Threat actors continue to exploit trusted financial software through impersonation, phishing emails, and fraudulent invoices or transactions. They can sign up for free accounts for legitimate software and target potential victims from within those services.
Threat actors can perform reconnaissance by searching for and weaponizing publicly disclosed data and using a variety of impersonation techniques to convince their target that they are known and trusted parties involved in real estate transactions.
Individuals and businesses may use trusted accounting software to keep track of finances, generate invoices, and run payroll. Accounting software can also automate bookkeeping, create reports, analyze financial trends, and organize and manage data, making tax season easier.
Threat actors continue to take advantage of the increased adoption of QR code scanning, as users are typically quick to scan QR codes without a second thought and are unaware of the potential risks. In quishing campaigns, threat actors impersonate trusted organizations...
The NJCCIC received reports of a business email compromise (BEC) campaign circulating using a compromised emergency management email account. The phishing email referenced a contract and directed the recipient to click a link to view a related document.
Last week, the NJCCIC reported increased phishing attempts targeting NJ state employees by impersonating the IRS. Proofpoint analysts noted a rise in tax-themed phishing campaigns, particularly as tax deadlines approach in the US and the UK.
Tax season is ripe with social engineering schemes designed to steal tax information, including W-2 personally identifiable information (PII), dates of birth, bank account or credit card numbers, and driver's license numbers. The emails include a fraudulent link to pay taxes...
In April 2024, the NJCCIC reported an uptick in unpaid road toll SMiShing scams. Similar SMiShing scams have resurfaced, as threat actors are impersonating multiple road toll agencies nationwide to target New Jersey residents to collect personal and financial information.
The NJCCIC received incident reports indicating that the well-known sextortion email scam is again circulating. Some reports noted that the threatening message was included in a PDF attachment named after the target rather than in the body of the email.
After the quick rise and fall of the Rockstar2FA Phishing-as-a-Service (PhaaS) platform, a new phishing platform, dubbed FlowerStorm, was observed filling in the gap left behind in Rockstar’s absence. Rockstar2FA platform had a simple interface that utilized adversary-in-the-middle.
