There Are Plenty of Phish in This Sea!

Phishing remains one of the top attack vectors that hackers use to compromise accounts, steal credentials, gain remote access, and steal financial information. These email and SMS-based attacks are easy to distribute at scale and require little personalization, making them a commonly used tactic. Phishing attacks can now range from simple emails, to multi-stage campaigns that use artificial intelligence (AI) and imitate trusted brands.

For example, in a recent vishing campaign, hackers uses a phishing kit to create a custom phishing page, spoof the company’s IT help desk phone number, and contact a target! By spoofing a trusted phone number, hackers can impersonate the help desk to trick users into entering their credentials on a phishing page, while the phishing kit enables them to control what the target sees in real time.

In another campaign, hackers abused trusted services by sending phishing emails that include links to SharePoint, Google Drive, and OneDrive from compromised email addresses. These links enable hackers to deliver malicious payloads or steal credentials and can go undetected by email security systems.

What to do?

• ALWAYS exercise caution with communications from ANY senders, even those that appear to originate from legitimate platforms.
• Confirm requests from senders via contact information obtained from verified and official sources before taking action, such as clicking on links or opening attachments.
• Navigate directly to legitimate websites (instead of clicking on links embedded in emails) and verify them before submitting account credentials, providing personal or financial information, or downloading files.
• Users who submitted credit card information to suspicious webpages are advised to contact their banking institutions to report the fraudulent purchases immediately.
• Enable MFA and keep systems and browsers up to date.
• If you believe you’ve been victimized, disconnect the potentially infected device(s) from the Internet and run anti-virus/anti-malware scans.
• If sensitive information was entered, then change passwords for compromised accounts, monitor for unauthorized activity, and review the Identity Theft and Compromised PII NJCCIC Informational Report for additional recommendations and resources, including credit freezes.
• If you are a Linden resident, then report malicious cyber activity to the Linden Police Department, as well as the NJCCIC and the FBI’s IC3.