InfoSecBulletin Cybersecurity for mankind
CISA warned that criminals are pretending to be its employees in phone calls in order to trick people into sending them money. “The Cybersecurity and Infrastructure Security Agency (CISA) is aware of recent impersonation scammers claiming to represent the agency,” CISA warned on Wednesday.
“As a reminder, CISA staff will never contact you with a request to wire money, cash, cryptocurrency, or use gift cards and will never instruct you to keep the discussion secret.” “Additionally, the cybersecurity agency shared some helpful tips to avoid falling prey to these scams.”
Linux flaws enable password hash theft via core dumps in Ubuntu, RHEL, Fedora
Australia enacts mandatory ransomware payment reporting
Why Govt Demands Foreign CCTV Firms to Submit Source Code?
CVE-2023-39780
Botnet hacks thousands of ASUS routers
Bangladesh Bank instructed using AI to prevent online gambling
251 Amazon-Hosted IPs Used in Exploit Scan for ColdFusion, Struts, and Elasticsearch
Zero-Trust Policy bypass to Exploit Vulns & Manipulate NHI Secrets
Evaly E-commerce Platform Allegedly Hacked
Exploitable Vulns in Canon Printers Allow Gaining Admin Privileges
184 Million Leaked Credentials Discovered in Open Database
If you think you’re getting a scam call from someone claiming to be a CISA employee, never send them money, make a note of their number, and hang up right away.
CISA advised to call at 844-729-2472 (844-SAY-CISA) or report the scam attempts to law enforcement to validate the contact.
In 2024, the average financial loss due to impersonation scams rose to $7,000 from $3,000 in 2019. Based on FTC data, these scams caused over $1.1 billion in losses in 2023, which is three times higher than the amount in 2020.
“Reports show an increasingly blurred line between business and government impersonation scams,” the FTC said.
