While I keep updating my leetle list of entities disclosing their employees’ W-2 data has been phished, Brian Krebs reports that the FBI has issued an alert: The U.S. Federal Bureau of Investigation (FBI) this week warned about a “dramatic” increase in so-called “CEO fraud,” e-mail scams in which the attacker spoofs a message from the boss…
Category: Phishing
Metropolitan Jewish Health System notifies members and patients of phishing incident
Notice Regarding Phishing Email Incident Metropolitan Jewish Health System, Inc. and its participating agencies and programs (including Menorah Home and Hospital for the Aged and Infirm d/b/a Menorah Center for Rehabilitation and Nursing Care; Metropolitan Jewish Home Care, Inc. d/b/a MJHS Home Care; MJHS Hospice and Palliative Care, Inc.; Institute for Applied Gerontology d/b/a MJHS…
Mattel nearly loses $3M to a phishing scam
Bryan Clark reports: A finance executive fell victim to a phishing scam that saw the Los Angeles-based maker of children’s toys wire a cool $3 million to Chinese hackers. Expertly timed during a period of corporate change, the email hit the inbox of the unnamed executive and requested a new vendor payment in the amount of…
Grand Ole Opry Parent Company Falls Victim to Phishing Scam
Today’s reminder that we’re not done with all the phishing that snagged employee W-2 data. Nashville’s Ryman Hospitality Properties has fallen victim to a fraudulent phishing scam that resulted in employees’ IRS W-2 information, which includes Social Security numbers, being disclosed externally, Billboard has learned. The company is parent to entertainment brands the Grand Ole Opry, Nashville’s historic Ryman Auditorium and legendary…
Hackers reportedly access OpSec employee data
How embarrassing would it be to have a firm named OpSec Security that advertises it’s “trusted by over 400 companies and 50 government agencies” – and then it falls for a phishing scheme? Tim Stuhldreher reports: In the wake of a data breach, an anti-counterfeiting company with local sales and manufacturing operations is advising its employees to be…
Hackers spear phish dozens of Russian banks, posing as FinCert
TASS reports: Hackers attacked dozens of Russian banks by sending letters on behalf of FinCert on Tuesday, March 15, Kaspersky Lab said in a report on Wednesday. FinCert is a structure of the Central Bank, which warns financial institutions of cyber threats. “On March 15, dozens of Russian banks became targets of cyberattacks by means…