Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Impersonation Techniques. Show all posts

US Arrested Multi-year Phishing Scam Suspect

 

An Italian man who was involved in a multi-year phishing scam aimed towards fraudulently stealing hundreds of unpublished book manuscripts from popular authors such as Margaret Atwood and Ethan Hawke − has been imprisoned. The accused will be in prison for a maximum of 20 years if found guilty of wire fraud and another additional two years for a count of aggravated identity theft. 

The Department of Justice while reporting on the incident, stated, that the man is 29-year-old Filippo Bernardini, was arrested by the FBI on Wednesday at the John F. Kennedy International Airport, in New York. The report also said that he was previously working at London-based publisher Simon & Schuster who allegedly impersonated editors, agents, and others personnel involved in the publishing industry to obtain manuscripts of unpublished books fraudulently. 

“We were shocked and horrified on Wednesday to learn of the allegations of fraud and identity theft by an employee of Simon & Schuster UK. The employee has been suspended pending further information on the case…” Simon & Schuster said in a statement to Variety. 

“…The safekeeping of our authors’ intellectual property is of primary importance to Simon & Schuster, and for all in the publishing industry, and we are grateful to the FBI for investigating these incidents and bringing charges against the alleged perpetrator.” 

Following the incident, agencies said that the scheme was started in August 2016 wherein Bernardini used various fake email addresses which were linked to over 160 domains spoofing literary talent agencies, literary scouting agencies, and publishing houses. 

Furthermore, he also sent phishing emails attacking employees of a New York City-based literary scouting company and obtained their sensitive data to gain access to the organization’s database of synopses and other information regarding upcoming books. 

"These prepublication manuscripts are valuable, and the unauthorized release of a manuscript can dramatically undermine the economics of publishing, and publishing houses generally work to identify and stop the release of pirated, prepublication, manuscripts," the Department of Justice said today. 

"Such pirating can also undermine the secondary markets for published work, such as film and television, and can harm an author’s reputation where an early draft of the written material is distributed in a working form that is not in a finished state."

Employees in Retail Industry Most Frequently Targeted by Malicious Emails, New Study Reveals

 

A new study from security firm Tessian highlights the sophisticated techniques employed by threat actors to evade detection and trick employees. Between July 2020-July 2021, two million malicious emails bypassed traditional email defenses, like secure email gateways, placing many employers at risk of data breach and cyber fraud. 

According to the study, retail industry was targeted far more than any other industry, with the average employee in this sector receiving 49 malicious emails a year. This is significantly higher than the overall average of 14 emails per user, per year. Employees in the manufacturing industry were also identified as major targets, with the average worker receiving 31 malicious emails a year. 

The most common technique employed by the attackers was display name spoofing (19%), where the hacker modifies the sender’s name and disguises themselves as someone the victim recognizes. Domain impersonation, where the attacker sets up an email address that looks like a legitimate one, was used in 11% of threats discovered. The brands most likely to be impersonated were Microsoft, ADP, Amazon, Adobe Sign, and Zoom. 

Threat actors also targeted employees in the legal and financial services industries through account takeover attacks. In this method, the malicious emails come from a trusted vendor or supplier’s legitimate email address. They likely won’t be flagged by a secure email gateway as suspicious and to the person receiving the email, it would look like the real deal. 

Interestingly, less than one quarter (24%) of the emails examined in the study contained an attachment, while 12% contained neither a URL nor file — the typical indicators of a phishing attack. Links, however, do still prove to be a popular and effective payload, with 44% of malicious emails containing a URL.

Interestingly, threat actors deliver malicious emails around 2 p.m. and 6 p.m. in the hopes that a phishing email, sent during the late afternoon, will slip past a tired or distracted employee. 

“Gone are the days of the bulk spam and phishing attacks, and here to stay is the highly targeted spear phishing email. Why? Because they reap the biggest rewards. The problem is that these types of attacks are evolving every day. Cybercriminals are always finding ways to bypass detection and reach employees’ inboxes, leaving people as organizations’ last line of defense. It’s completely unreasonable to expect every employee to identify every sophisticated phishing attack and not fall for them. Even with training, people will make mistakes or be tricked,” said Josh Yavor, Tessian’s CISO.

“Businesses need a more advanced approach to email security to stop the threats that are getting through – the attacks that are causing the most damage – because it’s not enough to rely on your people 100% of the time,” he added.