CyberheistNews Vol 14 #37 Scammers Use Pretend Funeral LiveStream Social Media Posts to Extort Victims


CyberheistNews Vol 14 #37  |   September tenth, 2024


Scammers Use Pretend Funeral LiveStream Social Media Posts to Extort VictimsStu Sjouwerman SACP

In a troubling new low level, cybercriminals are concentrating on people grieving the lack of a beloved one by charging their bank cards with extreme charges by way of a heartless rip-off.

Based on analysts at Malwarebytes, these scammers are actually posting pretend funeral stay streams on Fb, trying to use the emotional vulnerability of these mourning. These scams probably contain compromised social media accounts or automated searches for latest deaths, doubtlessly even leveraging the passing of celebrities to lure victims.

Victims are led by way of a sequence of pages earlier than arriving at a cost web page, the place they unknowingly authorize scammers to cost their bank card €64 each 14 days.

Whereas the rip-off itself is comparatively easy and avoidable if somebody fastidiously reads the main points, it’s a stark reminder of the significance of safety consciousness. Scams like this don’t simply occur within the company world; they’re prevalent in on a regular basis on-line actions.

This is the reason safety consciousness coaching is so essential. By instructing individuals to remain vigilant in all areas of their digital lives, they’re higher outfitted to acknowledge and keep away from scams like this from the outset, rendering these schemes ineffective.

Weblog publish with hyperlinks and instance screenshots:
https://weblog.knowbe4.com/scammers-use-fake-funeral-livestream-social-media-posts-to-take-victims-for-their-money

[NEW WEBINAR] Code Pink: How KnowBe4 Uncovered a North Korean IT Infiltration Scheme

A latest incident make clear a chilling new tactic: North Korean operatives posing as IT professionals to infiltrate organizations all around the world. And this one hit just a little too near residence… proper right here at KnowBe4. We’re pulling again the curtain on this occasion that will help you defend your group from this new and rising, scary risk.

Be part of us for an unique, no-holds-barred dialog with the group who lived by way of it. Perry Carpenter, our Chief Human Danger Administration Strategist, sits down with Brian Jack, Chief Info Safety Officer, and Ani Banerjee, Chief Human Assets Officer, to talk about how we noticed the purple flags and stopped it earlier than any harm was completed.

Throughout this webinar, you’re going to get the within scoop on:

  • The methods and instruments utilized by these covert operatives to sneak by way of the cracks
  • How we found one thing was fallacious, and the way we shortly stepped in to cease it
  • How one can spot pretend IT employees in your hiring course of and office
  • Sensible recommendation for fortifying your group to implement sturdy screening processes and safety protocols to safeguard towards infiltration

Acquire unique insights and actionable methods to guard your group from these refined threats. Don’t miss this chance to remain forward within the ever-evolving panorama of cybersecurity, plus earn CPE credit for attending!

Date/Time: THIS WEEK, Thursday, September 12 @ 2:00 PM (ET)

Can not attend stay? No worries — register now and you’ll obtain a hyperlink to view the presentation on-demand afterwards.

Save My Spot:
https://occasion.on24.com/wcc/r/4682459/A20B54DCC9627A86FBF8E2DD81911011?partnerref=CHN2

Menace Actors More and more Exploit Deepfakes for Social Engineering

The supply of deepfake expertise has given risk actors a helpful device for social engineering assaults, based on researchers at BlackBerry. “Typically, online scams prey on the presumed weaknesses and susceptibility of the targeted individual,” the researchers write.

“In earlier a long time, Web fraudsters forged the widest potential nets to dupe the lots, as within the case of malspam (spam with malware), however as digital developments have advanced, so too have the ways and methods of on-line scammers.

“Deepfakes may be the tipping point of the social engineering game, as it allows fraudsters to laser-focus on a specific individual for a fraction of the previous price point.”

BlackBerry cites a particular case that occurred earlier this 12 months during which a deepfake was used to trick an worker into sending $25 million to criminals.

“In February 2024, a finance worker at a multinational firm was tricked into initiating a $25 million payment to fraudsters, who used deepfake technology to pretend to be the company’s chief financial officer,” the researchers write.

“According to Hong Kong police, the worker attended a videoconference with what he believed were real staff members, but who were in fact all deepfakes. The worker had initially been suspicious of a message that appeared to be from the corporation’s chief financial officer, requesting that a secret transaction be carried out. However, the worker put aside his doubts after the video call because other people in attendance had looked and sounded just like employees he recognized.”

New-school safety consciousness coaching offers your group a necessary layer of protection towards evolving social engineering assaults.

“One of the strongest mitigation techniques is user awareness and education,” BlackBerry says. “Firms ought to implement a strong coaching program to teach workers about the specter of deepfakes, how they are often leveraged by cybercriminals, the way to acknowledge them and what to do if suspicious, and the dangers if a risk actor targets the group utilizing deepfakes.

“This user education can go a long way in reducing the deepfake attack surface. Employees who work in sales, finance, and HR should be particularly alert for fraudsters impersonating customers to access confidential client accounts and financial information.”

Weblog publish with hyperlinks:
https://weblog.knowbe4.com/threat-actors-increasingly-exploit-deepfakes-for-social-engineering

Rip Malicious Emails With KnowBe4’s PhishER Plus

Rip malicious emails out of your customers’ mailbox with KnowBe4’s PhishER Plus! It is time to supercharge your phishing defenses utilizing these two highly effective options:

1) Robotically block malicious emails that your filters miss
2) Rip malicious emails from inboxes earlier than your customers click on on them

With PhishER Plus you’ll be able to:

  • NEW! Detect and reply to threats sooner with real-time net status intelligence with PhishER Plus Menace Intel, powered by Webroot!
  • Use crowdsourced intelligence from greater than 13 million customers to dam identified threats earlier than you are even conscious of them
  • Robotically isolate and “rip” malicious emails out of your customers’ inboxes which have bypassed mail filters
  • Simplify your workflow by analyzing hyperlinks and attachments from a single console with the CrowdStrike Falcon Sandbox integration
  • Automate message prioritization by guidelines you set and lower by way of your incident response inbox noise to answer probably the most harmful threats shortly

Be part of us for a stay 30-minute demo of PhishER Plus, the #1 Chief within the G2 Grid Report for SOAR Software program, to see it in motion.

Date/Time: Wednesday, September 18, @ 2:00 PM (ET)

Save My Spot:
https://occasion.on24.com/wcc/r/4688940/4492D07152F83915994D50A2B0D6FD66?partnerref=CHN

Main Rip-off Operation Makes use of Deepfake Movies

Researchers at Palo Alto Networks’ Unit 42 are monitoring dozens of rip-off campaigns which might be utilizing deepfake movies to impersonate CEOs, information anchors, and high-profile authorities officers. Unit 42 believes a single risk actor is behind the scheme. The researchers found a whole bunch of domains used to unfold these campaigns, every of which has been visited a median of 114,000 occasions. The objective of the operation is to unfold funding scams and faux government-sponsored giveaways.

“Starting with a campaign promoting an investment scheme called Quantum AI, we studied the infrastructure behind this campaign to track its spread over time,” the researchers write. “Through this infrastructure investigation, we discovered several additional deepfake campaigns leveraging completely different themes that the same threat actor group created and promoted.”

The scammers are concentrating on customers world wide, tailoring the campaigns for particular nations.

“We found deepfake movies in a number of totally different languages, together with English, Spanish, French, Italian, Turkish, Czech and Russian. Every marketing campaign sometimes targets potential victims in a single nation, together with Canada, Mexico, France, Italy, Turkey, Czechia, Singapore, Kazakhstan and Uzbekistan.

“Similar to the Quantum AI scam campaign, these videos add AI-generated audio on top of an existing video and use lip-syncing tools to alter the lip movement of the speaker to match the new audio. Visitors to these webpages are prompted to register with their name and phone number, and they are instructed to await a call from an account manager or representative.”

Whereas funding scams aren’t new, deepfakes permit criminals to simply lend authority to the scams by impersonating well-known figures. Notably, Unit 42 has noticed deepfake-as-a-service instruments being peddled on legal boards.

“Our researchers have encountered cybercriminals selling, discussing, and trading deepfake tooling and creation services across forums, social media chat channels, and instant messaging platforms,” the researchers write.

“These tools and services offer capabilities for generating deceptive and malicious content including audio, video, and imagery. The ecosystem surrounding deepfake creation and tooling is alive and vibrant, and cybercriminals are selling a variety of options from face swapping tools to deepfake videos.”

Weblog publish with hyperlinks:
https://weblog.knowbe4.com/major-scam-operation-uses-deepfake-videos

[Whitepaper] The Way forward for Phishing Protection: AI Meets Crowdsourcing

Rising phishing assaults and focused spear phishing campaigns expose InfoSec professionals such as you to an increasing assault floor, demanding extra vigilant safety measures.

You want a “tip-of-the-spear,” proactive method to mitigate real-world phishing assaults and focused spear phishing campaigns. That is potential with the ability of AI mixed with crowdsourced information from certainly one of your most useful property: your customers.

This whitepaper will discover the restrictions of strictly technical controls and make the case for environment friendly, good use of AI teamed with hard-won human intelligence to mitigate phishing threats.

Learn this whitepaper to study:

  • The restrictions of relying solely on antiquated, technology-based platforms
  • Why a proactive method, somewhat than strictly defensive, is significant for phishing mitigation
  • The significance of crowdsourcing and making customers a part of the group
  • Actionable recommendation that will help you take advantage of out of your user- and technology-based sources

Obtain Now:
https://data.knowbe4.com/wp-future-phishing-defense-ai-crowdsourcing-prp-chn

Let’s keep protected on the market.

Heat Regards,

Stu Sjouwerman, SACP
Founder and CEO
KnowBe4, Inc.

P.S.: [BUDGET AMMO] I made it within the Wall Road Journal. “North Korean Spies Are Infiltrating U.S. Companies Through IT Jobs”:
https://www.wsj.com/tech/north-korean-spies-are-infiltrating-u-s-companies-through-it-jobs-e45a1be8?st=v49drcjpaqcwe8p

P.P.S.: [MUST-HEAR PODCAST] Eighth Layer Insights “Let’s talk Social Engineering”:
https://thecyberwire.com/podcasts/Eighth-layer-insights/49/notes

Quotes of the Week  

“Violence is the last refuge of the incompetent.”
– Isaac Asimov, Sci-fi Author (1920 – 1992)


“Maybe the journey isn’t about becoming anything. Maybe it’s about unbecoming everything that isn’t really you, so that you can be who you were meant to be in the first place.”
– Paulo Coelho, Brazilian creator, born 1947


Thanks for studying CyberheistNews

You possibly can learn CyberheistNews on-line at our Weblog
https://weblog.knowbe4.com/cyberheistnews-vol-14-37-scammers-use-fake-funeral-livestream-social-media-posts-to-extort-victims

Safety Information

Extraordinarily Deceiving Tech Help Scams Abuse Google Adverts and Microsoft Companies

Researchers at Malwarebytes describe two “subtle and extremely deceiving campaigns” that abused Google Adverts and bonafide Microsoft companies to launch tech assist scams. First, the researchers noticed a malvertising marketing campaign that abused a reputable Microsoft Study profile to impersonate Microsoft Help. The phony assist web page inspired customers to name the scammer’s cellphone quantity.

“We found this ad while looking for Microsoft support live agents,” the researchers write. “The highest (sponsored) outcome seems to be prefer it was purchased by Microsoft itself with its official emblem and URL. Customers who click on on the advert are redirected to a reputable Microsoft web site (study[dot]microsoft[dot]com) displaying Microsoft’s ‘official’ cellphone quantity.

“This page has the look and feel of a genuine knowledge base article especially since it appears to be posted by ‘Microsoft Support.'” A separate malvertising marketing campaign abused a Google advert to load a Microsoft Search web page with the scammer’s cellphone quantity pre-filled within the search bar.

“The second (unrelated) ad campaign we saw is using a different tactic but also starts with a Google ad,” the researchers write. “When victims clicking on it, it’ll launch a search question web page by way of microsoft[dot]com/en-us/search/discover.

When the web page finishes loading, it’ll show what seems to be like a contact quantity from Microsoft. In a approach, this can be a type of commercial that completely abuses what the Microsoft search characteristic was meant for.”

If a consumer calls the cellphone quantity in both of those assaults, a scammer will try and trick them into granting entry to their laptop. New-school safety consciousness coaching can provide your group a necessary layer of protection towards social engineering assaults. KnowBe4 allows your workforce to make smarter safety selections on daily basis. Over 70,000 organizations worldwide belief the KnowBe4 platform to strengthen their safety tradition and scale back human danger.

Malwarebytes has the story:
https://www.malwarebytes.com/weblog/scams/2024/08/psa-these-microsoft-support-ploys-may-just-fool-you

Phishing Is Nonetheless the High Preliminary Entry Vector

Phishing stays a prime preliminary entry vector for risk actors, based on the researchers at ReliaQuest. Phishing and different social engineering ways can bypass safety applied sciences by concentrating on people straight.

“The enduring dominance of phishing as an initial access technique underscores its effectiveness and persistence in the face of cybersecurity advancements and more sophisticated methodologies,” the researchers write.

“Its success lies in its simplicity and its ability to exploit the weakest link in security systems: humans. Employees across many organizations are likely still failing to recognize phishing emails, allowing attackers to progress their attacks in this way.”

In 7.5% of assaults between Could and July 2024, the researchers noticed attackers utilizing inner spear phishing to focus on workers.

“An email originating from an internal account is less likely to be caught by email filtering rules than those coming from impersonating domains,” ReliaQuest says. “Other users within the network are also more likely to interact with an email sent by an internal user account than those coming from external parties, something attackers conducting business email compromise (BEC) capitalize on.”

“Both factors increase the attacker’s chances of successfully compromising more accounts across the network. Internal spear-phishing attacks also often target users with high privilege levels, allowing attackers to escalate their privileges and gain greater control over a network to action their objectives.”

Notably, ReliaQuest noticed many attackers trying to trick customers into putting in malware that impersonated PDF-related software program.

“In the customer true-positive incidents that we analyzed, the malicious files that attackers were attempting to deploy on customer networks were consistently disguised as PDF documents or online PDF generator tools,” the researchers write.

“While malicious attachments can be blocked or quarantined by security tools to prevent execution within a network, these approaches do not address the risk of installing unverified tools, such as those used to create PDF files, on a device. Users should also be educated that installing such tools can also lead to malware execution, which can have harmful effects for businesses, such as data theft, encryption, or account takeovers.”

Weblog publish with hyperlinks:
https://weblog.knowbe4.com/phishing-is-still-a-top-initial-access-vector

What KnowBe4 Clients Say

“I needed to take the time to spotlight how nice my expertise has been with Noah the previous few days working by way of our wants right here on the Agency and getting an settlement drafted/signed in your companies.

I’ve labored with KnowBe4 in previous positions and was smitten by getting your companies in place right here. Noah walked by way of all of the choices and was very educated, he additionally supplied me choices on what I want to view in your platform (demo) vs what I’ll already know.

That is all the time useful as all of us have a full plate and try to avoid wasting time the place we will. Our agency goes by way of a full change of IT companies, so funds is stretched proper now, and Noah was past variety, understanding, and useful.

He additionally did very effectively on the upsell of the compliance choice service. He saved me a considerable amount of headache in addition to time coaching workers on a number of platforms. We’re additionally confronted with an expedited timeline, so I do know I positioned stress on him every step of the method. He was attentive and easy with expectations.

Lengthy story quick, I imagine you have got the fitting kind of particular person with Noah promoting your product. He listened, made it quick and candy, realizing I’m busy, and catered to what I needed/wanted/made sense for our agency. Large thanks to Noah! Any questions, do not hesitate to succeed in out.”

– W.M., Agency Operations Supervisor


“Stu, I love KnowBe4. You might be interested to know that we went through an external cybersecurity audit last week and when I mentioned that we use KnowBe4 for education content and phishing tests, the auditor nodded and smiled. The product line is obviously known and respected in his audit world. Thanks for checking in. Keep rolling out the great content.”

– S.M., IT Supervisor – Info Safety & Telecommunications

The ten Fascinating Information Objects This Week

Cyberheist ‘Fave’ Hyperlinks

This Week’s Hyperlinks We Like, Ideas, Hints and Enjoyable Stuff

Recent articles

Grasp Certificates Administration: Be part of This Webinar on Crypto Agility and Finest Practices

î ‚Nov 15, 2024î „The Hacker InformationWebinar / Cyber Security Within the...

9 Worthwhile Product Launch Templates for Busy Leaders

Launching a product doesn’t should really feel like blindly...

How Runtime Insights Assist with Container Safety

Containers are a key constructing block for cloud workloads,...