Over on Salted Hash, Steve Ragan has also been compiling data on victims of business email compromise (BEC) W-2 phishing scams. BEC W-2 phishing scams are the scams where someone poses as an executive of your organization and sends you an email from an address that at first glance might appear to be real. Their email…
Category: Phishing
Victims of W-2 phishing scams (2017 list)
— The list of entities reporting that employee W-2 data was acquired by phishing.– Last year, this site compiled 145 W-2 phishing incidents before I somewhat waved a white flag in terms of trying to keep up, but as I started working on this year’s list, I found even more cases from 2016, bringing the 2016…
Russian hackers behind attempted Polish foreign ministry hack: report
Radio Poland reports: A hacking attempt in December on the computer servers of the Polish Foreign Ministry was likely the work of Russian hackers, according to the Rzeczpospolita daily. The alleged hackers were part of the APT28 group, also known as the Fancy Bear cyber espionage group, which experts identify as being associated with the…
WY: Hospital scammed for employee information (updated with other W-2 phishing incidents)
Update Feb. 2, 2017: The list for 2017 has been moved to its own post that will be updated as more incidents are reported. Original post: First it was Dracut Schools. Then it was Tipton County Schools and then Odessa School District whose employees had their SSN and information from W-2 forms acquired by criminals in phishing…
Odessa one of eight school districts targeted in e-mail phishing scam
Ah, I knew we’d start seeing a lot more of these phishing for W-2 scams. Earlier today, it was a district in Tennessee. Now I learn that eight districts in Missouri that were hit, although it’s not yet clear whether it was the same phishing email/criminals or not. This scammer had files sent to a…
TN: Tipton County Schools employee falls for phish, emails employees’ W-2 data to criminal
Lisa DeLancey reports: A digital security breech (sic) has potentially put the Social Security numbers of Tipton County’s largest employer in the hands of those with malicious intent. Tipton County Director of Schools Dr. William “Buddy” Bibb says the system’s employee records were obtained by an unauthorized third party and sent a letter home with…