Attacks/Breaches

2/2/2018
11:42 AM
50%
50%

Cyberattack Impersonates FBI Internet Crime Complaint Center

Threat actors trick victims into sharing personal information with fake IC3 messages laced with malware.

A new cyberattack scams people into providing personal data and downloading malicious files by impersonating the Internet Crime Complaint Center, a division of the FBI intended to give the public a reliable means of reporting suspected illegal activity online.

The unknown threat actors emailed targets requesting information so they could be paid restitution. To make their messages seem legitimate, they added hyperlinks of news articles reporting on the arrest of Internet fraudsters. Targets received text documents, which contained malware, to download, fill out, and return to the attackers.

Experts have identified three other versions of the IC3 scam. One involves a fake IC3 social media page requesting personal data to report Internet crime. Another arrives as an email stating that the recipient's name was found in a corporate database and they can be compensated for unfair treatment. The third, an email from the Internet Crime Investigation Center/Cyber Division, claims the recipient's IP address is a possible victim of cybercrime.

The IC3 reports anyone who thinks they've been the victim of Internet crime should file a complaint on its official website.

Read more details here.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Valentine's Emails Laced with Gandcrab Ransomware
Kelly Sheridan, Staff Editor, Dark Reading,  2/14/2019
High Stress Levels Impacting CISOs Physically, Mentally
Jai Vijayan, Freelance writer,  2/14/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-8419
PUBLISHED: 2019-02-17
VNote 2.2 has XSS via a new text note.
CVE-2019-8421
PUBLISHED: 2019-02-17
upload/protected/modules/admini/views/post/index.php in BageCMS through 3.1.4 allows SQL Injection via the title or titleAlias parameter.
CVE-2019-8422
PUBLISHED: 2019-02-17
A SQL Injection vulnerability exists in PbootCMS v1.3.2 via the description parameter in apps\admin\controller\content\ContentController.php.
CVE-2019-7649
PUBLISHED: 2019-02-17
global.encryptPassword in bootstrap/global.js in CMSWing 1.3.7 relies on multiple MD5 operations for password hashing.
CVE-2019-8418
PUBLISHED: 2019-02-17
SeaCMS 7.2 mishandles member.php?mod=repsw4 requests.