Lisa Gresci reports: Coastal Carolina University continues to work to recover money that was stolen from the college in a phishing scam. A release from CCU stated an individual who claimed to represent a company under contract with the university contacted its financial services via email and requested to change the company’s bank account information….
Category: Phishing
Lithuanian Man Arrested For Theft Of Over $100 Million In Fraudulent Email Compromise Scheme Against Multinational Internet Companies
Joon H. Kim, the Acting United States Attorney for the Southern District of New York, and William F. Sweeney Jr., the Assistant Director-in-Charge of the New York Office of the Federal Bureau of Investigation (“FBI”), announced criminal charges against EVALDAS RIMASAUSKAS for orchestrating a fraudulent business email compromise scheme that induced two U.S.-based internet companies…
More reports of false tax returns in wake of W-2 phishing scams
One of the many companies who became victims of W-2 phishing this year is Berkley Mid-Atlantic Group, a property and casualty insurance firm with headquarters in Virginia. DataBreaches.net became aware of their incident when contacted by a former employee. According to BMAG’s notification to employees dated March 10, they had no then-current evidence of any misuse of employees’…
University of Idaho notifies 257 employees after phishing incident
Not all phishing attempts are spear-phishing for W-2 forms. The University of Idaho is notifying employees whose personal information was in an employee’s email account after the employee fell for a phishing attack. From their notification: On January 24, 2017, we detected that one of our accounts was being used to send phishing email. The…
Has W-2 fraud overtaken healthcare as the most lucrative target for cyber-criminals?
Michael Bruemmer, a vice president with the Experian Data Breach Resolution group, poses a question about whether W-2 fraud has become the most lucrative target for criminals when attacking the healthcare sector. But the data he points to – some of which is based on the work DataBreaches.net is doing with Steve Ragan of Salted Hash,…
2016 W-2 data up for sale on the dark web (updated)
As regular readers know by now, DataBreaches.net has been compiling reported instances of W-2 phishing scams. As part of that investigation, I decided to take a quick look today at some dark net marketplaces to see if any data were up for sale. Brian Krebs had reported on this issue in January after finding a…