Recent reports have highlighted a different kind of phishing scam, as Brian Krebs notes:
The U.S. Federal Bureau of Investigation (FBI) this week warned about a “dramatic” increase in so-called “CEO fraud,” e-mail scams in which the attacker spoofs a message from the boss and tricks someone at the organization into wiring funds to the fraudsters. The FBI estimates these scams have cost organizations more than $2.3 billion in losses over the past three years.
We've seen variations on this at the University of Minnesota, the most recent one attempting to collect all the W2 data from the U:
The good news is our staff has been appropriately skeptical of such attempts and never responded (at all) to the attackers. The takeaway is:
- Always question unusual requests, even if they DO come from the email of a colleague or management
- When in doubt, reach out and report such email to phishing@umn.edu
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.