• Stop being a LURKER - join our dealer community and get involved. Sign up and start a conversation.

[Heads up] Scam Of The Week: CEO Fraud bad guys are now bribing your users

Diana Eidson

Smashing Bugs
Jan 16, 2019
31
10
First Name
Diana
Today saw the arrival of yet another interesting variant of the gift card phishing campaigns that have grown into a deluge over the past few months (see below). Today's email demonstrates that bad guys are actively adapting and evolving their pitch.

There are couple interesting things going in this new gift card phish:

1. The bad guys work to establish a credible pretext ("incentives" for staff) -- something they've been getting better at recently.

2. They explicitly request confidentiality -- another tactic we've been seeing more of recently.

3. They're getting really greedy -- $4000 total in gift cards, the largest request we've yet seen (most requests in these gift card phishing schemes range from $500-$2000).

But there's something else very significant going on here, however -- something we've not seen before in this kind of phishing scheme.

user-bribe.png


4. The bad guys incentivize the entire scheme by offering the recipient a bribe ("take one for yourself"), a ploy which, in a way, seeks to turn the email recipient into a co-conspirator.

The bribe is a really smart move. It costs the bad guys nothing (they're spending someone else's money, after all) and provides a strong, material motivation to comply.

Indeed, we began wondering: why haven't the bad guys done this before? If you're attempting to trick people into taking actions that are ultimately against their own interest, it helps to grease a few palms, thus doing something to change that equation.

In fact, the bad guys have done this kind of thing before: in money mule schemes, where the bad guys offer a cut of the money being moved to the mark/victim in order to incentivize participation in the operation.

How many of your users will jump at the chance to pick up a cool $500? Our guess is (unfortunately): more than a few.

I suggest you send the following to your employees right away. You're welcome to copy, paste, and/or edit:

The bad guys are getting creative with hybrid giftcard / CEO Fraud scams, They have mutated into campaigns where they are impersonating an executive and urgently ask for gift cards to be bought for customers, and allowing the employee to take one themselves too. The numbers need to be emailed or texted to "the boss", after they are physically bought at stores. Never comply with request like that and always confirm using a live phone call to make sure this is not a scam. Sometimes it's OK to say "no" to the CEO!

Source https://blog.knowbe4.com
 
That doesn't mean there is a backlink...there isn't. They are a source for content. I am so very tired of you basically harassing me every time I post something. Like I have said before, if you don't like it, don't read it or participate in it. @Jeff Kershner has already explained the reason why I am here. You can discuss with him going forward.
 
  • Like
Reactions: Alex Snyder
It seems like with most of these scams like this, the common denominator is corporate email. Why don't companies turn more of a focus on using a diff method of internal communications with applications like Slack or something along those lines and move away from internal cooperate email altogether? I think if that happened, the majority of this crap would stop.


Edit: I can't type or spell today for some reason. :) Changed cooperate to corporate.
 
Last edited:
That's a good point. But it's not just communications between colleagues. Now you can't even trust an email or phone call from your own family lol I remember reading a story about a lady answering a call from her sons phone number asking for her social security number real quick and she gave it to him. She didn't realize it was "Vishing"
 
That doesn't mean there is a backlink...there isn't. They are a source for content. I am so very tired of you basically harassing me every time I post something. Like I have said before, if you don't like it, don't read it or participate in it. @Jeff Kershner has already explained the reason why I am here. You can discuss with him going forward.

:iagree:

@Alexander Lau please let it go.
 
  • Like
Reactions: Diana Eidson