This updated advisory provides additional red flag indicators and due diligence measures to help victims who have been in contact with fictitious law firms conducting this fraudulent activity.
This scheme combines a number of exploitation tactics including targeting vulnerable populations, particularly the elderly; exploiting victims’ emotional state and financial need to recover funds from a previous scam; and giving victims the sense of safety and security by impersonating or falsely affiliating themselves with multiple government entities. Contact with scammers impersonating law firms continue to pose many risks, including the theft of personal data and funds from unsuspecting victims to the reputational harm of actual lawyers being impersonated.
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Exodus Spyware Found Targeting Apple iOS Users
April 5, 2019
The surveillance tool was signed with legitimate Apple developer certificates. The spyware that was recently found lurking in 25 different malicious apps on Google Play has been ported to the Apple iOS ecosystem. The surveillance package – dubbed Exodus – can exfiltrate contacts, take audio recordings and photos, track location data and more on mobile devices. Earlier ...
- Backdoor code found in popular Bootstrap-Sass Ruby library
April 5, 2019
Backdoor code was found added in a popular Ruby library used for frontend user interfaces inside Ruby and Ruby on Rails applications. The malicious code was removed via a library update. The library affected by this incident is Bootstrap-Sass, a Ruby package that provides developers with a Sass-version of Bootstrap, the most popular UI framework for developers today. The backdoor’s ...
- LokiBot Trojan Spotted Hitching a Ride Inside .PNG Files
April 5, 2019
Spam campaign features obfuscated .zipx archive that unpacks LokiBot attack. A spam campaign pushing the info-stealing LokiBot trojan leverages a novel technique to avoid detection. According to researchers, the spam messages include malicious .zipx attachment hidden inside a .PNG file that can slip past some email security gateways. According to Trustwave SpiderLabs, that first spotted the .PNG/LokiBot ...
- A dozen US web servers are spreading 10 malware families, Necurs link suspected
April 4, 2019
Researchers have uncovered over a dozen servers, unusually registered in the United States, which are hosting ten different malware families spread through phishing campaigns potentially tied to the Necurs botnet. On Thursday, researchers from Bromium said they have monitored scams connected to this infrastructure during the May 2018 to March 2019 time period. Five families of banking ...
- This new malware is scanning the internet for systems info on valuable targets
April 3, 2019
A new form of malware is scanning the internet for exposed web services and default passwords in what’s thought to be a reconnaissance operation – one which might signal a larger cyberattack is to come. Researchers at AT&T Alien Labs first spotted the malware in March and have named it Xwo after its primary module name. It’s thought that Xwo ...
- Microsoft Edge and Internet Explorer Zero-Days Allow Access to Confidential Session Data
April 2, 2019
On March 30th, security researcher James Lee disclosed information on two zero-day vulnerabilities present in current versions of Microsoft Edge and Internet Explorer. These vulnerabilities make it possible for confidential information to be shared between websites. A flaw in the same-origin policy for these web browsers, called an Origin Validation Error (CWE-346), allows JavaScript embedded in a malicious ...