The Weekly Top 3 are the three most relevant news stories for the week that are related to phishing scams and activities reported in the media, security blogs and security magazines on the Internet. This week, we look at phishing activities related to the University of Michigan, Skype and US Federal Agency.
Students and staff of the University of Michigan have been compromised as a result of a phishing scam. The University stated that the victims who clicked on the link in the phishing e-mails had their names, dates of birth, Social Security Numbers and passwords stolen. According to the administration, scammers set up fake Google Forms and sent e-mails claiming to be from the Internal Revenue Service. The victims were tricked into validating their information by clicking on the link in the e-mail. This link forwarded them to the Google Form, which was used to steal their personal information. Furthermore, there were also reports of other phishing scams including e-mails related to "academic publishing". Click on the link below to read more.
Botnets are a common place and they usually run on computer systems. However, a researcher at PhishMe recently showed that botnets can survive on the Cloud. This particular botnet used Skype to trick victims into downloading Adware onto their systems. The attack starts with the victim receiving a call from the scammer. Once the call is answered, a voice directs the user to click the download link, that is given to them in the chat window. This download contains a "proprietary" video player which contains additional code used to install Adware. The attacker receives money on a per-install or per-download basis. This attack makes the campaign very lucrative for the attacker, but cumbersome for the victim because the Adware takes resources from the victim's computer. Click on the link below to read more.
Earlier this week, hackers breached the US government agency network and stole the personal information of approximately four million federal workers. The Office of Personnel Management announced that the breach occurred in December 2014. This breach is significant because the data stolen could be used for further attacks on US government systems. However, hackers have stolen the names, Social Security Numbers, job assignments and performance ratings of federal workers. This data could be used in further spear-phishing attacks across agencies and is likely a precursor to penetrating other systems and agencies. No other details have been given as to how the systems were accessed, but the attacks have been neutralized. Click on the link below to read more.