The NJCCIC observed multiple phishing campaigns aimed at financial gain. In one campaign, users receive a phishing email impersonating American Express that claims a large amount of earned reward points are about to expire. The messages include a URL that directs to a fake...
The NJCCIC continues to receive reports of compromised accounts of public and private sector New Jersey organizations resulting from compromised credentials and phishing emails. Consequently, the NJCCIC also observed an uptick in fraudulent wire transfers from...
The NJCCIC identified a business email compromise campaign that impersonates ServiceNow to achieve financial gain. The email messages in this campaign seem to form a thread between a ServiceNow representative and the CEO of the targeted organization regarding...
The NJCCIC received several incident reports regarding an SMS text message phishing (SMiShing) campaign in which residents are receiving images of what appears to be a notice of hearing for a traffic violation. These images include the State of New Jersey seal and allege...
The NJCCIC observed a phishing campaign that uses legitimate Microsoft Entra ID tenant branding to deliver Telephone-Oriented Attack Delivery (TOAD) messages within Microsoft system notifications. This campaign involves a message claiming to include Microsoft...
The NJCCIC observed an increase in phishing emails with human resources (HR)-related lures. These messages claim to distribute revised employee handbooks and ask recipients to confirm receipt by completing the acknowledgment form that is included in the attachment.
The NJCCIC observed a QR code phishing campaign targeting New Jersey State employees. Threat actors sent urgent messages claiming that the target’s mailbox would be deleted, without providing further instructions and leaving users with only the option to click the attachment.
The Federal Bureau of Investigation (FBI) released this FBI Liaison Alert System (FLASH) to disseminate indicators of compromise (IOCs) and technical details associated with malware enabled ATM jackpotting. Threat actors exploit physical and software vulnerabilities in ATMs.
The NJCCIC received multiple reports of a payroll phishing campaign targeting New Jersey school districts. The subject line references a payroll increment project or direct deposit notice. Threat actors impersonate the superintendent or an administrator by compromising their account.
The NJCCIC received a new wave of reports of SMS text phishing (SMiShing) scams impersonating the New Jersey Motor Vehicle Commission (MVC). These urgent-sounding messages claim to be a final notice about an unpaid traffic violation, with a short deadline to...
