The Federal Bureau of Investigation (FBI) warns the public about an evolving financial fraud scheme targeting Chinese speaking individuals residing in the United States in which criminals impersonate US health insurance providers and Chinese law enforcement.
Targeted individuals receive a call from a spoofed telephone number of a legitimate US health insurance provider’s claims department. The call is conducted in Chinese, and the recipient is asked about recent insurance claims for alleged surgical procedures. The criminal then shows the recipient fraudulent invoices on screen via video communication software and demands payment. If the recipient denies having filed the claim or that the procedure took place, the criminal transfers the recipient to someone purporting to be Chinese law enforcement.
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- When Cyberattacks Pack a Physical Punch
February 18, 2019
Physical security goes hand in hand with cyberdefense. What happens when – as we see all too often – the physical side is overlooked? More than one in 10 data breaches now involve “physical actions,” according to a recent report. These include leveraging physical devices to aid an attack, but also hacks that involve breaking into hardware ...
- Cisco’s warning: Patch this default Network Assurance Engine password bug
February 13, 2019
Cisco is urging customers to install an update that fixes a high-severity issue affecting its Network Assurance Engine (NAE) for managing data-center networks. The bug, tracked as CVE-2019-1688, could allow an attacker to use a flaw in the password-management system of NAE to knock out an NAE server and cause a denial of service. NAE is an ...
- New Astaroth Trojan Variant Exploits Anti-Malware Software to Steal Info
February 13, 2019
A new Astaroth Trojan campaign targeting Brazil and European countries is currently exploiting the Avast antivirus and security software developed by GAS Tecnologia to steal information and load malicious modules. According to Cybereason’s Nocturnus team which discovered the new Astaroth strain, just like previous instalments, the malware uses “legitimate, built-in Windows OS processes to perform malicious activities and deliver a payload without being ...
- Snapd Flaw Lets Attackers Gain Root Access On Linux Systems
February 13, 2019
Ubuntu and some other Linux distributions suffer from a severe privilege escalation vulnerability that could allow a local attacker or a malicious program to obtain root privileges and total control over the targeted system. Dubbed “Dirty_Sock” and identified as CVE-2019-7304, the vulnerability was discovered by security researcher Chris Moberly, who privately disclosed it to Canonical, the maker ...
- Trickbot Adds Remote Application Credential-Grabbing Capabilities to Its Repertoire
February 12, 2019
In November 2018, we covered a Trickbot variant that came with a password-grabbing module, which allowed it to steal credentials from numerous applications. In January 2019, we saw Trickbot (detected as TrojanSpy.Win32.TRICKBOT.AZ and Trojan.Win32.MERETAM.AD) with new capabilities added to its already extensive bag of tricks. Its authors clearly aren’t done updating Trickbot — we recently found a ...
- Windows App Runs on Mac, Downloads Info Stealer and Adware
February 11, 2019
EXE is the official executable file format used for Windows to signify that they only run on Windows platforms, and to serve as a security feature. By default, attempting to run an EXE file on a Mac or Linux OS will only show an error notification. However, we found EXE files in the wild delivering a ...