The Weekly Top 3 are the three most relevant news stories for the week that are related to phishing scams and activities reported in the media, security blogs and security magazines on the Internet. This week, we look at phishing activities related to SevOne, Seagate and the unemployed.
A digital infrastructure management company named SevOne is the latest company to fall victim to a spear phishing scam. Earlier this week, the company disclosed that employee information was sent to an unauthorized recipient as a consequence of a spear phishing e-mail. The company has not released the details of this incident, but has stated that employees’ names, addresses, salaries and Social Security numbers were stolen. It is likely that the scammers who received this information would use it to file false tax returns or commit identity theft. Click the link below to read more.
The popular technology company, Seagate has also been the victim of a spear phishing scam. Employee information was stolen as well, in this phishing attack. The scam targeted the HR department of the company. In this instance, a spear phishing e-mail was received by an employee that appeared to have been sent by the CEO. In the e-mail the fake CEO requested the company’s W2 (tax) forms. This request tricked the employee into sending the information to the scammer. As a result, employees’ names, addresses, birth dates and other information were stolen. In response to the data breach, the company has offered their employees identity theft protection. Click the link below to read more.
The Iowa Workforce Development agency in Mason City, Iowa, U.S.A., recently learnt of several phishing scams targeting unemployed persons in the State. The phishing scams involved an e-mails being sent to Iowans who filed for unemployment and were awaiting benefits. There were no details given about the phishing e-mails, but the agency had stated that clicking on a link in the body of an e-mail could either infect your computer with malware or forward you to a fake website. This fake website was used to steal the victim’s personal and/or credit card information. Click the link below to read more.