CyberheistNews Vol 12 #41 [HEADS UP] The Outdated Nigerian Prince Rip-off Resurfaces as Russian Billionaire Fraud

Scammers proceed to get artistic in relation to present occasions – and this new rip-off isn’t any exception.

Fraudsters are impersonating Viktor Zubkov, a detailed ally to Vladimir Putin with a faux e mail. Zubkov, who served because the thirty sixth Prime Minister of Russia in 2007-2008, and Putin’s First Deputy Prime Minister throughout the presidency of Dmitry Medvedev, can also be a board member of Gazprom, a state-owned power big.

One of these “advance price Nigerian Prince rip-off” exploits a faux alternative to get wealthy fast, supposedly made doable by worldwide sanctions on Russia. Within the weblog is an instance screenshot of the e-mail.

Victims conform to share their accounts with the cybercriminals so “cash could be transferred” and/or are being requested to pay a small sum in order that they may get this huge quantity transferred to their account. The fact is that their checking account is drained and their personal info is stolen.

When you’re a KnowBe4 buyer, we created a template so that you can use. To search out the template, go to System Templates and both search by the template identify (Assist for the Russian individuals (Hyperlink)) within the search bar, or go to the Present Occasions class, kind by final up to date, and discover the identify there.

DID YOU KNOW?: When making a phishing marketing campaign, you could have a brand-new AI choice to routinely choose the templates utilized in your marketing campaign referred to as AIDA Chosen Phishing Templates.

This function makes use of knowledge from KnowBe4’s Synthetic Intelligence Pushed Agent (AIDA) to pick essentially the most related and difficult template for every consumer. AIDA Chosen templates are chosen primarily based on a consumer’s coaching historical past, phishing occasions, and efficiency metrics, equivalent to their Phish-prone Share and Safety Consciousness Proficiency Evaluation (SAPA) outcomes. The extra knowledge AIDA has, the higher it really works, so we suggest utilizing these templates for customers who’ve some prior coaching or phishing historical past. Particulars at Assist: https://assist.knowbe4.com/hc/en-us/articles/1500003848062-Automated-Template-Choice

New-school safety consciousness coaching will make certain your customers are capable of spot and report a suspicious phishing e mail that leverages any current present occasion.

Weblog submit with hyperlinks and screenshots:
https://weblog.knowbe4.com/heads-up-the-old-nigerian-prince-scam-resurfaces-as-russian-billionaire-fraud

What actually makes a “sturdy” password? And why are you and your end-users regularly tortured by them? How do hackers crack your passwords with ease? And what can/do you have to do to enhance your group’s authentication strategies?

Password complexity, size, and rotation necessities are the bane of IT departments’ existence and are actually the reason for 1000’s of information breaches. But it surely would not must be that manner!

Be a part of Roger A. Grimes, KnowBe4’s Knowledge-Pushed Protection Evangelist, for this thought-provoking webinar the place he’ll share the most typical dangers related to passwords and the best way to develop password insurance policies that work.

You’ll be taught:

• What that you must find out about password size and complexity
• How password assaults work and which of them you have to be most apprehensive about
• What your password coverage must be and why
• Why your group must be utilizing a password supervisor

Begin bettering your password defenses now and earn CPE credit score for attending!

Date/Time: TOMORROW, Wednesday, October 12 @ 2:00 PM (ET)

Cannot attend dwell? No worries — register now and you’ll obtain a hyperlink to view the presentation on-demand afterwards.

Save My Spot!
https://occasion.on24.com/wcc/r/3965199/BEEE85F6F4BB3DA348940F484A8296A8?partnerref=CHN

Here is the highest 5 do’s and don’ts on your phishing simulation workouts.

1. First, conduct your baseline phishing simulation to get an thought of the place your group stands in comparison with others in your trade or dimension of group.
2. After that, let your customers find out about what you might be doing. Be sure that your customers are conscious of the phishing simulation plan. In fact, after this you need to present them safety consciousness coaching.
3. Be certain they know why the phishing program is occurring and embody it in your onboarding of any new workers in addition to briefing current staff. Don’t minimize them off in communications to the InfoSec or IT groups once they uncover a phishing e mail, professional or not. Guarantee they’ve some type of communication technique again to you, like a phishing alert button.
4. Contemplate your group’s tradition when figuring out the necessity to use monetary incentives in a phishing simulation e mail. Whereas this may increasingly get straightforward clicks, there have been unfavorable repercussions and you will want to be delicate to your staff. In the course of layoff, it might be considered as merciless. Use warning and sensitivity when launching such a marketing campaign. Extra importantly, clarify to your customers how they’d obtain updates concerning wage updates or adjustments with their wage and whether or not the group would use these monetary incentive phishing emails.
5. Lastly, remind your customers that phishing simulation emails are a coaching instrument, not a “gotcha” train. It’s important to teach your customers and keep away from making them suppose this can be a manner you will trick them into falling for a phishing assault. Be sure that your customers know that is to teach them and assist them spot the true phishing emails of their inboxes, in order that they keep secure on the workplace but in addition hold their household secure at residence.

Weblog submit with hyperlinks:
https://weblog.knowbe4.com/phishing-dos-donts

Cybercriminals are at all times developing with new, devious phishing strategies to trick your customers. PhishFlip is a brand new PhishER function that permits you to reply in actual time and switch the tables on these risk actors. With PhishFlip, now you can instantly “flip” a harmful assault into an instantaneous real-world coaching alternative on your customers.

Your customers are seemingly already reporting probably harmful emails in some style inside your group. Now you can mix your current PhishRIP e mail quarantine functionality with the brand new PhishFlip function that routinely replaces energetic phishing threats with a brand new defanged look-alike again into your customers’ mailbox.

The brand new PhishFlip function is included in PhishER—sure you learn that proper, no further price— so now you possibly can flip the tables on these risk actors and flip focused phishing assaults right into a simulated phishing check for all customers. This new function dramatically reduces knowledge breach threat and the burden in your IT and InfoSec groups.

See how one can greatest handle your user-reported messages.

Be a part of us Be a part of us Wednesday, October 19 @ 2:00 PM (ET) for a dwell 30-minute demonstration of PhishER, the #1 Chief within the G2 Grid Report for SOAR Software program. With PhishER you possibly can:

• NEW! Routinely flip energetic phishing assaults into secure simulated phishing campaigns with PhishFlip. You’ll be able to even substitute energetic phishing emails with secure look-alikes in your consumer’s inbox.
• Simply search, discover, and take away e mail threats with PhishRIP, PhishER’s e mail quarantine function for Microsoft 365 and Google Workspace
• Lower by your Incident Response inbox noise and reply to essentially the most harmful threats extra rapidly
• Automate message prioritization by guidelines you set into certainly one of three classes: Clear, Spam or Risk
• Straightforward integration with KnowBe4’s e mail add-in button, Phish Alert, or forwarding to a mailbox works too!

Learn the way including PhishER generally is a large time-saver on your Incident Response staff!

Date/Time: Be a part of us Wednesday, October 19 @ 2:00 PM (ET)

Save My Spot!
https://occasion.on24.com/wcc/r/3947036/49116A6349851E63F37E0A762CF6DDF2?partnerref=CHN

The U.S. Federal Communications Fee (FCC) affords recommendation on the best way to keep away from falling for scams that comply with within the wake of pure disasters like Hurricane Ian. Scammers goal victims of disasters in addition to individuals making an attempt to donate to charities.

“First, know that officers with authorities catastrophe help businesses don’t name or textual content asking for monetary account info, and that there isn’t a price required to use for or get catastrophe help from FEMA or the Small Enterprise Administration,” the FCC says. “Anybody claiming to be a federal official who asks for cash is an imposter.”

The FCC provides that customers ought to at all times be suspicious of cellphone calls that ask for info.

“Keep in mind that cellphone scams typically use spoofing strategies to intentionally falsify the knowledge transmitted to your caller ID show to disguise their id or make the decision seem like official,” the alert says. “If somebody calls claiming to be a authorities official, grasp up and name the quantity listed on that authorities company’s official web site.

“By no means reveal any private info until you have confirmed you are coping with a professional official. Employees and brokers who knock on doorways of residences are required to hold official identification and present it upon request, they usually might not ask for or settle for cash.”

Moreover, customers ought to contact their insurance coverage suppliers straight somewhat than counting on unsolicited cellphone calls, emails or textual content messages.

“When you get a cellphone name about an insurance coverage declare or coverage, do not give out any private info or conform to any fee till you possibly can independently confirm that the decision is professional,” the alert says. “If the caller says they’re out of your insurance coverage firm, grasp up and phone your agent or the corporate straight utilizing the quantity in your account assertion…”

“Contractors and residential enchancment corporations can also name claiming to be companions together with your insurance coverage supplier,” the FCC says. “By no means give coverage numbers, protection particulars, or different private info out to corporations with whom you haven’t entered right into a contract. In case your state requires licensing, confirm that any contractor you might be contemplating is licensed and carries ample insurance coverage. Many states have on-line databases you possibly can examine.”

Weblog submit with hyperlinks:
https://weblog.knowbe4.com/fcc-warns-of-post-hurricane-scams

And right here is one other hyperlink to an article you must share with staff, family and friends who’re within the course of of shopping for a home.

Hackers Goal Keen Homebuyers With a Dumb Rip-off That Retains Working. https://www.bloomberg.com/information/options/2022-10-07/hackers-target-homebuyers-life-savings-in-real-estate-scam

October is Cybersecurity Consciousness Month, and we have got you coated!

Get the assets that you must assist your customers defend towards cybercrime from anyplace.

In right now’s hybrid work setting, your customers are extra prone than ever to assaults like phishing and social engineering. Cybercriminals know this and are always altering techniques to use new vulnerabilities.

We have put collectively these assets so you possibly can hold your customers on their toes with safety high of thoughts. Request your package now to assist your customers defend towards cybercrime whether or not they’re absolutely distant, again within the workplace, or a mix of each.

Here’s what you will get:

• Entry to free assets for you together with our hottest on-demand webinar and whitepaper
• Sources that can assist you plan your actions, together with your Cybersecurity Consciousness Month Information and Cybersecurity Consciousness Weekly Planner
• New featured interactive coaching module on your customers: “2022 Social Engineering Pink Flags,” plus three extra interactive coaching modules, all accessible in a number of languages
• Sources to share together with your customers together with coaching movies, safety docs, tip sheets, safety hints and ideas newsletters, plus posters and digital signage property
• All property are printable and accessible digitally, to allow them to be delivered to your customers regardless of the place they’re working from

Get Your Free Cybersecurity Consciousness Month Useful resource Package Now!
https://www.knowbe4.com/cybersecurity-awareness-month-resource-kit-chn

A person from Atlanta, Georgia, has been convicted of working romance scams and enterprise e mail compromise assaults that netted him over $9.5 million, the U.S. Justice Division has introduced.

“Elvis Eghosa Ogiekpolor has been sentenced to 25 years in federal jail for cash laundering and conspiracy to commit cash laundering after being convicted at trial,” the Justice Division mentioned in a press launch.

“Ogiekpolor opened and directed others to open not less than 50 fraudulent enterprise financial institution accounts that acquired over $9.5 million {dollars} from varied on-line frauds, together with romance frauds and enterprise e mail compromise scams (‘BECs’). He then laundered the fraud proceeds utilizing different accounts, together with dozens of accounts abroad.”

13 victims of the romance scams, largely girls, testified in Ogiekpolor’s trial, although the Justice Division notes that there have been many extra victims of the fraud operation.

“The victims recounted how they met male strangers on-line and had been quickly satisfied they had been in a romantic relationship with the boys, regardless that the victims had been in communication with the people for months with out assembly in individual,” the Justice Division says.

“Typically these males claimed they wished to start out a life with the victims and had been desirous to dwell with them as quickly as some sort of difficulty was resolved. For instance, one romance fraud sufferer was satisfied to wire $32,000 to one of many accounts Ogiekpolor managed as a result of her ‘boyfriend’ (one of many males on-line) claimed part of his oil rig wanted to get replaced however that his checking account was frozen.

This sufferer borrowed towards her retirement and financial savings to offer the funds, which finally required her to refinance her residence to pay again the mortgage. One other sufferer testified that she was satisfied to ship practically $70,000 as a result of the person she met on eHarmony claimed to want cash to promptly make fee on a number of invoices as a result of a frozen checking account.”

New-school safety consciousness coaching permits your staff to thwart social engineering assaults and make sensible safety selections.

Weblog submit with hyperlinks:
https://weblog.knowbe4.com/cybercriminal-faces-prison-time-over-romance-scams

Let’s keep secure on the market.

Heat Regards,

Stu Sjouwerman, SACP
Founder and CEO
KnowBe4, Inc.

PS: [Forbes Budget Ammo] Educating Customers About ‘Phishable’ Multifactor Authentication:
https://www.forbes.com/websites/forbestechcouncil/2022/10/07/educating-users-about-phishable-multifactor-authentication/

PPPS: [New Integrations Page] KnowBe4 works with leaders from throughout the expertise panorama to offer API-based integrations to attach the KnowBe4 platform with techniques and distributors that our clients already depend on. We’re happy to share our model new Integrations webpage:
https://www.knowbe4.com/integrations

You’ll be able to learn CyberheistNews on-line at our Weblog
https://weblog.knowbe4.com/cyberheistnews-vol-12-41-the-old-nigerian-prince-scam-resurfaces-as-russian-billionaire-fraud

Scammers are posing as safety researchers and making an attempt to promote phony exploits for Microsoft Trade Server, based on Lawrence Abrams at BleepingComputer. Microsoft just lately acknowledged that two zero-day vulnerabilities in Trade Server had been being exploited in restricted assaults by a suspected state-sponsored risk actor.

Whereas the vulnerabilities are actual, their particulars have been saved personal to stop different risk actors from exploiting them earlier than Microsoft releases safety patches. Exploits for the vulnerabilities can be very worthwhile for hackers and researchers within the meantime, so scammers are promoting phony exploits on GitHub.

“To reap the benefits of this lull earlier than the storm, a scammer has begun creating GitHub repositories the place they try and promote faux proof-of-concept exploits for the Trade CVE-2022-41040 and CVE-2022-41082 vulnerabilities,” Abrams explains.

“Huntress Lab’s John Hammond has been following these scammers, discovering 5 now-removed accounts making an attempt to promote the phony exploits. One other rip-off account discovered by Paulo Pacheco impersonated Kevin Beaumont (aka GossTheDog), a well known safety researcher/skilled who has been documenting the brand new Trade vulnerabilities and accessible mitigations.”

The phony exploits are being offered for round $420 price of Bitcoin, which Abrams says is one other pink flag. “These vulnerabilities are price excess of $400, with Zerodium providing not less than $250,000 for Microsoft Trade distant code execution zero days,” Abrams says.

“It ought to go with out saying that that is only a rip-off, and sending any bitcoin will seemingly not end in you receiving something. Moreover, with all the knowledge already accessible, determining an exploit for the bugs is probably going not going to be too tough, particularly for extra superior risk actors, equivalent to state-sponsored hackers who would have an incentive to breach organizations of curiosity.”

New-school safety consciousness coaching can train your staff to comply with safety greatest practices to allow them to keep away from falling for social engineering assaults.

BleepingComputer has the story:
https://www.bleepingcomputer.com/information/safety/fake-microsoft-exchange-proxynotshell-exploits-for-sale-on-github/

The Bundeskriminalamt (BKA), Germany’s federal felony police, raided three properties on Thursday, September twenty ninth, in the midst of an investigation of a cyber felony operation the BKA says netted roughly 4 million Euros from its victims.

Two suspects had been arrested and charged; the disposition of the third particular person will depend on the outcomes of additional investigation. A press release by the BKA (offered by BleepingComputer) defined the character of the fraud, which depended upon unusually trustworthy and convincing spoofed communications that misrepresented themselves as being from the victims’ banks.

The emails advised the victims that adjustments to the financial institution’s safety system would have an effect on their accounts, and that they need to comply with a hyperlink to rearrange continued entry to their accounts. The hyperlink led to a convincing phishing web page. “There, the phishing victims had been requested to enter their login knowledge and a present TAN [Transaktionsnummer–a number associated with a particular transaction], which in flip enabled the fraudsters to see all the info within the account of the respective sufferer – together with the quantity and availability of credit score.”

Additional engagement with the victims induced them to surrender extra TANs, which the criminals used to withdraw the victims’ funds.

The rip-off is fascinating in different methods. For one factor, the criminals used distributed denial-of-service (DDoS) assaults towards banking web sites as misdirection for his or her imposture. The professional websites might have suffered from decreased availability, however the phishing websites, after all, remained accessible.

One other fascinating side of the case is the criminals’ alleged employment of “different cyber criminals who promote varied types of cyber assaults as ‘Crime-as-a-Service’” (the BKA makes use of the English phrase) “on the darkish internet.”

Some particulars are being withheld pending additional investigation. This explicit crime appears to have affected largely people, however its scale and strategy recommend that organizations may very well be susceptible to related scams.

BleepingComputer has the story:
https://www.bleepingcomputer.com/information/safety/germany-arrests-hacker-for-stealing-4-million-via-phishing-attacks/.

“We accomplished our first phishing check, and the staff is presently taking the primary safety coaching course. It has been straightforward to make use of the console to arrange, monitor, and evaluate the outcomes. As soon as the preliminary coaching has been accomplished, we are going to establish the cadence for future phishing assessments and coaching. Victoria S has been very useful with answering my questions and reviewing what I arrange.

Here’s a shaggy dog story that simply occurred. Our VP despatched an e mail to the staff yesterday with an embedded hyperlink. One of many staff members that simply accomplished the coaching despatched me an e mail stating that she was scared to open the VP’s e mail, and he or she mentioned “Safety coaching was nice, however now I’m tremendous paranoid.”

– C.C., IT Challenge Lead