CLEARFIELD – Lawrence Township Police Chief Doug Clark is warning residents of a new scam originating from Iran and targeting LinkedIn users, and he reminded residents that other scams are still an outgoing issue.
Clark received a bulletin from the Pennsylvania Criminal Intelligence Center regarding the LinkedIn scam.
“The bulletin states, “The U.S. Cybersecurity firm FireEye is warning that an Iranian-linked group has been targeting users of the professional social media networking site with bogus invitations to join professional networking groups.
“The e-mailed attachments associated with these invitations are laced with malware designed to infect systems and ultimately steal data and credentials.”
The bulletin notes that with current geopolitical tensions in the Middle East, Iran has increased cyberattacks, including cyber espionage and the groups are engaging in “spear-phishing” campaigns to gather information from employees especially in the energy and government sectors.
“An example of this most recent attack involved a message sent to a targeted LinkedIn user from someone named Rebecca Watts, who claimed to be employed as ‘Research Staff at University of Cambridge,’” the bulletin continues.
“The message contains an invitation to submit a resume and a link to an .xls file that contained malware. Ultimately, a backdoor is installed on the user’s computer allowing access to information with little risk of detection or retaliation.
“The use of a well-known entity to establish trust is a hallmark of phishing campaigns,” the bulletin states, noting that the URL did not match the university’s URL and the sender uses poor grammar, which is an indicator of phishing campaigns.
The PCIC recommends having employees undergo regular training on how to recognize phishing messages, organizations should consider blocking social media and individuals should be selective in sharing their work information. Additionally, people should be selective with those added as friends or contacts on social media.
“If an organization’s network is compromised, the IT department should capture and retain the network traffic to include any messages and files from the suspect account to assist investigators with potential leads,” it states.
“In the event of an attack, the FBI requests that victims file a complaint with the Internet Crime Complaint Center. IC3 complains should be filed at https://www.ic3.gov.”
Also, the PCIC critical infrastructure and key resources unit should be contacted at 855-772-7768 or firstname.lastname@example.org.
Clark also reminds residents to never give out any information regarding banking or credit cards over the phone and to be suspicious of any phone calls asking for money, saying they are from the IRS or from a family member in distress.