Skip to content
NGTEdu Logo

NGTEdu

A PRODUCT OF NGTECH.CO.IN

NGTEdu Logo

NGTEdu

  • Home
  • Cyber Attacks
  • Malware
  • Vulnerabilities
  • Data Breach
  • Home
  • Cyber Attacks
  • Scammers Impersonating Texas Gov’t Departments to Send Fake RFQs
  • Cyber Attacks
  • Data Breach

Scammers Impersonating Texas Gov’t Departments to Send Fake RFQs

6 years ago David Bisson
Scammers Impersonating Texas Gov’t Departments to Send Fake RFQs

Scammers are impersonating governmental departments within the State of Texas to send out fake Requests For Quotations (RFQs).

On September 21, Abnormal Security revealed that it had spotted an attack email that impersonated the Texas Department of State Health Services.

Scammers used spoofing techniques to camouflage the sender address as an account that was affiliated with the official dshs.texas.gov domain.

Even so, the Reply-To address referred to an email account affiliated with finance-nycgov.us, a domain which someone first registered in early July 2020 presumably for the purpose of spoofing nyc.gov.

In the attack email, the scammers informed the recipient organization’s sales department that they were interested in purchasing 20 laptops and 200 external hard drives on behalf of the Texas Department of State Health Services.

The attackers provided a billing address and a phone number for the items cited in their email. This helped to give their efforts a sense of legitimacy. As quoted by Abnormal Security in its research:

There is no ship to address (listed as TBD), and the phone number provided is not associated with the bill to address, although the area code is in Texas and does match the area code for the department of state health services phone number. This is a social engineering tactic aimed to engage recipients into requesting the ship to address, either by email or phone.

Ultimately, the scammers used those techniques to trick the recipient into opening a PDF document disguised as a RFQ.

Screenshot of the attack email. (Source: Abnormal Security)

In the event the recipient complied and or responded to the email, the scammers could then use that line of communication to trick the sales department into approving the order and sending over the goods.

The targeted organization would ultimately not receive payment for the goods, however. It would thereby incur a loss upwards of tens of thousands of dollars.

At the time of publication, the attack emails associated with this campaign had ended up in as many as 50,000 mailboxes.

The attack campaign described above highlights the need for organizations to defend themselves against phishing attacks. They can do so by educating their employees about some of the most common types of phishing campaigns that are in circulation today.

The post ” Scammers Impersonating Texas Gov’t Departments to Send Fake RFQs” appeared first on TripWire

Source:TripWire – David Bisson

Tags: Encryption, Goverment, Phishing, TripWire

Continue Reading

Previous How CISOs Can Foster Effective Comms and Build a Cybersecurity Program
Next British Hacker Sentenced to 5 Years for Blackmailing U.S. Companies

More Stories

  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

The Kill Chain Is Obsolete When Your AI Agent Is the Threat

45 mins ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns

6 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 Likely via Trivy CI/CD Compromise

18 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Tax Search Ads Deliver ScreenConnect Malware Using Huawei Driver to Disable EDR

20 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner

20 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Ghost Campaign Uses 7 npm Packages to Steal Crypto Wallets and Credentials

1 day ago [email protected] (The Hacker News)

Recent Posts

  • The Kill Chain Is Obsolete When Your AI Agent Is the Threat
  • FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns
  • TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 Likely via Trivy CI/CD Compromise
  • Tax Search Ads Deliver ScreenConnect Malware Using Huawei Driver to Disable EDR
  • Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner

Tags

Android APT Bug CERT Cloud Compliance Coronavirus COVID-19 Critical Severity Encryption Exploit Facebook Finance Google Google Chrome Goverment Hacker Hacker News High Severity Instagram iPhone Java Linux Low Severity Malware Medium Severity Microsoft Moderate Severity Mozzila Firefox Oracle Patch Tuesday Phishing Privacy QuickHeal Ransomware RAT Sim The Hacker News Threatpost TikTok TripWire VMWARE Vulnerability Whatsapp Zoom
Copyright © 2020 All rights reserved | NGTEdu.com
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More here.Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT