Connect with us

Hacker News

Attackers Taking Advantage of California Wildfires in New BEC Scams

Hacker News Malware

Emotet Malware Makes a Comeback with Fresh Attacks After Three Months of Silence

Hacker News Vulnerability

Lazarus Group Found Exploiting Zero-Day Vulnerabilities in Latest Cyber Attack

Hacker News

Chinese hackers develop new custom backdoor to evade detection

Hacker News

Hackers are exploiting vulnerabilities in containerized environments

Hacker News

Play Ransomware Group Brags About Disruptive Attack on City of Oakland

Hacker News

Chinese State-Sponsored Hacking Group APT31 Targets European Organizations

Hacker News Vulnerability

Researchers Uncover New Security Vulnerabilities in TPM 2.0 Library

Data Breaches Hacker News

Dark Web Marketplace Bidencash Leaks 2 Million Stolen Credit Cards for Free

Hacker News

White Hat Hacking Does Pay: Pwn2Own Shells Out 980,000 in Rewards

Hacker News

Attackers Taking Advantage of California Wildfires in New BEC Scams

Published

5 years ago

on

Attackers Taking Advantage of California Wildfires in New BEC Scams

2018 has been the most destructive wildfire season on record for California, with over 7,500 fires burning an area of 1,667,855 acres, and causing almost $3 billion in damages. Countless people have been affected by the fires, losing their homes, businesses, livelihoods or loved ones. It’s not unusual that in a time of tragedy or disaster, when emotions are high, for attackers to prey on those affected, and that is exactly what happened with this attack.

A round of Business Email Compromise (BEC) scams have been sweeping California businesses. A BEC scam involves an attacker taking control of a CEO’s or other personnel high up in the business, email address. The attacker then impersonates the CEO and asks employees to carry out a certain action. Since the goal is usually monetary, the attacker will usually target the finance or accounting team, asking them to transfer funds into an account or something similar.

In this current wave of attacks, the scammers impersonate the CEO and tell employees they want to help clients that have been affected by the wildfires. Instead of asking for money, they ask for the employees to purchase Google Play gift cards. Once the gift cards have been purchased, the attackers ask for the redemption codes to be sent to them. The attacker can convert the codes into different currencies and sell them on the online market. The codes are practically untraceable, making Google Play gift cards an attractive choice for attackers.

One email involved in this scam read:

Hi,

I will need you to get this done for me ASAP.

Please get me the Google Play gift cards. $500 denomination, I need $500 x 4 cards. We have some few clients caught up in the California wildfire disaster. I urgently need to send gift assistance. Do you think there is a store nearby you can get those? If yes, get that done. Just scratch out the back to reveal the card codes and email me the codes. How soon can you get that done? Its urgent.

The grammar and use of language make it clear this hasn’t been written by a native English speaker, so you may be wondering how employees fell victim to the scam. People often overlook such things when asked to urgently respond to something by a CEO.

Related Topics:

Technical Writer, Security Blogger and he is a Technology Enthusiast with a keen eye on the Cyberspace.

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *