It is common to see social media posts claiming someone’s lost pet or family member was found, with the intent to reunite them with their family. Users frequently share these posts in hopes of assisting others. Scammers are using these same lures to spread what starts as an innocuous post.
“Your Account Is Set To Close” is a phishing email tactic that claims your Microsoft account is set to be closed on a specific date due to inactivity or failed errors. It asks you to sign in to your account before the given date to avoid deletion. Read to stay vigilant of scams like this.
Hackers use social media to target unsuspecting users searching for connections, job and business opportunities, and more. LinkedIn is one of many platforms for social engineering schemes as its users inherently trust it more than others due to its focus on careers.
The NJCCIC observed multiple campaigns purporting to come from HR departments from US and non-US top-level domains, masquerading as acknowledgments of updated employee handbooks to take account credentials and steal information. Read to learn how to avoid this scam.
The NJCCIC observed a high volume of phishing emails targeting NJ State employees, attempting to get credentials or deliver malware by abusing the Interplanetary File System. IPFS is a distributed file storage protocol that enables users to exchange files.
The NJCCIC recently observed two phishing campaigns in which threat actors included suspicious links via QR codes. Quick Response (QR) codes are square barcodes that can be scanned by smartphones to quickly send users to a website, download an application, or direct payments.
Individuals seeking to donate to relief efforts are targeted in charity scams initiated by threat actors using social engineering tactics through emails, SMS messaging, phone calls, and via social media. Such can be seen in the aftermath of the recent devastating wildfires in Maui.
Users continue to receive emails referencing payment receipts for anti-virus solutions they did not purchase. Unlike from invoice scams, these emails do not request payment but rather claim that a payment has already been made. Read to learn how to spot this scam.
SEO is the process of improving the quality & quantity of website traffic. SEO poisoning is when threat actors strategically create malicious websites and use techniques such as keyword stuffing to insert irrelevant keywords into a web page’s text, meta tags, and other areas of the website.
Phishing emails remain a top social engineering tactic for cybercriminals. These emails may request recipients open an attachment, click a link, provide account credentials, transfer funds, or disclose sensitive information. This article shows samples and critical warning signs.
