Tag Archives: California

IRS warning of new phishing scam to get tax information

FRESNO, Calif. (KFSN) —

The IRS has issued a warning about a phishing scam that is targeting businesses and organizations looking to get your W-2s.

Tax season can be a busy time for employers as companies work to distribute W-2 forms to employees. But now cyber criminals are using sophisticated techniques to con HR departments across the country into giving up sensitive material found in W-2s.

“An executive will email your HR payroll, and it’ll look like it came from the executive and what is asking for employee information W-2s all your employees maybe even socials,” said Kayleena Speakman with the Better Business Bureau.

Speakman says this is actually an old scam just re-invented.

“The old scam was just corporations,” she said. “The new twist is now school districts, tribal organizations even non-profits.”

The head of the IRS is not taking this scam lightly — saying in part:

“This is one of the most dangerous email phishing scams we’ve seen in a long time. It can result in a large-scale theft of sensitive data that criminals can use to commit various crimes, including filing fraudulent tax returns.”

“It’s a very dangerous scam because what’s going to happen if the payroll person actually falls for it and gives these scammers all the information,” Speakman said.

Experts say the best way employers can fight these fraudsters is by looking for red flags – like misspellings and poor grammar in the email.

“Tax season was our number one scam reported in 2016, and I would not be surprised if it wasn’t number one in 2017,” Speakman said.

This particular scam has not be reported in Central California but experts say it is on the rise across the country.

(Copyright ©2017 KFSN-TV. All Rights Reserved.)

Phishing As A Service Twice As Profitable As Traditional Phishing

Imperva Hacker Intelligence Initiative report reveals Phishing-as-a-Service campaigns cost less to execute and are twice as profitable as traditional campaigns

Imperva, Inc. (NYSE:IMPV), committed to protecting business-critical data and applications in the cloud and on-premises, today released its new Hacker Intelligence Initiative (HII) Report: Phishing made easy: Time to rethink your prevention strategy? In the report, researchers at the Imperva Defense Center expose how cybercriminals are lowering the cost and increasing the effectiveness of phishing by leveraging compromised servers and turnkey phishing services, which are the key drivers of the overall increase in phishing attacks.

The 2016 Verizon Data Breach Investigations Report (DBIR) shows a resurgent pattern of people falling prey to phishing campaigns, with 30 percent of recipients in this year’s dataset opening phishing emails. This is alarming given that phishing is the starting point for most network and data breaches. With this in mind, Imperva researchers deconstructed a phishing campaign initiated in mid-June, 2016. Among the most surprising findings was the low cost of launching a phishing campaign and the high projected return on investment for cybercriminals.

Imperva researchers browsed the darknet marketplace to estimate the cost of phishing campaigns and to get a clear picture of the business model. They observed the ease of purchase and low cost of Phishing-as-a-Service (PhaaS) campaigns. In addition, they saw that hackers were easily able to hijack compromised webservers for their campaign, which further lowered the investment needed. Based on the researchers’ analysis of costs, PhaaS is about a quarter of the cost and two times more profitable than a traditional unmanaged phishing campaign, which is skill and labor intensive. Unfortunately, lowering the costs and technology barriers associated with phishing is sure to lead to an increase in phishing campaigns, and the number of people falling victim to these campaigns.

Following the trail of the hackers, the researchers could garner a surprising amount of data on both the victims and the hackers’ social engineering techniques. Diving into the data on victims, it became clear that people were most likely to take the email phishing bait during the hours of 9 a.m. to noon while at work when they were busy writing and replying to emails. Additionally, victims were more likely to enter their username and password to open an email attachment – in this case an Adobe PDF file – than to click on a URL in the email and blindly log in.

The researchers linked the campaign to an Indonesian hacking group that began its “career” with a series of defacement attacks, a form of electronic graffiti, against targets in the U.S., Australia and Indonesia. In late 2015, the group moved on to financially motivated hacking and have been able to mount and actively maintain three different campaigns involving Outlook Web Applications, Wells Fargo’s Online Banking and an Adobe PDF campaign. This group also has been linked to campaigns that use vulnerability scanners for online shops that use the Magento e-commerce system.

“The combination of PhaaS and compromised web servers has significantly lowered the monetary, technological and time investment needed to conduct a successful phishing campaign,” said Amichai Shulman, co-founder and CTO of Imperva. “It’s no longer feasible for enterprises to use the client-side approach of endpoint software to fight phishing attempts because people continue to click nefarious links in email. One way to slow the attacks is to choke off easy access to compromised servers, which would make the phishing business model more expensive and lower profitability. Web applications are ubiquitous today, and web application security needs to be widely adopted to stem the growth of phishing and protect valuable data and applications.”

To access a copy of the HII Report, Phishing made easy: Time to rethink our prevention strategy?, please visit bit.ly/2hbBFbu or to see the Infographic visit bit.ly/2gdH8gh.

About Imperva

imperva_2016Imperva® (NYSE:IMPV), is a leading provider of cyber security solutions that protect business-critical data and applications. The company’s SecureSphere, Incapsula and Skyfence product lines enable organizations to discover assets and risks, protect information wherever it lives – in the cloud and on-premises – and comply with regulations. The Imperva Application Defense Center, a research team comprised of some of the world’s leading experts in data and application security, continually enhances Imperva products with up-to-the-minute threat intelligence, and publishes reports that provide insight and guidance on the latest threats and how to mitigate them. Imperva is headquartered in Redwood Shores, California

Man convicted of hacking Gmail and iCloud accounts of at least 30 celebrities in LA

A man who hacked the Apple iCloud and Gmail accounts of hundreds of people, including celebrities in Los Angeles, from his computer in Chicago has pleaded guilty to computer fraud in federal court, authorities said.

Edward Majerczyk, 28, pleaded guilty Tuesday to violating the Computer Fraud and Abuse Act and faces a maximum of five years in prison, though court documents show he’ll likely be sentenced to between six months and one year.

According to prosecutors, between Nov. 23, 2013 and August 2014 Majerczyk conducted a phishing scheme that tricked unsuspecting victims online into turning over their user names and passwords for such services as Apple’s iCloud and Google’s Gmail.

Using email addresses like appleprivacysecurity@icloud.com and appleprivacy@icloud.com, Majerczyk duped more than 300 people — including at least 30 L.A.-based celebrities — into clicking on links that redirected them to a website where Majerczyk could see them enter their username and password.

The emails he sent out led the victims to believe they were receiving messages from their Internet service providers, officials said.

Majerczyk used the information he obtained through the scam to rummage through his victims’ personal files and steal photographs and videos. He’s scheduled to be sentenced Jan. 10.

“The defendant’s acceptance of responsibility for his role in the intrusion of his victims’ accounts and their personal lives is a welcome development in this continuing investigation,” said Deirdre Fike, the assistant director in charge of the FBI’s office in Los Angeles, in a statement. “All of us who use personal phones or devices must protect our data with strong passwords and two-factor authentication, as well as to be cautious of solicitations that can compromise our private information.”


For breaking California news, follow @JosephSerna on Twitter.