the provided website within the hour. With only thoughts of a dream vacation, you click the link, and the page loads, asking for a CAPTCHA verification to continue.
The NJCCIC observed a phishing campaign targeting several public sector organizations in New Jersey. These emails are sent from accounts ending in the domain "benefitsfactor[.]com" and contain subject lines similar to "Confidential: Compensation Update for (recipient)."
The NJCCIC continues to receive reports of cryptocurrency scams in which threat actors convince potential victims to deposit funds on fraudulent platforms with lures of high-yield, quick-return cryptocurrency investments. Weeks or months after a deposit is made, the victim can...
The NJCCIC identified a phishing campaign that uses tactics to make detection more difficult, leading to increased account compromises. Users receive an initial encrypted email with an encrypted link to "Read the message," which leads to a legitimate Microsoft 365 login page.
SMS text phishing (SMiShing) scams impersonating the New Jersey Motor Vehicle Commission (MVC) or the obsolete New Jersey Division of Motor Vehicles (DMV) continue to be reported to the NJCCIC. The messages claim that the user has an outstanding traffic ticket.
The NJCCIC identified a phishing campaign impersonating the Social Security Administration. The email notifies the user that their "Social Security Statement" is available online and instructs them to click the included link to access the statement that displays stolen...
The NJCCIC received reports of an uptick in fraudulent New Jersey Department of Labor and Workforce Development Unemployment Insurance (UI) claims, primarily targeting public sector education employees who are still employed. The availability of employee information...
