This updated advisory provides additional red flag indicators and due diligence measures to help victims who have been in contact with fictitious law firms conducting this fraudulent activity.
This scheme combines a number of exploitation tactics including targeting vulnerable populations, particularly the elderly; exploiting victims’ emotional state and financial need to recover funds from a previous scam; and giving victims the sense of safety and security by impersonating or falsely affiliating themselves with multiple government entities. Contact with scammers impersonating law firms continue to pose many risks, including the theft of personal data and funds from unsuspecting victims to the reputational harm of actual lawyers being impersonated.
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Banks Under Attack: Tactics and Techniques Used to Target Financial Organizations
February 8, 2019
US$100 – 300 billion: That’s the estimated losses that financial institutions can potentially incur annually from cyberattacks. Despite the staggering amount, it’s unsurprising — over the past three years, several banks suffered $87 million in combined losses from attacks that compromised their SWIFT (Society for Worldwide Interbank Financial Telecommunication)infrastructures. That’s just the tip of the iceberg: A ...
- New macOS zero-day allows theft of user passwords
February 6, 2019
A German security researcher has published a video over the weekend showing a new zero-day affecting Apple’s macOS desktop operating system. In an interview to German tech site Heise, Linus Henze, the security researcher, says the vulnerability allows a malicious app running on a macOS system to get access to passwords stored inside the Keychain –the password management ...
- Android Phones Can Get Hacked Just by Looking at a PNG Image
February 6, 2019
Using an Android device? Beware! You have to remain more caution while opening an image file on your smartphone—downloaded anywhere from the Internet or received through messaging or email apps. Yes, just viewing an innocuous-looking image could hack your Android smartphone—thanks to three newly-discovered critical vulnerabilities that affect millions of devices running recent versions of Google’s mobile ...
- Pro-Tibet groups targeted with ExileRAT in spy campaign
February 5, 2019
Researchers have uncovered a new cyberespionage campaign which is targeting pro-Tibetan individuals in order to distribute the ExileRAT Trojan. On Monday, researchers from Cisco Talos said that the new campaign delivers a malicious Microsoft PowerPoint document containing the Remote Access Trojan (RAT) which is capable of stealing system and personal information, terminating or launching processes, surveillance and the ...
- The APT Name Game: How Grim Threat Actors Get Goofy Monikers
February 5, 2019
What’s in a name? When it comes to advanced persistent threat groups, it is often quite a bit. While their monikers’ may seem whimsical – Fancy Bear, Nomadic Octopus, Ocean Lotus and Darkhotel – the reality is these are not arbitrary names. In fact, many are similar to schoolyard nicknames or a type of shorthand – ...
- Sophisticated new phishing campaign targets the C-suite
February 5, 2019
A new phishing campaign to steal login credentials is being launched on businesses – specifically the C-suite. Researchers at GreatHorn first discovered the campaign which targets senior executives by claiming to be from the company’s CEO. The fake email regards the rescheduling of a board meeting. By following the link from this email and users are greeted with a ...