Increase in Spear-Phishing Attempts in Utah
SITUATIONAL REPORT: ATTEMPTS INVOLVING CORRECT USERNAMES AND PASSWORDS IN UTAH
The Statewide Information and Analysis Center (SIAC) has received an increase of complaints of phishing scams involving correct usernames and passwords listed in the email.
The Statewide Information and Analysis Center (SIAC) has received an increase of complaints of spear-phishing scams involving the victim’s correct username and password listed in the email and are sent from an outlook.com domain. The email subject line contains a username and password. The email then describes knowing the victim’s password, installed malware on their computer, and also claims to have recorded the individual. The email then demands payment in order to destroy the compromising recorded video. The email lists a required amount to be paid in Bitcoin, in addition to a Bitcoin wallet address.
It is highly unlikely that the sender of the email installed malware on the victim’s computer and recorded any video. The usernames and passwords listed in the subject line and email address were likely obtained from high profile data breaches. Emails involved were all victims in high profile breaches such as:
• Exploit.In: A large list of 593 million email addresses and passwords from various sources leaked in 2016.
• LinkedInUSBUS: In May 2016, 164 million email addresses and passwords were exposed.
• MySpaceUSBUS: In 2008, 260 million accounts were exposed and contained usernames, email addresses, and passwords.
The SIAC recommends to change passwords frequently and use strong passwords with letters, numbers, and at least 8 characters.
If you have experienced a similar spear-phishing attempt, please submit a cybercrime tip form at https://siac.utah.gov/cyber-crime-tip-form/