Data: The new face of phishing
Today phishing scams have become so elaborate that they can take a variety of forms, including a phony job interview.
In December, hackers from the Lazarus Group posted a fake developer job on LinkedIn to lure unsuspecting bank IT professionals for a sophisticated scam. An IT staffer working for the Chilean interbank ATM network, Redbanc, unwittingly responded. Once the confidence had been gained, the hackers (who have ties to the North Korean dictatorship) convinced the bank staffer to download a job application program containing malware onto his work computer. Redbanc claims it had identified the threat in time and took appropriate security measures, however, the true extent of the damage may still yet be unfolding.
According to the FBI’s Internet Crime Complaint Center (also known as IC3) one of the more popular phishing scams is business email compromise, where fraudsters target businesses that work with foreign suppliers and/or regularly perform wire transfers. By imitating a company’s senior executive, such as the CEO or CFO, fraudsters will send an email to an accounting clerk attempting to get them to wire funds to a new supplier in order to pay a fake overdue bill. Another common ruse is called tech support fraud in which criminals claim to provide updated security or technical support in an effort to gain access to an individual’s devices.