Phishing attack prevention is a daily struggle for us netizens because attackers are always looking for opportunities to breach our systems. Here are the latest phishing headlines so that you can plan your cybersecurity measures better.
Cyberattack Hits Norwegian Websites
A cyberattack recently targeted the private and public websites in Norway, which caused a temporary breakdown of the websites. The Norwegian Prime Minister – Jonas Gahr Store, claimed that the attack had not caused much damage. A DDoS attack on the national data network brought down the national data network for several hours. As per reports, a pro-Russian attack group is responsible for the attacks.
Norway, though not a member of the European Union, mirrors its stand on several topics and has disrupted the transit of Russian supplies via Norway to Arctic Russia, just as the EU has placed sanctions on its goods. This attack on Norwegian systems came after the country’s resistance. Despite taking phishing prevention measures, countries standing against Russia have been constantly targeted by cyberattacks. This attack on Norway’s websites comes just days after a similar attack on Lithuanian public and private websites was launched by a pro-Moscow hacker group. In this case, too, Lithuania had resisted the transit of Russian ferrous metals and steel through Lithuania to Kaliningrad.
Cyberattack Hits Geographic Solutions, Inc.
A national outage at Geographic Solutions, Inc. (GSI) recently caused downtime at its client – the Nebraska Department of Labor’s website. The GSI outage was caused by a cyberattack that made the organization shut down its state labor exchange and unemployment claims systems to contain the attack’s spread. GSI is taking all anti-phishing protection measures to restore systems at the earliest. While the organization has provided no tentative resolution date, they warn that the website will be down for at least two days.
GSI has assured that only the online systems were affected by the breach and user data remains uncompromised. The Nebraska Department of Labor is constantly communicating with GSI and will share updates whenever it gets them. Fortunately, the department has mentioned that this incident won’t come in the way of eligible claimants receiving unemployment insurance benefits.
Data Breach Hits OpenSea
OpenSea, the popular NFT marketplace, recently underwent a data breach. With a user base of over 600,000 and a transaction volume of over $20 billion, OpenSea is the largest NFT marketplace. The platform is now warning its users of possible phishing attacks and asking them to adopt measures for protection against phishing.
OpenSea’s Head of Security, Cory Hardman, an employee of its email delivery vendor – Customer.io, downloaded the email addresses of newsletter subscribers and users of OpenSea. Because an unauthorized party also had access to these email addresses, user data was potentially exposed. Therefore, OpenSea urges its users to remain vigilant and watch out for possible phishing attempts. Currently, OpenSea is working with Customer.io to get to the attack’s roots and has informed law enforcement of the breach.
Scalper Botnet Targets Israeli Government Entities
Israeli government entities are constantly targeted by the Scalper botnet, making it extremely difficult for them to conduct essential intra-national services. The Scalper compromised the public service appointment systems and scheduled meetings with different government agencies. It then offered to sell these appointments to distressed citizens for over $100. The targeted government agencies whose fake appointments were being dealt with include the Israeli Ministry of Interior, passport renewal, National Insurance, the Ministry of Transport, Israel Post, and the Israeli State Electricity Company.
This Scalper attack leverages a flaw in the GamkenBot created by the Israeli government to auto-schedule appointments for a backlog of passport applications that have remained unaddressed since the pandemic. Whenever the GamkenBot is made public, adversaries modify its functions and steal all available data. In addition, the threat actors established a Telegram group where they offered instant appointments.
Despite being aware of the actions of Scalper, the Israeli government couldn’t remove the online platform considering the risk of canceling valid appointments. The government enabled CAPTCHA on the booking page as part of its measures for protection from phishing. But the adversaries found a way to solve the CAPTCHA functionality within a few days. Experts advise using advanced measures like behavioral analysis and device fingerprinting to deal with such modern bots.
Beware of Extortion Scams Targeting the LGBTQ+ Community Online
The U.S. Federal Trade Commission (FTC) warns LGBTQ+ community members to be vigilant while using online dating apps like Feeld and Grindr because adversaries are launching extortion campaigns by abusing these platforms and posing as potential romantic partners. These threat actors initiate romantic conversations on these LGBTQ+ dating apps and then ask victims for explicit photos. Victims falling for this trap are blackmailed into paying the ransom through untraceable gift cards. The hackers threaten victims that not complying with the ransom demand would compel hackers to leak their sexual imagery or the fact that they are still “closeted” (wherever applicable) to their family and friends.
Therefore, the FTC recommends that LGBTQ+ community members use such dating apps with a lot of caution and refrain from sharing explicit photos with strangers they meet online. Furthermore, protect yourself from phishing by doing a reverse image search on any person you recently met online. If the name and details don’t match, that’s a red flag for you. Also, avoid paying scammers to delete your chats or photos because there is no guarantee that they will.
Japanese Contractor Exposes 460k Residents’ Data.
An unidentified Japanese contractor working for the city of Amagasaki accidentally placed a drive containing the records of over 460,000 residents in this bag and went for a night out of town. Eventually, he ended up passing out in the street, and when he woke up, his bag was missing.
The incident report stated that the memory stick in possession of this man contained sensitive and confidential information about residents. These include their names, addresses, birth dates, tax details, social security records, and banking information. Amagasaki officials mentioned that the USB stick data was encrypted to ensure anti-phishing protection. It extended sincere apologies for risking the public’s trust in the city administration. Fortunately, the police found the bag and the USB stick later. So far, there is no evidence that anyone accessed the USB stick information.
Ransomware Hits Napa Valley College Website
A ransomware attack recently brought down the website and network systems of Napa Valley College. Soon after discovering the breach, NVC launched an investigation into the incident. All the while attempts to reach the site led to an error message saying, “This site can’t be reached,” or a redirect to the internet domain name registrar GoDaddy.
As part of the college’s measures to ensure protection against phishing attacks, some network systems were deliberately brought down, whereas others were down as a result of the attack. The school is reportedly heading towards full recovery, but there is no fixed date when all systems will be restored. The school is offering free identity protection and credit monitoring to all students and employees. Furthermore, state and federal law enforcement have been informed, and the school is working with third-party security experts to restore services.
While the school is trying its best to restore systems, it maintains that it never had to cancel classes for such unprecedented problems and that students never lost access to their student portals or emails in the past. NVC is affirmative that this incident, too, won’t lead to any drop-off in fall registrations. The school believes its endeavor to keep things as smooth as possible for employees and students despite everything ensures that enrollment numbers will remain unaffected.