Skip to content
NGTEdu Logo

NGTEdu

A PRODUCT OF NGTECH.CO.IN

NGTEdu Logo

NGTEdu

  • Home
  • Cyber Attacks
  • Malware
  • Vulnerabilities
  • Data Breach
  • Home
  • Cyber Attacks
  • Odd Protest-Themed Spam Messages Targeted Atlanta Police Foundation
  • Cyber Attacks
  • Data Breach
  • Malware

Odd Protest-Themed Spam Messages Targeted Atlanta Police Foundation

6 years ago David Bisson
Odd Protest-Themed Spam Messages Targeted Atlanta Police Foundation

Security researchers came across a series of odd protest-themed spam email messages that appeared to target the Atlanta Police Foundation.

SANS’ Internet Storm Center observed that the spam messages first appeared to be instances of an extortion scam campaign.

With “Crime Research Center” as the sender, the emails claimed in their messages that recipients needed to pay a penalty as a result of a shooting that they allegedly committed at a protest. The emails then provided them with a link through which users could pay a fine.

Screenshot of one of the attack emails. (Source: SANS’ Internet Storm Center)

In terms of red flags, each of the emails suffered from poor grammar and nonsensical logic. (It’s not standard for law enforcement authorities to dismiss a shooting with a monetary penalty. Also, any type of criminal fine would also not originate from an organization such as the Atlanta Police Foundation, an entity which works to enhance the Atlanta Police Department’s effectiveness but which does not itself actively enforce the law.)

Clicking on the embedded link led users to a page that presented them with fictitious incident number, customer number and email address surrounding their alleged crime. It then instructed them to click a “Downloadable Printable Copy.” Doing so redirected them to a legitimate page employed by the Atlanta Police Foundation.

In its analysis, SANS’ Internet Storm Center reasoned that browser fingerprinting, IP address checks or chance might have prevented its researchers from viewing the final scam page. The security team reasoned there could have been another motivation at work, as well. As quoted in their research:

…[M]aybe someone is just trying to cause a “Layer 8” (human) denial of service against the Atlanta Police Foundation. With many recipients receiving an obviously fraudulent message leading to a donation form, they may report it as fake (that was my initial gut feeling) and cause the donation form to be shut down. This is currently my “most likely” explanation.

News of this spam campaign arrived just days after security researchers came across an attack email that leveraged a fake Black Lives Matter voting campaign to distribute Trickbot malware.

The post ” Odd Protest-Themed Spam Messages Targeted Atlanta Police Foundation” appeared first on TripWire

Source:TripWire – David Bisson

Tags: Encryption, TripWire

Continue Reading

Previous Solution Providers Can Now Add Incident Response to Their Services Portfolio For Free
Next Coronavirus-Themed Cyberattacks Drop, Microsoft

More Stories

  • Cyber Attacks
  • Data Breach
  • Malware

GemStuffer Abuses 150+ RubyGems to Exfiltrate Scraped U.K. Council Portal Data

4 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Android Adds Intrusion Logging for Sophisticated Spyware Forensics

5 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution

19 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware

RubyGems Suspends New Signups After Hundreds of Malicious Packages Are Uploaded

21 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware

New TrickMo Variant Uses TON C2 and SOCKS5 to Create Android Network Pivots

23 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach

Webinar: What the Riskiest SOC Alerts Go Unanswered – and How Radiant Security Can Help

1 day ago [email protected] (The Hacker News)

Recent Posts

  • GemStuffer Abuses 150+ RubyGems to Exfiltrate Scraped U.K. Council Portal Data
  • Android Adds Intrusion Logging for Sophisticated Spyware Forensics
  • New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution
  • RubyGems Suspends New Signups After Hundreds of Malicious Packages Are Uploaded
  • New TrickMo Variant Uses TON C2 and SOCKS5 to Create Android Network Pivots

Tags

Android APT Bug CERT Cloud Compliance Coronavirus COVID-19 Critical Severity Encryption Exploit Facebook Finance Google Google Chrome Goverment Hacker Hacker News High Severity Instagram iPhone Java Linux Low Severity Malware Medium Severity Microsoft Moderate Severity Mozzila Firefox Oracle Patch Tuesday Phishing Privacy QuickHeal Ransomware RAT Sim The Hacker News Threatpost TikTok TripWire VMWARE Vulnerability Whatsapp Zoom
Copyright © 2020 All rights reserved | NGTEdu.com
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More here.Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT