The Federal Bureau of Investigation (FBI) warns the public about an evolving financial fraud scheme targeting Chinese speaking individuals residing in the United States in which criminals impersonate US health insurance providers and Chinese law enforcement.
Targeted individuals receive a call from a spoofed telephone number of a legitimate US health insurance provider’s claims department. The call is conducted in Chinese, and the recipient is asked about recent insurance claims for alleged surgical procedures. The criminal then shows the recipient fraudulent invoices on screen via video communication software and demands payment. If the recipient denies having filed the claim or that the procedure took place, the criminal transfers the recipient to someone purporting to be Chinese law enforcement.
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- IMAP-Based Attacks Compromising Accounts at ‘Unprecedented Scale’
March 14, 2019
That’s according to researchers with Proofpoint, who found that in the past half year, a staggering 60 percent of Microsoft Office 365 and G Suite tenants have been targeted with IMAP-based password-spraying attacks; and 25 percent of those targeted experienced a full-on breach as a result. Password-spraying attacks are when an attacker attempts to access a large ...
- Talking to RATs: Assessing Corporate Risk by Analyzing Remote Access Trojan Infections
March 14, 2019
Remote access trojans (RATs) on a corporate system may serve as a key pivot point to access information laterally within an enterprise network. By analyzing network metadata, Recorded Future analysts were able to identify RAT command-and-control (C2) servers, and more crucially, which corporate networks were communicating to those controllers. This approach allows Recorded Future to ...
- Businesses warned over a new breed of BitLocker attacks
March 14, 2019
Devices protected using Microsoft BitLocker can be physically breached in a new form of attack that involves extracting the encryption keys from a computer’s Trusted Platform Module (TPM) chip. By hardwiring equipment into a computer’s motherboard, namely the TPM chip, attackers would be primed to access any sensitive corporate information stored on encrypted hard drives. This ...
- The fourth horseman: CVE-2019-0797 vulnerability
March 13, 2019
The new zero-day in the Windows OS exploited in targeted attacks In February 2019, our Automatic Exploit Prevention (AEP) systems detected an attempt to exploit a vulnerability in the Microsoft Windows operating system. Further analysis of this event led to us discovering a zero-day vulnerability in win32k.sys. We reported it to Microsoft on February 22, 2019. ...
- Yatron Ransomware Plans to Spread Using EternalBlue NSA Exploits
March 12, 2019
A new Ransomware-as-a-Service called Yatron is being promoted on Twitter that plans on using the EternalBlue and DoublePulsar exploits to spread to other computer on a network. This ransomware will also attempt to delete encrypted files if a payment has not been made in 72 hours. BleepingComputer was first notified about the Yatron RaaS by a security ...
- From Fileless Techniques to Using Steganography: Examining Powload’s Evolution
March 12, 2019
Powload’s staying power in the threat landscape shows how far it has come. In fact, the uptick of macro malware in the first half of 2018 was due to Powload, which was distributed via spam emails. Powload was also one of the most pervasive threats in the North American region in 2018, using various techniques to deliver payloads such ...