The Weekly Top 3 are the three most relevant news stories for the week that are related to phishing scams and activities reported in the media, security blogs and security magazines on the Internet. This week, we look at phishing activities related to Main Line Health, First National Bank and Snapchat.
Main Line Health Employee Information Leaked
Another health institution has become a victim of a spear phishing scam this week. The Main Line Health organization in Philadelphia, U.S.A. had their employee data stolen by a scammer. The scammer pretended to be an executive of the company in a spear phishing e-mail sent to an employee. In the e-mail the fake executive requested the personal information of all employees. As a result, approximately 11,000 employees were affected by the data breach and the scammer was able to obtain employee names, Social Security Numbers, birth dates, addresses and salaries. Click the link below to read more.
Thousands Of Rands Lost In FNB, MTN Phishing Scam
A South African forensic investigator uncovered a Sim-swapping scam, which netted the scammer thousands of rands from the country's First National Bank. The scam involved the scammer tricking the MTN call center operator into moving the doctor's phone number to another SIM card owned by the scammer. This allowed the scammer to monitor the doctor's mobile phone and eventually transfer funds out of the doctor's bank account. This unauthorized SIM card change was not disclosed by MTN and therefore it took a while before the doctor noticed the stolen monies. Click the link below to read more.
Snapchat Employee Falls For Phishing E-mail
Yet again another employee has fallen for a spear phishing scam, which allowed scammers to steal employee information. However, the company involved in the breach was Snapchat. The spear phishing e-mail was sent to an employee in the payroll department and appeared to come from the Chief Executive of Snapchat. It requested employee information from all employees who worked for the company. As a result, over 700 present and past employees were affected when the employee who received the e-mail, sent the information to the scammer. The information disclosed included name, address, Social Security numbers, salaries and other tax information. Click the link below to read more.