Showing posts with label spear phishing. Show all posts
Showing posts with label spear phishing. Show all posts

Saturday, December 5, 2020

Panther TV shares insights on the spear phishing attack

"Hear from Franklin's Director of Tech @trapoza on the cyberattack that cost the town $522K on today's Panther News! @FHSPantherbook @FranklinPSNews @FranklinHS @FranklinMatters " 

Shared from Twitter =  https://t.co/O4mi1dvtB7

Posted by at No comments:
Labels: ,

Thursday, December 3, 2020

Town of Franklin: Spear Phishing Incident Presentation Document - 12/02/2020

The summary document of the spear phishing incident as presented to the Franklin (MA) Town Council meeting on Wednesday, Dec 2, 2020. 
 
 

 

 

Town Administrator Jamie Hellen presenting to the Town Council on 12/02/20
Town Administrator Jamie Hellen presenting to the Town Council on 12/02/20

Posted by at No comments:
Labels: , , , , ,

Friday, November 13, 2020

DLS Alert: Commonwealth Employees Targeted by Phishing Campaign


DLS Alert: Commonwealth Employees Targeted by Phishing Campaign


The following is a notification from the Massachusetts Executive Office of Technology Services and Security (EOTSS).

Commonwealth Employees Targeted by Phishing Campaign
Curtis M. Wood - EOTSS Secretary and Chief Information Officer

As many of us in state and municipal government are increasingly conducting our work remotely, the cybersecurity risks of data breaches, disclosures of sensitive data, and targeted cybersecurity threats have increased. As you will see below, we are seeing a rise in malicious cyber attacks, specifically aggressive phishing campaigns over e-mail and texts. The Commonwealth continues to be in contact with our federal partners at the Department of Homeland Security to stay vigilant of emerging cyberthreats and remains on high alert to protect Commonwealth systems and ensure continuity of government operations.

The Commonwealth has recently been the target of an aggressive phishing and smishing campaign. The malicious actors are using free e-mail services, such as g-mail, to create fake e-mail accounts designed to impersonate Commonwealth Leadership and are using social engineering tactics to elicit a sense of urgency. In addition to e-mail, the scammers have started using text messages as another way to phish our community. This technique, often referred to as smishing or SMS phishing, is a text-message based variation of traditional phishing scams, and a growing cyber threat. This particular campaign does not contain any links or malicious documents, but rather requests that the user purchase a gift card on behalf of the executive.

If you receive an e-mail or a text message requesting you to purchase a gift card, to pay by gift card, or to wire money – for any reason – that's a sure sign of scam. Any correspondence, whether e-mail or SMS-based, imploring (or even threatening) the need for an immediate response, should be treated with healthy skepticism.

Remember to pay attention to key warning signs:
  1. False sense of urgency
  2. External e-mail address as either the sender or the reply-to address
  3. Misspellings and Typos
  4. Consider the purpose; is this someone you'd typically correspond with?
  5. Be wary of suspicious attachments and links

read the red outlines for details on what to look for
read the red outlines for details on what to look for
 
 
read the red outlines for details on what to look for 1
read the red outlines for details on what to look for 1

Posted by at No comments:
Labels: , , , ,

Sunday, October 11, 2020

"Talk Franklin" discussion on phishing incident, election prep, and PFAS testing

FM #363 = This is the Franklin Matters radio show, number 363 in the series. 

This session of the radio show shares my "Talk Franklin" conversation with Town Administrator Jamie Hellen and Marketing and Communications Specialist Anne Marie Tracey. We had our conversation via conference bridge to adhere to the ‘social distancing’ requirements of this pandemic period.

We talk about: 

Phishing
  • Insurance coverage
  • Internal controls changed
Election prep
  • Ballots mailing
  • Drive thru hours, etc
PFAS testing
  • By April 2021
Meetings
  • Senior Coffee Hour – Oct 15
  • EDC listening session  - Oct 19 #thinkFranklinfirst
  • School Committee – Oct 13

Links to the key topics covered here are included in the show notes. The recording runs about 45 minutes, so let’s listen to my conversation with Jamie and Anne Marie.  Audio file = https://player.captivate.fm/episode/139589c7-00c0-4654-9e10-ae99825a695

--------------

Town Clerk page  https://www.franklinma.gov/town-clerk

Business listening sessions  https://www.franklinma.gov/sites/g/files/vyhlif591/f/uploads/business_listening_flyer_-_final_2_1_1.pdf 

--------------

We are now producing this in collaboration with Franklin.TV and Franklin Public Radio (wfpr.fm) or 102.9 on the Franklin area radio dial.  

This podcast is my public service effort for Franklin but we can't do it alone. We can always use your help.
 
How can you help?
  • If you can use the information that you find here, please tell your friends and neighbors
  • If you don't like something here, please let me know

Through this feedback loop we can continue to make improvements. I thank you for listening.

For additional information, please visit Franklinmatters.org/

If you have questions or comments you can reach me directly at shersteve @ gmail dot com

The music for the intro and exit was provided by Michael Clark and the group "East of Shirley". The piece is titled "Ernesto, manana"  c. Michael Clark & Tintype Tunes, 2008 and used with their permission.

I hope you enjoy!

------------------

You can also subscribe and listen to Franklin Matters audio on iTunes or your favorite podcast app; search in "podcasts" for "Franklin Matters"

 

"Talk Franklin" discussion on phishing incident, election prep, and PFAS testing
"Talk Franklin" discussion on phishing incident, election prep, and PFAS testing

Posted by at No comments:
Labels: , , , , , ,

Saturday, October 10, 2020

“In general, cyberattacks have increased since the COVID-19 crisis came into affect"

From the Milford Daily News, an article of interest for Franklin:

"Town officials announced Thursday night that the town was victimized by a “spear phishing” attack that resulted in $522,000 being “misdirected to a third party.”

The attack did not affect the town’s general fund, but rather a non-general fund account, said Town Administrator Jamie Hellen.

“I have been reassured that Franklin’s electronic data is secure,” Hellen said in a press release. “There is currently no evidence of a breach of our systems. All personal information, accounts and town software systems have been found not to be compromised. The incident was not a ransomware attack.”

Spear phishing involves sending emails, posing as trusted sender, with the goal to infect a specific target’s devices with malware or to steal information and/or money. Comparatively, phishing is less targeted toward specific victims and is more random, casting a wider net than spear phishing attacks."

In case you missed the original announcement of the phishing attack:  https://www.franklinmatters.org/2020/10/town-of-franklin-spear-phishing-attack.html

On Friday, Oct 9, Jamie and I recorded our "Talk Franklin" episode and discussed this incident in more detail. You'll be able to hear that shortly.  https://anchor.fm/letstalkfranklin/

 

https://anchor.fm/letstalkfranklin/
https://anchor.fm/letstalkfranklin/

 

 

Posted by at No comments:
Labels: , , ,

Thursday, October 8, 2020

Town of Franklin: Spear Phishing Attack Announcement

October 8, 2020

To:    Town of Franklin Residents
From: Jamie Hellen, Town Administrator

The Town of Franklin is cautioning all residents and employees to be mindful of the sharp increase in malicious cyber fraud and email phishing attempts. The Town of Franklin is announcing today that it has itself been the victim of a recent “spear-phishing” attack. A payment of $522,000 was misdirected to a third party.

The matter has been turned over to the Franklin Police Department who are working with state and federal authorities, for a complete criminal investigation. In addition, the Town has retained as special counsel in connection with this matter an attorney to coordinate and work with the authorities on this matter. Attorneys for the Town have requested there be no further comment on the investigation until the appropriate time when all of the facts have been gathered and the Franklin Police Department has completed its investigation.

I have been reassured that Franklin’s electronic data is secure. There is currently no evidence of a breach of our systems. All personal information, accounts and town software systems have been found not to be compromised. The incident was not a ransomware attack.

I also wish to note that this incident has not affected the Town’s general fund. It occurred in connection with a non-general fund account. The Town is implementing new procedures and protocols to limit future incidents of this type and urges all to guard against increased fraud.

For further resources and information on cyber-crime, threats and spear-phishing, please visit the Federal Bureau of Investigation’s (FBI) cyber-crime website here:
https://www.fbi.gov/investigate/cyber

--------------

Shared via ToF Twitter account   https://twitter.com/TOFranklinMA/status/1314341421135147013   which contained the following PDF  https://www.franklinma.gov/sites/g/files/vyhlif591/f/uploads/2020-10-08_spear_phishing_attack_announcement_.pdf

 

Town of Franklin: Spear Phishing Attack Announcement
Town of Franklin: Spear Phishing Attack Announcement

 

Posted by at 6 comments:
Labels: , , ,
Subscribe to: Posts (Atom)