A spike in holiday gift card fraud, Facebook influencer pages transformed into spam factories, and other emerging digital threats

In this edition of Threat Matrix, we round up emerging digital security threats from around the world facing small businesses. As always, there is a silver lining. Namely, Upfort is here to deliver enterprise-strength security to organizations of all sizes with our suite of advanced, AI-powered solutions. 

A good first move? Make sure your business isn’t a “low-hanging fruit” that hackers crave. Get a free cyber security assessment to identify vulnerabilities in your digital network along with tips on addressing them. 

Be sure to sign up for our monthly Level Up security newsletter. Get all the latest cyber threats, security tips, information about next-gen tools, and more—delivered right to your inbox. #KnowledgeIsPower

Social Engineering Attack Transforms Facebook Pages Into Spam Hubs

• A coordinated social engineering campaign has targeted several high-profile Facebook pages, hijacking them to distribute spam content.
• Page administrators were lured by phishing schemes over Zoom that led them to surrender page access unknowingly.
• Engadget profiled a vintage clothing restoration influencer who said the hack cost her “hundreds of dollars” per day 
• Affected pages experienced a flood of spam posts to shady services and products.

via Engadget

Rise in “Pig Butchering” Virtual Romance Schemes 

• “Pig Butchering” is a romance scam in which people are targeted on dating apps or through other means and duped them into investing money in seemingly legitimate ventures.
• The scam involves gaining the trust of targets, which can take weeks i.e., “fattening the pig” before going in for the kill
• The accused employed advanced tactics including mock group chats and crypto-laundering to target thousands of individuals and companies.
• In the United States, the F.B.I. reported that in 2022, Americans lost more than $2 billion to “pig butchering” and other investment scams.

via NY Times

Delta Dental of California Data Breach Impacts 7 Million Individuals

• Delta Dental of California announces a significant data breach potentially affecting personal information belonging to over 7 million people.
• An investigation revealed that the “Clop” hacking gang gained access to the company's systems, compromising sensitive data including names, insurance information, and social security numbers.
• The “Clop” gang has hit numerous organizations over the past several months by exploiting a vulnerability in MOVEit Transfer software. 
• Bleeping Computer previously has been in contact with the group who said, following a series of earlier breaches, they deleted any data stolen from governments, the military, and children’s hospitals, though that claim couldn’t be independently verified.

via Bleeping Computer

FTC Issues Alert on Rising QR Code Scams and Phishing Threats

• The Federal Trade Commission warns the public about the increasing use of QR codes by scammers to perpetrate phishing and fraud.
• Scammers embed malicious links in QR codes, leading unsuspecting users to phishing sites where they're tricked into divulging personal and financial information.
• The Verge previously reported on fraudulent QR codes placed on parking meters in Texas
• The FTC advises caution when scanning QR codes, suggesting verification of the source and avoiding any that arrive unexpectedly via email or public postings.

via The Verge

Hacking Group Attacks Cancer Center, Threatens to Leak Patient Data

• The ransomware group BlackCat/ALPHV claimed responsibility for an attack on the Fred Hutchinson Cancer Research Center, threatening to release sensitive patient data.
• After gaining unauthorized access, the cybercriminals encrypted files and demanded a ransom, leveraging the additional threat of exposing patient information to pressure the institution.
• This event highlights an alarming increase in cyberattacks targeting healthcare institutions, emphasizing the need for enhanced security measures within the sector.

via Beeping Computer

Qakbot Malware Reemerges via “IRS” Emails to the Hospitality Industry 

• Qakbot banking malware has made a resurgence months after law enforcement claimed to have dismantled its command-and-control network
• Targets “received a PDF from a user masquerading as an IRS employee” according to Microsoft Threat Intelligence, and has been targeting the hospitality industry
• QakBot can harvest sensitive information and deliver additional malware, including ransomware.

via Hacker News

Surge in Holiday Gift Card Fraud

• Microsoft issued a warning about the hacking group “Storm Cloud 0539,” for orchestrating gift card fraud and theft via highly sophisticated email and SMS phishing attacks against retail entities during the holiday shopping season.
• The group uses booby-trapped links that direct victims to adversary-in-the-middle (AiTM) phishing pages that are capable of harvesting their credentials and session tokens.
• The group uses advanced spear-phishing techniques to infiltrate organizations and government agencies 

via Hacker News