SIM swapping attacks have become increasingly common. Threat actors initiate these attacks by contacting wireless carriers and impersonating the subscriber. They use social engineering to transfer the subscriber's phone number to a new SIM card under their control.
There has been an increase in scam-related courier service usage to retrieve money and valuables from targets. Scammers often employ a multi-layered approach, posing as government officials, tech support, or financial institution employees to gain victims' trust.
Since the start of the new year, the NJCCIC has observed an uptick in reported incidents of compromised accounts for New Jersey citizens and businesses, such as healthcare, education, law enforcement, contractors, real estate, and accounting firms.
Multiple vulnerabilities have been discovered in VMware vCenter Server and Cloud Foundation, most severe of which could allow for remote code execution. execution. VMware vCenter Server is the centralized management utility for VMware. Read this to learn how to protect against this.
In today's digital world, constant data generation and flow across diverse channels present risks as users often share more information than necessary for convenience, leading to heightened vulnerabilities and potential for fraud and malicious activities.
Ransomware operators employ various methods to coerce victims into paying ransoms if they refuse initial demands including: blocking access to files, stealing data, threatening a data breach, selling data on the dark web, launching DDOS attacks, and encrypting data.
Researchers determined that it is possible to “smuggle” or send spoofed emails, a method often used in phishing campaigns, to convince the email recipient that the message is sent from a trusted entity. They do this by exploiting interpretation differences of Simple Mail Transport Protocol.
There has been an uptick in scams using annual employee responsibilities as lures in Human Resources (HR) phishing campaigns. Observed themes include salary and benefits adjustments, important 401(k) updates and tax documentation.
The NJCCIC has observed increased reports of cryptocurrency scams consistent with open-source reporting. These cryptocurrency stealers are malicious programs or scripts designed to transfer cryptocurrency from victims’ wallets without their consent.
Phishing emails remain a top social engineering tactic for cybercriminals. These emails may request recipients open an attachment, click a link, provide account credentials, transfer funds, or disclose sensitive information. This article shows samples and critical warning signs.
