Phishing attacks have targeted organizations worldwide in the bygone week, and the headlines roar out to netizens to adopt the best phishing prevention practices. Here are the latest phishing headlines from across the world to keep you abreast of the latest modus operandi of threat actors, so you are better equipped to keep your information assets secure.
Avaddon Ransomware Hits Acer Finance
Acer Finance is a French financial consultancy firm offering financial planning, risk management, advisory, mutual funds, and analysis services. The Avaddon ransomware gang, which has been making the headlines frequently, recently attacked Acer Finance and stole a vast expanse of its sensitive data.
The adversaries have given Acer Finance 240 hours to comply with the ransom demands before they leak all of Acer’s valuable records. Avaddon has posted personal documents, ID cards, and screenshots of folders with stolen data as proof of the attack.
Avaddon claims to have stolen confidential data belonging to Acer Finance’s employees and clients. It also posted a note on its leak site informing the firm of the attack and the types of records it has in its possession. These include employees’ information, agreements, data from the secretariat, personal correspondence, payment forms, licenses, etc. The ransomware gang also warned the firm that nothing but the decryptor could decrypt their data. Acer Finance must also be ready with its anti-phishing solutions as Avaddon has forewarned a DDoS attack in case of non-compliance to ransom demands.
Graduating Students In US Lose $80-$1200 As Cap And Gown Supplier Undergoes Cyberattack
Herff Jones is a famous U.S. company selling caps and gowns and hence frequented by graduating students. Recently, many students graduating from U.S universities ((Boston, Indiana, Maryland, Illinois, Houston, Delaware, Pennsylvania, Michigan, New York, Wisconsin, Arizona, Florida, North Carolina, California, etc.) have reported fraudulent transactions in their credit cards after using it at Herff Jones.
The company had hitherto been unaware of the security incident and only began its investigations after the student reports started flooding social media. Beginning last Sunday, these reports continued throughout the week where students warned fellow graduating students to look out for suspicious activities and illegal charges on their cards. As a measure for protection against phishing, students are canceling their payment cards. Meanwhile, Herff Jones has apologized to all customers for this security breach and shall notify all victims in due course. It has hired a leading cybersecurity firm to take charge of the investigation as part of its phishing attack prevention measures.
Ransomware Hits Waikato District Health Board
A ransomware attack brought down New Zealand’s Waikato District Health Board (DHB) systems and its affiliates recently. The unknown ransomware is suspected of entering Waikato DHB’s system via an email attachment, and ironically, all IT systems except email have been impacted. As a result of the attack, clinical services and surgeries were disrupted, and the hospital staff has come down to pen and paper to keep things running.
The hospital is taking all phishing prevention measures and working with government departments to get to the roots of this attack. As Waikato DHB endeavors to restore its systems, it has decided against paying any ransom to the adversaries. It has been suggested that patching systems might take time, but Waikato DHB will eventually get there.
Phishing Attack Hits Domain Group
Domain Group, an Australian digital real estate business, underwent a phishing attack recently. Domain Group’s CEO Jason Pellegrino stated that adversaries accessed the company’s administrative systems to trick people who had made a rental property inquiry.
The company’s prospective clients were sent emails asking for a deposit to secure a rental property. Although the adversaries had a good scam going on, very few Domain Group customers were affected by the attack. The firm pointed out that people are vigilant these days and verify the authenticity of an email before believing it. As part of the measures to prevent phishing attacks, Domain Group has implemented additional security protocols and collaborated with external security experts.
The Alaska Department Of Social Services And Health Undergoes Malware Attack
The Alaska Department of Health and Social Services underwent a malware attack recently. Consequently, the DHSS website, the state’s vital records system, background check system, behavioral health, substance abuse management system, etc., were brought down.
However, third-party services such as data dashboards and vaccine appointment scheduling can still be accessed on covid19.alaska.gov. The department has initiated its phishing attack prevention measures and announced that the website would be down until further details about the attack are known. The DHSS has informed the concerned authorities and is doing everything possible to provide continued services to providers and beneficiaries.
Beware Of Amazon Vishing Attacks
Cybersecurity vendor Armorblox recently published two case studies on Amazon vishing attacks that speak out to online shoppers. In the first attack scheme, the adversaries sent a malicious email with the subject Invoice: ID to around 9k users. The email was from a Gmail account and used the same color markers as Amazon. The email informed users of an order placed from their account for a television and gaming console. It contained a contact number that connected users to a fake Amazon customer service staff. Talking to this person and giving away our order details, username, and credit card details would mean an accomplished mission for the scammers.
In the second attack example that reached 4k inboxes, the attackers sent an email titled ‘A shipment with goods is being delivered from a seemingly genuine address.’ Like the former example, this email could bypass Microsoft Defender for Office 365 (MSDO) and Microsoft Exchange Online Protection (EOP) spam filters. It contained a $556.42 payment amount, an order number, and a phone number for the email recipients to place return requests. These phishing emails come without any malicious links or attachments and therefore can bypass spam filters easily. Users must adopt robust phishing prevention measures and never call numbers that come attached in such random emails.
A Eufy Server Upgrade Makes Users’ Private Feeds Public
Eufy home security cameras owned by the Chinese company Anker are widely used for home vigilance purposes. However, a recent Eufy update caused much inconvenience to users and compromised their privacy. An internal bug in Eufy’s updated software, which lasted for an hour before being detected and fixed, allowed users to view, zoom, pan, control, and access the home-video feeds of fellow Eufy users. The addresses, names, and other details of users could also be accessed. The security flaw lasted for an entire day, allowing users to get into the private space of other Eufy users across the globe.
Anker quickly fixed the issue and implemented measures for protection from phishing attacks, but the vulnerability has made its customers rethink their options. First spotted by a Eufy customer who had logged in to view his own camera’s live feed and saw another lady’s house footage instead, incidents like this are not uncommon for cloud-based home-security cameras. When users spot such security malfunctions in their cloud-based appliances, they must immediately shut down all connected gadgets to minimize risk to their private life and details.