• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

Vishing Campaign Targets Social Security Administration

You are here: Home / General Cyber Security News / Vishing Campaign Targets Social Security Administration
March 17, 2023

Security specialists have warned of a new hybrid phishing campaign impersonating the Social Security Administration (SSA), which tries to trick recipients into contacting a legal simply call middle.

Armorblox claimed that it blocked the scam email messages for at minimum 160,000 consumers.

The destructive messages are timed to coincide with tax year. The email matter line, “Due to erroneous and suspicious actions,” is created to generate ample anxiety and urgency for the recipient to open the message.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


Other social engineering techniques include working with the recipient’s reputable email handle at the commence of the concept in buy to personalize it, and incorporating a personalized sender name: “Social Security Administration-2521.”

Browse additional on vishing attacks: Vishing Tends to make Phishing Campaigns A few-Situations Much more Productive.

The email alone informs the person their Social Security Quantity account has been suspended owing to suspicious exercise. These who open the connected PDF are presented with a letter confirming the very same data, spoofed to surface as if published on SSA letterhead.

“With a Social Security Administration emblem in the higher-still left corner as nicely as utilised at the watermark, the letter of suspension offers tiny to no clarification of the explanation behind the final decision to terminate the SSN account,” Armorblox discussed.

“The bluntness of the letter features a ‘wish you the best in your long run endeavors’ signal-off and a telephone selection for any issues recipients wished to be dealt with.”

The letter consists of a situation selection, signature of the acting commissioner, email reference ID, purchaser company speak to number and the physical address of the SSA to add additional legitimacy to the rip-off.

“The main action the bad actor aimed to facilitate by way of this email attack was for recipients to get in touch with the purchaser services range provided, in two separate mentions for protected evaluate – getting this attack away from email to phone, a legitimate vishing attack,” the security seller mentioned.

Although Armorblox did not connect with the range in question, it is possible that malicious simply call centre operatives would be waiting around to harvest more private and economic info from victims, to use in id fraud and other scams.

A PhishLabs report from August 2022 exposed that hybrid vishing attacks of this form grew by over 600% from Q1 to Q2 2022.


Some parts of this posting are sourced from:
www.infosecurity-magazine.com

Previous Post: «itpro podcast: the changing face of cyber warfare ITPro Podcast: The changing face of cyber warfare
Next Post: Podcast transcript: The changing face of cyber warfare podcast transcript: the changing face of cyber warfare»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Malicious Python Package Uses Unicode Trickery to Evade Detection and Steal Data
  • Some GitHub users must take action after RSA SSH host key exposed
  • THN Webinar: Inside the High Risk of 3rd-Party SaaS Apps
  • Pension Protection Fund confirms employee data exposed in GoAnywhere breach
  • GitHub Swiftly Replaces Exposed RSA SSH Key to Protect Git Operations
  • Now UK Parliament Bans TikTok from its Network and Devices
  • IRS Phishing Emails Used to Distribute Emotet
  • Researchers Uncover Chinese Nation State Hackers’ Deceptive Attack Strategies
  • Fifth of Execs Admit Security Flaws Cost Them New Biz
  • Online Safety Bill: Why is Ofcom being thrown under the bus?

Copyright © TheCyberSecurity.News, All Rights Reserved.