Cyber security researchers are helping to combat a long-running phishing scam that continues to target US military members and their families.
In order to commit advance fee fraud, scam orchestrators pose as official military personnel and support organizations; the endgame, as always, is to steal victims’ personally identifiable information, which can be used to secure illicit profits.
“Based on our analysis, it’s clear that the threat actor is looking to steal sensitive data from victims such as their photo identification, bank account information, name, address and phone number,” explained cyber researchers.
“With this information, the actor could easily steal the victim’s identity, empty their bank account and impersonate the individual online.”
The campaign features a whole range of spoof websites developed to dupe unsuspecting visitors into believing they are in fact legitimate and affiliated with the US military.
To help reduce visitor suspicion, developers of the malicious content took the time to implement convincing details, such as advertisements for Department of Defense services.
These websites claim to provide a number of differing services, such as care packages, communication permits, leave applications, and even military-based romantic relationships. The services are of course completely bogus, however, with only scammers set to gain.
“The websites were primarily hosted by Nigerian providers that are offshore or ignore the (DMCA) Digital Millennium Copyright Act,” the researchers at Lookout went on.
“We were able to further confirm the operator’s location from a phone number one of the web developers accidentally left on the draft version of the site. The country code of the number is from Nigeria.”
As of now, researchers have managed to identify around fifty military scam websites with connections to the cyber threat campaign.
The Lookout researchers were also able to link the campaign to various other scams advertising phoney delivery services, crypto currency trading, banks, and even online pet sales.
03/05/2022 Billions of Chrome users are being warned after the successful attack has revealed 30 new security flaws, including seven that pose a ‘high threat’ to users. Attackers have managed to access Chrome's unused memory. This is typically used to help the browser run smoother, however by exploiting this finding it has given hackers access to the inner workings...
21/03/2022 But with the final recovery bill expected to cost hundreds of thousands of pounds, members of the council have understandably been expressing their concerns. In order to restore several of its affected online services, a £380,000 reserve was created; the Government and Local Government Association also provided the council with a collective £250,000. Despite...
21/03/2022 But what exactly are trackers? And how do you go about stopping them to create a more secure, worry-free internet experience? What are Internet Trackers? Tracking technologies – usually owned/developed by advertising and marketing firms and government agencies, among other authorities – are utilized to monitor visitor-based data for the purpose of establishing...
21/03/2022 From a secret Kiev-based underground bunker, Fedorov has been urging high-ranking social media executives to sever Russia from their multinational services. Digital minister Fedorov has also set up an “IT Army of Ukraine” campaign in the hopes of recruiting volunteers willing to fight the country’s “enemy” with cyber attacks. The 31-year-old Fedorov,...