Cybercriminals have been exploiting the aftermath of Hurricane Ian to facilitate personal data exfiltration and Federal Emergency Management Agency fund theft, according to The Record, a news site by cybersecurity firm Recorded Future.
Stealing disaster relief assistance is being discussed by hackers on WhatsApp, noted Cofense Principal Threat Advisor Ronnie Tokazowski, who said that screenshots shared with him by a colleague showed how fraudulent claims could be filed on DisasterAssistance.gov.
Numerous Nigerian groups have been behind such scams, but U.S.-based money mules or accounts are also being used for laundering the funds, Tokazowski added.
Another scam aimed at stealing Hurricane Ian relief funds involving the use of phishing emails has been observed by INKY, with INKY's Bukar Alibe noting that the Small Business Administration and Red Cross have been spoofed in phishing emails.
Threat actors have been launching thousands of credential stealing attacks involving contractor services, said Slashnext CEO Patrick Harr.
English and Russian-speaking Windows users are being targeted by the novel Mimic ransomware, which has been leveraging the APIs of the Everything file search tool to identify to-be encrypted files, reports BleepingComputer.
North Korean state-sponsored advanced persistent threat group TA444 has engaged in a credential harvesting campaign targeting the U.S. and Canada with OneDrive phishing emails beginning last month, according to SecurityWeek.