Fake 401K year-end statements used to steal corporate credentials

Threat actors are using communication about personal pension accounts plans in the U.S.), salary adjustments, and performance reports to steal company employees' credentials.
Email security company Cofense warns that these attacks are becoming more frequent and even organizations with sound email security practices are having trouble against them.
401(k) is a popular retirement savings plan in the U.S. that offers a convenient way for employees to save for the future with tax benefits, often including additional contributions from their employer.
Cybercriminals take advantage of this topic and are sending targets 401(k) notifications posing as someone from their company's Human Resources department alleging an important plan update or an increase in contributions.
Cofense says that throughout last year it has seen a sharp rise in QR codes embedded in those phishing emails, taking recipients to a fake login page designed to steal credentials.
Other lure types seen more often towards the end of the year include open enrollment, surveys, and salary restructuring communications.
Open enrollment is a specific period, typically occurring towards the end of the calendar year, allowing employees to enroll in health insurance or retirement plans.
Recipients take these messages very seriously because failing to enroll before the deadline results in loss of eligibility for some benefits until the next enrollment round.
Cybercriminals also appear to use more often lures regarding compensation adjustments, especially about bonuses and increases, which are usually decided at the end of the year.
Finally, Cofense warns about fake employee satisfaction surveys and assessment reports sent to targets from spoofed human resource departments.
Cofense says that all examples in its report are from employees of large enterprises that use effective email security solutions, yet many phishing messages still reach their employees' inboxes.
The security company suggests that HR departments schedule these communications and inform the personnel accordingly to help filter out at least some of the malicious communications.
Considering that many companies outsource these operations, educating and safeguarding employees from phishing attempts may be difficult.
Another measure would be to avoid QR codes in legitimate business communication, since many phishing campaigns rely on them.
UK and allies expose Russian FSB hacking group, sanction members.
Stealthy AsyncRAT malware attacks targets US infrastructure for 11 months.
Crypto wallet founder loses $125,000 to fake airdrop website.
FTC offers $25,000 prize for detecting AI-enabled voice cloning.
Nigerian hacker arrested for stealing $7.5M from charities.


This Cyber News was published on www.bleepingcomputer.com. Publication date: Wed, 10 Jan 2024 18:35:04 +0000


Cyber News related to Fake 401K year-end statements used to steal corporate credentials

Fake 401K year-end statements used to steal corporate credentials - Threat actors are using communication about personal pension accounts plans in the U.S.), salary adjustments, and performance reports to steal company employees' credentials. Email security company Cofense warns that these attacks are becoming more ...
9 months ago Bleepingcomputer.com
Credentials are Still King: Leaked Credentials, Data Breaches and Dark Web Markets - Infostealers infect computers, steal all of the credentials saved in the browser along with active session cookies and other data, then export it back to command and control infrastructure before, in some cases, self-terminating. This article will ...
9 months ago Bleepingcomputer.com
Fake LastPass password manager spotted on Apple's App Store - LastPass is warning that a fake copy of its app is being distributed on the Apple App Store, likely used as a phishing app to steal users' credentials. The fake app uses a similar name to the genuine app, a similar icon, and a red-themed interface ...
8 months ago Bleepingcomputer.com
Fake browser updates spread updated WarmCookie malware - The latest campaign was discovered by researchers at Gen Threat Labs, who observed the WarmCookie backdoor being distributed as fake Google Chrome, Mozilla Firefox, Microsoft Edge, and Java updates. FakeUpdate is a cyberattack strategy used by a ...
1 month ago Bleepingcomputer.com
Fake and Stolen X Gold Accounts Flood Dark Web - A surge of fake or stolen X Gold accounts has been flooding marketplaces and forums both on the surface web and the dark web over the past year, according to CloudSEK. Threat actors have used multiple techniques to forge or steal X Gold accounts ...
10 months ago Infosecurity-magazine.com
Surge of swatting attacks targets corporate executives and board members - At around 8:45 pm on February 1, 2023, a caller to the Groveland, Massachusetts, 911 emergency line told dispatchers that he harmed someone in a home on Marjorie Street in the upscale small town 34 miles north of Boston. The caller also said he would ...
1 year ago Csoonline.com
CISA orders agencies impacted by Microsoft hack to mitigate risks - CISA has issued a new emergency directive ordering U.S. federal agencies to address risks resulting from the breach of multiple Microsoft corporate email accounts by the Russian APT29 hacking group. It requires them to investigate potentially ...
6 months ago Bleepingcomputer.com
How Kasada Counters Toll Fraud and Fake Account Creation for Enterprises - Toll fraud and fake account creation are two advanced threats that bad actors employ for massive profit. Fake Account Creation is committed by a wide range of attackers, through automating the generation of new user accounts en masse, which then get ...
11 months ago Securityboulevard.com
Corporate Spy Tech and Inequality: 2023 Year in Review - Our personal data and the ways private companies harvest and monetize it plays an increasingly powerful role in modern life. Throughout 2023, corporations have continued to collect our personal data, sell it to governments, use it to reach inferences ...
10 months ago Eff.org
SentinelOne to Expand Cloud Security Capabilities With Acquisition of PingSafe - PRESS RELEASE. MOUNTAIN VIEW, CA - January 3, 2024 - SentinelOne, a global leader in AI-powered security, today announced that it has agreed to acquire PingSafe. The acquisition of PingSafe's cloud native application protection platform, when ...
10 months ago Darkreading.com
A personal Year in Review to round out 2023 - As you've probably seen by now, Talos released our 2023 Year in Review report last week. It's an extremely comprehensive look at the top threats, attacker trends and malware families from the past year with never-before-seen Cisco Talos telemetry. ...
10 months ago Blog.talosintelligence.com
12 Essential Steps Mac Users Need To Take At Year End - As the year comes to a close, Mac users should take these steps to ensure their device's security, performance and organization. Here are the year-end steps you should take to ensure your Mac is ready for 2024. After ensuring your Mac's files are ...
10 months ago Techrepublic.com
QR Code Scammers are Changing Tactics to Evade Detection - Check Point researchers last year saw a 587% increase between August and September of phishing attacks enticing unsuspecting targets to click on QR codes that then redirect them to malicious pages used for harvesting credentials. The cybersecurity ...
9 months ago Securityboulevard.com
Taking Back the Web with Decentralization: 2023 in Review - In the past few years, there's been an accelerating swing back toward decentralization. Users are fed up with the concentration of power, and the prevalence of privacy and free expression violations, and many users are fleeing to smaller, ...
10 months ago Eff.org
2024 Cybersecurity Industry Experts Predictions: Part 1 - As 2023 draws to a close, it's time for cybersecurity experts to gaze into their crystal balls and predict what the next year has set in store for the security industry. In the first part of our predictions round-up experts at My1Login, ...
10 months ago Itsecurityguru.org
Fake app impersonating LastPass spotted in Apple's App Store The Register - LastPass says a rogue application impersonating its popular password manager made it past Apple's gatekeepers and was listed in the iOS App Store for unsuspecting folks to download and install. A screenshot of the fake LastPass app in the Apple App ...
8 months ago Go.theregister.com
Convincing LinkedIn 'Profiles' Target Saudi Workers for Information Leakage - Attackers have used hundreds of fake profiles on LinkedIn - many very convincing - to target professionals at companies in Saudi Arabia, not only for financial fraud, but to convince employees in specific roles to provide sensitive corporate ...
10 months ago Darkreading.com
North Korean Hackers Use Fake Job Offers & Salary Bumps as Lure for Crypto Theft - Recent investigations have uncovered a massive operation carried out by North Korean hackers looking to steal cryptocurrency through fake job offers and salary bumps. According to recent reports, hackers have been able to trace the malicious ...
1 year ago Therecord.media
Council Gives Green Light to Europe's Corporate Sustainability Due Diligence Directive - For most businesses, corporate responsibility has evolved from a peripheral concern to a core consideration. Today, with the Council's vote on the European Union Corporate Sustainability Due Diligence Directive, the EU took a significant step toward ...
7 months ago Feedpress.me
Pig Butchering: Fake Trading Apps Target Crypto on Apple, Google Play Stores - Pig Butchering scam targets crypto users with fake trading apps on Apple and Google Play Stores. These apps, found on Apple’s App Store and Google Play, and on phishing sites, are part of a Pig Butchering scam targeting cryptocurrency investors ...
1 month ago Hackread.com
Hajj Pilgrimage Hit by Extensive Phishing and Data Theft Scams - Cybersecurity threats rise during this peak season as millions embark on the annual Hajj pilgrimage. This article offers crucial tips for pilgrims to safeguard themselves online while ensuring a safe and fulfilling Hajj experience. Every year, ...
5 months ago Hackread.com
Watch out for "I can't believe he is gone" Facebook phishing posts - This phishing attack is ongoing and widely spread on Facebook through friend's hacked accounts, as the threat actors build a massive army of stolen accounts for use in further scams on the social media platform. As the posts come from your friends' ...
9 months ago Bleepingcomputer.com
Uncovering Chinas Surveillance of the United States Spies Hackers and Informants - Last week, a Chinese surveillance balloon in the United States caused a diplomatic uproar and raised concerns about how Beijing collects intelligence on its biggest rival. FBI Director Christopher Wray said in 2020 that Chinese spying is the most ...
1 year ago Securityweek.com
Fake Browser Updates Targeting Mac Systems With Infostealer - A widely popular social engineering campaign previously only targeting Windows systems has expanded and is now using fake browser updates to distribute Atomic Stealer, a dangerous information stealer, to macOS systems. Experts say this could be the ...
11 months ago Darkreading.com
CyberCrime & Doing Time: Identification Documents: an Obsolete Fraud Countermeasure - When I'm talking to bankers and other fraud fighters, I often mention how easy it is for a criminal to obtain a Drivers License bearing any information they desire. In the new case, Brianna Mills, a 28-year old bank teller in Loganville, Georgia ...
8 months ago Garwarner.blogspot.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)