The Weekly Top 3 - ED-22.2016

By Jon Phish, Thu 02 June 2016, in category News

APT, bitcoin, immigration, malware, phishing, students, vishing, weekly

The Weekly Top 3 are the three most relevant news stories for the week that are related to phishing scams and activities reported in the media, security blogs and security magazines on the Internet. This week, we look at phishing activities related to UK Students, a Kraken and a stealthy Falcon.

Criminals Using Passport Information Phone Scam to Target Students

Foreign students studying in the UK are the latest victim of a vishing scam. Scammers have obtained the personal information about Tier 4 visa students and are using this information to scam these students out of money. The scam involves an phone call from an individual claiming to represent the UK Home Office. The scammers tell the students that they owe the UK government money for an "immigration service". They continue to threaten the student with imprisonment, if they do not pay the fee. These aggressive attacks often coerced the student into making the payment. Even though the scammers are not calling from the Home Office, they have masked their number so that the caller ID matches that of the Home Office. Click the link below to read more.

http://www.yorkvision.co.uk/news/criminals-tell-students-weve-got-your-passport-number-pay-up-or-get-kicked-out-of-the-country/02/06/2016

Kraken Phishing E-mal Targets Bitcointalk Users And Mt. Gox Victims

Recently users of the forum Bitcointalk received an phishing e-mail purporting to come from the Kraken Bitcoin Exchange. The e-mail claimed to have information about the ongoing investigation into the Mt. Gox exchange. The phishing e-mail stated that contained a list of accepted and rejected Mt. Gox claims and it contained a link to a file stored on Google Drive. Once the victim downloaded and opened the file, their computer was infected with either malware or ransomware. Even though the phishing e-mail was directed at Mt. Gox victims, it appears that the actual target of these scammers are users of the forum, who in most cases don't have any claims with Mt. Gox. Click the link below to read more.

http://bitcoinist.net/spoofed-kraken-email-is-a-mt-gox-victims-phishing-attempt/

Stealth Falcon Targets UAE Activists And Dissidents

An Advanced Persistent Threat (APT) group named Stealth Falcon had recently carried out a phishing campaign that targeted UAE journalists, activists and dissidents. The cyber espionage group's actions have been linked to the UAE government. The phishing campaign involved the use of both e-mail and social media messages to spread custom made spyware onto their target's computer. The spyware was delivered by Office document files that were either attached to the message or a link was provided to download the malicious document file. Researchers stated that once installed, the spyware would transfer data to numerous Command & Control servers. This data would then be analyzed and reported by the group. Click the link below to read more.

http://www.ibtimes.co.uk/cyberespionage-group-stealth-falcon-targeting-uae-dissidents-spyware-1563092