骗子冒充美国能源部官员展开勒索

UK police are warning that fraudsters are posing as Department of Education officials in order trick schools into installing ransomware.
An Action Fraud notice claimed that the fraudsters have been cold calling education institutions pretending to be government officials and socially engineering the victim into giving them the email address of the head teacher, in order to send across “sensitive information.”
The resulting email contains a .zip attachment loaded with ransomware that will apparently demand up to £8000 to recover the files.
盘江股份:关于获得政府补助的公告
Action Fraud claimed similar cases have been noted where the fraudsters pretend to be calling from the Department for Work and Pensions, or even telecom providers.
最终用户也不再相信会有更多的防火墙、入侵检测及防御或者安全加密来保护他们的关键系统和数据,如何提升员工的信息安全意识呢?
The newly reported incidents represent an escalation in tactics designed to get ransomware on the networks of targets presumably selected because they may be relatively poorly secured, and be willing to pay a high penalty to gain access back to their data.
“Once again, hackers have preyed on the weakest link in security – the end-user – but this is not where the fault lies. It’s unfair to expect busy teachers to be able to tell the difference between an email from the Department of Education and these sophisticated mimics,” argued Fraser Kyne, EMEA CTO at Bromium.
“Hackers are clever and convincing con artists, yet the industry continues to try and convince us that they can be defeated through detection tools and user education. As we can see from the rise in such attacks, this approach is neither realistic nor effective.”
In related news, new tactics designed to deliver the Petya variant GoldenEye have been discovered using fake job application emails.
The new campaign is designed to target HR staff, with the ransomware hidden in a malicious attachment masquerading as a CV, according to Check Point.
The emails also contain a harmless PDF as covering letter in order to lull the recipient into a false sense of security, the vendor claimed.
英国警方提醒,诈骗分子冒充为魔术学校教育部官员安装勒索。
诉讼欺诈的通知称,骗子一直打电话教育机构冒充政府官员和社会工程的受害者给他们班主任的电子邮件地址,以便发送到
由此产生的电子邮件包含,勒索,显然将需求加载ZIP附件
诉讼欺诈声称,类似的案件已经注意到,骗子假装打电话部的工作和退休金,甚至电信
新近报道的事件是为了勒索的目标上可能选择网络因为他们可能相对不安全策略升级,并愿意获得回数据付出高昂的罚款。

在相关的新闻,新的战术设计提供彼佳变黄金被发现使用假求职邮件。
新赛季的目标是人力资源人员,与勒索隐藏在恶意附件伪装成简历,根据检查点。
邮件还包含一个无害的PDF作为求职信为了使接受者产生一种虚假的安全感,厂商声称。
微博是工具,好人可以用来做好事,坏人也可以用来干坏事,这都不是微博自身的问题,实名和认证,监管和审查,过滤和删除,道德与法律,自觉与自律,肯定会有些效果,虽然博弈一直在继续。

猜您喜欢

防网络诈骗–安全上网谨记这些”要”与”不要”
企业安全意识之歌
移动僵尸网络防范
国资平台源海金服项目逾期 涉及资金4600万
ICENIUM CRUTCHFIELD
LBS地理位置信息泄露造成损失