The NJCCIC identified a phishing campaign impersonating the Social Security Administration. The email notifies the user that their "Social Security Statement" is available online and instructs them to click the included link to access the statement that displays stolen...
The NJCCIC received reports of an uptick in fraudulent New Jersey Department of Labor and Workforce Development Unemployment Insurance (UI) claims, primarily targeting public sector education employees who are still employed. The availability of employee information...
The NJCCIC has observed a phishing campaign posing as an automated notification about quarantined emails. Many companies employ email security protection, which often includes a quarantine feature that holds potentially risky emails for user review.
The NJCCIC continues to receive reports of romance scams targeting New Jersey residents to steal funds. Threat actors typically create fake accounts on social media platforms or dating apps to pose as potential new friends or love interests. They increasingly use AI as disguise...
The NJCCIC observed a phishing campaign imitating the US National Highway Traffic Safety Administration. In this campaign, threat actors send a phishing email containing a PDF file that looks legitimate and appears to be benign. To add credibility to the email, the threat actors use...
A new wave of SMS text phishing messages (SMiShing) is being sent to NJ residents and those in other states nationwide. Like previous SMiShing campaigns referencing motor vehicle violations and toll fees, these text messages impersonate the Division of Taxation and claim that a refund...
The NJCCIC has observed threat actors continuing to exploit remote monitoring and management (RMM) tools such as PDQ Connect, ScreenConnect, ITarian, and Atera to remotely access target environments. The use of RMM software enables threat actors to gain initial access...
Gift cards are popular gift ideas year-round and a favorite for scammers. Threat actors request them in social engineering schemes as they can be used as easily as cash, work as a payment method not linked to a specific person, and do not have the same protections as credit cards.
The NJCCIC observed a new adversary-in-the-middle (AiTM) phishing campaign aimed at harvesting credentials. This campaign starts with an email claiming to be from the help desk, with a link provided to reset or retain the current password.
The NJCCIC received reports of a phishing scam sent to New Jersey State employees, abusing the legitimate and trusted Google AppSheet, a no-code application development platform for mobile, tablet, and web applications. In this phishing scam, threat actors...
