There has been an uptick in scams using annual employee responsibilities as lures in Human Resources (HR) phishing campaigns. Observed themes include salary and benefits adjustments, important 401(k) updates and tax documentation.
The NJCCIC has observed increased reports of cryptocurrency scams consistent with open-source reporting. These cryptocurrency stealers are malicious programs or scripts designed to transfer cryptocurrency from victims’ wallets without their consent.
Phishing emails remain a top social engineering tactic for cybercriminals. These emails may request recipients open an attachment, click a link, provide account credentials, transfer funds, or disclose sensitive information. This article shows samples and critical warning signs.
Multiple phishing campaigns attempting to deliver infostealers (information-stealing malware) to New Jersey State employees to steal credentials and exfiltrate data have been recently observed. This article shows samples and critical warning signs to help you remain vigilant.
The Cybersecurity and Infrastructure Security Agency released an alert warning of potential scams requesting your money or sensitive personal information. Exercise extreme caution handling emails with bank-related subject lines, attachments, or links. Read to learn how to avoid this scam.
Consumers are taking advantage of popular retailers’ early access and pre-Black Friday deals. According to the National Retail Federation (NRF), nearly half of consumers began holiday shopping before November last year. Similar trends are expected this year as per a recent NRF survey.
Smishing is a form of social engineering that exploits SMS text messages that may contain email addresses, phone numbers, or links to webpages. There’s been a rise in this claiming a package cannot be delivered due to incorrect address information.
Cybercriminals latest tactics includes “phishing” for your personal information through text message and scams. This includes them stealing your data or money by tricking you into clicking a link, revealing personal details or login information. This article includes tips to utilize when handling suspicious messages.
Okta identity and access management service identified adversarial activity that leveraged a stolen credential to access the support case management system. The threat actor was able to view sensitive HTTP Archive (HAR) files. This article explains the lessons learned from this to protect against this.
Vendor email compromise (VEC) is a targeted and in-depth type of business email compromise (BEC) in which cybercriminals impersonate a third-party vendor in order to steal funds from that vendor's customers. Read for information on this phishing scam targeting customers.
